How to Manage your Company when the Hacker Attack
On January 12, 2009, a distributed denial of service led to the shutdown of the iPremier Company, a successful high-end web-based retailer, an attack that began 4:31 AM (Eastern) and then ended suddenly and cryptically at 5:47 AM. As the events were unfolding on the Seattle-based company CIO Bob Turley the person mandated for organizing a response to the trouble, was resting in a New York hotel. He, therefore, had to deal with the condition from afar, through his cell phone. During the 75-minute occurrence, Turley acted together with Jack Samuelson (CEO), Joanne Ripley (operations team leader), Tim Mandel (CTO), Warren Spangler (VP, Business Development), and Peter Stewart (the legal counsel), some of whom came in for the crisis.
Following these events, it is imperative that the company talk to the vendors, public and suppliers about the hacking incidence. The advance will ensure the continuity of the enterprise profits. Honesty is a key component to the growth and development of any organization, and Ipremier being a cutting edge organization should come clean about the events to not only inform its clients but to also enlighten them of the possible impacts because of the hacking. This will enhance the level of the trust in the company by its clients.
The company should tell the clients that after the distributed denial service attack, important information about the clients that of the company staff and the production details of the company was lost. It is also important that the company inform the clients of the measures took to deal completely with the problem (Austin, 2009). The company should instruct its client of the installation of a more sophisticated system that is difficult for the hackers to intrude. The information is important, as it will create more trust in the company management. In addition, the company will ensure the installation of the new anti hacker system soonest possible and that all the clients will be compensated for the lost data or the information after the unfortunate event.
Ipremier Company being an innovative company should disclose the events of hacking through major mediums of communication. Although it is essential that the company management communicate directly to its clients, communication through its official website is vital. This move will ensure that interested parties learn about the events and create assurance of the measures in place to deal with the terrible acts (Austin, 2009). In addition, the company should use daily newspapers, journals, magazines and emails to the shareholders. This will ensure that people learn of the hacking events earliest possible. This process will also ensure that other organizations install better mechanisms to safeguard crucial information.
It is crucial that Ipremier recreate the production site. This contingency plan is to ensure no compromise of the system occurs another time. The plan will also ensure that the clients' details, credit card information does not leak into the wrong hands. Although the main theme is to ensure safety of information, the trust in the company will enhance, as a result.
The hacking of the Ipremier company system will have great impacts on the image and the reputation of the company. Previous incidences of hacking in other organizations led to a drastic fall in the company' share, and Ipremier will not be exceptional. It is, however, important to focus on the management of crisis to ensure the restoration of the picture and honor of the organization after the event.
Although it is the responsibility of the company to ensure safety of clients' information, Ipremier should not accept the responsibility of the security breaches of its competitors. This is because all companies are victims of hacking and, therefore, the hackers should take full responsibility for the loss of data and crucial information from the systems.
Owing to the confidentiality and the importance of the clients and shareholders information, it is necessary for the recreation of the site while in offline mode because customer privacy is a priority to Ipremier (Austin, 2009). Although the clients will face an extra expense for the recreation of the company, it will be important that the client understand the complexity of the matter and the importance of the restoration of credibility to the company. The major step being creation of a more secure site
After the incident, the company should train its IT staff and senior management team to understand that clients' privacy supersedes the need to make profits. The results of the incidence will be lowered company credibility while will down on the clients leading to financial and technical problems. The company should have measures to come up with emergency plans to restore systems should hackers strike again.
Referable to the predisposition of the subject in the public domain, the company operation manager should take the blame for the occurrences contributing to the downing of the company site and system and step aside awaiting further investigations. This is due to the fact similar information on a pending hacking was at her disposal but refused to act on. As the head of the operation, she was also responsible for having an emergency plan to avoid loss of clients' information
The loss of information to the hackers depicts a negative picture of the public about the credibility of a company. Ipremier should come up with emergency plans to ensure safety of members' information and that of the company. Consequently, the company should train it management on better IT skills besides creating a sophisticated system to ensure safety of clients' information, in addition to keeping hackers at bay.
Top of Form
Austin, R. D., Short, J. C., & Harvard University. (2009). iPremier: Denial of service damage (visual narrative version). Boston, Harvard School of Business Pub.