Week 5 Checkpoint
• List and describe the security controls in place. Where are the weaknesses?
I did not notice any securities in place. The article did mention a second layer or security that was not properly installed. The systems were out of date and TJX used an old Wired Equivalent Privacy (WEP) encryption system. Other companies made the switch to a
Wi-Fi Protected Access (WAP) with more complex encryption. The article also states that they failed to install firewalls and data encryption on some of the hardware using wireless networks. These are all areas of weakness to the security in my book and I feel that these items should not have been overlooked (Laudon & Laudon, 2011).
• What tools and technologies could have been used to fix the weaknesses?
A WEP used in conjunction with a VPN would have helped with security. A firewall could have been put in place to prevent unauthorized access but most importantly in this case TJX should have implemented an intrusion detection system (Laudon & Laudon, 2011).
• What was the business effect of TJX’s data loss on TJX, consumers, and banks? TJX lost many customers due to this as the article states that many of them would not shop at a company without a secure network. Banks had cost of over 300 million just with replacing the stolen cards and also had to cover the fraudulent purchases (Laudon & Laudon, 2011).
• Which moral dimensions may be applied in this situation? How?
Accountability and control in the first one that stands out in this situation. TJX didn’t seem to really have as much accountability as the banks did and they were the ones that failed to meet security standards (Laudon & Laudon, 2011).
Reference:
Laudon, J. P., & Laudon, K. C. (2011). Essentials of management information systems (9th ed.). Upper Saddle River, NJ: Prentice Hall.
I did not notice any securities in place. The article did mention a second layer or security that was not properly installed. The systems were out of date and TJX used an old Wired Equivalent Privacy (WEP) encryption system. Other companies made the switch to a
Wi-Fi Protected Access (WAP) with more complex encryption. The article also states that they failed to install firewalls and data encryption on some of the hardware using wireless networks. These are all areas of weakness to the security in my book and I feel that these items should not have been overlooked (Laudon & Laudon, 2011).
• What tools and technologies could have been used to fix the weaknesses?
A WEP used in conjunction with a VPN would have helped with security. A firewall could have been put in place to prevent unauthorized access but most importantly in this case TJX should have implemented an intrusion detection system (Laudon & Laudon, 2011).
• What was the business effect of TJX’s data loss on TJX, consumers, and banks? TJX lost many customers due to this as the article states that many of them would not shop at a company without a secure network. Banks had cost of over 300 million just with replacing the stolen cards and also had to cover the fraudulent purchases (Laudon & Laudon, 2011).
• Which moral dimensions may be applied in this situation? How?
Accountability and control in the first one that stands out in this situation. TJX didn’t seem to really have as much accountability as the banks did and they were the ones that failed to meet security standards (Laudon & Laudon, 2011).
Reference:
Laudon, J. P., & Laudon, K. C. (2011). Essentials of management information systems (9th ed.). Upper Saddle River, NJ: Prentice Hall.