Corrupted Member Data

Member data must be protected from unauthorized outside access. If your site security is breached your member file may be vulnerable in multiple ways. If it can be changed by unauthorized users, the results are likely to be similar to other unauthorized changes to information on your site. It could be embarrassing because wrong information is presented or member access might be denied because members cannot be authenticated against the altered data.

It might be worse if the changed data were actually part of your central member database. As long as adequate backups are maintained, losing the entire member file on the web site or even a central database accessible to the web site would not likely be more than a significant nuisance.

If the web site has direct update access to the central member database or collects data that is subsequently merged into the central member database, problems much worse than losing the entire member file are possible. Among the most damaging would be the introduction of widespread data changes, either pseudo random or systematic, scattered throughout the member database. If member data is updatable either directly or indirectly from the web, then such changes might be perpetrated by a skilled cracker. Correcting such damage could be very costly depending on how long the damage went undetected and how extensive the damage is.

Unless the damage is detected almost immediately, it would not be feasible to restore data from backups. If the damage were undetected more than a few days it would almost certainly be necessary to develop custom programs that compared current data to backups that were known to be prior to the damage and then manually correct improperly changed data. Recourse to paper documents or other records outside the system might be necessary.

Top of Page - Site Map

Copyright © 2000 - 2014 by George Shaffer. This material may be distributed only subject to the terms and conditions set forth in https://geodsoft.com/terms.htm (or https://geodsoft.com/cgi-bin/terms.pl). These terms are subject to change. Distribution is subject to the current terms, or at the choice of the distributor, those in an earlier, digitally signed electronic copy of https://geodsoft.com/terms.htm (or cgi-bin/terms.pl) from the time of the distribution. Distribution of substantively modified versions of GeodSoft content is prohibited without the explicit written permission of George Shaffer. Distribution of the work or derivatives of the work, in whole or in part, for commercial purposes is prohibited unless prior written permission is obtained from George Shaffer. Distribution in accordance with these terms, for unrestricted and uncompensated public access, non profit, or internal company use is allowed.