Académique Documents
Professionnel Documents
Culture Documents
Outline
1. What technology issues led to the security breach at MWEB?
2. What is the possible business impact of this security breach for both MWEB and its customers?
3. If you were an MWEB customer, would you consider MWEB's response to the security breach to be acceptable? 4. What should MWEB do in the future to avoid similar incidents?
o South Africas 2nd largest Internet Service Provider o Founded in 1997 o Divisions: MWEB Connect and MWEB Business o Customer base: Home users Small, medium and large enterprises Corporate clients
Portfolio
o Tailored Business Solutions
o Personalized account management o Own world class network infrastructure o International connectivity redundancy o Next generation data centers o 24/7 Technical support
Security Measures
o Using AVG Internet Security as partner o Identity protection o LinkScanner (safe surfing) o WebShield (safe social networking) o Antiphishing, Antispam, Antivirus, Antispyware o Enhanced firewall o Automatic e-mail cleaning o Blocking network ports commonly used by hackers
Dangerous Breach
Issue: o Compromised subscribers account details o Published logon and password details
Reason
oHackers gained access to Web based Internet Solutions self-service management system o outsourced, not in total control
Data Management
MWEB as reseller of IS ADSL services Managed by Web-based management interface provided by IS
Historical
Current
New Business ADSL services since 2010 + legacy systems Managed by internal authentication systems
Business Impact
o Notifying customers and find solution o Determine reason for breach = interruption of business processes o Work together with IS o Lost trust of customers gain back o Implement proper policies and controls o Prepare for legal, financial risks o Threat to customer retention and reputation
Customer Impact
o Need for explanation o Need for behavioral recommendations o Loss of personal information (privacy) o Data lost or inaccurate o Additional compromising of related accounts o Inconvenience: have to change password or could not access the service o Lost trust in the company
Yes No
Thank you!