inform security sys 2.4

docx

School

Indiana Wesleyan University, Louisville *

*We aren’t endorsed by this school

Course

216

Subject

Information Systems

Date

Dec 6, 2023

Type

docx

Pages

7

Uploaded by CoachGalaxyHamster27

Report
INFORMATION SYSTEM INFRASTRUCTURE (CITM-502-01AFL) Name: Fatima Begum Monali Patel Shaik Sohail Hussain Mohammed Khaja Ahmed Professor Name: Dr. Rick
Develop a comprehensive analysis that identifies threats and vulnerabilities to the information systems infrastructure and organizational data. The organization that I and my group of people have selected is Amazon. Amazon is a multinational technology company and one of the world's largest online retailers. Founded by Jeff Bezos in 1994, Amazon initially started as an online bookstore. However, it quickly expanded its product offerings to include a wide range of goods, including electronics, clothing, household items, and more. Over time, Amazon became known for its customer-centric approach, fast and reliable delivery, and extensive product selection. Today, the company operates numerous business divisions, including e-commerce, cloud computing (Amazon Web Services), digital streaming (Prime Video), artificial intelligence (Alexa), and more. Amazon's success and market dominance have made it a prominent player in the global retail and technology industries. ( Christopher McFadden, Interestingengineering.com) Analysis of Threats and Vulnerabilities to Amazon's Information Systems and Data: Amazon, the popular online retailer, faces various risks to its information systems and organizational data. Understanding these threats is crucial for safeguarding the company's infrastructure and protecting sensitive information.
1. Cybersecurity Attacks: a. DDoS Attacks: Amazon's servers could be overwhelmed with excessive traffic, making its services unavailable to customers. b. Malware and Ransomware: Harmful software may infect Amazon's systems, causing data loss or demanding ransom in exchange for restoring access. c. Phishing and Social Engineering: Employees and customers might fall victim to scams that trick them into sharing sensitive information or compromising system security. d. Insider Threats: Disgruntled employees or those with malicious intent may abuse their access privileges to steal data, disrupt operations, or leak confidential information. (Ben Stevens, chargedretail.co.uk) 2. Third-Party Risks: a. Supply Chain Vulnerabilities: If one of Amazon's suppliers or partners is compromised, it could affect the security and integrity of the products and services offered by Amazon. b. Cloud Service Providers: Amazon relies on its cloud service, called Amazon Web Services (AWS), to power its operations. Any vulnerabilities or service disruptions in AWS could impact Amazon's services, data, and infrastructure. c. Vendor Security Controls: Weak security practices by vendors or service providers could expose Amazon's systems to unauthorized access or data breaches. (Tinglong Dai and Christopher S. Tang, barrons.com )
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
3. Data Breaches and Privacy Concerns: a. Customer Data Breaches: Unauthorized access to customer information, such as personal and financial data, could harm Amazon's reputation and result in legal consequences. b. Regulatory Compliance: Failing to comply with data protection regulations, such as the GDPR or CCPA, may lead to fines and legal actions, affecting Amazon's operations and public trust. c. Data Retention and Disposal: Inadequate practices for storing and disposing of data may expose Amazon to data leakage or unauthorized access if sensitive information is not properly handled. 4. Infrastructure and Operational Risks: a. Natural Disasters and Power Outages: Amazon's data centers and infrastructure are vulnerable to natural disasters, power outages, or technical failures, which could result in service disruptions and potential data loss. b. System Failures and Technical Glitches: Errors in software, hardware malfunctions, or configuration mistakes can lead to service disruptions, data corruption, or loss. c. Scalability and Performance: Managing Amazon's extensive infrastructure and ensuring it can handle increasing demands is challenging. System bottlenecks or overloads may impact operations.
5 . Regulatory and Legal Challenges: a . Antitrust and Competition Laws: Amazon's dominant market position has raised concerns about potential antitrust violations, which could result in legal actions, fines, or changes in regulations. b. Intellectual Property Infringement : Amazon may face legal challenges related to claims of copyright or trademark infringement, which could impact its operations and brand reputation. 6 . Emerging Technologies: a. Artificial Intelligence and Machine Learning Risks: The use of AI and machine learning in Amazon's systems introduces vulnerabilities, including biases in algorithms, privacy concerns, and potential exploitation by malicious actors. b . Internet of Things (IoT) Risks: IoT devices connected to Amazon's systems, such as smart home devices or delivery drones, may introduce security vulnerabilities and become entry points for attackers. Mitigation Strategies: 1. Implement strong cybersecurity measures, such as firewalls and encryption, and regularly assess and improve system security. 2. Train employees on cybersecurity best practices, emphasizing the identification of phishing attempts and social engineering tactics. 3. Control access to sensitive information and regularly monitor employee activities to detect and prevent insider threats.
4. Conduct thorough assessments of third-party suppliers and partners to ensure they adhere to security standards. 5. Keep systems and applications up to date with the latest security patches to address vulnerabilities promptly. 6. Regularly back up critical data and test the restoration process to ensure data availability and integrity. 7. Comply with data protection regulations and industry standards to protect customer privacy. 8. Prepare for natural disasters and infrastructure failures by diversifying infrastructure and having effective disaster recovery plans. 9. Proactively address legal and compliance challenges, such as antitrust regulations, through strategic approaches. 10. Assess and manage risks associated with emerging technologies like AI and IoT by conducting security reviews and considering ethical implications. It is important for Amazon to regularly evaluate and address these risks to effectively protect its information systems and organizational data. This analysis provides a general overview, and Amazon should stay updated on the latest threats and vulnerabilities to maintain robust security measures.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
References: Are Third-Party Sellers Damaging Amazon's Customer Relationships? | Barron's (barrons.com) The evolution of Amazon: from bookseller to tech giant (interestingengineering.com) Amazon hit with largest DDoS cyber attack in history - Latest Retail Technology News From Across The Globe - Charged (chargedretail.co.uk) https://smallbusiness.chron.com/data-security-issues-amazoncom-27181.html

Related Documents

PD202 Unit 5 Network Mind Map Worksheet (2) (1) (1).docx
Concept quiz 9-2.docx
CHADA.docx
Final Project - Safety Plan (1).pdf
Threat actors.docx
5.3 inf sec sys.docx
DR-strategy-analysis .pptx
Group Project Notes.docx
Network and System Monitoring.docx
Chapter-01 Video Case-2 UPS.docx
Chapter-10 Video Case1 Walmart-Amazon.docx
There are many human threats that an auditor could be concerned with whether they are intentional or