website investigation
potential threats to data
potential threats
Data can be stolen, damaged or distorted. The data itself is valuable in its own right, but the power it gives to the holder is what, I suggest, is most significant. For example, many victims of identify theft have had their bank accounts ransacked, money laundered in their name; and because of these events, suffered severe emotional strain and damage.
Below is a list of potential threats to customer data collected via eBuyer.com followed by a description of them.
Potential threats to data:
- Data interception
- Unauthorised access to stored data (Internal/external)
- The integrity of information
- Accidental loss or damage
- Physical threats
During an online transaction personal information is sent over a huge number of physical cables which are accessible to any individual who has the right knowledge. Consequently, this sensitive data is easily intercepted and stolen.
Personal data is still not secure even if it has arrived safely to its intended address. Unauthorised users can gain access from either inside the company or from outside by the use of the company’s internet gateway. The intruders from outside are commonly known as hackers. These criminals carry out operations sometimes simply for a challenge, maybe even for a sense of power, but usually it is so they can use the data in other criminal activities. Sadly, it is not probable that all the employees at eBuyer are one hundred percent honest. Personal data can also be accessed by these dishonest individuals inside the company who then in turn sell it on to other criminals. This means that the company needs to examine the how safe customer’s information is internally.
Another type of potential threat to personal information is if it is either out of date or incorrect. If the integrity of data is suspect major problems can occur. There are currently several pieces of legislation that help prevent these types of threat; they will be discussed in the next section.
Important data can also be lost or damaged by accidental human error. This is especially an important for medical organisations that store patient details electronically, but not so much transactional websites. However, customers or employees may sometimes accidentally delete personal data – so customers can actually be a threat to themselves.
Physical threats such as hardware failure, theft or the instance of a fire must also be protected against by companies. In the next part of this report I will describe in detail the various data protection techniques deployed by eBuyer and other transactional websites.
Click next to continue...