Answer To: CIS8018 – Cyber Security Semester 2, 2020 Page 1 of 3 Research paper 1 Due date: 25 August 2020...
Dilpreet answered on Aug 22 2021
CRITICAL ANALYSIS OF THE MANAGEMENT OF INFORMATION SECURITY BY AMAZON
Abstract
The assets owned by an organisation are all based on the information the organisation has gathered and analysed. Information can be thought of as the foundation of the organisations. as the organisations now depend a lot on the internet for performing their operations, they need to focus immensely on the security of the information they possess. This report will critically analyse the management of information security by e-commerce giant Amazon. Through this report the information security policies and strategic planning for security of Amazon will be discussed. The report will also shed some light on the information laws and ethics being followed by the organisation.
Table of Contents
Introduction 4
Background of the Company 4
Management of Information Security 4
Information Security Policies of Amazon 6
Amazon’s Strategic Planning for Security 8
Laws and Ethics Followed by Amazon 9
Recommendations 10
Conclusion 10
References 11
Appendix 12
Introduction
Information can be thought of as the foundation of the organisations. The assets owned by an organisation are all based on the information the organisation has gathered and analysed. With advancements in digital technologies and increased usage of internet, it has become quite a challenging task for business organisations all around the globe to effectively manage the voluminous information that flows in and out the organisation. Moreover, as the organisations now depend a lot on the internet for performing their operations, they need to focus immensely on the security of the information they possess. This report will critically analyse the management of information security by e-commerce giant Amazon. Through this report the information security policies and strategic planning for security of Amazon will be discussed. The report will also shed some light on the information laws and ethics being followed by the organisation.
Background of the Company
Amazon was founded in the year 1994 by Jeff Bezos in Washington. The company, which started as an online marketplace for selling books to sell software, clothes, food, electronic products, furniture, toys, jewellery and what not. The company managed to grow sustainably and has turned out to be the largest internet company of the world by revenue. The business operations of Amazon are focused towards cloud computing, digital streaming, artificial intelligence and e-commerce. Amazon has been making use of a number of information systems for internet activity. The company has been investing a handsome amount on the development of a new system in order to improve the security of the information and associated systems owned by the organisation.
Management of Information Security
With the voluminous inflow and outflow of information, a number of business organisations have started focusing on the security of the information they own. Information system deployed by Amazon has been enabling this organisation to store and transport information from one business unit to the other business unit. Most of the managers within the organisation are of the opinion that the nature of information security is very critical and it acts as vehicle, by which the information assets owned by the organisation is being secured (Safa, Von Solms and Furnell, 2016). In order to manage the security of the information owned solely by Amazon, the company has spent nearly $200 million dollars on its new system. Amazon primarily uses DBMS from oracle. In addition to this, Amazon has a professionally managed information security team, which works in coordination to protect the information assets owned by Amazon.
The high-level management of Amazon is of the opinion that decisions related to information security must involve experts in the field of information security, expert form the field of information technology and people who have a stake in the information owned by the organisation. Amazon ensures that the information it collects from its customers during a number of transmissions and transactions is protected through encryption protocols and software. The personal information of the users and customers that Amazon gathers is used for operating, providing, developing and improving the products and services that Amazon offers to its customers. The company ensures that under no circumstances shall the information gained must be used for unethical purposes. The organisation also ensures that its website and order fulfilment systems are separate in order to improve the security of the information being gained.
Amazon allows its users to choose, what information will they like to be shared with the organisation. The company incorporates a number of security features that are used for the purpose of improving the information security by avoiding unauthorised access. Amazon has been acting quite sensitively, when it comes to protecting the bank, credit and debit card data of its customers. Payment Card Industry Data Security Standard (PCI DSS) is used by the organisation to manage the information security while handling online transactions (Amazon, 2020). To manage the security of the information further, this e-commerce giant maintains electronic, procedural and physical safeguards while collecting, storing and managing the sensitive information owned by the company. The Amazon devices inbuilt security features that help to ensure that unauthorised access and loss of data can be avoided.
As far as Amazon Web Services (AWS) are to be considered, these services make sure that information is being safeguarded to win the trust of the customers. AWS gives its customers with control and ownership over the content through powerful tools, which provide the customer with enough information about the storage and security of the contents whether it is being stored at a place or it is in the transit stage. Moreover, technical and physical controls are being implemented to prevent unauthorised access or disclosure of the valuable information and content. Amazon has been managing the security of the information by making use of strong encryption. It also provides its users using the services...