Page 313 - Using MIS
P. 313
system users compete, they may have an incentive not to fol- The downside of Mt. Gox was that its very nature made
low the compensating procedures. it a perfect target. It was centrally located and accessible from
PRIDE’s use of the cloud brings up another important anywhere, and it had a very large sum of money that could be
security concern, one that exists at both the enterprise and electronically stolen. Hackers from around the world would
inter-enterprise levels: How secure is the cloud vendor? never stop trying to steal from Mt. Gox. Gold is hard to steal
The more important the information you store, the more because it’s so heavy. But bits are light and easy to transport.
attractive a target you become for attackers. The simplest Healthcare records, personal identities, financial records, and
example of this comes in the form of bitcoins. credit card information are all in digital form now, too.
In February 2014, Mt. Gox, the largest bitcoin exchange The fall of Mt. Gox should cause one to wonder about
at the time, lost about 850,000 bitcoins valued at $460 the security of cloud storage. Most of the time, we don’t
4
million. Mt. Gox declared bankruptcy and wouldn’t, or even know the physical location of cloud data, let alone how
couldn’t, explain where all the bitcoins and cash had gone. well the data center is secured, who works there, what pro-
Essentially, bitcoins represented a large cloud-based mon- cedures and policies are in place, and so on. We will return
etary system that was supposed to replace national curren- to this question in Chapter 10; for now, just understand that
cies. It was, and still could be, a revolutionary idea. this issue exists.
DisCussion Questions
1. Summarize why security risk is higher for integrated da- “Our system’s security ensures that no one can see your
tabases than for information silos. Describe a factor that clients’ data.” How do you respond?
can compensate for this increased risk. 6. Suppose the salesperson in question 5 says, “Only oth-
2. Using PRIDE as an example, explain how users’ incen- ers who are coaching the same clients as you can see
tives to protect data differ between an enterprise sys- your client data.” How can you verify the truth of this
tem and an inter-enterprise system. How does the use statement?
of security procedures differ between the two types of 7. Suppose that a personal trainer at a health club uses a
system? trivial password, such as dog. One of that health club’s
3. Suppose you are a health club owner and you are ap- members watches the personal trainer sign in, obtains
proached by a PRIDE salesperson who says, “The PRIDE that password, and later steals all of the data on the cli-
database is located in an XYZ cloud facility,” where ents who use that club.
XYZ is the name of a large, reputable company, such a. Who is responsible for the data theft?
as Amazon, Oracle, Microsoft, or IBM. You ask about b. How do you respond if you are the personal trainer
data security, and the salesperson says, “You and I don’t using the trivial password?
know anything about their security, but it has to be c. If you are the club owner, how will you likely learn
better than the security you have on that server you’re about this theft? How do you respond when you do
operating in the closet down the hallway.” How do you learn of it?
respond? d. If you are a participating healthcare provider, how
4. If you were a personal trainer at a health club, explain will you likely learn about this theft? How do you re-
the value to you of having competitors’ data about cli- spond when you do learn of it?
ents you share. Explain the value to you of obtaining, if e. If you are a client who is using this system, whom do
you can, data about competitors’ PRIDE clients who you you hold accountable, and why?
have never trained. 8. Where was Mt. Gox physically located? Is the physical
5. Suppose you are a personal trainer at a health club and location of where your data is being stored important?
you are approached by a PRIDE salesperson who says, Why or why not?
4 Robert McMillian, “The Inside Story of Mt. Gox, Bitcoin’s $460 Million Disaster,” Wired, March 3, 2014, accessed June 2, 2014, www.wired.com/
2014/03/bitcoin-exchange.
281
