Analyzing The Tjx Case Study

2335 Words10 Pages
When analyzing the TJX case study, it is important to identify the failure points of the incident to gather a better understanding of the situation. Firstly, the people involved within the company and security breach were not one of the major failure points. However, if better information security practices were in place within the company, it would have made employees at TJX more prepared for security threats such as the one that occurred at TJX. Having a better information security company culture would have helped employees be more cautious when going about their day to day tasks. In regards to TJX’s work process, their process was clearly flawed. When discussing a work process, that process is developed within a company. When a…show more content…
Consequently, there seems to be a breakdown in TJX’s work processes which played a role in this security breach. When comparing the failure points of technology to the people of TJX and the work processes, the failure point in technology had the biggest impact in the security breach. TJX did not have up to date end point protection tools in place to stop and/or diminish risks posed by individuals involving infected USB drives and USB ports. The company also had computer booths placed in public areas with exposed USB ports which can be tampered with at any time. These booths were linked to their production network which provided an avenue to attack and breach TJX’s network. TJX should have put in place detection software on to these booths along with firm USB antivirus scans to combat any individuals up to foul play and to protect the company’s data. The systems used in these booths should have been placed in a different network sector rather than the main production network and should have more rigorous security firewall for network communication. To add to the failure points in technology, TJX did not employ any file integrity monitoring or data leak prevention solutions to detect and stop theft of critical information. No system was in place to observe real time actions of individuals using the system which led to attacks occurring and TJX being oblivious to them. Had there been solutions in place along with a team of proficient

More about Analyzing The Tjx Case Study

Open Document