Ipremier Company Case

1. How well did the iPremier Company perform during the seventy-five minute attack? If you were Bob Turley, what might you have done differently during the attack?

The iPremier Company performed quite ineffectively and in a completely confused manner during the seventy-five minute attack. It was essential for them to have ensured beforehand that their security systems were in place and that they could have blocked the website form operation at that time.

If I were Bob Turley, I would have called the website service provider and informed him that the firewall had been broken into and I need the website to be inactivated or de- functionalized immediately. This would help save customer information and credit card information as it would lead to inability to access information from the website for everybody including company operators and the hackers.

2. The iPremier Company CEO, Jack Samuelson, had already expressed to Bob Turley his concern that the company might eventually suffer from a "deficit in operating procedures." Were the company's operating procedures deficient in responding to this attack? What additional procedures might have been in place to better handle the attack?

Yes, the company’s operations were deficit in responding to this attack as there were high levels of incapability in doing anything at all about the attack. There was no information or idea available to anybody in the staff including the technical team.

Additional procedures that might have been in place to better handle the attack include the formation of a contingent or backup plan which can help them not only disable the website immediately but also help them to track the hacker and take appropriate actions. Along with this it is essential that they should strengthen the firewalls and security system.

3. Now that the attack has ended, what can the iPremier Company do to prepare for another such attack?

iPremier should first and foremost trace the hacker so that the credit card information and information about the customers is not misused. This forms their basic social responsibility. It is important for them to now strengthen their security system for which additional procedures need to be formed and put in place.

As already mentioned, a contingent or backup plan which can help them not only disable the website immediately but also help them to track the hacker and take appropriate actions should be formed and used in case to trace nay other such attacks on immediate basis. Along with this it is essential that they should strengthen the firewalls and security system.

4. In the aftermath of the attack, what would you be worried about? What actions would you recommend?

The first thing that I would be worried about in the aftermath of the attack includes the information of the customers and the credit cards that might have been accessed by the hacker and can be misused.

 I recommend legal actions against the hacker for the purpose of ensuring that there is no misuse of this information. This requires technical assistance for the purpose of tracing the hacker. Apart from this I would also be worried about the future prospects of the website and ensure that its security is strengthened.