Soney Security Violations Case Study
You are assigned to the CIO's Office for the Sony Corporation. You have been assigned to a special task force to respond to recent media publications about the security violations involving the Sony Playstation 3. Some of the accusations include:
Sony hasn’t yet recovered from the PlayStation Network outage, but it has already been hit ... It alleges breach of warranty, negligent data security violation
Related video Mobile apps accused of privacy violations
Compliance violations via email increase ... A week after shutting down its PlayStation Network (PSN), Sony has ... an issue highlighted recently by security
Sony says credit card data of PlayStation users may have been stolen in an ... It says it has hired an outside security ... …show more content…
Your assignment is to recommend products that have been tested and complies with the common criteria.
Product lines include VPN, Firewall, Wireless LAN, Biometrics, and Access Control. Using the two sites that contain evaluated products (www.commoncriteriaportal.org or http://www.niap-ccevs.org/cc-scheme/) identify the products that will provide Sony with the optimal solution and use the Security Targets to describe the security functionality it provides, and state how this product reduces the potential risks identified in the media.
Hint: Google "sony playstation 3 + security violations." Once you understand the problems about the Sony product, select products and use the Security Target to describe how it can reduce risk.
The written assignment will be completed and submitted as an individual; however, you can work together to discuss how these commercial products reduce risk.
Additional guidance:
Products that have an EAL rating of 1 adds 1% to the overall IT budget. Your goal is to select the best products and minimize cost.
Products that have an EAL rating of 2 adds 2% to the overall IT budget. Your goal is to select the best products and minimize
cost.
Products that have an EAL rating of 3 adds 3% to the overall IT budget. Your goal is to select the best products and minimize cost.
For example, if you select 3 products that all have an EAL rating of 3, you add 9% to the overall IT budget. If the budget is $20M, you add $1.8M. You need to justify the cost using risk assessment methods or any of the techniques we discussed in class. If you can purchase an EAL 1 VPN that will save 2% or $400K.
Sony hasn’t yet recovered from the PlayStation Network outage, but it has already been hit ... It alleges breach of warranty, negligent data security violation
Related video Mobile apps accused of privacy violations
Compliance violations via email increase ... A week after shutting down its PlayStation Network (PSN), Sony has ... an issue highlighted recently by security
Sony says credit card data of PlayStation users may have been stolen in an ... It says it has hired an outside security ... …show more content…
Your assignment is to recommend products that have been tested and complies with the common criteria.
Product lines include VPN, Firewall, Wireless LAN, Biometrics, and Access Control. Using the two sites that contain evaluated products (www.commoncriteriaportal.org or http://www.niap-ccevs.org/cc-scheme/) identify the products that will provide Sony with the optimal solution and use the Security Targets to describe the security functionality it provides, and state how this product reduces the potential risks identified in the media.
Hint: Google "sony playstation 3 + security violations." Once you understand the problems about the Sony product, select products and use the Security Target to describe how it can reduce risk.
The written assignment will be completed and submitted as an individual; however, you can work together to discuss how these commercial products reduce risk.
Additional guidance:
Products that have an EAL rating of 1 adds 1% to the overall IT budget. Your goal is to select the best products and minimize cost.
Products that have an EAL rating of 2 adds 2% to the overall IT budget. Your goal is to select the best products and minimize
cost.
Products that have an EAL rating of 3 adds 3% to the overall IT budget. Your goal is to select the best products and minimize cost.
For example, if you select 3 products that all have an EAL rating of 3, you add 9% to the overall IT budget. If the budget is $20M, you add $1.8M. You need to justify the cost using risk assessment methods or any of the techniques we discussed in class. If you can purchase an EAL 1 VPN that will save 2% or $400K.