A Brief Note On Companies And The Largest Ever Consumer...

Case Study #2: Maxxed Out: TJX Companies and the Largest-Ever Consumer Data Breach There are five components to the operations security process that companies use to analyze. These five modules provide a company a full analysis of the risks, vulnerabilities, and threats of their data and how to mitigate them. This process identifies all the critical information the company or organization have such a credit card information like TJX had on their main server. Identifying this information is crucial so the business knows what valuable assets, or data is being stored. If a company does not recognize this material, the material is unprotected. Once the information has been identified, the organization or enterprise will complete an analysis†¦show more content†¦Also, TJX did not apply counter measures in place of those defined vulnerabilities or threats which costed the company huge losses. If the company implemented the WPA security protocol, the risks could have been small. There are multiple methods to improve the security at TJX to prevent future breaches. The network wireless system should be upgraded to Wi-Fi Protected Access 2, WPA2, from WEP. WPA2 provides the most secure protocol that is available on a wireless network. WPA2 uses Advanced Encryption Standard to encrypt all the data when the data is in motion. AES encryption takes a hacker months, even years to break. If the company wants customers to have free Wi-Fi then have two separate networks in which one is has a network password and other just requires a login with terms and conditions. For the wired/wireless connections, TJX can institute a virtual private network, or VPN, to connect with the servers that have sensitive information. This allows the connection between the servers and device to be secure but the data is not. VPN does have limitation such as devices, but is an alternative to WPA2 and better than WEP. VPN is ideal for documents such as sales reports, inventory, and strategies. TJX must implement these standards on all of the retail locations to safeguard all the data being processed throughout the business day.