This website uses cookies to ensure you have the best experience. Learn more

Security Breach At Tjx Essay

1977 words - 8 pages

Overview
This case analysis report is about the IT security problems that Owen Richel, the Chief Security Officer of TJX should consider to improve by analyzing some security issues that TJX had faced during the 2005-2007 database intrusion. As technology advances, companies are facing some challenges regarding information privacy. “Information privacy concerns the legal right or general expectation of individuals, groups, or institutions to determine for themselves when, and to what extent, information about them is communicated to others.” (Lecture notes) One of the privacy problems includes unauthorized access, which violates the laws and company’s policies, can limit a person to ...view middle of the document...

Financial institutions provide banking services to customers and they definitely want to people to utilize their services (using debit card and credit card), but at the same time, with less risks. They also cooperate with organizations to provide payment approvals when a customer uses his/her cards to shop. The intrusion brought them law suits and complaints from the customers, which caused them time and money to fix the situation.
Other stakeholders include the shareholders of the company. Shareholders of TJX would want to maximize the profit that is being generated. All costs and expenses are the major consideration that the management of the company takes into account for. From their perspectives, they would want to keep the expenses as low as possible to avoid making losses. Since the cost of information security programs can cost a lot, shareholders could easily neglect its significance.
Role of Information Technology
Information technology plays an important role in TJX because the technological breach had affected the performance of the company, its consumers, banks, and credit card companies greatly. It is essential for keeping its customer personal information safely secured. TJX used the “Framingham system” or the “Watford system” to encrypt and store customers personal information, payment cards, cheques, and merchandise return information. They do so in order to prevent computer intrusions. Without these systems, customers’ cards information would be exposed to the risk of being stolen and unauthorized access. Wireless handheld devices, cash registers, and store’s computers are technologies used in store. They are needed for checking and updating its inventory in stores, performing payment process, and recording daily sales report and employees work schedules. In store kiosks are also one of the technologies that TJX uses that allows people to check the products’ information such as price. People can also use them to browse for clothing pieces they are interested in and mix and match. Basically, technology has been surrounding TJX and become its part.
Information technology also plays a major role in the retail industry in general. In fact, it has become a vital and integral part of every business. They need information technology for its daily operations, communication, inventory management, data management, and customer relationship management. From the in-store perspective, cash registers, hand-held price-checking devices, and store computers are all part of technology. Information technology allows store managers and their subordinates to keep track of its sales performance, inventory levels, and to perform sales payment transactions. It grants greater ease for them to operate. Within the offices of TJX, information technology helps to collect, store, and analyze data such as sales report, cost and expenses, productivity levels, staff information, etc. Aside from that, email, live chat systems,...

Other Papers Like Security Breach at Tjx

Breach Notification Rules Essay

2619 words - 11 pages disclosures of the information (Coburn, 2009). Definition of Breach Consistent with the definition of breach in HITECH Act, HHS defines breach as the acquisition, access, use, or disclosure of PHI in a manner not permitted by the HIPAA Privacy Rule which compromises the security or privacy of PHI. The use or disclosure of PHI poses a significant risk of financial, reputational, or other harm to the affected individual (OCR, 2009

Security Breach Essay

1672 words - 7 pages Security Breach Madeleisy Molerio HCS/533 December 1, 2014 KYM PFRANK Security Breach  Patient medical records privacy and security is the most essential parts of the St. Johns Hospital program of behavior, the hospital take satisfaction in the complete policies and actions that are set to preserve patient privacy. Each worker is apprehended to an extreme standard of upholding the maximum level of confidentiality and privacy when

The Importance of Measuring Enterprise Impact

561 words - 3 pages when a system breach happens because the faster you react the less time the virus will have to affect your system. There should be a security policy put in place and adhered to at all times. Security policies should not only cover the physical side of a company, but also the electronic mediums in which their information is kept.  A portion of the security policy should include recovery and response systems - what to do if a security breach

Assignment 1

477 words - 2 pages to admit there may be faults in their security practices. One of the main reasons why the Payment Card Industry created the Payment Card Industry Data Security Standards is to secure cardholder data from Cyber criminals. Additionally, the computer can be used to enhance and protect criminals conducting crime worldwide “ a computer may have been utilized by a drugs trafficker to record details of shipments and corresponding payments and

Security Breach

1832 words - 8 pages . due to hacking of data of customers. Additionally, security officer is also replaced by the management to enhance security of the software to defend against new attacks of hackers (Information Security and Personal Information Management, 2011). Moreover, more cyber security firms are also hired by the firm to avoid security breach for the firm. At the same time, the firm tried to convince the customers about its effective security policies and

Case Study 3

1028 words - 5 pages this communication arrangement is to update the respected clients of Flayton Electronics on the breach in security, but in a delicate manner that is not to cause any tension. This allows management to deal with the situation in a timely manner. The communication provided will assemble the relationship linking the organization and clients all the way through the creation of understanding the circumstances at hand. The principle of the

Network Security

586 words - 3 pages monthly password change could have kept this from ever happening. Not only did it cause millions in damage but target has to now invest millions in network security. Such a data breach at a smaller business such as Swagger distribution would be devastating that could result in the company going bankrupt. Sources: 1. Internet Security; Reference for Business, Encyclopedia of Business 2nd edition. http://www.referenceforbusiness.com/small

Ipad Security Breach

1876 words - 8 pages it is important for organizations like Gawker Media to be socially responsible. The Goatse Security discovered a vulnerability on AT&T site which returned the client e-mail if the valid serial no. for iPAD sim card was entered. The invalid no. returned nothing; the valid no. returned clients email address. According to Apple’s Worst Security Breach Goatse created scripts & quickly downloaded 114,000 clients email. This was then turned over to

It Failure

848 words - 4 pages them and alerted Bangalore. The team in Bangalore notified the security team in the US, but Target chose to do nothing at all (Riley et al., 2014). Target got another opportunity to react to the breach on December 2nd, but still they ignored it and allowed the hackers to steal sensitive customer information for another 13 days (Riley et al., 2014). Even after spending so much money to prevent something like this, Target made two enormous

Data Breach Research Papaer

1475 words - 6 pages information. Vulnerabilities are the root of all hacks. For businesses, they result in a decline in reliability. If an individual or a group wants to breach information, they will almost always find a way. With the increasing need for information databases, businesses have to weigh the risks of hacks. When an individual allows their information to be stored in a database, with or without their knowledge they are at risk. When this information enters the

Computer Security In Education

330 words - 2 pages university at risk for lawsuits if the information is exposed. Student’s internet use on campus daily comes in contact with social network targeting, malicious software, infrastructure attacks, phishing, and peer-to-peer file transfers (Rasmussen, 2011). These dangers put not only the students’ computers at risk for security breaches, but the universities’ network as well. The damages resulting from data breaches in college networks are numerous. Not only

Related Essays

Wewdwd Essay

521 words - 3 pages . Unless you ask the shareholders, banking partners, and some customers of TJX, who filed a series of class-action lawsuits against the company claiming that the “high-level deficiencies” in its security practices make it at least partially responsible for the damages caused by Albert Gonzalez and his accomplices. The lawsuits point out, for example, that the packet sniffer Gonzalez attached to the TJX network went unnoticed for more than seven

Target: The Largest Data Breach/Attack Essay

1651 words - 7 pages -poses-three-questions-for-it-security-organizations/ Kim, D., & Solomon, M. (2014). Chapter 6: Managing and Controlling Risks. In UMUC CSIA 301: Foundations of Cybersecurity (p. 272). Burlington, MA: Jones & Bartlett Learning. Krebs, B. (2014, February 12). Email Attack on Vendor Set Up Breach at Target. Retrieved from http://krebsonsecurity.com/2014/02/email-attack-on-vendor-set-up-breach-at-target/#more-24313 Riley, M., Elgin, B., Lawrence, D

Pci Compliance Essay

1436 words - 6 pages other costs associated with the discovery of this major breach of security such as hiring a security consulting agency in order to overhaul the internal network and align the company’s internal policies and practices to conform to PCI standards; civil lawsuits, and punitive damages. According to an article on CNET.com, “The Arkansas Carpenters Pension Fund, one of the largest shareholders, filed suit” claimed that “TJX ‘wrongfully denied (them

Target Credit Card Breach Essay

682 words - 3 pages impacted and involves the theft of data stored on the magnetic stripe of cards used at the stores. Hackers stole personal information including names, phone numbers as well as email and mailing addresses from as many as 70 million customers as part of a data breach it discovered. The cause of the security breach was when hackers first stole a vendor's credentials, which is how they got access to Target's database. Then they used malware to infect