The iPremier Company Qing Cao Team #4 Dalal Ahmad, Sayed Almohri Aliza Levinsky Andy Rupp Avinash Sikenpore ISQS 5231-IT for Managers Qing Cao

Advantage: flexible return policies. Background Background The company iPremier, a Seattle based company, was founded in 1994 by two students from Swathmore College.  Web-based commerce, selling luxury, rare, and vintage goods over the Internet. iPremier was one of the few companies to survive the technical stock recession of 2000. (B2C Market) Advantage: flexible return policies.

Management Background Management at iPremier consisted of young people who had been with the company for some time and a group of experienced managers Well educated technical and business professionals with high performance reputation Values: professionalism, commitment to delivering results, and partnership for achieving profits. The company had a strong orientation to “do whatever it takes” to get projects done on schedule.  

Hierarchical Structure Characters Name Position Bob Turley Chief Information Officer Jack Samuelson CEO Joanne Ripley Head of IT operations Warren Spangler Vice president of business development Tim Mandel Chief Technology Officer Leon Ledbetter Operations assistant Peter Stewart Legal consultant Hierarchical Structure Jack Samuelson Bob Turley Joanne Ripley Leon Ledbetter Tim Mandel Peter Stewart Warren Spangler

Stakeholders Stakeholder Role Degree of impact Customers The most important asset for the company. Build up the company’s reputation and develop and drive its business future. High iPremier Chief Officers Determine administrative policy and procedures. Address management issues company culture, outsourcing, management relationships, risk management. Very high iPremier Operation Managers Develop alternatives to quickly recover from an attack mitigating the system’s downtime. Implement high standards for security and back up systems to ensure business continuity. Qdata-Outsourcer Forms the backbone for the company. Administrative and Technical  Employees Capability to develop and invest in advanced technology. Administrative and Technical  Employees Responsible for administering, operating, and maintaining the company’s systems.

Architecture Background Qdata Facility iPremier Co. Case Qdata Private Network VPN Cust A Router Cust A Ethernet switch To public Internet DNS Servers VPN Cust B Router Cust B VPN Cust… Internet Router Router Cust… Network Management VPN iPremier Company iPremier Co. Case Router Firewall Web Accelerator Router to HQ Ethernet Switches TI Web Server Cluster SMTP/POP Server Network Management Database Server

Governance and Ownership Community Alliance Corporation Ipremier Market Hierarchy Partnership Governance Since it consisted of a legally defined organization with different departments like legal, marketing, IT etc, we categorize it as a CORPORATION. A formal contract is not formed in a B2C relationship which places iPremier in the MARKET section of the matrix as it provides goods, processes payments and maintains customer profiles.

Product / Market positioning Broad Narrow Ipremier Low Cost Value-Added Product positioning Since it currently serves a niche market(mostly affluent) we categorized it as NARROW , but with it’s plans for growth it is moving up to reach BROAD . Since it sells luxury-rare items we recognize it as VALUE ADDED.

Impact on business operations IT Impact Impact on business operations High low Ipremier Low High Impact on strategy At the early beginnings of the company it’s IT placed it in a HIGH strategic impact position . Later on when competitors entered the market the IT strategic impact became LOW . Since it’s an online business IT impact on operations is HIGH.

Coupling-Interaction Tight Loose Ipremier Linear Complex Interactions Since all the operations of an e-commerce are mostly online iPremier is reasonably COMPLEX. It is also reasonably tight COUPLING because its operations are interdependent

Timeline Timeline Founded by two students at Swarthmore College Initial public offering Stocks fell in the NASDAQ crash but then stabilized iPremier had $32 million in sales and $2.1 million in profits January 12th DoS attack 1996 1998 2000 2006 2007

Before 4:31 a.m Before 4:31 a.m 4:31 a.m 4:31 a.m 4:39 a.m 4:39 a.m Timeline of events Before 4:31 Before 4:31 a.m Before 4:31 a.m 4:31 a.m 4:31 a.m Call Turley!!! We have a problem with the website 4:31 Web Site is locked up!! Customers can’t access it Someone might have hacked us Leon Ledbetter Joanne Ripley Leon Ledbetter Bob Turley 4:39 4:39 a.m 4:39 a.m Between 4:39 and 5:27 a.m 4:39 -5:27 Between 4:39 and 5:27 a.m How long until we are back and running? Did someone hack us? Is it a DoS attack? Should we pull the plug? Is credit card information being stolen? Do we have emergency procedures? Bob Turley . I think it is deliberate Most of our customer are asleep I’ll restart the server I’ll call you back We have a binder. I can’t find Joanne Ripley Joanne is in the way to Qdata

Between 4:39 and 5:27 a.m Between 4:39 and 5:27 a.m Timeline of events 4:39-5:27 Between 4:39 and 5:27 a.m Between 4:39 and 5:27 a.m Between 4:39 and 5:27 a.m Between 4:39 and 5:27 a.m Leon said something about suspicions mail, should I call FBI? 4:39- 5:27 We have a problem…..Should we pull the plug? No, we need to preserve evidence… but detailed logging is not enabled Warren Spangler Bob Turley We don’t want the press involved Bob Turley Tim Mandel 4:39-5:27 Between 4:39 and 5:27 a.m Between 4:39 and 5:27 a.m 4:39-5:27 Between 4:39 and 5:27 a.m Between 4:39 and 5:27 a.m I’m in Qdata, there is no one that knows about the network, the only one went in vacation to Aruba. Do you have an escalation contact? Pull the plug, credit cards can be stolen. This is my legal perspective Peter Stewart . . Thanks so much for your thoughts Joanne Ripley Bob Turley Bob Turley

5:27 a.m 5:27 a.m Between 5:27 and 5:46 a.m Between 5:27 and 5:46 a.m Timeline of events 5:27 5:27 a.m 5:27 a.m Are we working a plan? The stock is probably going to be impacted. Focus on getting us back and running Between 5:27 and 5:46 a.m Between 5:27 and 5:46 a.m 5:27-5:46 Looks like a SYN flood from multiple sites It’s a DoS attack, due to a lack of proper firewall The attack is coming from 30 different sites Every time we shoot traffic from an IP, the zombie triggers attack from 2 sites Joanne Ripley Jack Samuelson Call someone senior at Qdata, and tell them we need immediate support Bob Turley Bob Turley Between 5:27 and 5:46 a.m Between 5:27 and 5:46 a.m 5:27-5:46 5:46 5:46 a.m 5:46 a.m Attack is over, it stopped at 5:46 a.m., the website is running, and we can resume business as usual Joanne Ripley Summarize what you think we should do Whatever you recommend will impact our customers I got to figure out what to tell Samuelson Bob Turley . . For a moment everything was quiet Bob Turley

VIDEO DoS VIDEO DoS

DoS Attack DoS (Denial of Service) is simply rendering a service incapable of responding to requests in a timely manner.

SYN Flood Attack

Internet Security 5 layers of internet security Your Business Unfortunately there is no single solution to protect your computer system.  The best solution is to layer levels of protection on top of one another.  This concept is not new.  It is called defense in depth and has been practiced for hundreds if not thousands of years.  An easy way to visualize defense in depth is the way ancient kings employed it.  First, they surrounded themselves with an army.  Next they built a castle to protect the army. Finally, they dug a moat to make attacking the castle more difficult.  None of the layers offered perfect protection, but each one made the others stronger and together they provided the best possible defense.  The layered approach to computer security works the same way.  The critical layers of computer system protection are: Physical Security – Keeping unauthorized people away from your computers and data connections eliminates many opportunities for attack. Internet Firewall – This can be hardware or software that filters incoming internet traffic and automatically prevents many types of attacks.  Hardware firewalls also hide your computer network from the internet so they are usually a far better solution than software firewalls. However, for a stand alone computer, a software firewall can be effective and it cost significantly less than the hardware based alternatives. Operating System – Basic operating system security limits which computers can connect one another, what information can be shared, and who can log on to a computer or network. Antivirus Protection – Filters out harmful viruses and worms before they can do damage. Business Practices – Ensure that users have strong passwords, that computers are monitored for unnatural events and regular back ups take place. Today’s Biggest Threat Worms are the most common threat at the moment.  They typically spread when a worm gets into a computer and then gathers all the email addresses on the hard disk.  The worm then secretly starts emailing itself to everyone on the list.  Anyone on the list who is not properly protected will then have the worm do the same thing on their computer.  Along the way, the worm usually opens up security holes to allow hackers to enter every computer it infects. The image below shows how the layered approach protects your computer.  This worm is most likely riding in on an infected email. Physical security is immediately bypassed. It does not matter how many doors and locks it takes to get to your computer, since the worm surfs in on the wires that connect you to the internet.  The internet firewall is not an obstacle either, because it must let email through.  Fortunately, the antivirus software catches the worm before it can reach its target.   Had the worm reached the operating system it would have opened security holes that would then allow a hacker to bypass all levels of security and get to the computer data or use the computer to launch an attack on someone else.  This type of attack has caused more than one unsuspecting person to have the F.B.I. knock on their door.

Alternatives Stay with Qdata Outsource to another provider Develop own IT infrastructure

SWOT Analysis Strengths: Weaknesses: Opportunities: Threats: Leaders in the e-commerce Resourceful pool of employees (talented young people, experienced managers) with reputations of high performance. iPremier targeted at high-end customers and had flexible return policies.  Credit limits on charge cards are rarely an issue. Weaknesses: Problem in internal communication and escalation deficiencies. iPremier does not have detailed transaction logs as it involves a trade off with speed Building all of their systems on poor performance IT services provider. Opportunities: iPremier is one of the few success stories of e-commerce business Given that iPremier established a very strong high-end customer base, it now has the opportunity of extending and tapping into the mid-class consumer Threats: Security issues that can harm the overall performance and success of iPremier Due to the lack of detailed transaction logs, possibility of repeated attack. IT operations outsourced to Qdata, (don’t have required immediate access and control over their data center and network). Qdata was not investing in advanced technology and upgrades.

Recommendations Perspectives Management Technical Public relations

Recommendations Management Actions Allocate appropriate resources towards IT security Create a standard protocol assigning roles and responsibilities and escalation of communication in such situations Implementation of a disaster recovery and business continuity plan (alternate website) Use external vulnerability assessment services to periodically check the security level maintained by the IT department. Review management culture orientation of end-result which leads to managers taking shortcuts to expedite delivery of software systems and ignore the controls. Appoint an external audit committee for risk assessment and management

Recommendations Technical Actions Implement a robust firewall. Enable logging and regularly monitor them. Install Network-based intrusion detection software. Train and educate all staff on basic systems security. Encrypt sensitive information on the servers Provide guidelines and information regarding people to contact when issues arise Switch the IT services to IBM or HP.

Recommendations Public relations Inform the press and customers about: Investment in state of the art network security systems. Performing an in-depth analysis and evaluation of the collocation facility and switch if needed Encryption of all customer data on its servers..

Lessons Learned Importance of contingency planning Handling core business operations in a responsible and careful manner (make sure the core business is in the right hands) Importance of support from senior executives Unconditional collaboration in moments of crisis Importance of a good cultural environment (relationships, innovations, entrepreneurship, team collaboration) Define protocols and clear channels of communication Regular evaluation of the IT infrastructure (vulnerability analysis, update protocols)

Questions