Imagine this. Against all odds, you finally have your e-commerce site up and running. When you did the ROI, you determined that you needed to sell and close 50 homeowners policies and 85 renters policies per business day to break even. In addition, you planned on quoting 250 auto policies daily which, when closed, would provide the "off the top" return.

You launched the site two weeks ago and sales started to build just as predicted. You were starting to sleep most nights-the project was complete and looked like it was on the road to success. Then two days ago the bottom dropped off. Sales and inquiries fell significantly. Hits were up, but you weren't selling anything. What's up? Were you hacked?

Not likely. This site was planned from the ground up with security in mind. The Web servers were carefully "hardened" against every kind of software attack. Unnecessary files and services were removed. Data were stored across multiple servers to prevent critical-data theft. SSL with 128-bit encryption was used throughout the site. Hardware and software firewalls were implemented with a DMZ between segments. The boxes themselves were located in a key-card-limited access area. Password security policies are strictly enforced. Redundant T1s provide the pipeline. It seems highly unlikely that the site has been compromised, yet something is obviously going on.