This essay examines the importance of information security and accounting processes. A real world example of last years Global Payments hack was used to demonstrate the effects of hacking and what steps are taken to prevent this type of crime. The essay provides recommendations on how the system may be improved and what attitudes need to change.
Global Payments Hack
With the new advancements of technology comes the many risks and dangers is also carries along. The evolution of the internet and connect-ability technology has brought everyone closer and has nearly eliminated many communication barriers that have been present throughout recorded history. These new advances have also accompanied a rise in cyber criminals, wishing to invade a person's or business' digital information. The purpose of this essay is to examine computer hacking and hacking processes that pose risks and dangers to society. The essay will use the company Global Payments as an example of how a hacking problems effects many and highlights the dangers involved in our digital world.
This essay will view Global Payments and their hacking problem from a third party accounting system point-of-view. The company's security assessment will be analyzed and different software issues will be discussed. Finally the essay will conclude by offering recommendations to Global Payments to best secure their systems and assets from hackers.
Background Information on Global Payments
In late March of 2012, the company Global Payments was hacked into causing much damage and trouble for the financial security of many individuals and groups. Sidel & Johnson (2012) reported about the confusing mess this breach of security had left. They stated that "The breach underscores the mazelike network of the U.S. payment system, where little-known companies play important roles in processing billions of transactions each day. Global Payments is part of a group of companies called "third-party processors," that serve as middlemen between merchants and banks. "
As time grew on last year, more and more people began to realize that they were at risk of having their credit card information being unlawfully used. To understand the scope of Global Payments and the reach they had on many consumers is to understand the threat of hackers and hacking in these types of situations.
According to its website, Global Payments mission statement is as follows; " we strive to provide the most trusted payment service n the world through strong partnerships and generous commitment to our customers and our people. " They do this by being one of the world's larges electronic transaction processing companies in the world. Global payments also provides comprehensive business to business payment card and processing services such as cash management, financial electronic data interchange, management information and reporting services.
The Breach and the Aftermath
The news that Global Payments was breached was released in late March 2012 and many reactions were noted. The breach itself occurred between the dates of 21 January and 25 February. It took nearly a month for the public to become aware of what had happened at just who was at risk from having their personal financial information hacked. Both Visa and Master Card, customers of Global Payments, issued statements to their own customers about the breach and that there may be some security issues involved with some data.
An estimated 1.5 million accounts were exposed in this breach of security, but some estimated the size of the problem closer to 7 million accounts. Pepitone (2012) claimed that "Global Payments released a statement, saying that while more than 1 million card numbers may have been compromised, cardholder names, addresses and Social Security numbers were not affected. That's a sizeable breach, but it's far less than the worst-case-scenario numbers flying around and it affects just a small fraction of the estimated 1 billion debit and credit cards in circulation in the U.S. "
The final results of the breach were released by Global Payments in mid April 2013. Kitten (2013) reported that "it is closing its investigation of a data breach it discovered in March 2012 that exposed an estimated 1.5 million U.S. debit and credit cards. The company also reports that a breach-related class-action lawsuit filed in April 2012 was dismissed March 6. The lawsuit claimed the processor had failed to maintain reasonable and adequate procedures to protect cardholders' personally identifiable information." In its earnings report for the quarter ended Feb. 28, the company says its network and systems have been confirmed compliant and secure, and that all lingering expenses linked to the breach have been paid
Software Provider Responsibility
The size and impact of the issues related to Global Payments are much larger than many businesses who face the real and significant threat of being hacked by outside sources. As a result of this business structure, information technology systems and their accompanying security systems require great sophistication and high-level secrecy in order to successfully work. Global Payments has access to any software providing system available by having in-house developers and programmers ensuring that their protection is suitable to the corporate structure of the business itself.
Global payments is involved in many types of financial transactions requiring that a multi-dimensional security infrastructure is designed to suit their many products and services. Software programs are specifically designed for Global Payments and therefore their problems from hacking are internal in nature. This reveals the scope of the problem because customers who use their systems are helpless in protecting key information that is left in the hands of Global Payments.
Preventive Measures
Regulation and new laws usually appear as a preventative measure for fixing hacking problems. Unfortunately laws will most likely keep pace with technology. Laws and rules are built around the English language, and often times computer and technological information are spoken in a much different way. Many current laws and regulations are already obsolete due to the changes in technology and computing power.
Dubois (2011) made an argument for protection that includes a new attitude towards the entire problem. The problem starts at the top and management needs to become more involved. She reported that "many companies have created top-level positions for security information officers, and that's an important first step, Blank says. While security officers may not be able to prevent highly sophisticated attacks, they can help protect companies from simple security breaches. Perhaps their most important job, according to Edward Amoroso, AT&T's (T) chief information security officer, is to integrate the security department with the rest of the company, which is no simple task." Integration and systematically revamping companies around hacking threats should certainly be considered when companies such as Global Payments rely so heavily on digital information.
You’re 83% through this paper. Sign up to read the full paper.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.