Difference between revisions of "Losing opportunity to make money"

From OWASP
Jump to: navigation, search
 
(3 intermediate revisions by one user not shown)
Line 1: Line 1:
 +
{{Template:Business Impact}}
 +
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''
  
== '''Description:''' ==
+
==Description==
 
We currently live in a society where a customer expects instant gratification. A system or network issue will impact the opportunity for the user to bring in money for the company therefore losing the opportunity to make money.  A customer expects the company not to violate their personal information.
 
We currently live in a society where a customer expects instant gratification. A system or network issue will impact the opportunity for the user to bring in money for the company therefore losing the opportunity to make money.  A customer expects the company not to violate their personal information.
  
== '''Risk Factors''' ==
 
• Reduction in customer satisfaction
 
• Potential loss of new customers
 
• Alienation of existing customers
 
• Company’s reputation is violated
 
• Attackers violating applications
 
• Fraudulent actions by users
 
• Legal action against the company
 
  
 +
==Risk Factors==
  
== '''Examples''' ==
+
* Reduction in customer satisfaction
 +
 
 +
* Potential loss of new customers
 +
 
 +
* Alienation of existing customers
 +
 
 +
* Company’s reputation is violated
 +
 
 +
* Attackers violating applications
 +
 
 +
* Fraudulent actions by users
 +
 
 +
* Legal action against the company
 +
 
 +
 
 +
==Examples==
 
   
 
   
'''Frustrated Customer'''
+
===Frustrated Customer===
  
 
A potential customer is shopping for a new wireless device and plan. If a system is experiencing issues, the customer becomes weary of the company and decides to hold off purchasing. This will result in losing the opportunity for the company to make money.  
 
A potential customer is shopping for a new wireless device and plan. If a system is experiencing issues, the customer becomes weary of the company and decides to hold off purchasing. This will result in losing the opportunity for the company to make money.  
  
'''Fraudulent Acts'''
+
===Fraudulent Acts===
  
 
A user violates the company’s ethical stature and customer’s personal identification by using the customer’s personal information to purchase products and/or services.  The customer realizes unauthorized purchases were made to their credit card.  Legal action is taken against the company.
 
A user violates the company’s ethical stature and customer’s personal identification by using the customer’s personal information to purchase products and/or services.  The customer realizes unauthorized purchases were made to their credit card.  Legal action is taken against the company.
  
  
== '''Related Technical Impacts''' ==
+
==Related Technical Impacts==
- Loss of confidentiality
+
*Loss of confidentiality
 +
 
 +
* Loss of integrity
  
- Loss of integrity
+
* Loss of availability
  
- Loss of availability
+
* Loss of accountability
  
- Loss of accountability
 
  
 +
==References==
 +
*OWASP Top 10 - Ruby on Rails version, [http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf]
  
== '''References''' ==
+
[[Category:Financial damage]]
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf
+

Latest revision as of 13:36, 24 June 2008

This is a Business Impact. To view all business impact, please see the Business Impact page.


Last revision (mm/dd/yy): 06/24/2008

Description

We currently live in a society where a customer expects instant gratification. A system or network issue will impact the opportunity for the user to bring in money for the company therefore losing the opportunity to make money. A customer expects the company not to violate their personal information.


Risk Factors

  • Reduction in customer satisfaction
  • Potential loss of new customers
  • Alienation of existing customers
  • Company’s reputation is violated
  • Attackers violating applications
  • Fraudulent actions by users
  • Legal action against the company


Examples

Frustrated Customer

A potential customer is shopping for a new wireless device and plan. If a system is experiencing issues, the customer becomes weary of the company and decides to hold off purchasing. This will result in losing the opportunity for the company to make money.

Fraudulent Acts

A user violates the company’s ethical stature and customer’s personal identification by using the customer’s personal information to purchase products and/or services. The customer realizes unauthorized purchases were made to their credit card. Legal action is taken against the company.


Related Technical Impacts

  • Loss of confidentiality
  • Loss of integrity
  • Loss of availability
  • Loss of accountability


References

  • OWASP Top 10 - Ruby on Rails version, [1]