When considering how to secure electronic commerce, security administrators should first identify what parts of the transaction need protection. Data should be protected in transit and at both end points -- the Web server and the Web client. The article describes vulnerabilities to hacker attacks, and ways to address them through firewalls, encryption and authentication. Alternatively, third-party payment systems can be used as a way to conduct electronic commerce securely. The current trend in the use of the Web seems to be toward massive integration of functionality into monolithic programs that do everything imaginable. The challenge for security professionals is to help their companies move along with technological developments as safely as possible, finding the most viable protective measures at each new transitional phase, maintaining a consistent and unified view of the problem.