Difference between revisions of "Losing opportunity to make money"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
'''Description:''' We currently live in a society where a customer expects instant gratification.  A system or network issue will impact the opportunity for the user to bring in money for the company therefore losing the opportunity to make money.
+
'''Description:'''  
  
Risk Factors:
+
We currently live in a society where a customer expects instant gratification. A system or network issue will impact the opportunity for the user to bring in money for the company therefore losing the opportunity to make money.  A customer expects the company not to violate their personal information.
  
• Reduction in customer satisfaction
+
'''Risk Factors:'''
 +
• Reduction in customer satisfaction  
 +
• Potential loss of new customers
 +
• Alienation of existing customers
 +
• Company’s reputation is violated
 +
• Attackers violating applications
 +
• Fraudulent actions by users
 +
• Legal action against the company
  
• Potential loss of new customers
+
'''Example:'''
  
• Alienation of existing customers
+
'''Frustrated Customer'''
  
Example:
+
A potential customer is shopping for a new wireless device and plan. If a system is experiencing issues, the customer becomes weary of the company and decides to hold off purchasing. This will result in losing the opportunity for the company to make money.
  
A potential customer is shopping for a new wireless device and planIf a system is experiencing issues, the customer becomes weary of the company and decides to hold off purchasingThis will result in losing the opportunity for the company to make money.
+
'''Fraudulent Acts'''
 +
 
 +
A user violates the company’s ethical stature and customer’s personal identification by using the customer’s personal information to purchase products and/or servicesThe customer realizes unauthorized purchases were made to their credit cardLegal action is taken against the company.
 +
 
 +
'''Related Technical Impacts'''
 +
 
 +
- Loss of confidentiality
 +
 
 +
- Loss of integrity
 +
 
 +
- Loss of availability
 +
 
 +
- Loss of accountability
 +
 
 +
'''References'''
 +
 
 +
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf

Revision as of 13:47, 23 June 2008

Description:

We currently live in a society where a customer expects instant gratification. A system or network issue will impact the opportunity for the user to bring in money for the company therefore losing the opportunity to make money. A customer expects the company not to violate their personal information.

Risk Factors: • Reduction in customer satisfaction • Potential loss of new customers • Alienation of existing customers • Company’s reputation is violated • Attackers violating applications • Fraudulent actions by users • Legal action against the company

Example:

Frustrated Customer

A potential customer is shopping for a new wireless device and plan. If a system is experiencing issues, the customer becomes weary of the company and decides to hold off purchasing. This will result in losing the opportunity for the company to make money.

Fraudulent Acts

A user violates the company’s ethical stature and customer’s personal identification by using the customer’s personal information to purchase products and/or services. The customer realizes unauthorized purchases were made to their credit card. Legal action is taken against the company.

Related Technical Impacts

- Loss of confidentiality

- Loss of integrity

- Loss of availability

- Loss of accountability

References

OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf