Tjx Companies

The TJX companies did not have many security controls in place to protect credit card information from theft. At the time the company was still using Wired Equivalent Privacy (WEP) encryption system to handle their customer’s credit card information. The WEP system was out-of-date and very easy for hackers to gain access to. TJX had not installed firewalls or data encryption software correctly in all of their computer. TJX also retained their customers information much longer then is required by law.

One of the tools that TJX could have used to fix their weaknesses would have been to switch over to the more secure Wi-Fi Protected Access (WPA) which contains a more complex system to encrypt their customer’s credit card information. TJX should have also made sure that there were proper firewalls in place to ensure that their customer’s credit card information is protected when it is transferred over wireless connections.

The business effects on TJX data loss was a significant loss of revenue. This is because of TJX’s failure to install the proper security software to ensure the security of their customer’s information. This mistake cost TJX over $202 million which also includes legal settlements. After they strengthened their security system TJX agreed to have a third-party audit company come in to review their security software every 2 years for 20 years.

The moral dimensions that may be applied in this situation are information rights and obligations, accountability and control, and system quality. Information rights and obligations is because the organization has the responsibility and obligation to protect their customers information. Accountability and control is because someone needs to be held accountable if the customer’s information is not protected. System quality is because the system that the organization uses should be up to the current security standards to ensure the protection of information.

University of Phoenix....