Answers

1. Recently, thousands of customer records containing sensitive information were view able on popular e-commerce sites. The records could be accessed and downloaded by anyone using a standard Web browser. No sophisticated hacking tools or programming knowledge was required. Many security experts think that consumer records are not properly protected on a significant number of Web sites.

a. (2 points) Identify two sensitive fields, other than those containing personal information, in a customer record which could possibly be viewed due to this security error.

People could view your credit information like activation code and expiration date and people could see your purchase history.

b. (4 points) Explain two ways in which such a security error could occur.

1) Servers normally include a FTP server. The web site manager could have set up the ftp server without deactivating the anonymous login. This would allow anyone to log in using FTP and download the files with the customer information.

2) Or, the database could be stored in a directory that is readable using HTTP. There would be no link to the page directly but a user could accidentally type in the web address of a sensitive directory and see the files which they could download without following a link.

c. (4 points) Explain two reasons why large retail stores are diversifying into e-commerce.

1) People find shopping online to be convenient. Online companies like amazon.com are cutting into traditional retail stores’ business. If they don’t diversify into selling online they could loose a lot of customers. But by offering their merchandise online stores can leverage their existing distribution and management systems to efficiently sell online and very likely undercut the new dot-com upstarts to maintain their market share. Many stores like Office Depot and Sears allow you to buy online and pick up the merchandise at their stores so you have the convenience of using an online search tool to find your product without the delay normally associated with delivery of the product.

2) A second reason for traditional stores to go online would be to diversify their product lines. Retailers can test new products online before incurring the huge cost of rolling out a product to all of their stores. If that product does not do well they have lost all of the investment in distributing and stocking the product in the stores while it has taken up valuable floor space. Retailers have to make hard decisions about what to sell due to limited amount of space in their stores. With online stores, the floor space is infinite. They can sell all kinds of products with much less overhead (possibly not even stocking it in their own warehouses). If the product does well, they can roll it out to their stores.

d. (10 points) Discuss three reasons why many online companies have failed.

When online companies starting being the big thing in the 90’s everyone wanted to invest in them and make a big profit. People saw others becoming millionaires and wanted to do the same. This did two things, first it made the stock prices soar so more people wanted to join in the act, and two it gave small companies a ridiculous amount of money to spend. Well the bubble had to burst, and it did. The companies failed because people finally realized that most were not making any money and would probably not do so soon. Why could they not make money?

1) The online companies where spending money as fast as they could since they had so much from the stocks. But money was not always spent wisely. Because there was such an explosive growth of these companies there were not enough qualified IT professionals to hire. Online companies were forced to hirer incompetent people at very expensive salaries. There is no way many companies could sell enough product or advertisements to cover the salaries. Remember that the majority of Americans were not online at the time. Their potential number of customers was quite small. Advertising on the web was not yet proven effective. Most of the selling of advertisements went to other online companies so the money was going around in circles.

2) Even if the company had a great product that was selling well many did not think about how they would fulfill the orders. All the emphasis was placed on the web site like the merchandise would magically transport itself. The companies who were successful and got many orders often fell behind on delivery and customers got mad. Meanwhile, traditional retailers with stores or catalog companies had an existing infrastructure that could meet the demand. As soon as companies like Sears, Eddy Bauer, Borders Books caught up and made their own web sites the upstart dotcoms were doomed.

3) And finally there were just too many new online companies that did not have an original idea or a justification for being online. For example, selling wedding cakes online might have sounded like a good idea, but do future brides really want to buy their cakes online? How could they trust this company? Many transactions are done better in the real world. On the other hand, things that can be sold online were already being sold by catalog. There is not a big difference. Once the catalog retailers figured this out they could create their own web site. With so many new web sites with nothing to set them apart it was inevitable that many would fail. Those who survived did so the way all good companies do: great organization, efficiency, branding, and luck.