IS Security Report: An Analysis of eBay's Information Security

Verified

Added on 2021/04/17

AI Summary

This report provides an analysis of eBay's information security, examining its policies, threats, and vulnerabilities. It begins with an introduction to information systems and their role in organizations, followed by a discussion of eBay's security policies, which are designed to ensure confidentiality, integrity, and availability of data. The report highlights the advantages of digital data storage but also acknowledges the associated risks of misuse and theft. It then delves into the specific threats faced by eBay's information system, including unauthorized access, communication errors, server issues, and system failures. The report concludes by emphasizing the importance of a robust security policy framework, including general and application controls, to protect eBay's data from misuse and loss. References to relevant literature are included to support the analysis.

Running head: IS SECURITY
IS Security
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1
IS SECURITY
Introduction
An information system can be network computer concern that gives a processing of same
software by many numbers of users assessing the same. An information system satisfies the
needs of all the required information of the organization. It processes and changes the data
management according to the organizations strategic plan (Safa, Von Solms and Furnell 2016).
In this report we will be talking about the security policy of eBay.
Discussion
When data are stored in the form of digital rather than manual it brings the organization
advantages and disadvantages as well advantages can be taken in the form that data storing
becomes easier and accurate with less difficulty in data handling while on the other hand brings a
lot of threat to data misuse or theft to the organization (Galliers and Leidner 2014). For this
purpose eBay follows a formal, brief and high level plan to implement security policies to form
an overall control. It lays out the guidelines of the information resources that the employee needs
to use. Business security and control are the value for the eBay (Laybats and Tredinnick 2016).
On the basis of three guidelines confidentiality, integrity and availability the security
policy is framed in such a manner that the information of an organization like eBay has to be
restricted to access by only its authorized user but not to any outsider or unauthorized person
(Peltier 2016). For example, the customer’s personal information including name, mobile
number, address and bank details has to be restricted to be accessed by any third party. Coming
to the second, integrity of eBay has to be truly represented that was intended. For example, the
deal regarding a purchase of product between the customer and the organization has to be

2
IS SECURITY
integrated rather than the file being corrupt by any of unauthorized person who may delete it or
insert any incorrect information (Von Solms and von Solms 2018). Lastly the availability of the
information is important to prevent any loss of sales or customer. The eBay online retailer
company has to be available to operate its business. Like eBay’s server and website has to be
available throughout the year so that the customers can reach to it anytime.
Information system of eBay is vulnerable to destruction because information system is a
kind of digital data that have a chance of being attacked or harmed by any of the unknown
resources. Even this data are subjected of getting misused, error, fraud and hardware or software
failures. These data are prone to more kinds of threats. It is vulnerable to a system quality
problem because the system and the software gets affected by the hidden bugs that defects the
codes of the data. This affects the data quality problem of eBay by assuming the time taken to
modify the system which becomes tedious and costly to the organization. The threats can be
technical such as unauthorized access to data; communication errors such as tapping, message
alternation, theft and fraud; server issues like, hacking, viruses and worms and the denial of
service (DoS) attacks (Riecker, Thies and Hollick 2014); then system issues such as power
failures, floods and fires or other natural disrupts. The lack of management design of protecting
the data at eBay from being lost can be one of the main issues for misuse of data or falling into
wrong hands. Information system recognizes information but not technology which makes
crucial for the existence of security policies. In order to protect the information system in eBay,
general and application control can be considered such as a framework to control design and
security in the form of a security policy along with hardware, software, administrative, data
security and implementation control. The control of data input, processing and output can
prevent the vulnerability of information of eBay (Laudon and Laudon 2016).

3
IS SECURITY
Conclusion
From the above it can be concluded that the information system of eBay is an essential
and the confidential part of its resource which needs to be maintained and secured for its smooth
operating. There are many threats which can affect the information system in the way if a formal
security policy is not laid in the organization. Threats like loss of data, misuse can occur which
can hamper the working of the organization.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4
IS SECURITY
Reference
Galliers, R.D. and Leidner, D.E. eds., 2014. Strategic information management: challenges and
strategies in managing information systems. Routledge.
Laudon, K.C. and Laudon, J.P., 2016. Management information system. Pearson Education
India.
Laybats, C. and Tredinnick, L., 2016. Information security.
Peltier, T.R., 2016. Information Security Policies, Procedures, and Standards: guidelines for
effective information security management. CRC Press.
Riecker, M., Thies, D. and Hollick, M., 2014, September. Measuring the impact of denial-of-
service attacks on wireless sensor networks. In Local Computer Networks (LCN), 2014 IEEE
39th Conference on (pp. 296-304). IEEE.
Safa, N.S., Von Solms, R. and Furnell, S., 2016. Information security policy compliance model
in organizations. Computers & Security, 56, pp.70-82.
Von Solms, B. and von Solms, R., 2018. Cyber security and information security–what goes
where?. Information & Computer Security, (just-accepted), pp.00-00.