- Internal Code :
- Subject Code : ISY3006
- University : Australian Institute of Higher Education
- Subject Name : IT Computer Science
Information Security
Executive Summary of Security Policies of Coles Supermarket
The following report that is going to be intervened is about the protection of the security threats in the current situation in supermarkets. The research and analysis would be formulated based on the type of threats posed on the data of the supermarkets. The data is all about the private information regarding the customer of the organization. Information technology engineering has been so advanced in recent times that it can be misused in any way. The organization chosen for the analysis is Coles supermarket. The formulation will be based on the policies followed by the supermarket in making sure about the security of the customers in all sense. The stakeholders of the organization are customers, managers, employees, funding groups, and the community of the respective area. The policies and the working of the supermarket will be researched on and the malware will be identified in this process. The solutions will be provided then to understand the malware effect and the strategies to control it. The common threats that are encountered are phishing, malware in transactions, wi-fi threats, employee threats, and threats related to data retrieving from the customers (Janakiraman et al., 2018). All of these will be addressed concerning the working of the supermarket and what solution can be worked upon and how it can be implemented would also be discussed. The problems that are faced by the retail industry in terms of a security breach is an important issue to be researched on taking up Coles supermarket in the following it.
Table of Contents
Executive Summary.
Introduction.
Policies required to be formulated to enhance string security.
Strategies for implementing policies of security.
Conclusion:
References:
Introduction to Security Policies of Coles Supermarket
The following report is about analysing the research policies of the Coles supermarket based in Australia. It is a supermarket dealing with providing the day to day use and luxury items. The report is going to analyse, research, and formulate the security policies of the supermarket. The stakeholders in this organization are the customers, suppliers, community, service providers, employees, managers, owners, community where the supermarket runs. This is a retail business company mainly associated with providing daily based items to the people and the customers. It is mainly associated with providing daily essentials to luxury items as well to the customers. There are several security issues and threats that are being recognized and the following report will also put a light on the threats and the strategies adopted by the retail business in handling the threats by using different methods (Cheng et al., 2017). These methods can be implemented so that the organization can work well and provide proper service to its customers.
Policies Required to Be Formulated to Enhance String Security
- Coles supermarket has made a strong position in the retail business. In the times of COVID 19, it has helped the general public in getting all the daily amenities through online portals. It has also taken care of the community living in the nearby areas by bringing the necessary products for them from the retailer. This method has made the supermarket a known retail shop. While implicating the measures to serve the necessitates, many things have been implied by the supermarket to help lessen the crowd in the surrounding area. As stated by Hammouchi and his colleagues in his journals that with the initiation of the online transactions, there are chances of IT threats and malware that can occur. To make sure that the threats do not harm the public and do not enable the hacker to access information that can probe harm to the individual and their identification, several measures must be taken and adopted by the organization (Hammouchi et al., 2019). The threats that have been encountered are data theft, phishing attacks, low secured Wi-Fi, and transaction thefts. All of these come under the security threats of the organization. In further discussion, the main emphasis would be laid on the ways to deal with this malware and the methods employed to make sure that the threats do not occur. It would include training of the stakeholders that include employees and customers. The initiation of software and other utilities for protection from the malware would be done by discussing it with the funding team and the managers of the organization.
Strategies for Implementing Policies of Security
- The supermarkets in recent times have helped people gather all their necessities in one place. The working of supermarkets requires a lot of organizational procedures. One of the most important ones is the security policies that must be implemented to make sure that the running of the organization is not hampered. The organization chosen here is Coles supermarkets. The stakeholders included are the customers, funding department, the community, manager of the organization, and the activist. The main stakeholders chosen here are the customers, managers, and employees of the company, the service providers, and the funding departments.
The security policies would include several issues. The list of security threats includes direct theft from random shoplifters who get the entry by the dishonest clerks of the company. The maintenance to avoid accidental loss. The other digital issues include skimming of the debit/credit cards and data theft by using a wireless network. The issues have to be looked upon with utmost care and the policies must be made and implemented to make sure the organization runs smoothly. The issues will be separately addressed with the strategies.
Highlighting the theft issues in the supermarkets, there have been many incidents where people would enter and have shoplifted many things. As stated by Taylor in his journal, these are the threats to security as the shoplifters tend to take away giving losses to the company. This can be treated by providing the proper camera surveillance. The camera would have all sorts of activities recorded and can make proper use of it by surveying. It is also helpful in analysing the proper working of the staff in Coles supermarket. In the times of pandemic, it can also provide surveillance on the people around the shop. It can help analyse the norms maintained by the people around the organization such as social distancing (Taylor, 2016).
The next threat to security is data theft in supermarkets. The use of debit/credit cards in the markets avails the system to be hacked by hackers. Customer data hijacking occurs when the hackers put unnecessary advertisements in the form indebted with viruses that are capable of retrieving information. The ads coming on the website and if clicked will put a way through which the information would be received. Not only are these advertisements irritating but they negatively affect the user potentiality to visit the shop on online portals of the supermarkets(Juma’h and Alnsour, 2020). With the commence of COVID 19, people have become accustomed to online shopping. The online portal must be safe enough to provide security. Coles supermarkets must make their website free form these advertisements that make the shopping irritable for the customer. The inappropriate ads that are displayed must be removed using the software so that the problem of malware can be removed. For this initiation, proper IT professionals must be hired and they must provide the best of the service.
Another sort of threat that is achieved on an organizational basis is phishing. These are one of the oldest cybersecurity attacks. Being so old but they continue to pose a major threat and danger to the systems. According to Nguyen et al., (2017) phishing is mainly retrieving the data of the customer through their credit or debit cards. The attackers mainly steal sensitive information or they can target the organization to collect the sensitive and private portion of the ecommerce website of the organization (Nguyen et al., 2017). To avoid and put restraints on the phishing attacks, the owners of Coles supermarket must train their employees. They can ask the employees to check the email address of the people they have been sending emails to and they should be trained regularly to take care that they must not fall for the fake emails from the attackers. It can be done by doing a phishing simulation that will make them aware of the difference between fake id and the real ones by seeing the names and URLs. The IT can also be asked to put sandboxes to filter fake and real email ids by making sure the email that is sent to the customers are real ones. Phishing attacks are known to be the most vulnerable and result in huge losses to the business. This can be implemented in the ids by the efficient IT technicians that would help blockage in the transfer of the information. Training and simulation of the employees at regular intervals will also provide the security of the websites (Williams and Joinson, 2020).
Apart from these, there are primary sources of threats such as employees who have been disgruntled. They may pose threat to the company and as hackers for the fact they know the working of the organization. Such threats can be removed by checking the background of the employee and after the employee has been removed, the access of the employee’s account must also be deactivated to ensure the limits of the threats.
Talking about the transactions made by the customers, it is one of the threats that is posed by the organization. The transactions made through cards and plastic money can call for a lot of malware. According to Gualdoni and his colleagues in his journal, stated that with the maximum number of all electronic transactions done, the consequences of a security breach is evitable. It is initiated by contaminating the electronic transaction system with the use of malware. With retailers who operate from multiple regions, it becomes easier for the attackers to have access to the mode of transactions (Gualdoni et al.,2017). The customers must be asked not to provide anyone with the OTP or any other security code on the phone. Such phones must be avoided at any cost. For further safety reasons, information must be provided in the organization if customers receive any such calls. The safety information can be communicated to the customer through phones and also via SMS. In the distancing time of the pandemic, social media has helped implement the various measures for the security of the organization.
Janicke et al., (2018) in his journal state the ways that can be adopted to tackle this breach are to use end to end encryption that would enable the software designed for customers where data would never leak. It encrypts the cards used and the information as well (Janicke et al., 2018). The Coles authority must work on this in the present time to avoid this malware. Installing antivirus will stop the breach in the system. It would identify suspicious elements and alter the user about it. This way threats can be removed.
Securing wi fi is another way to protect from threats. Using Wi-Fi has become an important key tool in the last few years. Many organizations use it for connection with the staff and also with the working of the organizations. But it is unfortunate to say that it is an easy way for the attackers to give threats to security. Without Wi-Fi security, a hacker can easily get network access and monitor data that is vulnerable. According to (Sudar et al., the hacker can even access transactions and can attack the network with malware leading to stopping the functions of the organization. He can also lead fake passwords to get the information of the customers when they access the fake password. The supermarket must use a tough password for access to the wifi in the working. Multifactor use of numbers and alphabets makes it tough to hack. The organization must divide the network and secure it so that hackers might not be able to harvest what they had thought of. The initiation of automatic monitoring must be done to take care and look out for any suspicious activity that can threaten security. The constant monitoring can help recognize unnatural content in the security system which can be removed within the time limits (Sudar et al., 2017).
Conclusion on Security Policies of Coles Supermarket
The above report is a detailed structure for the proper working of the Coles supermarket. The research has provided the probable threats and has also found sufficient information regarding the controlling of the threat. These methods can be easily implemented to stop hackers from harvesting important information from the organization, its systems, and the stakeholder. The retail industry has proven to be helpful to its customers and the efficiency of the organization depends on the privacy maintenance of its stakeholder.
References for Security Policies of Coles Supermarket
Cheng, L., Liu, F., and Yao, D.D. (2017). Enterprise data breach: causes, challenges, prevention, and future directions. Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery, 7(5), p.e1211.
Gualdoni, J., Kurtz, A., Myzyri, I., Wheeler, M., and Rizvi, S. (2017). Secure Online Transaction Algorithm: Securing Online Transaction Using Two-Factor Authentication. Procedia Computer Science, 114, pp.93–99.
Hammouchi, H., Cherqi, O., Mezzour, G., Ghogho, M., and Koutbi, M.E. (2019). Digging Deeper into Data Breaches: An Exploratory Data Analysis of Hacking Breaches Over Time. Procedia Computer Science, 151, pp.1004–1009.
Janakiraman, R., Lim, J.H., and Rishika, R. (2018). The Effect of a Data Breach Announcement on Customer Behavior: Evidence from a Multichannel Retailer. Journal of Marketing, 82(2), pp.85–105.
Janicke, H., Smith, R., Maglaras, L., and Cook, A. (2018). Managing incident response in the industrial internet of things. International Journal of Internet Technology and Secured Transactions, 8(2), p.251.
Juma’h, A.H., and Alnsour, Y. (2020). The effect of data breaches on company performance. International Journal of Accounting & Information Management, 28(2), pp.275–301.
Nguyen, K.D., Rosoff, H., and John, R.S. (2017). Valuing information security from a phishing attack. Journal of Cybersecurity, 3(3), pp.159–171.
Taylor, E. (2016). Supermarket self-checkouts and retail theft: The curious case of the SWIPERS. Criminology & Criminal Justice, 16(5), pp.552–567.
Sudar, C., Arjun, S.K., and Deepthi, L.R. (2017). Time-based one-time password for Wi-Fi authentication and security. [online] IEEE Xplore. Available at: https://ieeexplore.ieee.org/abstract/document/8126007 [Accessed 11 Jun. 2020].
Williams, E.J., and Joinson, A.N. (2020). Developing a measure of information seeking about phishing. Journal of Cybersecurity, 6(1).
Remember, at the center of any academic work, lies clarity and evidence. Should you need further assistance, do look up to our Computer Science Assignment Help