Discussion Paper Chapter 3
Discussion Questions: Chapter #7
1) Security isn’t simply a technology issue, it’s a business issue. Discuss. Security is a business issue because companies have very valuable information assets to protect. Business must protect not only their own information assets but also those of customers, employees, and business partners. Failure to do so may open the firm to costly litigation for data exposure or theft. Systems often hold confidential information about customers information( social security, date of birth, credit card information, taxes), corporate operations, new product development plans, marketing strategies. These information assets have tremendous value for the companies and can be devastating if they are lost, destroyed, disturbed or placed in wrong hands.
2) If you were developing a business continuity plan for your company, where would you start? What aspects of the business would the plan address? If I were developing a business continuity plan for my company I would start forming back up teams in different locations that work together to create and coordinate plans addressing loss of facilities, personnel, critical systems so that the company can continue to operate when a catastrophic event occurs.
3) Suppose your business had an e-commerce Web site where it sold goods and accepted credit card payments. Discuss the major security threats to this Web site and their potential impact. What can be done to minimize these threats? The major treat for e-commerce is identity theft in which an imposter obtains personal information such as social security , driver license, credit card number to impersonate someone else. Having security control in your website like firewalls, intrusion detection systems, securing wireless network and antivirus software can help us to avoid or reduce this kind of treat.
1) Security isn’t simply a technology issue, it’s a business issue. Discuss. Security is a business issue because companies have very valuable information assets to protect. Business must protect not only their own information assets but also those of customers, employees, and business partners. Failure to do so may open the firm to costly litigation for data exposure or theft. Systems often hold confidential information about customers information( social security, date of birth, credit card information, taxes), corporate operations, new product development plans, marketing strategies. These information assets have tremendous value for the companies and can be devastating if they are lost, destroyed, disturbed or placed in wrong hands.
2) If you were developing a business continuity plan for your company, where would you start? What aspects of the business would the plan address? If I were developing a business continuity plan for my company I would start forming back up teams in different locations that work together to create and coordinate plans addressing loss of facilities, personnel, critical systems so that the company can continue to operate when a catastrophic event occurs.
3) Suppose your business had an e-commerce Web site where it sold goods and accepted credit card payments. Discuss the major security threats to this Web site and their potential impact. What can be done to minimize these threats? The major treat for e-commerce is identity theft in which an imposter obtains personal information such as social security , driver license, credit card number to impersonate someone else. Having security control in your website like firewalls, intrusion detection systems, securing wireless network and antivirus software can help us to avoid or reduce this kind of treat.