Ipremier Case Summary

IPremier was not prepared for this seventy-five minute attack. This is mainly due to the fact that they were using an outdated and unreliable internet hosting company. IPremier contracted Qdata, who was an internet hosting company that provides them with their computer equipment and internet connection. Qdata was not viewed as an industry leader and iPremier had many troubles with their systems. The reason that iPremier uses Qdata is because one of the founders’ close friends is a founder of Qdata, this makes for a conflict of interest. It also states that “a new facility would be more expansive and hurt profits”. In this case iPremier is neglecting their internal controls which was the main cause of this attack. To help with this iPremier needs to have a crisis management strategy in place at all times. They also need to have at least a satisfactory firewall to help reduce the problems if they happen to occur again. If the attacked lasted longer than seventy-five minutes it is likely that …show more content…
Bob Turley, the new CIO of iPremier, did not act best under pressure. As the CIO he is responsible for the company’s reputation, at any point in time. Because of the position he was in as a new acting CIO, he was not as familiar with the company as he should be. This forced him to rely on his counterparts to make the decision over him. Ultimately he should be making the decisions since the responsibility relies on him. Because they were not aware of the severity of the attack, Turley should have ordered the system to be fully shut down, even if it meant losing the data that would help the company figure out what happened. If the website was hacked, not shutting it down could have meant risking customers credit card numbers. Dealing with stolen data and expense of the fallout of people’s personal information leaking is far more detrimental to the company than losing information about how the attack