StudyDaddy Computer Science After identifying your organizations' vulnerabilities through previous weekly assignments, you now need to develop security measures to mitigate those vulnerabilities.Categorize by people, process, or

After identifying your organizations' vulnerabilities through previous weekly assignments, you now need to develop security measures to mitigate those vulnerabilities.Categorize by people, process, or

KROGER’S VULNERABILITY REPORT 0






Kroger’s Vulnerability report











Kroger’s vulnerability report

  Kroger is the top grocery store in the United States. It has more than 1,300 stores in almost half of the states in the country, mostly in the Midwest, but they ar also in the South, Southwest, and Southeast. Not all the stores are under the Kroger name, some stores go by such names as King Soopers, Dillon Stores, and Fry's through its Dillon Companies, Inc. subsidiary.

The significant security vulnerabilities that the organization faces are related to its advancements in the online marketing and the adoption of the modern technologies as well as various physical securities in the organization. Basing on the set rules and standards a secure network is considered to have secured network software, applications and hardware systems that determine the type of connection to allow or deny access according to Paganini (2016). From the definition, Kroger inc. is deemed not to meet some of the expectations of a secured network. One of the security vulnerability resulting from the network system is a potential loss of the customer data. Customer data is considered as one of the most critical aspects of an organization. The threat of the loss of customer data is rated medium. In this case, the customer data is at risk of being viewed by unauthorized persons. The potential vulnerability, in this case, is that the data can be accessed and used by third-party individuals to harass or other marketers use the information to solicit spam from the customers (Courtemanche & Carden, 2011).

Kroger ID is another security vulnerability faced by the company. The vulnerability is categorized as high. The unique ID that is provided by the organization to their customers as they register on the company’s website can be viewed by third party individuals or unauthorized persons. The customers' ID can be used by other unauthorized individuals to skew purchase history or rewards points.

Another vulnerability in the system is found within the network security of the organization's system. There is a standing threat for the database to be accessed externally. The external access to the network can result in the database being hacked or accessed by other unauthorized individuals who can spoof customer and organizations information as noted by Conklin, & White, (2012).

Physical security is another aspect of the organization that poses security vulnerability. The physical securities include people, processes, and technologies adopted by the company. In the organization physical offices and stores, the employees need to walk around when carrying out their duties. However, in some instances, the individuals might access some areas where they are not authorized. The risk of unauthorized access is rated as low. The resulting vulnerability from access is that some individuals might tamper with organization’s servers or accounting departments (Stewart, Chapple, & Gibson, 2015). Therefore there is need to apply various strategies which can be applied to minimize this risk. One of them is to adopt the magnetic badges which allow individuals to access only the rooms and areas they are authorized by the organization.

In conclusion, the organization has implemented various strategies that have made it prosper both in the local and international markets. However, some of the programs implemented by the organization pose vulnerability. As mentioned, the primary vulnerability includes the system network, customer data loss, the risk of external access. Another mentioned vulnerability is the physical access by individuals to areas where they are not authorized which may result in the loss of organization data.


















References

Conklin, A., & White, G. (2012). Principles of Computer Security: CompTIA Security+ and Beyond, Third Edition. New York, NY: McGraw Hill.

Paganini, P. (2016, February 23). The Top Five Cyber Security Vulnerabilities., Retrieved February 27, 2017, from http://resources.infosecinstitute.com/the-top-five-cyber-security-vulnerabilities-in-terms-of-potential-for-catastrophic-damage/#gref

Stewart, J. M., Chapple, M., & Gibson, D. (2015). CISSP®: certified information systems security professional study guide. INpolis, IN: Sybex, a Wiley brand.



Have a similar question?

Continue to edit or attach image(s).

  • Fast and convenient

    Fast and convenient

    Simply post your question and get it answered by professional tutor within 30 minutes. It's as simple as that!

  • Any topic, any difficulty

    Any topic, any difficulty

    We've got thousands of tutors in different areas of study who are willing to help you with any kind of academic assignment, be it a math homework or an article.

  • 100% Satisfied Students

    100% Satisfied Students

    Join 3,4 million+ members who are already getting homework help from StudyDaddy!