Costco Case Study

1380 Words 6 Pages
As part of the overall risk model, we have already illustrated the threats and attacks that are possible on the Costco’s IT infrastructure with the likelihood of attacks that can exploit the identified vulnerabilities, which may eventually pose an extensive threat to the Costco’s operations including missions, functions, image, and reputation as well as to the organizational assets, linked organizations, and the consumers. Costco’s privacy policy clearly enunciated the significance of customer’s private and financial information for the organization, and promises to maintain the technical competence to safeguard the information collected through their websites, point of sales terminals, and other mechanisms (Costco, 2013).
Consequently, to
…show more content…
Firewalls can be deployed on a machine, router, or LAN switch for service, direction, user, and behavior control. The firewall categories are: packet filtering firewall, which is beneficent in controlling the Internet Protocol (IP) address spoofing, source routing, and tiny fragments attacks; stateful inspection firewalls; application level gateways; and circuit level gateways. Similarly, the IPS systems are either host-based or network-based. Host-based IPS is used to protect against the modification of system resources, exploits related to privilege-escalation and buffer-overflow, e-mail contact list access, and directory lookup. On the other hand, the network-based IPS is used for identifying malicious network packets, and assists in pattern and stateful matching, and protocol, traffic, and statistical anomaly prevention (Stallings, & Brown, …show more content…
Moreover, the concept of data scrambling also known as data masking, sanitization or obfuscation, is used when the data needs to be secured from the authorized users, such as external developers and testers. Finally, to mitigate the problem of inference, poly instantiation techniques and auditing of the database should be incorporated (Kulkarni & Urolagin,

Related Documents