100%(1)1 out of 1 people found this document helpful
This preview shows page 1 - 3 out of 9 pages.
Acquisition Risk AnalysisKyrstin MurphyUniversity of Maryland Global CampusFebruary 16, 2020
2IntroductionAmazon began as an online bookstore in 1995 and has expanded over the years to the colossal multi-billion-dollar corporation that it is today. Amazon has a variety of products and services they offer. One ofits most widely known services is the marketplace they provide for consumers, sellers, and contentcreators alike. They have become the ultimate center for selling products over the web. With all the addedplatforms Amazon allows third parties to create and gain profit from, it has become a software developersplayground. Amazon enables retailers to rent spaces and sell their products, similar to how individualthird-party sellers would. Small sellers can utilize Amazon Marketplace, Amazon zShops, AmazonAdvantage, or Amazon Auctions to sell their products; each has its features.Each service or platformearns the company a certain percentage in commissions. They were even selling their advanced e-Commerce platforms to improve other businesses, Amazon Service. Amazon became a dominant serviceprovider, Amazon Web Services (AWS). It also expanded into providing entertainment in the forms formof video and music streaming, such as Prime Video and Amazon Music. Once only an online bookstore,Amazon expanded and branched out far and wide to multiple various aspects. Who knows what's next forthem?Security is a significant concern for Amazon due to the amount of sensitive information it possesses.This information ranges from the customer's personal information to all the platforms Amazon has andany third-party data. While Amazon has strong Cyber Security in place, there are still risks that Amazonneeds to address. Some of the e-commerce risks that need to improve security include:Man-in-the-middle attacks occur when SSL isn't implemented throughout the company's website.The customer passes from an encrypted area to a non-encrypted site, leaving a customervulnerable to an attack.Cross-site scripting (XXS) attack occurs when Malware initiates an attack to exploit any cookievulnerabilities and impersonate a customer.Domain Name System (DNS) hacks occur when a user is directed to a dummy page that tricks theuser into entering credentials, exposing their sensitive information.Email Spoofing attacks occur when a malicious source tries to impersonate the company by usinga false header to appear as part of the company.For Amazon to improve their security or eliminate these risks, there needs to be a few changes.Amazon can make these changes by purchasing and implementing new products, services, and evenchanges in the security procedures that are already in place. To mitigate Amazon's risk of a possible man-in-the-middle attack, due to not implementing Secure Socket Layer (SSL) throughout the entirety of theirwebsite, the company would need to obtain an SSL certification. An Extended Validation SSL