TJX corporate systems had poor security controls. The computer kiosks that were located in some of their stores were supposed to be secure. They also had some firewall protection. TJX wireless network was protected by WEP encryption system.
The computer kiosks were poorly secured; the kiosks were accessible from the back which made them vulnerable to tampering. The computer firewalls set up did not block malicious traffic coming from the kiosks. The wireless network used an old encryption system (WEP), which was easy for hackers to crack.
The kiosks should have been placed in a secure area of the stores, where they could be observed while in use. The kiosks should have been inspected on a regular basis for tampering. Access control provides authorization to gain access. The company had poor firewall and intrusion detection protection. The firewall that TJX had in place was not sufficient enough to keep hackers out. In addition to firewalls, intrusion detection systems provide full-time monitoring placed at “hot spots” in corporate networks. The company should have upgraded their wireless network protection to a WAP2 . Another source of security is to use encryption to scramble important information.
The TJX’s security breach left effects in many areas. TJX will suffer from many lawsuits and penalties for a long time. Customer loyalty will be down. Consumers will feel the effects in the changes that could be made to increase the level of security in the use of credit and debit cards. The consumer could also see price increases to cover the losses caused by many legal fees. Banks will see effects in the costs to replace the debit and credit cards that may have been compromised. They will also suffer from the legal costs to recover money from TJX.
The moral dimensions that apply to The TJX security breach are: Information Right & Obligations- TJX has the right to protect the information regarding the company; they also have...
Please join StudyMode to read the full document