Page 356 -
P. 356
Chapter 8 Securing Information Systems 355
Andre Joubert, general manager of MWEB Sources: “2010 MyBroadband Awards: The Winners and Losers,”
Business, emphasized that only ADSL authentica- MyBroadband, October 19, 2010 (http://mybroadband.co.za/
news/ broadband/15951-2010-MyBroadband-Awards-The-winners-
tion usernames and passwords had been compro- andlosers. html, accessed November 17, 2010); “About MWEB,”
mised. The integrity of the personal or private data MWEB (www.mweb.co.za/productspricing/MWEBBusiness/
related to the accounts remained intact, as did the AboutMWEBB usiness.aspx, accessed November 17, 2010); “Hackers
Target MWEB,” NewsTime, October 25, 2010 (www.newstime.
access credentials for each customer’s bundled onsite
co.za/ ScienceandTech/Hackers_Target_M-Web/13618/, accessed
router. Joubert did acknowledge the seriousness November 17, 2010); “MWEB Business Tackles ‘ADSL Hacking’
of the hack, apologizing for any inconvenience the Incident,” MyBroadband, October 25, 2010 (http://mybroadband.
co.za/news/adsl/16077-MWEB-Businesstackles- ADSL-hacking-
breach may have caused to MWEB’s customers. As
incident.html, accessed November 17, 2010); “MWEB Business
soon as the breach was identified, MWEB took imme- Takes Action in ‘Hacking’ Incident,” Moneyweb, October 25, 2010
diate action to evaluate the extent of the breach and (www.moneyweb.co.za/mw/view/mw/en/ page295027?oid=5
to limit any damage. In MWEB’s defense, Jansen said 12545&sn=2009+Detail&pid=287226, accessed November 17,
2010); “MWeb hacked, users’ details exposed,” TechCentral, October
that MWEB constantly advises its customers to be 26, 2010 (www.techcentral.co.za/mwebhacked- users-details-
vigilant regarding their online data and security. In exposed/18366/, accessed November 17, 2010).
addition, MWEB was working closely with Internet
Solutions to investigate the nature and source of the Case contributed by Upasana Singh, University of
breach to ensure that it does not happen again. KwaZulu-Natal
CASE STUDY QUESTIONS
1. What technology issues led to the security breach 3. If you were an MWEB customer, would you con-
at MWEB? sider MWEB’s response to the security breach to
be acceptable? Why or why not?
2. What is the possible business impact of this secu-
rity breach for both MWEB and its customers? 4. What should MWEB do in the future to avoid
similar incidents?
of software metrics include the number of transactions that can be processed
in a specified unit of time, online response time, the number of payroll checks
printed per hour, and the number of known bugs per hundred lines of program
code. For metrics to be successful, they must be carefully designed, formal,
objective, and used consistently.
Early, regular, and thorough testing will contribute significantly to system
quality. Many view testing as a way to prove the correctness of work they have
done. In fact, we know that all sizable software is riddled with errors, and we
must test to uncover these errors.
Good testing begins before a software program is even written by using a
walkthrough—a review of a specification or design document by a small group
of people carefully selected based on the skills needed for the particular
objectives being tested. Once developers start writing software programs, coding
walkthroughs also can be used to review program code. However, code must be
tested by computer runs. When errors are discovered, the source is found and
eliminated through a process called debugging. You can find out more about the
various stages of testing required to put an information system into operation
MIS_13_Ch_08 Global.indd 355 1/17/2013 3:10:24 PM
