Essay Sample on American Express App

Introduction

American express app also branded as American Express Company is an electronic payment that issues and processes prepaid debit cards, credit cards, and charges. The American Express Company offers rewards to credit and charge card users as of travel perks and points. Prepaid debit cards can be used as reloadable payment cards or gift cards. The cards are available for use to small business, individuals and corporate consumers around the world.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Order now

The app requires permission to obtain information about the device that the customer uses to access American Express App or browse the company's websites. This information includes the device operating system and browser version, the IP address, browsing history, location of the mobile device that is used to access the application, viewed ads and online contents, possible associations with other devices and browsers, customers' app use and browsing activities, customer information from third-party apps and platforms.

Access to IP address and other IP address related information such as geographical location enables the company to make delivery of purchased products and services. The IP address is used for recognition of customers whenever they log in to the company websites or use apps. The location permission in the apps helps the company to offer location-based services that customers request. Therefore, access to IP address and location is necessary. The information on online content and ads viewed are used by the company to advertise and market their products and services. The ads information enables the company to tailor advertisements and online information according to the customers' interests. By obtaining browsing history information, the company can determine whether the customer might be interested in the new services and products offered (Chien et al., 2011). Customers' app use activities over time help the organization conduct research and analysis that can be used to understand the customers and app users better thus, obtaining information from the customers is necessary. Information from other service providers helps American express company assess credit risks that relate to their business hence enabling them to evaluate and process customers' application for products and services.

If the application is compromised, customer information is compromised cybersecurity issues are created. For instance, if a customer's IP address and location have been compromised online illegal operators can take advantage and carry out harmful activities example, a customer's IP address can be replicated and used to download illegal content that may cause problems law enforcement agencies (Wang & Lu, 2013). Issues of blackmail may arise if browsing history of consumers is compromised. The advertisements can be used by illegal internet operators to spread malware, spyware to people.

The app only requires permissions that are necessary for it to work - for example, the use of identifiers, and system intents in place of access to customers' sensitive information.

The EULA binds the service providers and their customers. It provides for the scope of the license and the extent to which it covers, changes made to the EULA, the collection and privacy of personal information when the company can terminate your license, services that the app offers, its warrant, the company's liability, and the third-party beneficiaries. As a developer, I would make changes to the notifications panel so that reasonable notice will be introduced, which will notify the customers of any changes in the End User License Agreements to help them in decision making. The notifications alert the users when updates and changes have been made. As a potential app user, I would make changes to the display of personal information by the company for marketing and advertising purposes.

Bring your own device (BYOD) is proving to have a massive impact on companies' IT department operations. Work mobility as it is also known introduces risks to data protection and data loss to companies. Although, work mobility increases productivity and allows for flexibility. It has caused the shift in information technology consumerism thereby, allowing interface of personal devices to corporate data. The security risks brought about by BYOD include; increased chances of data leakage. Through the use of organizations devices, there is an increased chance of data leakage: the mixing of business and personal data. BYOD brings the challenge of coping with the storage of both personal and corporate data on the same device. In organizations, certain data is exposed to various employers of the organization. Therefore, the use of use to an organization's network or devices risks exposure of personal data - increased exploit of vulnerabilities. The use of the app on company devices and networks without proper security protocols increases people's vulnerability to attacks.

The app use on organization's networks and devices is not prudent and should be prohibited. The devices access the company's servers, therefore; the company can access them which increases the vulnerability to leakage of critical personal data.

Whereas BYOD brings benefit to companies, it also increases risks. Therefore, it is imperative to identify them and come up with appropriate measures for protection against security breaches and attacks. Companies must improve their infrastructure to cope up with the number of devices that access their networks and ensure that employees are not breaching company policies (Morrow, 2012). A company can carry out an audit on its infrastructure to determine its capability to cope up with work mobility. An organization can invest in the enterprise mobility management software which can be used to monitor and detect risks earlier on before they can cause catastrophic effects. Companies can implement procedures and policies that can be used to communicate the boundaries clearly and actions to be taken once they are violated. The implementation of policies and procedures reduces the risk of data leakage. To prevent the exploitation of vulnerabilities, a VPN can be used to verify and grant access to permitted data.

References

Chien, E., Sanchez, T., Saunders, D., Wiseman, J., Balagopal, C. R., Kinderknecht, A., ... & Preston, R. (2011). U.S. Patent No. 8,046,256. Washington, DC: U.S. Patent and Trademark Office.

Morrow, B. (2012). BYOD security challenges: control and protects your most sensitive data. Network Security, 2012(12), 5-8.

Wang, W., & Lu, Z. (2013). Cybersecurity in the smart grid: Survey and challenges. Computer Networks, 57(5), 1344-1371.