Recap...
“In A Bind” is an interactive site that searches the web for the cheapest prices on your textbooks based on the information that you give it about your classes. Once you've picked everything you need, you can purchase or rent the books and we'll ship them right to your doorstep.
The Bare Minimum
Whenever I put my information on the Internet, I am always a little bit apprehensive. In today's day and age, it's very easy for someone to steal your information from a website that you've ordered from and once they have it, who knows what they'll do with it. So one policy that I would put into effect is the Bare Minimum Policy. It basically means that for the sake of our customers, if we don't need the information, we won't ask you for it. We won't ask for your telephone number, SSN, or anything that could lead someone directly to your personal information. We know that there will be some people who, after they sell back a textbook, might want us to use direct deposit to pay them, but we will not accept anyone’s' personal account numbers. Instead, we'll partner up with a service like Pay Pal so that our customers can receive their money in a timely manner without having to sign their life away.
M.I.B
One thing that I want to have in my company is a special team that works solely on computer forensics. With spam popping up in the most unpredictable places and people creating countless amounts of fake profiles, I want to make sure that my customers are as secure as possible. The main job of this team would be to constantly monitor the actions of profiles to see if they are actually active or not. There will be a feature where my members can message each other through the website to talk about classes they've taken and to discuss whether or not you actually need the book. So if someone receives some spam in their mailbox thinking that it's a message from an actual person, all they have to do is hit a button the message page that will say report it as spam and the forensics team will dismantle the profile that sent out the message. The team will also do routine security sweeps at least once a week just to make sure that everything is in tip top shape.
Security Breach
In mid-January, Zappos.com was hacked and the information of over 24 million of their customers was taken. In order to combat the problem, Zappos asked its users to change their password information and teaching their customer service representatives how to deal with the slew of inquiries they were going to receive via phone and email. This attack on Zappos gave me the idea to have a password update made mandatory for all of my customers. I will have them update their password at the end of every academic semester to make it a little bit harder for hackers to be able to steal any information. If for some reason there is still a security breach and information is taken like there was a few weeks ago on Zappos.com, our site is willing to take no chances with our customer’s information. Our site will shut down for a few days (maybe even a week) until we can figure out what happened. The forensics team will check every single profile to find the source of the stolen information (if possible) and then do everything possible to get the site running. Once the site is up and running again, we will ask our customers to verify who they are through a series of security questions and then to change their password immediately.



No comments:
Post a Comment