Login Signup
Verified Document

Credit Card And Software Essay

Related Topics:
Software Attack Employees
Open Document Cite Document

Cybercrime Prevention The fate of Target when it comes to cybercrime is fairly well known. They hit the headlines for all the wrong reasons when their customers' credit card information was exploited during a holiday season in recent years. Given that and given the ominous and ever-present threat of cybercrime, this brief report shall serve as a good guideline to help prevent cybercrime events and damages, or at least mitigate them. The lessons learned from Target's own breach are on full display in this report but there are other real-world lessons, events and principles that should also be considered and remembered.

Best Practices

Invest in Software & Hardware

• Do not go cheap or cut corners on hardware

• Do not go cheap or cut corners on software

• Make sure all software is fully functional and licensed

• Ensure uptime of all systems is as close to 100% as possible

• Use modern and state of the art hardware and software

• Avoid using wireless internet when at all possible

• NEVER use wireless internet to transmit credit card/sales information

• NEVER use WEP wireless encryption (has been hacked) -- only enterprise level WPA, WPA2 or something similar (Ou, 2007).

• Update software and hardware periodically so as to keep on the cutting edge.

• Do smaller incremental updates rather than huge...

jumps
• More like once every year or two rather than every five years or more

Invest in People

• Make sure to staff the information technology/security department as much as is needed to ensure security

• Do not run a skeleton crew at any time

• Make sure the people hired and staffed know what they are doing

• Degrees

• Certifications

• Proven prior experience

Adhere to Best Practices & Procedures

• Network should be monitored for cyberattacks and anomalous activity at all times

• Keep credit card and other sensitive information in the most secure part of the servers

• Only people with "right to know" should have ANY access to those servers

• All employees with network access should have PRECISELY the access they need

• Nothing beyond that

• Nothing short of it

• Must be able to do job but not access things that they don't need to meddle with or see

• Vendors access should also be controlled carefully (Winter, 2014)

• Access only to what they need to do their job

• Keep integrated in the system so that both vendors and Target have access

• Conduct periodic penetration testing to see how good the current security is (BSIMM, 2017)

• Keep up…

Continue Reading...
Sources used in this document:
References

BSIMM. (2017). Penetration Testing Types & Remediation. bsimm.com. Retrieved 5 June 2017, from https://www.bsimm.com/framework/deployment/penetration-testing/

Ou, G. (2007). TJX's failure to secure Wi-Fi could cost $1B | ZDNet. ZDNet. Retrieved 5 June 2017, from http://www.zdnet.com/article/tjxs-failure-to-secure-wi-fi-could-cost-1b/

Winter, M. (2014). Home Depot hackers used vendor log-on to steal data, e-mails. USA TODAY. Retrieved 5 June 2017, from https://www.usatoday.com/story/money/business/2014/11/06/home-depot-hackers-stolen-data/18613167/
Cite this Document:
Copy Bibliography Citation

Sign Up for Unlimited Study Help

Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.

Get Started Now