Tjx Used Wired Equivalent Privacy

List and describe the security controls in place. Where are the weaknesses?

TJX used Wired Equivalent Privacy (WEP) encryption system that is very easy for hackers to get into instead of using a more secure Wi-Fi Access. They had several weaknesses. First, they did not have good traffic logs and did not audit access on a regular basis, which allowed the hackers to have access to the account numbers for almost two years (Patrizio, 2007). When TJX discovered the problem, it took them months to figure what was going on. If they had good access controls, they would have been able to find the trouble quickly. They also neglected to use a firewall and data encryption on many of the computers.  

What tools and technologies could have been used to fix the weaknesses?

TJX should have used a more secure option like Wi-Fi Protected Access (WPA) which has a more complex encryption. It was stated that their system was way over due for an update and it could have used firewalls and data encryption software on all of the computers that use a wireless network.

What was the business effect of TJXs data loss on TJX, consumers, and banks?

Banks that issue credit and debit cards took the biggest hit from TJX’s information breach. They were more than likely insured for the fraudulent charges but will pay a price for it anyway. Consumers are also at a loss because of the theft of driver’s license numbers and other financial information. It will take a lifetime of credit monitoring to give the consumer affected any security. TJX’s reputation will be damaged due to the new perception that they do not handle their sensitive information in a responsible way. This may hinder sales or consumers opening accounts with TJX in the future. Consumer groups and banks have filed lawsuits against TJX and its merchant banks for failing to protect account data.

Which moral dimensions may be applied in this situation? How?

TJX should be responsible for the breach.  It was...