Security

Kudler Fine Foods IT Security Report

Team B: Justin Ryan West, Michael S. Polk, Loribeth Santiago, Raul Ayala, Justin Bartholomew

CMGT/400

April 8, 2013

Anthony Seymour

Kudler Fine Foods IT Security Report

Introduction

Kudler Fine Foods is a specialty food store with three locations in San Diego. Over the past several years Kudler's customer base has grown. To enhance customer experience when shopping at Kudler they want to expand services through the creation of a customer loyalty rewards program. With this new program will come many computer system upgrades for Kudler, along with new information technologies to be used with these systems. The loyalty program development team must design and implement the system along with working with a security team to ensure the new system is secure and protects Kudler Fine Foods information assets including customer information at all stages of development.

Most Critical Threats Identified

Security Team B has identified several systems that must be secured along with the top security threats and vulnerabilities that can be exploited. For example, Kudler servers are susceptible to denial-of-service attacks. These attacks would cause loyalty program customers to lose access to the Kudler website when trying to participate in the program. The result is a financial loss for Kudler and it also hurts their brand's reputation. These attacks will cause loyal customers to shop at a competitor’s website when they are denied access to Kudler’s website. Also, when a customer accesses the site from home, viruses and malware can transfer to the companies servers or a key logger from the customer's computer can send the information to the attacker and give access to the program server.

Without proper security controls Kudler's application and database servers are also susceptible to hacking. Customer information such as addresses, phone numbers, and email addresses could fall into the wrong hands. A malicious user...