iPremier Case Study. EF. Edward Ferguson. Updated 26 November Transcript. iPremier Denial of Service Attack. Handlers. Zombies. Victim. Attacker. Founded in ; Based in Seattle Washington; Web-based commerce; Sell luxury, rare, and vintage goods; Customers mainly high-income. Develop their own security and facilities for storing data. Upgrade and maintain emergency procedures. Long Term Implementation.

| Author: | Mabar Jujora |
| Country: | Mozambique |
| Language: | English (Spanish) |
| Genre: | Automotive |
| Published (Last): | 18 October 2014 |
| Pages: | 341 |
| PDF File Size: | 13.5 Mb |
| ePub File Size: | 6.9 Mb |
| ISBN: | 133-4-95943-896-7 |
| Downloads: | 62499 |
| Price: | Free* [*Free Regsitration Required] |
| Uploader: | Dule |
It is critical for a business to develop a business continuity plan and train its employees because the disasters do not come forewarned. By continuing to use this website, you agree to their use. However, this particular incident, albeit sophisticated, seems not to have truly threatened the integrity of customer data, as it was only directed at the firewall of the system. If iPremier had security experts in its team, they would have been able to understand the attack and stopped it immediately, even though QData did not have the security experts.
You can be confident that our computer security experts continue to address the situation and have already taken steps to strengthen our data-related security.
Reassure Customers about Security Notifying customers gives iPremier the opportunity to communicate to customers how important security is to the company, to speak about the changes the company would like to enact to strengthen security technology and protocols, and to work more closely with financial institutions and law enforcement officials to ensure customer protection.
The iPremier Company
Without employing caes experts, QData was nothing more than a data storage company, which does not prevent intrusion, but also does not assist in examining the attack. Although personal relationships are foundation of most deals made in business, Raj should not have compromised with the customer data security by allowing an unsecure and unreliable data company to host iPremier website and retain customer data. I regret this sthdy took place, but please know that I take your privacy very seriously, and I will do everything in my power to protect your personal information.
.jpg)
Whether or not you recommend disclosure of some kind to customers, please adopt that position for this question only. This site uses cookies. As iprenier result, iPremier can take credit for the way they address the problems forensics investigations, cooperation with financial institution, etc.
Warren Spangler We have a problem…. Notify me of new comments via email. I personally promise to update you with additional information as it becomes available to me.
However, the negative side of informing the customers about this particular event is that customers would get nervous and would worry. Provide a copy of the letter you would write to customers and be prepared to read it aloud in class sthdy us to discuss.
Menu Skip to content. The way the company responds to its first intrusion servers as a reference point for all constituents consumers, media, investors, etc. The situation will be evaluated according to these three reasons to understand if the company should disclose the event.
Documents Flashcards Grammar checker. Fourth, the management of QData was reckless enough to allow intrusion by failing to implement basic mechanism such as employing security experts and building better network intrusion prevention tools. Luckily for iPremier, the attack was only a denial of service attack DoS possibly launched by a competitor or a script kiddie Austin, Even though the security breach lasted for only ipremidr short time, it provided some valuable lessons.
Pull the plug, credit cards can be stolen. Publically disclosing the security breach might cripple the iPremier stock, but this is a chance they need to take if they want to maintain their customer loyalty. Combined, it can be concluded that there is no legal reason at this moment to disclose irpemier incident.
Such an intrusion should be regarded as an opportunity to evaluate the security infrastructure and to improve on existing emergency procedures should an attack happen again.
iPremier Company: Denial of Service Attack Case Study by on Prezi
This would cause a loss of customers, because people would lose trust that their data is secure with this company. Even though it is at night, any downtime longer than a few minutes will be noticed by external people and in the current information wtudy, that would sure be communicated through various means. It is best for customers to hear about company mistakes directly from iPremier, rather than hearing it from third party sources, which could make the situation even more catastrophic.
Their information could, for instance, be used for identity theft and credit card fraud.

If law enforcement is involved, then the company has the obligation to notify the consumer. In this case, when the network was hacked, the employees did not know the guiding procedure to follow. However, regardless of the severity of the attack, iPremier still has a moral obligation to let their customers know cas the security breach.
iPremier and Denial Of Service Attack — Case Study
Second, company focused on immediate profits more than data security. Sgudy of contingency planning Handling core business operations in a responsible and careful manner make sure the core business is in the right hands Importance of support from senior executives Unconditional collaboration in moments of crisis Importance of a good cultural environment relationships, innovations, entrepreneurship, team collaboration Define protocols and clear channels of communication Regular evaluation of the IT infrastructure vulnerability analysis, update protocols.
However, three constraints were blocking the way to have a new data company to replace QData. Responding to this information, we discovered our website had been accessed without our authorization.
Economical As soon as the company pulled the plug, they would have to give an explanation to customers.
These penalizations can be amplified by class action lawsuit, potentially initiated with victims of the security breach. If the attack had been more serious and customer credit card information had been stolen, the course of action would have cass. There were no employees to assist Joanne.
