Sign In
Not register? Register Now!
Essay Available:
Pages:
7 pages/≈1925 words
Sources:
Check Instructions
Style:
MLA
Subject:
IT & Computer Science
Type:
Essay
Language:
English (U.S.)
Document:
MS Word
Date:
Total cost:
$ 37.8
Topic:

EAC3214 – Accounting Information Systems Information Technology (IT) Failures Paper and Presentation

Essay Instructions:

Directions:
Identify an information technology (IT) failure impacting financial/accounting data in a company
within the last five years. The IT failure must have resulted from either poor information security,
external cyberattacks, breach of information, inside jobs to manipulate/steal information, lack of
regulatory compliance, etc. Then, address the following:
1. Summarize the IT failure, and provide brief background information about the company affected.
2. List the related information systems/technology controls that could have prevented and/or detected
the failure. Explain your reasoning.
3. How would the controls you listed above have helped safeguard the confidentiality, integrity, and
availability (also referred to as C.I.A.) of data? Hint: define C.I.A. first, then address the question.
4. As an IS Counselor/Advisor/Auditor, what other suggestions, recommendations, and/or
improvements would you communicate to Management and the Board of Directors of the company
affected?
5. List the References used.
Parameters: Submission Guidelines and Format:
 Present your work in a brief (7-10 pages) MS Word paper.
 Create a PowerPoint presentation to illustrate your paper as though you were presenting it in person.
 Copy and paste your paper into the Notes area of the PowerPoint presentation with the appropriate
text accompanying the slide you would be showing if you were presenting that part of the paper. The
entire paper should be included in the presentation, but you are not required to create more than six
slides.
 Be sure the work is your own and that any sources you use are properly cited and included in the
References section.
 To guide your work, imagine you are communicating your results to the Board of Directors of a
company.

 

EAC3214 – Accounting Information Systems  Information Technology (IT) Failures Paper and Presentation  

Directions:  Identify an information technology (IT) failure impacting financial/accounting data in a company within the last five years. The IT failure must have resulted from either poor information security, external cyberattacks, breach of information, inside jobs to manipulate/steal information, lack of regulatory compliance, etc. Then, address the following: 1. Summarize the IT failure, and provide brief background information about the company affected. 2. List the related information systems/technology controls that could have prevented and/or detected the failure. Explain your reasoning. 3. How would the controls you listed above have helped safeguard the confidentiality, integrity, and availability (also referred to as C.I.A.) of data? Hint: define C.I.A. first, then address the question. 4. As an IS Counselor/Advisor/Auditor, what other suggestions, recommendations, and/or improvements would you communicate to Management and the Board of Directors of the company affected? 5. List the References used. Parameters:  Submission Guidelines and Format:  Present your work in a brief (7-10 pages) MS Word paper.  Create a PowerPoint presentation to illustrate your paper as though you were presenting it in person.  Copy and paste your paper into the Notes area of the PowerPoint presentation with the appropriate text accompanying the slide you would be showing if you were presenting that part of the paper. The entire paper should be included in the presentation, but you are not required to create more than six slides.  Be sure the work is your own and that any sources you use are properly cited and included in the References section.  To guide your work, imagine you are communicating your results to the Board of Directors of a company.   Post your presentation on the Week 6 discussion board and submit your paper to the digital drop box by 11:59 p.m. ET on Sunday of Week 6.  The discussions in Weeks 7 and 8 will center on the presentations posted in Week 6  A significant portion of your grade for this project may be the result of comments posted by your peers  

Essay Sample Content Preview:
Name:
Course Code:
Date:
Information Technology (IT) Failures: Equifax
Failure Summary and Company profile
On September 7th, 2017, Equifax acknowledged to the public that they had suffered a security breach and data of at least 140 million Americans, Canadians and British citizens had been compromised. By the time of discovery, the hackers had compromised the Equifax system for 76 days and exfiltrated terabytes of data. The hackers accessed and exfiltrated data of names, addresses, date of birth, social security numbers and driver's license numbers. Additionally, they also access nearly 200,000 credit card information. This breach was second in a few months following the earlier one which had taken place in March 2017.
Equifax is one of the largest credit reporting agencies in the united states. The company collects information on over 800 million consumers and 88 million businesses around the world. The company is headquartered in Atlanta Georgia and has about 10,000 employees worldwide. It is also a publicly-traded company in the NYSE.
Equifax was hacked through their consumer complaint web portal. The web portal had a vulnerability that had been publicized earlier and a patch for the same developed. On March 6th Apache Software Foundation discovered a vulnerability that hackers could exploit in web applications developed using Apache struts. The vulnerability allows a remote attacker to inject operating system commands into a web application through the “Content-Type” header and open the system to further intrusion CITATION Mia17 \l 1033 (Joskowicz). Hackers could tuck malicious code into the content-type header and the server could be tricked into executing it. Apache software released a patch on March 8th 2017 and Equifax administrators were told to apply it on 9th March CITATION Jos19 \l 1033 (Fruhlinger). Investigations revealed that the initial intrusion to Equifax systems was done on March 10th. Equifax did not apply the patch and hackers scanning the internet for the vulnerability came across Equifax and infiltrated the system. Equifax also hired a security company Mandiant to find any vulnerabilities with their system to which they discovered several and warned Equifax of the unpatched web portal.
In May, the hackers moved from the web portal to other servers. They had laid low for nearly two months. Equifax had not segmented its servers appropriately from one another. It had also overlooked important security features such as encrypting passwords. The hackers came across some plain text usernames and passwords as they continued exploiting Equifax servers CITATION Jos19 \l 1033 (Fruhlinger). The breach went on for nearly two months undetected as they moved encrypted data from the servers. The hackers encrypted the data to avoid detection by the intrusion detection systems in Equifax. Equifax had failed to renew its encryption certificates 10 months earlier and the hackers encrypted their data to tunnel it out of the servers undetected. Unencrypted data could have triggered red flags and the breach detected.
Information systems/technology controls that could have prevented and/or detected the failure.
Equifax breach was entirely preventable. One of the ways in which the breach could ha...
Updated on
Get the Whole Paper!
Not exactly what you need?
Do you need a custom essay? Order right now:
Order

👀 Other Visitors are Viewing These MLA Essay Samples:

HIRE A WRITER FROM $11.95 / PAGE
ORDER WITH 15% DISCOUNT!
Order Now