About Tjx Assignment

1. List and discern the security controls in place within TJX Companies. autonomic nervous system When security upgrades argon made available, its because theyre necessary, not because software developers have thought up some great new software gimmick. Hackers are able to bypass the old systems besides easily, so better security is infallible to keep the cabs out. TJX ignored the need for better e-security, and even neglected to install one particular upgrade they had purchased. 2. What management, organization, and technology factors contri notwithstandinged to these weaknesses?Ans Management While one may not think of it as a weakness, the managements reluctance to report the stolen laptop and the contents of the hard drive contributed to the difficulty in finding the laptop before the data was compromised. Organizations VA operations should have limited the data accessible to the employees to only the data needed in order to effectively do this job. Lack of promoting the sens itivity of the data led to a superficial attitude regarding the protection of the data.Technological At a minimum the data should have been encrypted and password protected. As a practical measure, the laptop should have been protected at the BIOS level if that sensitivity of data was contained. 3. What was the business impact of TJXs data loss on TJX, consumers, and banks? Ans TJX faces consumer and bank class action lawsuits all over the exposure of as many as 100m customer records as the result of a security go that lasted for two distinct six-month periods between 2003 and December 2006.Hackers broke into a system that stored data on acknowledgment card, debit card, cheque, and return details in an attack blamed on a poorly secured piano tuner network in one of its stores. Subsequent credit card frauds have been traced to data swiped as a result of these breaches, and a number of arrests have been made. 4. How effectively did TJX deal with these problems? Ans Not well enou gh. The $40. 9 million fund for the banks wont nearly cover he banks losses, and I gain too little info in the report about what exactly TJX is doing to prevent this from happening again. I see money being thrown at the problem, but management doesnt seem to have a clear picture of a real solution. 5. Who should be held liable for the losses caused by the use of double-faced credit cards in this case? TJX? The banks issuing the credit cards? The consumers? Justify you answer. Ans manifestly TJX is responsible their negligent behavior that made them vulnerable to the attacks.The banks and consumers cant be held responsible particularly the consumers If consumers were held responsible for attacks like this, wed do away with credit cards, keep our money under our mattresses, and go back to making our own clothes and food and entertaining ourselves by telling each early(a) stories as people did centuries ago Then where would the banks and credit card companies be? Thats probably extreme, but so is expecting a shopper to pay for a huge corporations negligence and a hackers crime.