Security Breach
Essays

This paper presents a review of the relevant scholarly and peer-reviewed literature concerning firewalls to provide a working definition, a description of their capabilities and what technologies are typically involved. A discussion concerning the different types of firewalls that are available and their respective pros and cons is followed by an assessment of what proactive measures can be taken to harden a firewall. Finally, an analysis of future trends is followed by a summary of the research and important findings in the conclusion

A Pestel and Innvoation analysis are used on Sony's Playstation. Discussion of Pestel indicates that - as the technological précis shows, technology can be a double-edged sword. The more developed the technology, the more complex it becomes and, ipso facto, the more problems it can introduce. Sony, as does its competitors, attempts to sharpen and innovate on previous technological models, but the more developed the design, the more likelihood it has for problems to occur exposing the company to more likelihood of setbacks and to even greater and more agonizing falls. Technological marvels thoguh offering greater opportunity, likewise open the company up to greater risk.

In the near-decade following the terrorist attacks on the World Trade Center and Pentagon in the United States using hijacked commercial airliners, the various aspects of airport security have undergone almost constant…

Although the predominant opinion expressed by governments and mainstream press regarding hacking is one of disapproval and unsubstantiated fear, the truth is that hacking may be deployed ethically or unethically…

Security - Agip Kazakhstan North Caspian Operating Company N.V. (Agip KCO)

In the first month of this year, 2012, online shoe retailer Zappos' now a business unit of Amazon, experienced a security breach that was initiated from a distribution center located in Kentucky. The nature of the breach shows how vulnerable the retailer's systems are to employees who choose to break in and attempt successfully to gain access to customer records. It also showed how vulnerable the entire Amazon.com e-commerce system is attacks originating from internal servers. The hacker, an employee, gained access to over 24 million Amazon.com and Zappos' customer records. Despite having sophisticated 128-bit encryption on these systems, the hacker was able to bypass internal systems with knowledge of how the distribution center staff had constructed firewalls and password conventions. The last four digits of the customers' credit cards were taken, their names, addresses, complete customer histories and approval credit limits of they had obtained Amazon.com credit cards (Letzing, 2012). The security systems had not been upgraded since 2010 when Zappos had been purchased for $800 million by Amazon.com and made a core part of the overall company network (Hsieh, 2010). As Zappos' had superior technologies for logistics planning and execution, supply chain planning and execution, and the ability to orchestrate fulfillment with 3rd party logistics providers, Jeff Bezos made the decision to standardize on Zappos' technologies and websites (McDonald, 2011). Zappos' had also created a unique series of technologies that allowed for consumers to inspect entire series of items online and evaluate how they will look in them (Tsuruoka, 2012). Zappos' had also created an entire corporate culture predicated on delivering exceptionally positive, memorable experiences for anyone purchasing online from them, empowering customer service teams to do whatever it could within the boundaries of profitability and legality to exceed customers' expectations (Tsuruoka, 2012). The theft of 24 million records was even more surprising given how strong of a culture the company has, one known for promoting worker autonomy and giving them as much freedom as they need to do their jobs (Shine, 2012). The theft had been motivated by the potential to sell the names on the black market for tens of thousands of dollars, a temptation even the relatively well-paid employees of Amazxon.com could not pass up (Letzing, 2012). The breach was discovered within the Amazon Web Services (AWS) team's audits were completed of transactions across all subsidiaries, including a reconciliation of accesses by role (Letzing, 2012). If Amazon was not able to track the access points and roles of associates looking at data online, chances are this breach would have not been fully found. Given the highly analytical nature of the Amazon.com culture within the AWS business unit, the discovery and reaction to the breach within hours highlights why e-commerce companies need to consider partnering with cloud platform providers for the long-term (Tsuruoka, 2012). If Zappos' had been in the position of hosting their own website and relying on their own infrastructure, the breach may potentially have never found to the extent to which it happened (Letzing, 2012).

¶ … owner of the small art business would like to begin selling paintings over the Internet. Whole books are written on this, but as web developer and system's administrator, I can give her a few steps that will lead…

Over the years, various regulations have been enacted to ensure increased amounts of protection for the general public. The Health Insurance Portability and Accountability Act (HIPPA) was designed for several different…

Network risk assessment should include four phases: discovery, device profiling, scanning, and validation. During the first phase of the assessment, specific controls must be implemented to ensure that there is constant…

Brett Flayton, CEO of Flayton Electronics, is facing the most critical crisis of his career when it is discovered that 1,500 of 10,000 transactions have been compromised through an unprotected wireless link in the real-time inventory management system. Brett has to evaluate his obligation to let customers know of the massive leak of private data, define a communication strategy that would notify customers across all states of the potential security breach, and also evaluate the extent to which the Flayton Electronics' brand has been damaged in the security breach. In addition, steps that the company can take in the future to avert such a massive loss of customer data also needs to be defined and implemented. Assessing the Obligations to Customers Versus Keeping It Quiet Ethically, Brett Flayton has a responsibility to tell the customers immediately of the security breach (Sanderson, 2011). How he chooses to sequence the communicating of the breach to customers has clear implications on the ongoing investigation by the security service. It will also have a major impact on the ability to completely solve the firewall situation, determine if it was negligence or if in fact the company was hacked, and whether those responsible have greater control than the senior management team at Flayton Electronics realize. In all data breaches there are major impacts on profitability and long-term viability of a business (Gatzlaff, McCullough, 2010). The costs associated with a data breach, both directly and indirectly, can cripple a business. Worse still, not responding at all and being seen as trying to cover it up can virtually assure a business will not be trusted anymore. Brett, the CEO, must decide if this risk is worth taking or not, and whether disclosing the information to customer's would lead to the investigation being compromised. The also has to consider how pervasive the potential link is as well. Based on these considerations and the potential that customer's credit cards are being used without their knowledge, he needs to make a statement immediately. Before making the statement however he needs to contact Experian, Transunion and Equifax, the three top credit reporting agencies, and tell them the credit cards numbers that have been breached. He also needs to pay for lifetime monitoring for all credit cards and identities of those affected, offering it to the victims of the theft at no charge if they choose to enroll. He needs to move beyond just protecting his company to actively protecting his customers too, no matter what the cost.