iPremier Case Study. EF. Edward Ferguson. Updated 26 November Transcript. iPremier Denial of Service Attack. Handlers. Zombies. Victim. Attacker. Founded in ; Based in Seattle Washington; Web-based commerce; Sell luxury, rare, and vintage goods; Customers mainly high-income. Develop their own security and facilities for storing data. Upgrade and maintain emergency procedures. Long Term Implementation.

Author: Tojarr Dilabar
Country: Dominica
Language: English (Spanish)
Genre: Marketing
Published (Last): 1 May 2009
Pages: 383
PDF File Size: 19.86 Mb
ePub File Size: 7.88 Mb
ISBN: 293-1-49576-983-8
Downloads: 46795
Price: Free* [*Free Regsitration Required]
Uploader: Doushicage

Make it a One-Day Story Communicating with the public early can reduce the chances that the media will leak details of the story in reports or publish critics. Combined, it can be concluded that there is no legal reason at this moment to disclose the incident. Second, company focused on immediate profits more than data security.

Moreover, the plan that Joanne had was out iprmeier date. By continuing to use this website, you agree to their use. Legal US law about security breach disclosure is rather vague and leaves significant room for interpretation.

In this case, when the network was hacked, the employees did not know the guiding procedure to follow.

iPremier and Denial Of Service Attack — Case Study – Digital CIO

The network security employee was vacationing in Aruba and QData did not manage to have his back up replacement. There were no employees to assist Joanne. Pull the plug, credit cards can be stolen. Third, Sthdy had no procedures to prevent the intrusion or stop the intrusion. Because there is not a real threat of information being stolen, the argument of moral is not relevant; customers would feel overly threatened by something which is in fact not really dangerous. Ipremiwr keeping with the best industry security practices, please remember that iPremier will never ask you to provide or confirm information including credit card numbers.


Reacting to client calls, we promptly contacted our data stkdy, Qdata, and worked with them to identify and correct the problem. However, the negative side of informing the customers about this particular event is that customers would get nervous and would worry. Fundraising presentation – Alliance for a Healthier Generation.

This site uses cookies. Not only QData, iPremier did not employ security experts either in the IT team who could well understand and recommend procedures for the company to keep its data safe. On January 12, several callers informed our technology department that they were unable to access our website.

How did Ipremier Perform?

The iPremier Company

No Proper Disaster Recovery Plan: Warren Spangler We have a problem…. Email required Address never made public.

However, three constraints were blocking the way to have a new data company to replace QData. If the attack had been more serious and customer credit card information had been stolen, the course of action would have different.


Second, QData was least cooperative in stopping the attack. Yes, it can hamper customer loyalty and could raise questions about the IT department, but nevertheless we feel in the long-run it builds customer trust as the company is willing to own its mistakes and implement measures to correct them.

Even though it is at night, any downtime longer than a few minutes will be noticed by external people and in the current information age, that would sure be communicated through various means. The way the company responds to its first intrusion servers as a reference point for all constituents consumers, media, investors, etc.

What significant errors did iPremier make that led to its troubles?

iPremier and Denial Of Service Attack — Case Study

Public relations Inform the press and customers about: It is critical for a business to develop a business continuity plan and train its employees because the disasters do not come forewarned. This is my legal perspective Peter Stewart.

There are three main reasons to disclose this situation to the legislators and the public; legal, economical, and moral. I personally promise caze update you with additional information as it becomes available to me.