Fill in Order Details

  • Submit paper details for free using our simple order form

Make Payment Securely

  • Add funds to your account. There are no upfront payments. The writer will only be paid once you have approved your paper

Writing Process

  • The best qualified expert writer is assigned to work on your order
  • Your paper is written to standard and delivered as per your instructions

Download your paper

  • Download the completed paper from your online account or your email
  • You can request a plagiarism and quality report along with your paper

TJX Security Breach

TJX Security Breach

Abstract

Security breaches to information systems especially computers is an ever present risk which should not be ignored. Such breaches bring a lot of adverse impact to the organisation’s operation as well as complete failure. Security measures that uphold safety of data and tools of an organisation should be of focus.


Areas that require attention:

People

The TJX security breach would have not been as bad had there not been errors performed by people. One of them was the fact that the company kept too much personal information. It was used in business transactions (Ivey, 2008). The “Framingham system” processed and stored information pertaining to debit and credit card, cheque and unreceipted merchandise-return transactions for customers of T.J. Maxx, Marshalls, HomeGoods and A.J. Wright stores in the United States and Puerto Rico, and of Winners and HomeSense stores in Canada.

The “Watford system” managed and kept data on payment and card operations at the T. K. Maxx. The data that is acquired from the Framingham model which were kept in the US and other countries were related to the earnings of the tools that did not have receipts and banking procedures (Ross and Weill 2002). The particulars involved the license and ID numbers as well as the titles and addresses of the clients that had their products turned back.

Work process

Work processes are also flawed and require attention because it relies too heavily on internal information systems for off-prices stores and staying competitive. This enables rapid delivery of data, facilitating quick decisions at different levels.

Technological failure

However, technological let-down is what needs to be taken keen consideration on. Taking to fact that we look into security lapse like hacking, there have to be some form of technological let down. If the system had improved its security measures this may not have taken place. The process of encryption needs attention in it cannot prevent decryption from external unauthorized sources. Wireless attack by use of hand held guns that tell the price of commodities capture the companies IP addresses (Ross and Weill, 2002). The USB drives contained a utility program that let the intruder or intruders take control of these computer kiosks and turn them into remote terminals that connected into TJX’s networks.

The security system used involved firewalls on the company’s network, this aspect was not meant to guide against traffic that originated from kiosks. More so, the drives that are applied are involved in connected the mice or other external devices. Processing logs also need an important look into because it has been noted that there are no processing logs to provide information about files on the system. For technology to show its use, it must show its compliance practises, something which is lacking (Ivey, 2008). The absence of network monitoring, the absence of logs and the presence of unencrypted data stored on the system plus the retention of years of customer data show a problem in auditing practices.

Recommendations

TJX can improve on several things especially on the various failure points. Those to do with the people at TJX and the decisions they make. All actions taken whether in the work process in the technology field require sound decision first. This can be through consulting especially with specialist who will best recommend steps to take. The company should also learn not to rely too much on electronic information systems to do various crucial interactions. In the case of in practicability in any other way, it would be essential to secure this form of interaction as TJX entirely relies on it (Ivey, 2008). The systems technology is what requires most intervention though. Old methods of encryption need to be replaced with new ones as hackers keep up with technology and TJX encryption processes was no match for the decryption process of the hackers. The same goes for the wireless connections but more back up security should be enhanced to counter ongoing hacking. This is because hacking through wireless connections can be detected in real time and can be predicted such as the peak sales period (Ross and Weill, 2002). The firewalls on TJX’s USB drives main network should be set to defend against traffic coming from the kiosks.

TJX should processing log data to provide forensic analysis about files in the system. Almost in line with the recommendation at the people level is compliance with regulations. It compliance obliged this kind of breach would not have taken place. TJX also has to start providing network monitoring, logs and had to get rid of unencrypted data in the system. Among the mentioned recommendations technological changes especially on encryption, wireless connections and auditing practices should be given immediate priority. Processing logs and compliance practices if applied over the long term will greatly reduce the risk of another breach.

TJX Security Breach could have been avoided

Ultimately had TJX taken more precaution, this would not have happened. Jeanne Ross and Peter Weill (2002) TJX was leading company very big and three times larger than its immediate competition. It also took home profits in its billion and a company like that out to have taken a step to prevent it (Simpson, et al, 2010). It also let down its loyal customers and was the innocent victims of incompetence. It can also be questioned why this had to happen to such a big company and not take place at others. It can be concluded that the risk of hacking was not regarded as serious and therefore TJX did not do much prevent it.

Keywords:

Decryption: Process of transforming an encrypted message into its original plaintext. Encryption: Transformation of data (called “plain text”) into a form (called “cipher text”) that conceals the data’s original meaning to prevent it from being known or used.

References

Ross, J. and Weill, P. (2002). “Six Decisions Your IT People Shouldn’t Make,” Harvard         Business Review. Retrieved from: http://www.qualified-audit-   partners.be/user_files/ITforBoards/GVIT_Harvard_Business_Review-   Ross_Jeane___Weill_Peter_Six_IT_Decsions_Your_IT_People_Shouldnt_Make_200 2.pdf

Ivey (2008).Security Breach At Tjx. Richard Ivey School of Business: The University of          Western of Ontario.

Simpson, M. T, Backman, K., and Corley, J. (2010).Hands-On Ethical Hacking and Network          Defense. Connecticut: Cengage Learning.


WHAT OUR CURRENT CUSTOMERS SAY

  • Google Rating
  • Sitejabber
  • Trustpilot
Zahraa S
Zahraa S
Absolutely spot on. I have had the best experience with Elite Academic Research and all my work have scored highly. Thank you for your professionalism and using expert writers with vast and outstanding knowledge in their fields. I highly recommend any day and time.
Stuart L
Stuart L
Thanks for keeping me sane for getting everything out of the way, I’ve been stuck working more than full time and balancing the rest but I’m glad you’ve been ensuring my school work is taken care of. I'll recommend Elite Academic Research to anyone who seeks quality academic help, thank you so much!
Mindi D
Mindi D
Brilliant writers and awesome support team. You can tell by the depth of research and the quality of work delivered that the writers care deeply about delivering that perfect grade.
Samuel Y
Samuel Y
I really appreciate the work all your amazing writers do to ensure that my papers are always delivered on time and always of the highest quality. I was at a crossroads last semester and I almost dropped out of school because of the many issues that were bombarding but I am glad a friend referred me to you guys. You came up big for me and continue to do so. I just wish I knew about your services earlier.
Cindy L
Cindy L
You can't fault the paper quality and speed of delivery. I have been using these guys for the past 3 years and I not even once have they ever failed me. They deliver properly researched papers way ahead of time. Each time I think I have had the best their professional writers surprise me with even better quality work. Elite Academic Research is a true Gem among essay writing companies.
Got an A and plagiarism percent was less than 10%! Thanks!

ORDER NOW

CategoriesUncategorized

Consider Your Assignments Done

“All my friends and I are getting help from eliteacademicresearch. It’s every college student’s best kept secret!”

Jermaine Byrant
BSN

“I was apprehensive at first. But I must say it was a great experience and well worth the price. I got an A!”

Nicole Johnson
Finance & Economics

Our Top Experts

————-

See Why Our Clients Hire Us Again And Again!


OVER
10.3k
Reviews

RATING
4.89/5
Avg Rating

YEARS
12
Experience

Elite Academic Research Promises You:


Always on Time

If we are a minute late, the work is on us – it’s free!

Plagiarism-free

If the work we produce contains plagiarism we’ll pay out a £5,000 guarantee.

Quality

Providing quality work is core to our beliefs, which is why we will strive to give you exactly that, and more!

Written to Standard

All of our assignments go through a stringent quality checking process from start to finish.

Success Guarantee

When you order form the best, some of your greatest problems as a student are solved!

Reliable

Professional

Affordable

Quick

Using this writing service is legal and is not prohibited by any law, university or college policies. Services of Elite Academic Research are provided for research and study purposes only with the intent to help students improve their writing and academic experience. We do not condone or encourage cheating, academic dishonesty, or any form of plagiarism. Our original, plagiarism-free, zero-AI expert samples should only be used as references. It is your responsibility to cite any outside sources appropriately. This service will be useful for students looking for quick, reliable, and efficient online class-help on a variety of topics.