Potential Threats to Data
Introduction
Threats to data can come from inside the organisation as well as outside and a company must invest in protection from both of these sources. Data is too valuable to the company to risk losing it.
Threats from Inside the Organisation
Information is valuable and information you have given to a transactional web-site can be of value to a third party for various reasons. For instance other companies could want your address so they could send you junk mail, they may want your telephone number so they can ring you up and try to sell you something or your e-mail address so they can send you spam. Anyone who thinks this is just advertising and is therefore harmless should see my Dad when his bath is interrupted by a telephone sales call. There is of course a darker side of this as advertising is not the only reason someone may want this data. The information can be used for anything from nuisance call to fraud and identity theft. It is important to you therefore that, before you give any details to a company, you should know about the protection you have.
A large organisation will employ many people and it cannot be sure that they are all honest. The data held gives the less honest members of staff an opportunity to make some money on the side and the company will have to protect itself from the inside as well as the outside.
Even if its staff are honest, if the company is attached to the internet they may download some games or some free software. These games may come with some spy ware. These are hidden programs which sit in your computer ready to send information out to the person who gave you it. Often this is simply for advertising purposes but sometime it is so that they can find out information. The downloads may also come with viruses which are little programs sent from computer to computer designed to cause damage.
Often overlooked is the threat to data from accidental damage and acts of God. The organisation cannot function without this data so it is important that it is not lost or damaged. Information may be accidentally deleted or simply entered wrongly or there could be a fire or some other natural disaster.
A transactional website organisation needs to take as many steps as it can to counteract these threats not only to protect its business but also to build up confidence so that people will use their site.
Threats from outside the Organisation
Threats from outside the organisation tend to be mainly from hackers. These are people who try to get into someone else’s computer. Many hackers do it mainly to show people that they can and do not really mean any harm and have no intention of using the information they gain. Unfortunately they may not be as clever as they think and may accidentally do damage.
Another group of hackers try to access machines simply to cause damage. It is a form of vandalism. This could be a serious problem for a transactional website as the website be badly damaged and not work which means they would miss a lot of sales. Even worse would be the loss of unfulfilled orders. If the data is damaged someone like Moviehampers could have a product ready to send out and not know where to send it.
The third group of hackers try to get into the machine simply to gain information, even though they have no intention of using the information. They are just being nosey. There are two dangers here, you do not necessarily want strangers knowing this information and if they find out something which they could use in some way, such as getting money, they may be tempted to use it.
The final group are probably the most dangerous group as they hack with the intention of using the information in an illegal way. Probably the most common crime would be identity theft. A transactional website needs enough information to take money legally out of your account. This same information in someone else’s hands could be used to take money out of your account without you knowing about it.
If you add to this the possibility of catching viruses and Trojans from e-mails and the likelihood of spy ware getting onto your machines the threats from outside are considerable.