Today, TJX settled a lawsuit brought by 41 states for $9.75 million arising from a breach of its system in January 2007, exposing over 45 million credit and debit account information. The breach happened over an 18 month period when hackers were able to exploit a hole in TJX's wifi network, created by TJX's decision to continue using an old encryption protocol, WEP (Wired Equivalent Privacy) instead of  more acceptable standards like WPA (WiFi Protected Access). To understand the gravity of this mistake, you should check the encryption protocol you use for your own personal wireless network. You'll find that you use WPA even for your own home network. It's foolish at best, and criminal at worst, that TJX would have used an old encryption protocol when it held customer financial information. TJX is like those homes whose signal you pick up because they have an unsecured network, and you start moving closer to improve the signal strength.

TJX's collosal mistake has been a slow, continuous bleed. It already settled a separate lawsuit by banks in December 2007 for $41 million, and several consumer class action lawsuits. Beyond the monetary penalties, TJX will continue to lose uncalculable equity in the world of public opinion and with consumers who are afraid to lose their private information.

You do not have to repeat TJX's myopic business decisions. There are numerous, affordable technologies to secure data sitting in every nook and cranny of your corporate network. Most of these technologies are available on a SaaS delivered business model so there is no excuse not to secure your data... today. You may regret what happens tomorrow. Ask TJX.