Assessing the Zappos’ Security Breach 5 pages

Zappo’s Security Breach

Zappos’ Security Breach

Don't use plagiarized sources. Get Your Custom Essay on
Assessing the Zappos’ Security Breach 5 pages
Just from $13/Page
Order Essay

Assessing the Zappos’ Security Breach:

Lessons Learned for Making eCommerce More Secure

In the first month of this year, 2012, online shoe retailer Zappos’ now a business unit of Amazon, experienced a security breach that was initiated from a distribution center located in Kentucky. The nature of the breach shows how vulnerable the retailer’s systems are to employees who choose to break in and attempt successfully to gain access to customer records. It also showed how vulnerable the entire e-commerce system is attacks originating from internal servers. The hacker, an employee, gained access to over 24 million and Zappos’ customer records. Despite having sophisticated 128-bit encryption on these systems, the hacker was able to bypass internal systems with knowledge of how the distribution center staff had constructed firewalls and password conventions. The last four digits of the customers’ credit cards were taken, their names, addresses, complete customer histories and approval credit limits of they had obtained credit cards (Letzing, 2012). The security systems had not been upgraded since 2010 when Zappos had been purchased for $800 million by and made a core part of the overall company network (Hsieh, 2010). As Zappos’ had superior technologies for logistics planning and execution, supply chain planning and execution, and the ability to orchestrate fulfillment with 3rd party logistics providers, Jeff Bezos made the decision to standardize on Zappos’ technologies and websites (McDonald, 2011). Zappos’ had also created a unique series of technologies that allowed for consumers to inspect entire series of items online and evaluate how they will look in them (Tsuruoka, 2012). Zappos’ had also created an entire corporate culture predicated on delivering exceptionally positive, memorable experiences for anyone purchasing online from them, empowering customer service teams to do whatever it could within the boundaries of profitability and legality to exceed customers’ expectations (Tsuruoka, 2012). The theft of 24 million records was even more surprising given how strong of a culture the company has, one known for promoting worker autonomy and giving them as much freedom as they need to do their jobs (Shine, 2012). The theft had been motivated by the potential to sell the names on the black market for tens of thousands of dollars, a temptation even the relatively well-paid employees of could not pass up (Letzing, 2012). The breach was discovered within the Amazon Web Services (AWS) team’s audits were completed of transactions across all subsidiaries, including a reconciliation of accesses by role (Letzing, 2012). If Amazon was not able to track the access points and roles of associates looking at data online, chances are this breach would have not been fully found. Given the highly analytical nature of the culture within the AWS business unit, the discovery and reaction to the breach within hours highlights why e-commerce companies need to consider partnering with cloud platform providers for the long-term (Tsuruoka, 2012). If Zappos’ had been in the position of hosting their own website and relying on their own infrastructure, the breach may potentially have never found to the extent to which it happened (Letzing, 2012).

Evaluating Zappos’ eCommerce and Web Presence

Zappo’s strives to create a highly unique customer experience via its website and the many subsections, informational areas, catalog and online ordering applications. The founder and CEO of Zappos’ believes that every aspect of their e-commerce systems, platforms and technologies all need to unify and strengthen the customer experience and create interest and enthusiasm for products (Hsieh, 2010). This unifying of technologies to create a common and convincing experience for customers dominates the founder’s thinking and approach to constructing new promotions and introducing new product lines into the Zappos’ product line (Hsieh, 2010).

The four areas of corporate contact information, customization of products for customers both online and through post-sales processes, support for customer information at purchase and product information are designed on the Zappos’ website to enable the customer to selectively define their own approach to learning and buying. Zappos’ realizes that each of their customer segments have a different approach to navigating across these four areas, often using them in varying ways depending on the products of interest (Hsieh, 2010). Men also have significantly different approaches to navigating these four areas and often compress the time spent on support and product information, moving more rapidly through transactions. Women and families when shopping together however rely on the more integrated nature of these four sections of the website, often evaluating specific products and their look using the advanced catalog features that Zappos’ invented and has a patent on (McDonald, 2011).

The security model for these four locations on the website are all unified in a common security architecture that ensure single sign-on and the use of authentication to the user account level in real-time (Shine, 2012). This enterprise-wide content management system tracks history by item, by application and also stores all previous purchases, often providing recommendations for future products based on what had been bought previously (Tsuruoka, 2012). While many websites have these four sections or subsegments, only Zappos’ has created a unified experience using security to unify personalization across each, down to the ability to track shipments in real-time (McDonald, 2011). Zappos has experimented with customizing products within the limits of their supplier’s manufacturing capabilities and has run test campaigns that allow customers to choose a broader range of options. This strategy is often referred to as build-to-order (BTO) as the product is created to the specific needs and preferences of the customer (McDonald, 2011). Zappos’ also can personalize the pages of each of these four areas, further delivering a highly unique, differentiated shopping experience to their customers as well. All of these factors taken together create a unified customer experience that stays aligned with how customers are also changing how they choose to learn about and buy products. The focus on how to create an effective overall strategy is predicated heavily on the use of analytics across contact information, customization of products, specific locational information and streamlining the purchasing process itself (McDonald, 2011).

Analysis of Zappos’ Competitive Advantages and Marketing Strategies

With Memorial Day this weekend (May 23rd) the front page of the Zappos’ site is dedicated to a holiday sale, with small catalysts also promoting Clearance Swimwear and Clearance Sandals. Zappos’ has also created a series of sliders on their site that take the visitor and customer to specific sale areas as well. All are brightly decorated and clearly designed to evoke activity immediately. There are also multiple areas to opt into the site for specials and for providing additional information to the company to get newsletters and coupons. As Zappos’ is the world’s leading investor in social Customer Relationship Management (CRM) systems and uses analytics heavily to gain greater insights into customer behavior, it is apparent the site is designed for quickly launching and managing promotional campaigns (Hsieh, 2010). What makes Zappos’ unique is that all of the various sales and program items lead to a common series of purchasing screens that vary by interest area and previous purchasing (McDonald, 2011).. The actual check-out process is defined and guided by the personalization history and logic created by the e-commerce platform itself.

Analysis of Zappos’ Security and Privacy Strategies

Up until the breach, Zappos’ security strategies were based on relatively simple 128-bit encryption that ensured their databases could not be hacked from within a browser session. Based on the analysis completed by AWS when running periodic audits of customer records access, it was determined that the hackers, who were Amazon employees working in the distribution center, had gained access using key logger software (Letzing, 2012). To defeat this potential threat in the future, the logins and password for all systems in the warehouse were changed and authentication to just the work area of the center was changed (Tsuruoka, 2012). Today only a General Manager of a distribution center can gain access to the databases where customer records are kept and only by role access privileges can they even see them, which were a requirement of customers who were outraged by the breach (Shine, 2012).

Providing Greater Security for Customers: Two Alternatives

The most effective security strategy Amazon can take in light of the breach of their confidential data from internally is defining more rigorous role-based authentication to the data level. This would alleviate the threat of anyone in the warehouse hacking into the data sets, and would even require multiple access privileges to even see customer data (McDonald, 2011). The technologies behind these authentication techniques would also audit and report any and all potential hacking attempts including those that are unsuccessful. As second approach to minimizing threats is to completely redefine the underlying security architecture, forcing authentication through standardized security protocols, and changing the level of security layers to ensure more effective blocking of hacking attempts. The use of constraint-based technologies to capture potential hacking threats and reroute them off the site, blocking all access, is also an option (McDonald, 2011).


Hsieh, T. (2010, Zappos CEO on going to extremes for customers. Harvard Business Review, 88(7)

Letzing, J. (2012, Jan 16). Zappos says customer database hacked. Wall Street Journal (Online)

McDonald, S. (2011). Delivering happiness: A path to profits, passion and purpose. American Economist, 56(1), 127-128.

Shine, C. (2012, Jan 18). Zappos customers express anger, support, and frustration over security breach. McClatchy – Tribune Business News, pp. n/a.

Tsuruoka, D. (2012, Apr 03). Zappos breach a harbinger of more threats? layered defense key rising sophistication of professional hackers tests website security. Investors Business Daily, pp. A04.

What Will You Get?

We provide professional writing services to help you score straight A’s by submitting custom written assignments that mirror your guidelines.

Premium Quality

Get result-oriented writing and never worry about grades anymore. We follow the highest quality standards to make sure that you get perfect assignments.

Experienced Writers

Our writers have experience in dealing with papers of every educational level. You can surely rely on the expertise of our qualified professionals.

On-Time Delivery

Your deadline is our threshold for success and we take it very seriously. We make sure you receive your papers before your predefined time.

24/7 Customer Support

Someone from our customer support team is always here to respond to your questions. So, hit us up if you have got any ambiguity or concern.

Complete Confidentiality

Sit back and relax while we help you out with writing your papers. We have an ultimate policy for keeping your personal and order-related details a secret.

Authentic Sources

We assure you that your document will be thoroughly checked for plagiarism and grammatical errors as we use highly authentic and licit sources.

Moneyback Guarantee

Still reluctant about placing an order? Our 100% Moneyback Guarantee backs you up on rare occasions where you aren’t satisfied with the writing.

Order Tracking

You don’t have to wait for an update for hours; you can track the progress of your order any time you want. We share the status after each step.


Areas of Expertise

Although you can leverage our expertise for any writing task, we have a knack for creating flawless papers for the following document types.

Areas of Expertise

Although you can leverage our expertise for any writing task, we have a knack for creating flawless papers for the following document types.


Trusted Partner of 9650+ Students for Writing

From brainstorming your paper's outline to perfecting its grammar, we perform every step carefully to make your paper worthy of A grade.

Preferred Writer

Hire your preferred writer anytime. Simply specify if you want your preferred expert to write your paper and we’ll make that happen.

Grammar Check Report

Get an elaborate and authentic grammar check report with your work to have the grammar goodness sealed in your document.

One Page Summary

You can purchase this feature if you want our writers to sum up your paper in the form of a concise and well-articulated summary.

Plagiarism Report

You don’t have to worry about plagiarism anymore. Get a plagiarism report to certify the uniqueness of your work.

Free Features $66FREE

  • Most Qualified Writer $10FREE
  • Plagiarism Scan Report $10FREE
  • Unlimited Revisions $08FREE
  • Paper Formatting $05FREE
  • Cover Page $05FREE
  • Referencing & Bibliography $10FREE
  • Dedicated User Area $08FREE
  • 24/7 Order Tracking $05FREE
  • Periodic Email Alerts $05FREE

Our Services

Join us for the best experience while seeking writing assistance in your college life. A good grade is all you need to boost up your academic excellence and we are all about it.

  • On-time Delivery
  • 24/7 Order Tracking
  • Access to Authentic Sources
Academic Writing

We create perfect papers according to the guidelines.

Professional Editing

We seamlessly edit out errors from your papers.

Thorough Proofreading

We thoroughly read your final draft to identify errors.


Delegate Your Challenging Writing Tasks to Experienced Professionals

Work with ultimate peace of mind because we ensure that your academic work is our responsibility and your grades are a top concern for us!

Check Out Our Sample Work

Dedication. Quality. Commitment. Punctuality

All samples
Thesis/Thesis chapter
Research paper
Essay (any type)
creating a Code of Conduct
View this sample
Research paper
Week 1 Journal Assignment
Undergrad. (yrs 3-4)
Human Resources Management (HRM)
View this sample
Research paper
Cultural Intelligence Presentation
View this sample
Research paper
Communicable Disease
View this sample
Research paper
Mental health
View this sample
Essay (any type)
Personalized Glossary of Research and Assessment Terms
View this sample

It May Not Be Much, but It’s Honest Work!

Here is what we have achieved so far. These numbers are evidence that we go the extra mile to make your college journey successful.


Happy Clients


Words Written This Week


Ongoing Orders


Customer Satisfaction Rate

Process as Fine as Brewed Coffee

We have the most intuitive and minimalistic process so that you can easily place an order. Just follow a few steps to unlock success.

See How We Helped 9000+ Students Achieve Success


We Analyze Your Problem and Offer Customized Writing

We understand your guidelines first before delivering any writing service. You can discuss your writing needs and we will have them evaluated by our dedicated team.

  • Clear elicitation of your requirements.
  • Customized writing as per your needs.

We Mirror Your Guidelines to Deliver Quality Services

We write your papers in a standardized way. We complete your work in such a way that it turns out to be a perfect description of your guidelines.

  • Proactive analysis of your writing.
  • Active communication to understand requirements.

We Handle Your Writing Tasks to Ensure Excellent Grades

We promise you excellent grades and academic excellence that you always longed for. Our writers stay in touch with you via email.

  • Thorough research and analysis for every order.
  • Deliverance of reliable writing service to improve your grades.
Place an Order Start Chat Now