Difference between revisions of "Losing opportunity to make money"

From OWASP
Jump to: navigation, search
 
(5 intermediate revisions by one user not shown)
Line 1: Line 1:
'''Description:''' We currently live in a society where a customer expects instant gratification.  A system or network issue will impact the opportunity for the user to bring in money for the company therefore losing the opportunity to make money.
+
{{Template:Business Impact}}
 +
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''
  
Risk Factors:
+
==Description==
 +
We currently live in a society where a customer expects instant gratification. A system or network issue will impact the opportunity for the user to bring in money for the company therefore losing the opportunity to make money.  A customer expects the company not to violate their personal information.
  
• Reduction in customer satisfaction
 
  
• Potential loss of new customers
+
==Risk Factors==
  
• Alienation of existing customers
+
* Reduction in customer satisfaction
  
Example:
+
* Potential loss of new customers
  
A potential customer is shopping for a new wireless device and plan. If a system is experiencing issues, the customer becomes weary of the company and decides to hold off purchasing. This will result in losing the opportunity for the company to make money.
+
* Alienation of existing customers
 +
 
 +
* Company’s reputation is violated
 +
 
 +
* Attackers violating applications
 +
 
 +
* Fraudulent actions by users
 +
 
 +
* Legal action against the company
 +
 
 +
 
 +
==Examples==
 +
 +
===Frustrated Customer===
 +
 
 +
A potential customer is shopping for a new wireless device and plan. If a system is experiencing issues, the customer becomes weary of the company and decides to hold off purchasing. This will result in losing the opportunity for the company to make money.  
 +
 
 +
===Fraudulent Acts===
 +
 
 +
A user violates the company’s ethical stature and customer’s personal identification by using the customer’s personal information to purchase products and/or services.  The customer realizes unauthorized purchases were made to their credit card.  Legal action is taken against the company.
 +
 
 +
 
 +
==Related Technical Impacts==
 +
*Loss of confidentiality
 +
 
 +
* Loss of integrity
 +
 
 +
* Loss of availability
 +
 
 +
* Loss of accountability
 +
 
 +
 
 +
==References==
 +
*OWASP Top 10 - Ruby on Rails version, [http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf]
 +
 
 +
[[Category:Financial damage]]

Latest revision as of 13:36, 24 June 2008

This is a Business Impact. To view all business impact, please see the Business Impact page.


Last revision (mm/dd/yy): 06/24/2008

Description

We currently live in a society where a customer expects instant gratification. A system or network issue will impact the opportunity for the user to bring in money for the company therefore losing the opportunity to make money. A customer expects the company not to violate their personal information.


Risk Factors

  • Reduction in customer satisfaction
  • Potential loss of new customers
  • Alienation of existing customers
  • Company’s reputation is violated
  • Attackers violating applications
  • Fraudulent actions by users
  • Legal action against the company


Examples

Frustrated Customer

A potential customer is shopping for a new wireless device and plan. If a system is experiencing issues, the customer becomes weary of the company and decides to hold off purchasing. This will result in losing the opportunity for the company to make money.

Fraudulent Acts

A user violates the company’s ethical stature and customer’s personal identification by using the customer’s personal information to purchase products and/or services. The customer realizes unauthorized purchases were made to their credit card. Legal action is taken against the company.


Related Technical Impacts

  • Loss of confidentiality
  • Loss of integrity
  • Loss of availability
  • Loss of accountability


References

  • OWASP Top 10 - Ruby on Rails version, [1]