MIDTERM QUESTION #3

MIDTERM QUESTION #3

Internet if properly maximized can be used as a medium to the advantage of the company. However, risks and threats are there. Thus, research the following:

1. Identify the possible risks and threats (eg. virus) that can potentially attack a company with internet connection.

What Is A Virus?
A virus is a man-made computer program that infects a file or program on our computers. Each time the infected program is run, the virus is also triggered. It spreads itself by infecting other programs on the same computer.

What Is A Worm?
A worm is also a man-made program that replicates itself. However, unlike a virus, it does not infect other program files on the computer. Instead, a worm spreads itself automatically to other computers through email, over a network and via Internet Relay Chat (IRC).

How Do We Get Infected?
Viruses and worms can infect desktop computers, laptops and network servers and reach our PCs from email, web sites, downloaded files and loadable media (e.g. floppy disks, CD-ROMs and DVDs).

How Does A Virus Or Worm Infection Affect Us?
Unfortunately, the effects of an infection are pretty unpleasant. The virus or worm, can,

• Disable the computer
• Add, modify or delete files or reformat the hard disk
• Steal addresses held in our computer to send on virus-infected emails to our friends, colleagues, clients or customers
• Send unsolicited bulk email (spam) to those in our mail address books and other use

www.guard-privacy-and-online-security.com/how-do-you-stay-safe-on-the-internet.html - 35k -

2. Case research and analysis:

Rigor in Information Systems Positivist Case Research: Current Practices, Trends, and Recommendations

Case research has commanded respect in the information systems (IS) discipline for at least a decade. Notwithstanding the relevance and potential value of case studies, this methodological approach was once considered to be one of the least systematic. Toward the end of the 1980s, the issue of whether IS case research was rigorously conducted was first raised. Researchers from our field (e.g., Benbasat et al. 1987; Lee 1989) and from other disciplines (e.g., Eisenhardt 1989; Yin 1994) called for more rigor in case research and, through their recommendations, contributed to the advancement of the case study methodology. Considering these contributions, the present study seeks to determine the extent to which the field of IS has advanced in its operational use of case study method. Precisely, it investigates the level of methodological rigor in positivist IS case research conducted over the past decade. To fulfill this objective, we identified and coded 183 case articles from seven major IS journals. Evaluation attributes or criteria considered in the present review focus on three main areas, namely, design issues, data collection, and data analysis. While the level of methodological rigor has experienced modest progress with respect to some specific attributes, the overall assessed rigor is somewhat equivocal and there are still significant areas for improvement. One of the keys is to include better documentation particularly regarding issues related to the data collection and analysis processes.

www.citeulike.org/group/9397/article/4154386 - 31k -

2.a Identify one company that had experienced an attacked from the internet.

Westinghouse Electric Corporation, part of the Nuclear Utilities Business Group of British Nuclear Fuels (BNFL) is a provider of nuclear plant products and services to utilities around the globe. The company employs more than 9,000 people at 36 locations worldwide-many of whom are engineers generating revenues by meeting customer deliverables and schedules.

"We have a global business that requires collaboration and sharing of information and data worldwide," says Thomas Moser, manager of Information Technology Services for Westinghouse. "Having networks that are up and available to continue the revenue stream is highly important."

2.b Describe the attack.

In February 2004, the company found out just how damaging this vulnerability could be when the network was hit with the MyDoom virus. Moser and his staff realized that the network was under attack by something the anti-virus software wasn't recognizing, and immediately began disconnecting the affected segments. Only 103 PCs were infected-less than two percent of worldwide workstations-and they were isolated within 35 minutes. But by that time, the damage had been done: 24 locations worldwide were affected. More than 9 million files, representing 1.4 terabytes of data, were deleted. And in the aftermath, more than 12,000 hours of employee productivity were lost, at an estimated cost of more than US$1 million.


2.c Identify the damages done and the solutions adopted to reverse the damages and to protect the company from future threats.

Just one month after the MyDoom attack, Moser became aware of a new kind of network endpoint protection that had recently been introduced by Cisco Systems®: Cisco® Security Agent. A host-based threat defense system, Cisco Security Agent analyzes actual operating system behavior of PCs and servers, and blocks suspicious or malicious activity-without relying on matching a virus signature. As a result, the solution can provide protection against both known and unknown day-zero threats. It was exactly what Moser and Westinghouse were looking for.

"We first looked into Cisco Security Agent in March, 2004, and we immediately purchased licenses for all our users, without even seeing it," says Moser. "We tested and piloted it over the following three months, and then began rolling it out site by site later that year. By February, 2005, we had implemented it across the world, and we've been using it ever since."

Moser admits that he likely would not have purchased a new technology sight unseen under other circumstances. But the fact that Cisco Systems was behind the solution gave him the confidence to move forward. Westinghouse had also had very positive experiences with other Cisco solutions, including Cisco PIX® security appliances and Cisco Intrusion Prevention System (IPS) solutions, and relied on a network infrastructure built almost entirely with Cisco routers and Cisco Catalyst® switches.

www.cisco.com/en/US/products/sw/secursw/ps5057/products_case_study0900aecd8033ab2f.shtml - 37k -