Weaknesses Of Choicepoint Information Security Management Practices

1522 Words7 Pages
Question 1. What weaknesses in ChoicePoint Information Security Management practices likely contributed to their data breach? Please explain how they contributed and what Choice Point could do to strengthen these areas.
Answer: From the beginning, ChoicePoint took steps to protect its data from risks such as theft, computer hacking, and misuse. Its facilities were outfitted with numerous security cameras, and all visitors were required to be photographed. Employees had to use ID cards, personal access codes, and handprint scans to enter the building housing the main databases. However these steps were not able to stop the data breach. The reasons could be as follows:
• Primary reasoning for the data breach could be contributed to the fact that ChoicePoint did not have any clear policy for customer credential enquiry process. As a result frauds could easily create false IDs and have access to the data.
• Lack of policy contributed to an unclear re credential process. As a result there was no defined dos and don’ts for investigating officials of ChoicePoint . This allowed the frauds to bypass and in some cases go through the system undetected.
• Lack of liaison to law enforcement officials.
• Proper channel of communication between various levels
The solutions are as follows:
• Strengthening the customer credentialing process by either requiring bank references in connection with an application or conducting on-site visits to small-business applicants before allowing them to
Get Access