GoodStuff Case Study

Established in 1980 as a retail store in downtown Bellevue, the company has grown and expanded from the analog system it used during its genesis, to the digital and online system that manages the 6 stores it has within Seattle. Goodstuff currently realizes 40% of its sales through online business using its website goodstuffwa. com which was started in 1998. This is accountable to the technology department which is composed of 8 professional staff members with a lot of expertise and knowledge when it comes to the information technology (IT) world. For an online business to have fully functional, secure and self-maintaining systems, there should exist, programmers, system administrators, web designers, system analysts and administrative assistants. Furthermore, there is a Great Plains accounting system installed alongside the POS system with the company’s server.

Currently, GoodStuff Inc. has 50 pc users spread across all its stores. 5 are in the headquarters and main location, with other 5 managers running the other outlet stores. 10 of the pc users own laptops while most of them have desktop computers running Windows 7 as the operating system. Furthermore, most of the system servers run on an old operating system and most of the company pc users have Windows 7 as well as customers who use the website to make purchases. This makes it difficult to maneuver their website as customers and also creates an integration barrier when employees of the company use their current operating system to handle the company’s older system. The risks that come with failure to upgrade to a better-modernized system runs from the security threats to data integrity issues.

Ransomware can easily attack an outdated system and result in blackmail and loss of funds and data. This is because ransomware is a form of cybercrime that keeps being continually upgraded by their programmers to be able to access systems and in the event, a system uses outdated protocols for firewalls and security, it can be easily hacked by ransomware and give them leverage. The problem GoodStuff faces create a huge risk in all CIA triad components and this needs to be addressed to ensure the company keeps in business on the online front and even in retail. CIA triad is a model that focuses on the basics of information security and the objectives to be achieved using precise strategies that ultimately create high-security levels.

Confidentiality looks at how a company has established security measures and protocols to protect any of its vital information from unauthorized access. Information can only be accessed by company personnel and third-party companies are given access to either check the system or repair it. Protection of information is the key factor in this piece of the triad and more so from unauthorized access. might be falling short owing to the fact that they use outdated systems that can be easily accessed by unauthorized personnel using up to date technology and hence interfere with the integrity of company information which might create multiple errors and cause company failure (Henderson, 2017). Finally, availability within the CIA triad depicts a scenario in which company information can be conveniently availed when it is required.

This entails access to authorized users when they need to access information. Hence, the system needs to be able to allow information to be accessed easily and conveniently. The same system should, however, make it difficult for unauthorized users to be availed with information the same way. This entails the use of current and updates security software, data encryption and access protocols that will safeguard company data despite the use of an outdated system. This new security feature, however, needs to be continually updated I order to handle the ever-changing security risks and threats. This is because it is safeguarding an outdated system which is very fragile. Another alternative to take, owing to security and data protection as the greatest challenge, would be to employ third party companies to offer security services.