iPremier (A): Denial of Service Attack
Date: -12th Feb 2013
1. Significant errors made by iPremier that led to its troubles:-
a. Outsourcing of Hardware / Data center: - For a company involved in web-commerce, data plays a major role in the sustainable success of the company. These are the future assets of the company on which the growth of company depends. Therefore, it is necessary for a company to have a good control over the hardware / data center.
iPremier has outsourced its hardware / data center to another company Qdata. But the negative aspect is that the company iPremier is not taking proper care and control of the data because the company thinks that it has outsourced the work and Qdata will look after that.
Even when the company employee believes that Qdata operation is not as per the expectation, the decision to be with Qdata is biased by founders’ relationships.
b. No Emergency Plan:- Once the company has outsourced its hardware activity to Qdata, the company thought that now it is the responsibility of Qdata to take care of the hardware operation.
Therefore, the company was not ready with any contingency plan to tackle emergency situation.
c. Company Priority:- In view of the high growth strategy and profit objective, the company was not able to concentrate on their hardware / data centre aspects.
It has diverted the company’s attention from their primary assets.
d. Employee Awareness:- Employees were not trained properly regarding the working of data center and they were not having knowledge of it.
Therefore the employees were not sure of the reason / implications of the incidence and of the corrective actions to be taken.
e. Lack of Resources:- Until the company faced the problem, the employee were not aware about the outdated resources e.g. outdated binder, unavailability of detailed logging etc.
2. Arguments to support a decision to do nothing and continue business as usual:-
a. Looking at the market competition, the company is operating at a very thin profit margin. In this case, if the company goes for restructuring / reconstruction of its hardware facilities, it will cost huge to the organization for infrastructure, manpower etc.
Therefore, it will be difficult for the organization to invest a huge amount in the current market competition scenario.
b. The customer faith plays a major role in the success of web commerce business. Now if the company goes for the restructuring / reconstruction of the hardware facilities, the customer might be able to know about the recent incidence. It will have a negative impact on customers’ confidence and the company’s reputation.
The maintenance activities might interrupt the transaction process done by the customer for some time. This will further impact the customers’ confidence negatively.
3. Arguments to disclose to customers the potential for a breach:-
a. If the customers will get to know about the incidence from some other sources, the customers will think that the company has hidden important facts from them. It will further damage the confidence of the customers. On the other hand if the company will communicate the customers about the incidence, it will create positive impact on customers w.r.t. customer confidence, transparency policy etc.
It will help the organization to portrait itself as a transparent and customer friendly organization.
b. Disclosing the fact to customers will make the customers more careful about their transactions related actions.
It will act as double security in the business transaction process.
c. Customer is the major stakeholder of the business. The non-disclosing fact of the incidence will have legal consequence on the organization.
4. Recommended course of action:-
We will take the mixed course of action as suggested...
Please join StudyMode to read the full document