CASE :MWEB BUSINESS: HACKED

1.   What technology issues led to the security breach at MWEB?


The technology issues are compromised subscribers account details, published logon and password details that were published on the internet by hackers and MWEB previous web based self-service management system outsource to Internet Solution not yet migrate to the new MWEB network. So the reason is hackers gained access to Web based Internet Solutions self-service management system and it led to security breach that MWEB don’t have total control.

2. What is the possible business impact of this security breach for both MWEB and its customers?


Possible business impacts for MWEB are:
1.They have to notifying all customers and find fast solution like contacting these customers to reset their passwords, as an added security measure.
2.They have to work together with Internet Solution to solve this issue. They need to determine reason for breach and this leads to interruption of business processes.
3.They will lose trust of customers and takes time to gain back customer trust to company.
4.They need to immediately implement proper policies and controls of their systems.
5.They need to prepare for legal action and financial risks. This is threat to customer retention and reputation.
Possible impacts for MWEB customer are:
1.They need for explanation about the issue from MWEB.
2.They need for behavioral recommendations when this issue happens.
3.They loss of personal information such as privacy. The data lost or is inaccurate.
4.They feel inconvenience because they have to change password or could not access the service.
5.They lost trust in the company because of disappointed.



3. If you were an MWEB customer, would you consider MWEB's response to the security breach to be acceptable? Why or why not?


MWEB’s response to the security breach is acceptable because they respond quickly to the incident, migrate the Internet solution self-service management system to new secure server, contacting their customer to reset their passwords, as an added security measure and advice for immediate action, investigate thoroughly this incident and provide solution and report. The result note that no personal information was lost and that none of MWEB’s clients suffered any losses as their usernames and passwords had been recreated and changed. MWEB also successfully repels 5000 attacks a day.


4. What should MWEB do in the future to avoid similar incidents?


To avoid similar incident, MWEB should implement up to date security system or devices or protocol to their network such as Digital certificates, Intrusion detection system, MIS audit, regular and thorough testing and improved identity management. Moreover, MWEB should working closely with Internet Solutions to investigate the nature and source of the breach to ensure hacked doesn’t happen again.

评论

发表评论

此博客中的热门博文

case study :SCHIPHOL INTERNATIONAL HUB TO BECOME FAULTLESS: TRUTH OR DARE?

SCHIPHOL INTERNATIONAL HUB TO BECOME FAULTLESS: TRUTH OR DARE? 1.How many levels of complexity can you identify in Schiphol’s baggage conveyors network? There are four layers of complexity each of them is intermingled with others. The layers are given as below: 1.        The first level of complexity with Schiphol’s baggage conveyors network is where the bags are moved from check in area to departure gate. There was less coordination between software and hardware levels (e.g. conveyor belts, scanners, security checkers, etc.) 2.        The second level of complexity is at the level where the bags are moved gate to gate the place where the bag are handled by human support and aid the work (e.g. human baggage handlers) and also human-to-human relations (e.g. security officer with conveyor technician). 3.        Third level of complexity is at movement of the bogs from the arrival gate to the baggage claim where owner claim their bags from the security officers and conveyor tec
阅读全文

case study : IS SOCIAL BUSINESS WORKING OUT?

IS SOCIAL BUSINESS WORKING OUT? 1. Identify the management, organization, and technology factors responsible for impeding adoption of internal corporate social networks. Management:  Employees that are used to collaborating and doing business in more traditional ways need an incentive to use social software. Most companies are not providing that incentive: Only 22 percent of social software users believe the technology to be necessary to their jobs. Organization:  Companies that have tried to deploy internal social networks have found that employees are used to doing business in a certain way and overcoming the organizational inertia can prove difficult. Enterprise social networking systems were not at the core of how most of the surveyed companies collaborate. About half of the survey respondents said that internal social networks had “very little impact” on employee retention, the speed of decision making, or the reduction of meetings. Technology:  Ease of use and i
阅读全文