Understanding Business
12th Edition
ISBN: 9781259929434
Author: William Nickels
Publisher: McGraw-Hill Education
expand_more
expand_more
format_list_bulleted
Question
Fairplay Turns to a Managed Security Service Provider
Fairplay Finer Foods is an independent grocery retailer that operates in the greater Chicago area. From its beginning, Fairplay's mission has been to provide quality foods at an affordable price along with exceptional customer service. Starting with a single store in 1975, Fairplay has since grown to seven locations. The opening of each new store led to increased sales and attracted new customers; however, expansion also raised new information system needs as well as information security risks.
Due to its size, it was not practical for Fairplay to create and run its own information technology organization, so it contracted with KCS Computer Technology, Inc., to provide these services along with the necessary computer hardware and systems. One of KCS's key accomplishments for Fairplay was to implement and manage a corporate network that the grocery chain uses to run applications and communicate across all of its stores.
Another important area of focus for KCS involved helping Fairplay manage issues related to the Payment Card Industry Data Security Standard (PCI DSS). Retailers accepting credit cards and other forms of electronic payment are required to comply with the PCI DSS. The PCI DSS standard ensures that businesses follow best practices for protecting their customers' payment card information. The necessity to comply with the PCI DSS standard along with concern over potential network security issues led Fairplay and KCS to seek out a managed security service provider (MSSP).
After a thorough investigation, Fairplay and KCS selected ControlScan, an MSSP headquartered in Atlanta. This choice was based on ControlScan's simple pricing model, stable of certified security experts, advanced technology, and solid reputation. As part of its contract with Fairplay, ControlScan agreed to serve as an extension of KCS, delivering cloud-based security technologies and related security support services, including:
Installing, configuring, and monitoring a system of next-generation firewalls
Investigating, responding to, and reporting on security-related events
Providing network usage reports for insights into company resource utilization
Upgrading the network on an ongoing basis by implementing the latest security
Enhancements
Providing expertise to reduce network complexity and contain network-related costs
ControlScan's initial project was installing next-generation firewall appliances to protect each of Fairplay's locations. This work was completed overnight in a single night to minimize business disruption. ControlScan then conducted a thorough PCI gap analysis to compare current Fairplay security controls with those required by the PCI DSS. ControlScan developed a detailed set of recommendations and options for eliminating the gaps, giving Fairplay management a roadmap to achieve full PCI DSS compliance. Finally, ControlScan did a full review of all of Fairplay's existing information systems and security policies, working with the chain's IT staff to tweak and customize policies where necessary.
Critical Thinking Questions
1. What advantages does the use of an MSSP offer a small retailer such as Fairplay? Can you think of any potential drawbacks of this approach? Is there a danger in placing too much trust in an MSSP? Explain.
2. Data breaches at major retailers, such as Neiman Marcus, Target, and others, in recent years have shown that compliance with the PCI DSS is no guarantee against an intrusion (see Jaikumar Vijayan, "After Target, Neiman Marcus Breaches, Does PCI Compliance Mean Anything?," Computerworld, January 24, 2014). If you were a member of Fairplay's management team, what additional actions would you take to protect your customer's credit card data?
3. Do research online to gain insight into the evolution of the PCI DSS standard. What major changes were made in moving from PCI 2.0 to PCI 3.0? What changes are being suggested for future versions of the PCI standard?
Expert Solution
This question has been solved!
Explore an expertly crafted, step-by-step solution for a thorough understanding of key concepts.
Step by stepSolved in 4 steps
Knowledge Booster
Similar questions
- Information technology systems need to be individualized to each healthcare organization to have value. Goals will vary depending on the organization’s strategic and business objectives, and they must align with the organizations' mission and vision. Please read the following article: Health Technology Diffusion: Case of Remote Patient Monitoring (RPM) for the Care of Senior Population Links to an external site.. Discuss the challenges that healthcare organizations face for IT investments to deliver value. Make recommendations on how organizations can overcome the cultural, financial, technical, and logistical barriers when adopting technologies to support their patient populations. How can organizations improve physician acceptance of new technologies?arrow_forwardYou work for IDC Distributions LLC. You’re responsible for sourcing new products. Your company is launching a new product. You’ve found two possible sources – a domestic manufacturer and a manufacturer based on South Korea. Below are more detailsabout each of the manufacturers. Domestic ManufacturerThe domestic manufacturer, Cornhusker Industries (CHI), is a qualified supplier. CHI will produce a finished good in Lincoln Nebraska. From there, finished goods will be shipped via rail to your distribution center in Dallas. It takes CHI 10 days to make an order and then 5 days in transit to your warehouse. Shipping costs are FOB Origin andcost $1,850 per TEU (twenty-foot equivalent units). Each TEU can hold up to 600 units of your product. CHI proposed a price of $85.00 per unit when responding to your request for proposal. Global SupplierThe other possible supplier is KBM, which is a highly qualified supplier located just outside of Seoul Korea. KBM ships product via rail to the Port of…arrow_forwardChina has a population of over 1.4 billion people, and more than 700 million of its citizens are Internet users. Given those statistics, it is perhaps not surprising that China is the world's leader in e-commerce, with 40 percent of global sales volume—double that of the United States. China is also the home of 4 of the world's top 12 Internet companies ranked by market capitalization: e-commerce giant Alibaba, social-media and gaming company Tencent, search specialist Baidu, and smartphone maker Xiaomi. China has accomplished all this while implementing a system of Internet censorship and surveillance measures, dubbed the Golden Shield Project and the Great Firewall, which are some of the strictest in the world. China's attempt to control access and limit content available to its citizens began shortly after the Internet's introduction in China. The country's Golden Shield Project and the Great Firewall are part of an immense, multifaceted Internet surveillance and content control…arrow_forward
- Responding to Business Challenges Potbelly Sandwiched in a Crowded Market In 1977, Peter Hastings and his wife owned a Chicago antique shop. They began using the shop's potbelly stove to toast and sell sandwiches to customers, and the store soon became popular for its gourmet fare. Today, Potbelly Sandwich Shop has more than 400 locations in the United States, Canada, the United Kingdom, and the Middle East. However, the successful chain is struggling with overexpansion and differentiating itself among a crowded sandwich market. Alan Johnson took over as CEO to reinvigorate the company. Johnson renamed sandwiches to make them stand out and reduced the number of menu items to exert greater control over quality. During the overhaul of Potbelly's management team, Johnson hired former executive sous chef Ryan LaRoche to help direct the creation and improvement of menu items. The company also directed employees to offer customers additional items to purchase along with their sandwiches.…arrow_forwardhttps://www.iol.co.za/technology/standard-bank-group-makes-amazon-their-preferred-cloud-provider-20144772 following the link help me with this question pleasearrow_forwardSeveral hundred Gap stores are located outside the United States; key country markets include Canada, the United Kingdom, Japan, and France. Gap is a global brand, but recently the company has struggled to connect with customers in the United States. Gap’s online sales fell 7.2%, according to Digital Commerce 360. Also, their digital sales fell by 99% in the quarter ended April 23, 2023. Despite these problems, the company continues to expand overseas. China presents an opportunity for Gap to increase revenues and profits in a major non-U.S. market. According to A.T. Kearney’s 2011 Global Retail Development Index for Apparel, China is the No. 1-ranked emerging market opportunity for apparel. Also, “American style” is in high demand in many parts of the world. Question: New CEO of GAP, Richard Dickson vision and focus is to reinvigorate the brand’s appeal in an effort to boost sales. His focus is on the Chinese market. In China, Gap’s management team has responded to this situation…arrow_forward
arrow_back_ios
arrow_forward_ios
Recommended textbooks for you
- Understanding BusinessManagementISBN:9781259929434Author:William NickelsPublisher:McGraw-Hill EducationManagement (14th Edition)ManagementISBN:9780134527604Author:Stephen P. Robbins, Mary A. CoulterPublisher:PEARSONSpreadsheet Modeling & Decision Analysis: A Pract...ManagementISBN:9781305947412Author:Cliff RagsdalePublisher:Cengage Learning
- Management Information Systems: Managing The Digi...ManagementISBN:9780135191798Author:Kenneth C. Laudon, Jane P. LaudonPublisher:PEARSONBusiness Essentials (12th Edition) (What's New in...ManagementISBN:9780134728391Author:Ronald J. Ebert, Ricky W. GriffinPublisher:PEARSONFundamentals of Management (10th Edition)ManagementISBN:9780134237473Author:Stephen P. Robbins, Mary A. Coulter, David A. De CenzoPublisher:PEARSON
Understanding Business
Management
ISBN:9781259929434
Author:William Nickels
Publisher:McGraw-Hill Education
Management (14th Edition)
Management
ISBN:9780134527604
Author:Stephen P. Robbins, Mary A. Coulter
Publisher:PEARSON
Spreadsheet Modeling & Decision Analysis: A Pract...
Management
ISBN:9781305947412
Author:Cliff Ragsdale
Publisher:Cengage Learning
Management Information Systems: Managing The Digi...
Management
ISBN:9780135191798
Author:Kenneth C. Laudon, Jane P. Laudon
Publisher:PEARSON
Business Essentials (12th Edition) (What's New in...
Management
ISBN:9780134728391
Author:Ronald J. Ebert, Ricky W. Griffin
Publisher:PEARSON
Fundamentals of Management (10th Edition)
Management
ISBN:9780134237473
Author:Stephen P. Robbins, Mary A. Coulter, David A. De Cenzo
Publisher:PEARSON