Friday, June 7, 2019
Ipremier and Denial of Service Attack â⬠Case Study Essay Example for Free
Ipremier and Denial of Service Attack Case Study tasteIn a recent Information Management lecture we went through the case of iPremier (read the full case) which is a popular case study from Harvard Business School. It was a made up case but the recent high profile hacking stories (such as Gawker) show that companies are not taking security seriously.The background is that iPremier suffered a DOS attack in the middle of the night which caused chaos in the company. After an hour the attack stopped and the company went back to business as normal. Two weeks later another DOS attack was spawned from the companys server directed at a rival which proved that their server had been compromised. The FBI became involved, the competitor threatened to sue and the city analysts were thinking of downgrading the stock.Our role was to come up with recomm final stageations as to how the processes and plans could be improved for the future. Keeping in mind that the security is well-nigh more tha n just technology we needed to brainstorm around people and processes as well.1. People and processesDevelop a business continuity plan (test it end to end including suppliers and keep it updated) Develop an IT governance framework that includes security in its remit Develop clear reporting linesBetter training for emergenciesTrust your technological leaders and make sure they have the resources to lead in a crisisMake security part of strategyHire an independent audit squad who report into the boardHire a security and risk expertDevelop a better relationship with your hosting supplier2. TechnologyAvoid undivided points of failure. Separate the server stack so that database, web and file servers are not on the same network Use a reputable hosting provider with a world class infrastructure and support Make sure all your software is up to dateUse a combination of hardware and or software firewallsBackup and redundancy planning and testingActive monitoringStrong one-way encryption of passwordsUse open auth systems such as Facebook connect
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment