Professional Documents
Culture Documents
Ipremier Assignment
Ipremier Assignment
BBA, Section-C
iPremier Assignment
Q1) According to me, iPremier performed really well in the 75-minute denial of
service attack or the DoS. Although, they were totally unprepared for this
unpleasant situation, but they managed it in a professional manner. The company’s
Chief Information Officer (CIO) was in New York yet he made various calls to
solve the problem and also listened to the viewpoints of every people related to the
company.
If I was Bob Turley, I would have pulled the plug and disconnected all the
communication lines as all the essential information related to customers’ credit
cards was stored in the company’s servers so if it would have been a serious
intrusion in the company’s server channels then it would have caused a big
problem for the company. Also, one thing I would like to highlight is that the
company didn’t have the necessary technology to detect whether it was a serious
intrusion or a simple DoS attack, therefore it was necessary to shut down the
systems.
Q2) Yes definitely the company lacked in having a good operational procedure in
handling the attack. The reason corresponding to that is their inefficiency to detect
whether it was an intrusion in the company’s servers or a DoS attack and if it was a
DoS attack, they didn’t know how to tackle it. Moreover, the CIO, Bob Turley was
himself asking Joanne about the emergency procedures so it highlights the
company didn’t have any contingency plans in this regard.
iPremier can also discontinue the services offered by Qdata and move on as they
proved to be inefficient. Rather than focusing on profit maximization, the company
should invest more on cyber security.
Q3) In my opinion, the company should focus on modifying their policies by
including various contingency strategies or plans so that they are prepared for any
kind of attack.
The company can arrange workshops as well to spread knowledge about the same
so that their employees are competent enough to tackle such situations.
Moreover, they can develop a mechanism that detects whether it is an intrusion in
the company’s servers or a DoS attack.
Q4) My biggest concern after the incident would be the customer information that
is being stored in the server channels because in a Business-to-Consumer (B2C)
business, the main interaction is with the customers and if the company proves to
be incompetent in handling such an essential information, then the company will
not be trusted by the customers in future purchases.
I would recommend that the company should focus more on protecting the
customer related information by making necessary policies & strategies in that
regard so that they don’t lose the customer’s trust in the future.
Also, the company can outsource or make an internal team of few people to
monitor such attacks from time to time.
Q5) Yes, iPremier should definitely disclose to customers about the intrusion in
the company’s servers or the potential breach because if the customer information
regarding the credit cards is being stolen from the company’s server, then the
customers would know that such an act is about to take place. The customers can
therefore contact their banks to deactivate their credit cards.
This will also help the company in building trust with their customers and they
will be encouraged to purchase from iPremier in the future.
Q6) Hello iPremier family, today is not the kind of day that we expected. We
would like brief you that there was a disturbance caused in our company’s server
or the Denial-of-Service attack better known as DoS attack. There is a possibility
of a potential breach which may have led to credit card information of our dearly
customers being stolen. We are working closely with our service providers to get
this sorted as soon as possible. Sorry for the inconvenience caused.
We look forward to your continued trust and support.
Regards.