Tuesday, October 22, 2019
Hannaford Bros. Cyber Security Lessons Learned Essays
Hannaford Bros. Cyber Security Lessons Learned Essays Hannaford Bros. Cyber Security Lessons Learned Paper Hannaford Bros. Cyber Security Lessons Learned Paper Introduction Virtually every business today uses at least one form of computer information technology. Business firms use computers to automate and assist in managing everything from operations, sales, finance, and logistics. Internal databases and intranets are used for internal controls and organizations are connected via the internet to conduct sales, marketing and many other communications and transactions. Electronic business, or e-business, is dominating modern markets and the business world. This new world of technological innovation has exponentially increased efficiency and globalized the worldââ¬â¢s economies. Unfortunately criminals still exist and continue to exploit businesses, committing acts of theft, vandalism, and terror. E-business is not immune to criminal mischief and in fact can be quite vulnerable to sophisticated cyber criminals known as hackers. In early 2008 it was reported that the North East Supermarket mogul, Hannaford Bros. Company fell victim to a computer hacking attack that compromised approximately 4. 2 million customer credit cards. This act created a financial nightmare for thousands of consumers and for the Hannaford Bros. grocery company. The incident was a black mark on Hannafordââ¬â¢s public image and a financial burden to their corporation. Cyber Security is a growing priority of todayââ¬â¢s business leadership. Boon, Kurtz (2011) Hannaford Bros. Co. Hannaford Bros. is an upscale North American grocery retail chain headquartered in Scarborough, Maine. Hannaford was founded in 1883 and now runs supermarkets throughout New England and upstate New York. Hannaford is owned by the American subsidiary of the Belgian Delhaize Group, Delhaize America, the parent company of Food Lion which operates over 1,500 stores on the East Coast, mostly in the Mid-Atlantic States. : The Hannaford Bro. Website (2011), The Delhaize Group website (2011) Hannaford Bros. administers a comprehensive website for their grocery chain. The Hannaford website found at: hannaford. com/home. jsp offers customers a wide range of shopping and food related planning activities. Hannaford does not offer their grocery products for delivery on their website; rather they make all of their grocery and pharmacy products available for customers to browse and purchase for pick-up. Customers can easily navigate through categorized product lists with eye catching visual cues. Products can be places on a virtual shopping list that the customer can use in the store or purchase on-line to be picked up at their nearest local store. Coupons and sales discount promotions are also readily available and easy to find on the website. Hannaford also gives customerââ¬â¢s options and assistance for planning different types of parties and organizing shopping lists. The primary services provided by the website in addition to on-line browsing and ordering of groceries includes pharmacy prescription refills, ordering gift cards, special orders, and Redbox video rentals. Instead of promoting broad scale on-line shopping and delivery like other supermarkets and on-line retailers, Hannaford uses their website to draw people to their stores and make the shopping experience easier and more appealing. The Hannaford Bro. Website (2011) Hannaford Bros. displays numerous lines of communication on their website. Their contact information is found thorough a ââ¬Å"contact usâ⬠tab on the home page. The Hannaford Corporate office address and several 1-800 customer service phone numbers are listed. There are also several online feedback forms for customers to give Hannaford feedback and ask questions about their products and services. Hannaford even offers the advice and expertise of nutritionist for customer questions and concerns. The Hannaford Bro. Website (2011) The Hannaford Bros. website is designed and maintained with meticulous detail. Hannaford Bros. online marketing strategy is simple; to give customers a warm and inviting way to make their shopping experience easier and more pleasant. Hannaford Bros. is easily accessible through simple search engine searches and is then easy to navigate for even the most novice web users. The company is targeting people who shop for groceries the most, families. The visual colors and photographs are geared towards women and create a warm and enticing mood. Hannaford creates a competitive advantage for them by offering the shopper planning services to their customers. They are not just a cold internet retailer where somebody logs in to buy products and leaves. The website creates an environment that endears people to their stores. The Hannaford Bro. Website (2011) The Security Breach and Hannaford Bros. Reaction On March 17, 2008 Hannaford Bros. Co announced that it had been the victim of a computer hacker attack against their computer network. The Hacker, Albert Gonzalez , who was eventually arrested and sentenced to 20 years in prison had accessed Hannafordââ¬â¢s network and stole approximately 4. 2 million credit and debit card numbers between Dec. 7 2007 and March 10 2008. The security breach affected all of Hannafords stores in New England and New York, as well as subsidiary stores under the Sweetbay name in Florida and several independently owned stores selling Hannaford products. The data breach forced banks across the East Coast to block and reissue hundreds of thousands of credit and debit cards. Jaikumar Vijayan (2008) The State of Maine Bureau of Financial Institutions website (2011) Hannaford later posted an advisory on their web site signed by President and CEO Ronald Hodge, stating that the grocer had contained the illegal intrusion after being made aware of suspicious credit card activity on Feb. 27. The advisory stated that credit and debit card numbers as well as expiration dates were taken from Hannafords network while the data was in transit for transaction processing. Ronald Hodge went on to apologize for the compromise and the inconvenience to the consumers, but also urged the consumers that Hannaford had been upholding the highest standards of cyber security. Hodges ended his statement with assuring customers that Hannaford would work with the banks in rectifying the situation and would double their efforts in increasing their security measures. Hannaford immediately shut down all links on their website after the disclosure of the security breach. Hannaford launched an investigation into the matter and worked diligently to rectify all weaknesses in their cyber security system. Jaikumar Vijayan (2008) Analysts claim that Hannaford like many other retailers did not encrypt the credit and debit card data collected from customers during financial transactions. This allowed the hacker to easily steal the data once he discovered a back door into Hannafordââ¬â¢s system. Hannaford was quickly served with a massive class action lawsuit claiming Hannaford was negligent in protecting consumer data. Jaikumar Vijayan (2008) Hannafordââ¬â¢s website now offers a highly in-depth and comprehensive privacy policy page with multiple links to detailed explanations of their privacy and security procedures. Hannaford now goes out of their way to inform the consumer and provide protection against any other possible security breach of financial information. It appears that Hannaford Bros. has been very thorough in controlling the damage to their image and maintain their brand identity and good will with their customer base. The Hannaford Bro. Website (2011), The State of Maine Bureau of Financial Institutions website (2011) Cyber Security Methods and Procedures for Protecting Customers Cyber Security is a growing responsibility for business leaders in todayââ¬â¢s market. Not only do corporations and small businesses need to protect their own financial and proprietary information, they need to protect the data of their customers. In fact cyber security is now a strategic decision point not only in business technology but in the business planning cycle as whole. Business firms now have to continually analyze the dangers and work together to combat the growing cyber threat. Business leaders should take strategic steps towards combating the cyber threats. Michael Neumann (2008), Boon, Kurtz (2011) The first step in combating cyber threats is to maintain an accurate and comprehensive data analysis team to continually monitor and track past, current, and emerging cyber threats. The next step in the process should be the establishing and maintaining evolving industry guidelines and procedures to define and combat the cyber threats. Without a united front against cyber threats, business firm security specialists will not be properly equipped to keep up with the threats. Another key step in the process of countering cyber threats is establishing critical infrastructure benchmarks, defining and actively working against cyber threats. Ultimately, fighting cyber threats is much like fighting against global terrorists. Business leaders must protect their greatest assets, their customers against the attacks from cyber criminals. Michael Neumann (2008), Boon, Kurtz (2011) Conclusion Hannaford Bros. like many other corporations learned firsthand the damage one person with a computer could commit against their business. The hard lessons learned were not to take for granted the capabilities of cyber criminals and the negative possibilities of their actions. Cyber security is strategic priority not only for corporations but for small business owners as well. Business leaders must stay vigilant and cognizant of the impending and emerging threats to their livelihood and maintain their responsibility to the consumer. References 1)Boon, Kurtz (2011) Contemporary Business, New Jersey, John Wiley Sons Inc. 2)The Hannaford Bro. Website (2011) Retrieved from: hannaford. com/home. sp 3)The Delhaize Group website (2011) Retrieved From: delhaizegroup. com/en/PublicationsCenter/PicturesandBiographies/Stores. aspx 4)Kim Zetter (2010) Hacker Sentenced to 20 years for Breach of Credit Card Pocessor. Retrieved from: wired. com/threatlevel/2010/03/heartland-sentencing/#more-14740 5)Jaikumar Vijayan (2008) Update: New retail data breach may have affected millions of Hannaford shoppers. Retrieved from: computerworl d. com/s/article/9068999/Update_New_retail_data_breach_may_have_affected_millions_of_ Hannaford_shoppers )Jaikumar Vijayan (2008) Hannaford hit by class-action lawsuits in wake of data-breach disclosure. Retrieved from: computerworld. com/s/article/9070281/Hannaford_hit_by_class_action_lawsuits_in_wake_of_data_breac h_disclosure 7)Michael Neumann (2008) The Rand Corporation: Cybersecurity Economic Approaches and Challenges to Decision Making. Retrieved from: rand. org/pubs/research_briefs/RB9365-1/index1. html 8)The State of Maine Bureau of Financial Institutions website (2011) Retrieved from: http://maine. gov/pfr/financialinstitutions/data_breach
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.