Kudler Fine Foods SR=kf-013
October 3, 2013
Kudler Fine Foods SR-kf-013
Kudler Fine Foods is considering incorporating a Frequent Shopper Program (FSP) that will reward loyal customers of the company. The scope of the FSP will allow loyal customers to earn points that they can use to purchase such things as airline tickets, special gifts and even Kudler’s specialty food items. This program will be incorporated by the Sales & Marketing team, and they will also handle all legal, ethical and security issues that may occur. This program will benefit the company in several ways. First it will allow the customers that are loyal to our product to receive ...view middle of the document...
The need for training in most of these laws and regulations should be conducted by all employees.
When considering the ethical aspects, Kudler should consider incorporating some type of Fair Use Agreement (FUA) which would keep any type of unethical behavior from occurring in the exchange of private information over the internet. This would also include training on the ethical standards and laws that all employees are expected to follow. The average shopper does not have an issue with shopping online when they are assured that the information they are releasing is safe and secure. This new endeavor will not only benefit the company but the customer as well. When considering the fines and penalties that may occur when not following federal guidelines, an employee will be charged with a misdemeanor and could expect to pay a fine up to $5,000.
Information Security Concerns
The security concerns of this project should be focused on the C.I.A of security, which are Confidentiality, Integrity, and Availability. Confidentiality refers to making information available to those who are authorized to access it. Integrity is assuring that all data sent is received in the same manner. Availability refers to keeping information accessible to anyone who is authorized to use it. This is done by incorporating numerous types of security levels. Some things to consider are firewalls such as a Demilitarized Zone (DMZ). A DMZ basically separates the online servers from all other servers in the company by placing them between two separate firewalls. This would reduce the chances of being compromised greatly. See fig 1 below.
Figure [ 1 ] DMZ
Another aspect that should be considered is the use of encryption such as Kerberos. This comes in several different classes. These classes are DES, 3DES, RC4, and AES. These encryptions range 56 bit (DES) up to 256 bit encryption (AES)....