Look Into Walmart's Information Security (Term Paper Sample)

Walmart’s Information Security
Student’s Name:
Institutional Affiliation:
Date:
Walmart’s Information Security
Walmart is a reputable organization that has clients across the globe. Fundamentally, the company has several ways of handling information and one can note that it borrows concepts from other Big Data Companies. Information handling is crucial as it determines the credibility of the organization as well as the safety of its clients. The field of IT and Technology has set standards for handling information. Companies are required to follow set guidelines for a mutual coexistence while avoiding things like fraud. Information is critical and essential to the longevity of an organization and as such, Walmart has its information security policy. Walmart’s information security policy is herein compared to NIST standards to determine whether the former follows the latter’s provisions.
Walmart’s Information Security Policy
Walmart’s information security policy covers the following:
* Collection of personal information
* Usage and protection of personal information
* The sharing of information; when and whom
* The choices a client can make on how Walmart collects, uses, and shares clients’ information
The collection of information is a process where clients are requires to key in their details to provided entries. This happens on the organizations websites. Things such as email addresses, phone numbers, place of residence, preferences and registration numbers define are collected when clients log on to the company’s website CITATION Wal151 \l 1033 (Walmart, 2015). After keying in the entries, an individual is required to agree to the set terms and conditions of the company for the information to be submitted. If the individual agrees he or she has consented to giving information to Walmart and is bound by the company’s set terms and conditions. Behavioral patterns are also detected and recorded through the use of cookies; this is meant for shaping customer experiences. The collected information is essential to the organization but should be treated with utmost care and safety since its loss or theft may lead to serious losses as well as litigation. The organization is aware of this and as such, has ways and means of using and protecting the personal information obtained.
Significantly, Walmart uses information secretively and sensitively for its benefits. It tracks site that its visitors visit and monitors their preferences. The company further uses the information to shape the organization’s customer experiences. Missing products are added, competitors are identified leading to the company improving quality, and trends are noted for flexibility purposes CITATION Neu15 \l 1033 (Neumarka, 2015). Protection of the collected information is done by the company and sometimes collaboratively through its partners, stakeholders, or outsourced companies. Legal procedures are laid out in agreements between Walmart and its partners to assure the protection of client information. Breaching of the agreements is subject to litigation which can lead to revoking of an organization’s license. Walmart not only finds protection of personal information legal but also ethical, moral, and respectful.
Walmart is strict in the sharing of personal information. It scrutinizes people who need personal information and all imminent dangers assessed. The time of sharing information is determined. The company can share information with government agencies that are investigating something such as the FBI and CIA. Moreover, Big Data Companies might need the information for statistical purposes, and as such can be given information under the company’s set regulations CITATION Nat17 \l 1033 (National Institute of Standards and Technology, 2017). Other people who might need information are marketers and as such, the company can give out personal information on agreed terms. All this is to safeguard the clients’ personal information and organization’s integrity. Importantly, Walmart has a provision where its clients can give suggestions in anonymity or with their identity regarding how the company should collect, use and share information CITATION Hay151 \l 1033 (Hayden, 2015). This means the company prioritizes the concerns of its clients, clients who do not wish their information shared are free to say so on Walmart’s platform and their wishes will be granted.
NIST Standards
The National Institute of Standards and Technology (NIST) has been operation for over a century where its initial name was the National Bureau of Standards (NBS). This organization is steadfast in providing information security procedures. It has competent and well versed IT security professionals who are always informed of imminent risks and plan measures to ensure the safety of information for its citizens. As such, organizations in or embracing technology are required to follow provided industry standards in order to ensure the law is followed to the latter. The standards include but are not limited to:
* Information security should support the mission of the organization
* Information security should be regularly assessed
* Information security is constrained by factors of the society
* Clearly defined roles in an organization (Risk Executive Function, CEO, CIO, Senior Information Security Officer, Authorizing Official, and Information Security Architect)
* Program Policy (Compliance, Responsibilities and Scope)
* Issue-Specific Policy (Internet Access, Use of individual Devices, E-mail privacy, and Social Media)
* Interdependencies (Access controls, and Program management)
* Internal Controls Audit
* System logs reviews
* Penetration testing
* Authorization and Assurance (How do technical features operate? Observance of operational policies and procedures, and are there loopholes in the overall security?)
These standards are matched by guidelines and procedures that should be adhered to. However, NIST provides that organizations that are small and have little amounts of personal information can integrate certain roles since the number of employees matter CITATION Nie14 \l 1033 (Nieles, Dempsey, & Pillitteri, 2014). Small companies can have tasks distributed among employees where one employee can have more than one task in the observance of set industry standards. Cognitively, Walmart is a medium size organization when it comes to matters technology and personal information although many people shop from it. It cannot be compared to companies like Google, Apple and Facebook which have huge detail of personal information due to their vast use of cloud based services. Walmart follows some of NIST’s standards and as such comparisons will be made and recommendations to improve information security at Walmart shall be proposed.
Comparison between Walmart and NIST
NIST expects an organization’s information security to support its mission. Walmart is clear in its course to ensure that clients have a safe and exciting experience online. This is why they company’s motto is “save money, live better” informs the company’s mission statement “saving people money so that they can leave better.” Evidently, the organization’s mission purposes to make people’s lives better through the saving of money; this means that Walmart information security is pertinent to ensuring clients save their money through effective protection of their information that saves them vices like fraud CITATION Hol13 \l 1033 (Holmes, 2013).
At Walmart, information security is regular assessed to ensure a stable and secure system that does that ensures there are minimal to zero inefficiencies in security. This is compliance to NIST standards which is progressive and ascertains the safety of the organizations data as well as clients’ information. Furthermore, Walmart has a well-defined job structure as pertains to information security. There are information security officials’ a Chief Information Officer and Information Communication Technology experts. The latter takes order from and reports to the Chief Information Officer (CIO). The CIO ensures tested security measures are deployed and coordinates information security testing. The ICT experts always ensure the organization is updated with recent security measures; they are also responsible for outsourcing ICT professionals to ensure there is minimization of the organization’s wage bill.
NIST requires organizations to have their security systems controlled by societal factors. This means an organization is supposed to be ethical and moral in its doing. Walmart has managed to be sensitive to societal factors and as such, it ensures its client’s information is secretly kept in the company’s database. Information that is sensitive such as marginalized groups’ preferences is kept a secret and not shared. An example of such groups is the LGBQT fraternity. Moreover, Walmart has a well-designed information security system that strives to maximize security through internal control audits. These audits are essential in ensuring the strength of an organizations information security system as per NIST standards. The organization ensures it hires the best people for the job if not outsourcing them CITATION Bas15 \l 1033 (Basker, 2015). This process has activities such as break-ins that testing an organization’s stability and strength against cyber-attacks or hackers. Information remains an important element of Walmart; this makes the organization keen about its organization’s information systems.
Walmart frequently does system log reviews; this is to ensure that the organization knows to whom information was shared and when it occurred. This show...