Fill in Order Details

  • Submit paper details for free using our simple order form

Make Payment Securely

  • Add funds to your account. There are no upfront payments. The writer will only be paid once you have approved your paper

Writing Process

  • The best qualified expert writer is assigned to work on your order
  • Your paper is written to standard and delivered as per your instructions

Download your paper

  • Download the completed paper from your online account or your email
  • You can request a plagiarism and quality report along with your paper
Posted on by admin

TJX Security Breach

TJX Security Breach

Abstract

Security breaches to information systems especially computers is an ever present risk which should not be ignored. Such breaches bring a lot of adverse impact to the organisation’s operation as well as complete failure. Security measures that uphold safety of data and tools of an organisation should be of focus.


Areas that require attention:

People

The TJX security breach would have not been as bad had there not been errors performed by people. One of them was the fact that the company kept too much personal information. It was used in business transactions (Ivey, 2008). The “Framingham system” processed and stored information pertaining to debit and credit card, cheque and unreceipted merchandise-return transactions for customers of T.J. Maxx, Marshalls, HomeGoods and A.J. Wright stores in the United States and Puerto Rico, and of Winners and HomeSense stores in Canada.

The “Watford system” managed and kept data on payment and card operations at the T. K. Maxx. The data that is acquired from the Framingham model which were kept in the US and other countries were related to the earnings of the tools that did not have receipts and banking procedures (Ross and Weill 2002). The particulars involved the license and ID numbers as well as the titles and addresses of the clients that had their products turned back.

Work process

Work processes are also flawed and require attention because it relies too heavily on internal information systems for off-prices stores and staying competitive. This enables rapid delivery of data, facilitating quick decisions at different levels.

Technological failure

However, technological let-down is what needs to be taken keen consideration on. Taking to fact that we look into security lapse like hacking, there have to be some form of technological let down. If the system had improved its security measures this may not have taken place. The process of encryption needs attention in it cannot prevent decryption from external unauthorized sources. Wireless attack by use of hand held guns that tell the price of commodities capture the companies IP addresses (Ross and Weill, 2002). The USB drives contained a utility program that let the intruder or intruders take control of these computer kiosks and turn them into remote terminals that connected into TJX’s networks.

The security system used involved firewalls on the company’s network, this aspect was not meant to guide against traffic that originated from kiosks. More so, the drives that are applied are involved in connected the mice or other external devices. Processing logs also need an important look into because it has been noted that there are no processing logs to provide information about files on the system. For technology to show its use, it must show its compliance practises, something which is lacking (Ivey, 2008). The absence of network monitoring, the absence of logs and the presence of unencrypted data stored on the system plus the retention of years of customer data show a problem in auditing practices.

Recommendations

TJX can improve on several things especially on the various failure points. Those to do with the people at TJX and the decisions they make. All actions taken whether in the work process in the technology field require sound decision first. This can be through consulting especially with specialist who will best recommend steps to take. The company should also learn not to rely too much on electronic information systems to do various crucial interactions. In the case of in practicability in any other way, it would be essential to secure this form of interaction as TJX entirely relies on it (Ivey, 2008). The systems technology is what requires most intervention though. Old methods of encryption need to be replaced with new ones as hackers keep up with technology and TJX encryption processes was no match for the decryption process of the hackers. The same goes for the wireless connections but more back up security should be enhanced to counter ongoing hacking. This is because hacking through wireless connections can be detected in real time and can be predicted such as the peak sales period (Ross and Weill, 2002). The firewalls on TJX’s USB drives main network should be set to defend against traffic coming from the kiosks.

TJX should processing log data to provide forensic analysis about files in the system. Almost in line with the recommendation at the people level is compliance with regulations. It compliance obliged this kind of breach would not have taken place. TJX also has to start providing network monitoring, logs and had to get rid of unencrypted data in the system. Among the mentioned recommendations technological changes especially on encryption, wireless connections and auditing practices should be given immediate priority. Processing logs and compliance practices if applied over the long term will greatly reduce the risk of another breach.

TJX Security Breach could have been avoided

Ultimately had TJX taken more precaution, this would not have happened. Jeanne Ross and Peter Weill (2002) TJX was leading company very big and three times larger than its immediate competition. It also took home profits in its billion and a company like that out to have taken a step to prevent it (Simpson, et al, 2010). It also let down its loyal customers and was the innocent victims of incompetence. It can also be questioned why this had to happen to such a big company and not take place at others. It can be concluded that the risk of hacking was not regarded as serious and therefore TJX did not do much prevent it.

Keywords:

Decryption: Process of transforming an encrypted message into its original plaintext. Encryption: Transformation of data (called “plain text”) into a form (called “cipher text”) that conceals the data’s original meaning to prevent it from being known or used.

References

Ross, J. and Weill, P. (2002). “Six Decisions Your IT People Shouldn’t Make,” Harvard         Business Review. Retrieved from: http://www.qualified-audit-   partners.be/user_files/ITforBoards/GVIT_Harvard_Business_Review-   Ross_Jeane___Weill_Peter_Six_IT_Decsions_Your_IT_People_Shouldnt_Make_200 2.pdf

Ivey (2008).Security Breach At Tjx. Richard Ivey School of Business: The University of          Western of Ontario.

Simpson, M. T, Backman, K., and Corley, J. (2010).Hands-On Ethical Hacking and Network          Defense. Connecticut: Cengage Learning.


ORDER A SIMILAR PAPER AND DELEGATE FULFILMENT OF YOUR ASSIGNMENT TO EXPERT ACADEMIC WRITERS. PLAGIARISM-FREE, GUARANTEED A, TIMELY DELIVERY.

strategic planning visioning session

WHAT OUR CURRENT CUSTOMERS SAY

  • Google Rating
  • Sitejabber
  • Trustpilot
Zahraa S
Zahraa S
Absolutely spot on. I have had the best experience with Elite Academic Research and all my work have scored highly. Thank you for your professionalism and using expert writers with vast and outstanding knowledge in their fields. I highly recommend any day and time.
Stuart L
Stuart L
Thanks for keeping me sane for getting everything out of the way, I’ve been stuck working more than full time and balancing the rest but I’m glad you’ve been ensuring my school work is taken care of. I'll recommend Elite Academic Research to anyone who seeks quality academic help, thank you so much!
prevnext

ORDER NOW

CategoriesUncategorized

Consider Your Assignments Done

“All my friends and I are getting help from eliteacademicresearch. It’s every college student’s best kept secret!”

Jermaine Byrant
BSN

“I was apprehensive at first. But I must say it was a great experience and well worth the price. I got an A!”

Nicole Johnson
Finance & Economics

ORDER NOW

Our Top Experts

————-

See Why Our Clients Hire Us Again And Again!


OVER
10.3k
Reviews

RATING
4.89/5
Avg Rating

YEARS
12
Experience

Elite Academic Research Promises You:


Always on Time

If we are a minute late, the work is on us – it’s free!

Plagiarism-free

If the work we produce contains plagiarism we’ll pay out a £5,000 guarantee.

Quality

Providing quality work is core to our beliefs, which is why we will strive to give you exactly that, and more!

Written to Standard

All of our assignments go through a stringent quality checking process from start to finish.

ORDER NOW

Success Guarantee

When you order form the best, some of your greatest problems as a student are solved!

Reliable

Professional

Affordable

Quick

See our Results

ORDER YOUR ASSIGNMENT NOW

YOUR EDUCATION ON AUTOPILOT

Pay an expert to take your online class and say goodbye to poor grades, missed deadlines, and the struggles
of balancing your education with other work/life responsibilities. Life Is too Short to Spend on Classes
You Have No Interest In. Focus on what is really important in your life. Let our professional handle your class.

    Guaranteed A or B

    100% Confidential

    Experienced Tutors

    24/7 Support

Fill in free quote request

Tell us about your online class and what help you need. Try to give us the maximum information.

Agree on price

Our representative will contact you to discuss the details of your order and the rates for our assistance.

Pay and get help

When everything is agreed, you will receive an email with the invoice. After you pay, we start working on your task.

Learn More