Difference between revisions of "Losing your money"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
== '''Description''' ==
+
{{Template:Business Impact}}
 +
Last revision (06/24/08): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}== '''Description''' ==
 
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees.
 
Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees.
  
Line 5: Line 6:
 
• The financial report is impacted when an application or network service level agreement is not met.  
 
• The financial report is impacted when an application or network service level agreement is not met.  
  
Reduction in benefits for the individual.  
+
* Reduction in benefits for the individual.  
  
Reduction in headcount for the company.  
+
* Reduction in headcount for the company.  
  
A company's expenses will exceed its revenues.  
+
* A company's expenses will exceed its revenues.  
  
Hackers invading a network or application system.  
+
* Hackers invading a network or application system.  
  
PCI compliancy did not occur and the company is fined.
+
* PCI compliancy did not occur and the company is fined.
  
  
== '''Examples''' ==
+
==Examples==
 
'''A Company's Expenses Exceed Its Revenues'''  
 
'''A Company's Expenses Exceed Its Revenues'''  
  
 
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses.  
 
The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses.  
  
'''Domino Impact'''
+
===Domino Impact===
  
 
A hacker invades a network and finds its way through an application wall.  The customer’s encrypted personal data was opened and used outside in the business market.  The customer files a lawsuit against the company.  The company files bankruptcy.
 
A hacker invades a network and finds its way through an application wall.  The customer’s encrypted personal data was opened and used outside in the business market.  The customer files a lawsuit against the company.  The company files bankruptcy.
  
  
== '''Related Technical Impacts''' ==
+
==Related Technical Impacts==
  
 
- Loss of confidentiality
 
- Loss of confidentiality
Line 37: Line 38:
  
  
== '''References''' ==
+
==References==
OWASP Top 10 - Ruby on Rails version, http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf
+
* OWASP Top 10 - Ruby on Rails version, [http://www.lulu.com/items/volume_62/1412000/1412042/1/print/Owasp-rails-security.pdf]

Revision as of 10:25, 24 June 2008

This is a Business Impact. To view all business impact, please see the Business Impact page.


Last revision (06/24/08): 06/24/2008== Description == Any company as a whole is made up of individuals. If the company experiences a revenue reduction, this translates down to a reduction in benefits for the employees and possibly even to a reduction of the number of its employees.

Risk Factors

• The financial report is impacted when an application or network service level agreement is not met.

  • Reduction in benefits for the individual.
  • Reduction in headcount for the company.
  • A company's expenses will exceed its revenues.
  • Hackers invading a network or application system.
  • PCI compliancy did not occur and the company is fined.


Examples

A Company's Expenses Exceed Its Revenues

The business looks at ways to reduce costs. Employee benefits are re-examined and modified to support reducing company cost thus reducing its yearly expenses.

Domino Impact

A hacker invades a network and finds its way through an application wall. The customer’s encrypted personal data was opened and used outside in the business market. The customer files a lawsuit against the company. The company files bankruptcy.


Related Technical Impacts

- Loss of confidentiality

- Loss of integrity

- Loss of availability

- Loss of accountability


References

  • OWASP Top 10 - Ruby on Rails version, [1]