Management Communication at EPZ Company - Case Study Example

NАGЕMЕNT СОMMUNIСАTIОN Essay Submitted By: NAME: INSTITUTION: COURSE: INSTRUCTOR: DATE: © 2015 INTRODUCTION Communication comes from Latin word “communicare”, implying ‘to share or making common’ (Adams et al, 2000; Pearson and Nelson, 2000; Wood, 1997). Drawn from this premise therefore, communication can be taken to be the practice of bringing a common understanding among individuals pursuing a similar cause. In the views of Bovee and Thill (2010; 2004), communication presents a number of forms, including verbal and nonverbal among others. In today’s business world, effective communication is considered fundamental in order for one to remain relevant in the corporate atmosphere. For this reason therefore, business executives from all walks of life need to hone their communication skills so that they can solve their problems effectively. Apart from having the ability to communicate well, successful communicators must understand their audience in the first place. Covey (1989) and Wyrick (2008) further agree that effective communication is bound to solve virtually all types of business problems that may arise in the corporate world. To prove this argument, the present essay will attempt to present a case in which a problem that occurred some two years back addressed through use of effective communication. In the essay, the current author presents a description of the said business incident, followed by an analysis of how the incident was handled, and a short conclusion at the end. DESCRIBING THE INCIDENT The major business incident reported in this essay happened some two years back in 2013 affecting EPZ garments hyper store with branches all over the world. This incident involved attempted ‘rip-off’ of customers’ money through cyber crime. Specifically, a group of cyber thieves succeeded in installing a malware in the company’s security and payments system so that they could hack into and steal the passwords of every electronic card used in shopping at any of the numerous branches of the company. Given that it was during the end year ‘mania’ when everyone was eager to buy Christmas clothes for their loved ones, it a critical moment for the cyber thieves to nab the most vulnerable targets. As reported by Elgin et al (2014), the malware was intended to be activated immediately when the customers’ made a swipe of their cards at the cashier’s desk for their entire baggage of shopping. Upon this ‘action’, the malware was then supposed to seize the customer’s credit card number, and then direct it to a secret server controlled by the cyber thieves as espoused by Elgin et al (2014). Since it is not uncommon for such incidences of cyber crimes to be carried out on major business concerns across the globe especially at this time of the year, EPZ was prepared for such an eventuality. Close to one year earlier, the company had invested heavily by installing ‘cyber crime detection software’, networked to all the company’s stores in the world. This mandate of ensuring this cyber security was given to the famous “computer security firm FireEye, whose other customers include the CIA and the Pentagon as noted by Elgin et al (2014). Additionally, EPZ Company contracted a team of cyber security technocrats based at the headquarters to keep watch of her computers twenty-four hours. In the event that this team of technocrats noticed a ‘red flag’ from any of the company’s store across the globe, an alert would be raised and appropriate security steps taken. Sometime prior to the start of end year shopping mania began, it is reported that the cyber thieves had done their homework and laid their snares, only waiting to strike. They had even completed planning the escape route for the stolen information to their secret server once ensnared as highlighted by Elgin et al (2014). Soon immediately after the Christmas and the Boxing days, the cyber thieves made their move of moving customers’ stolen information of personal details including identification numbers, phone numbers, card numbers as well as their addresses. Although the cyber thieves are said to have employed numerous ‘decoy’ routes to evade detection, their activity was immediately spotted by FireEye who send an instant alert to the company’s security team at headquarters. Surprisingly, no action was taken. EPZ just watched as numerous pieces of personal information belonging to their customers from all walks of life in the world emptied from their mainframes. Days later, numerous reports of customers who shop at the EPZ using credit cards started streaming in complaining of having lost fortunes in unexplained transactions. One such complaint was from a perennial shopper who came claiming that he had lost over US$1000 to a transaction carried out at a petroleum firm which he swears was not by him or his family members. Yet another customer reported of a rip-off amounting to US$600 purported to have been accrued from purchases of goods she has never dealt with. These among other many similar reports sent alarm bells ringing throughout the entire leadership of EPZ Company, which instituted an immediate investigation of the matter. But in order to forestall any further pestering from the public, the company’s then Chairman, President, and Chief Executive Officer Mr. Andrew issued the following statement through an e-mail cited by Elgin et al (2014): “EPZ became an ISO 9001 certified company in the month of June 2013 as having satisfied the standards for the payment card industry (PCI). In spite of this achievement, the company suffered a major data security lapse that has led to untold suffering by our customers at large. Because this reason, the company is in the process of conducting a thorough review its staff, systems, procedures as well as its technological ability to fathom what really transpired and hence identify the chances available for upgrading its data security systems. As the investigations are still ongoing, the company is currently in concerted efforts to restructure the present data security system and fast-track the introduction of the chip-enabled cards. And because the investigations are still in progress, it would therefore be unhealthy to engage in speculations before the conclusion of the said investigations”. It is with regret to note that these events seriously affected the sales from the company’s major stores, a fact seen to be next to impossible the management attempts to reverse it. ANALYSING HOW THE INCIDENT WAS HANDLED During the investigations, it was revealed that the company instituted the investigations only after the number of aggrieved customers became overwhelming. Only after this did the garments store came back to their senses and started figuring out what might have been problem. Guffey (2008) observes that after keen scrutiny of the computer logs, the company noticed the alerts that had been sent by FireEye after Christmas and Boxing days when the cyber thieves made their first transfer of the customers’ personal data from the company’s mainframe to their own secret server in a hidden location. Although this information was hidden from the general public, similar reports go ahead to indicate that the sirens that went off after FireEye sent the alert were loud enough and in good time to be missed by anyone who cared (Bauer et al, 2006; Washburn, 2008). Moreover, the agonizing situations in which a good proportion of the company’s customers found themselves as well as the costly manhunt for cyber thieves would have been averted had the company’s security team acted promptly. Their sloth and ineffectiveness led to the drastic measures taken by all the stakeholders in the hyper garment store as witnessed in the forthcoming section hereunder. Being remotely aware that there might have been an ‘inside operative’ in the company who might have helped compromise the data security details at the company, the then CEO decided to look from within. This decision was informed by the ‘social penetration theory’ of communication which stipulates that an understanding of other people in our proximity helps us communicate effectively (Tahmincioglu, 2009). The formulators of this theory give an analogy of the “onion model” where effective managers works from the periphery of the company towards the core as they learn their subjects better (Pinker, 2009). In a sense, it is like ‘peeling away the layers of the onion’ in order to gain more knowledge about others as you go deeper interacting with them. Applying this theory therefore, it was possible for the company’s management to start investigating the newly recruited members of the company’s data security team of technocrats before starting to analyse the older staff that formed the core of the company. This was simply like moving from the superficial layer to the more revealing layer. According to Paul and Elder (2007), this strategy is cost-effective because you can simply find your culprit at the superficial layer and hence safe the company the agony and cost of going through a rigorous investigative process. The foregoing strategy paid off for the incident being reported in this essay. First, it was revealed that two of the team of data security technocrats had staged the successful information theft from the company’s mainframe on days they were on duty at the company’s data security office. Incidentally, these days were same when the alert was sent from FireEye on Christmas and Boxing days. This perfectly explains why there was no action taken in response to FireEye’s alarm as noted earlier in other sections of this essay. These two custodians of data security at EPZ were working in cohort with other criminals outside the company. It is also notable one or more cashiers were compromised in some of the stores were the stolen credit card numbers were used to transact business. It is argued that it is quite out of the ordinary for a cashier not verify the authenticity of the ‘credit card holder’, especially when the ‘customer’ is making huge purchases which run into hundreds or even thousands of Dollars. In my view, it is obvious that such a cashier might have been compromised. Such kind of mindset was found to be resident among the leadership of EPZ Company because all the cashiers manning teller machines at the time when such fraudulent transactions were performed were fired alongside the two data security technocrats. Applying Professor Douglas McGregor’s Theory X of management, a significant number of employees were laid off summarily for being suspected to have been involved remotely with the incident. According to Theory X of management, McGregor “asserts that workers are motivated by their basic needs and have a general disposition against work. In view of this, workers are considered lazy and predicted to avoid work if they can, giving rise to the perceived need for constant, direct supervision” (Powel, 2009). Given that most managers ascribe to the Theory X style of management, they are therefore considered to be “authoritarian or autocratic, and would not seek input or feedback from employees” (McLean, 2005). This being the case in EPZ Company, the suspected employees were given summary dismissal even in their absence as they were being by the police for abetting crime, if not perpetrating it. This was the only ideal course of action by the company because their inclination as Theory X managers is “to use control and incentive programs to provide punishment and rewards” (Howell, 2006; Moore, 2003). To forestall a repeat of the same incident, the concerned company had a number of options. First, it increased the number of people working in the data security department by about ten times (Bailey, 2008). Their skills were also re-emphasised by organizing retraining programmes for them in matters of information security. The company’s relationship and handling of alerts from FireEye was strengthened by having its Internet traffic passing through FireEye’s technology, considered to be superb (Albertson, 2008). CONCLUSION A number of pertinent issues have emerged fundamental throughout this essay. One that effective communication is very critical for the survival of the corporate world. Secondly that the threat of cyber crime to the Business environment is real and is compromising the security of data in almost all Business setups and stringent measures must be employed to stem this. Finally, a good management ‘mix’ coupled with the right communication strategy remains the only sure way to succeed. BIBLIOGRAPHY Adams, K., Galanes, G and Brilhart, J. (2000) Communication in groups: Applications and skills (4th ed.). Boston, MA: McGraw-Hill Albertson, E. (2008) How to open doors with a brilliant elevator speech. New Providence, NJ: R. R. Bowker. Bailey, E. P. (2008) Plain English at work: A guide to business writing and speaking. New York, NY: McGraw-Hill. Bauer, J. E., Duffy, G. L., and Westcott, R. T. (2006) The quality improvement handbook. New York, NY: ASQ Quality Press. Bovee, C., and Thill, J. (2010) Business communication essentials: a skills-based approach to vital business English (4th ed.). Upper Saddle River, NJ: Prentice Hall. Covey, S. (1989) The seven habits of highly effective people. New York, NY: Simon & Schuster. Elgin, B., Riley, M., Lawrence, D., and Matlack, C. (2014) Missed Alarms and 40 Million Stolen Credit Card Numbers: How Target Blew It. Features, Business week Guffey, M. (2008) Essentials of business communication (7th ed., p. 320). Mason, OH: Thomson/Wadsworth. Howell, L. (2006) Give your elevator speech a lift. Bothell, WA: Publishers Network. McLean, S. (2005) The basics of interpersonal communication (p.10). Boston, MA: Allyn & Bacon. Moore, R. (2003) Racism in the English language. Boston, MA: Allyn & Bacon. Paul, R., and Elder, L. (2007) The miniature guide to critical thinking: Concepts and tools. Dillon Beach, CA: The Foundation for Critical Thinking Press. Pearson, J and Nelson, P. (2000) An introduction to human communication: Understanding and sharing. Boston, MA: McGraw-Hill. Pinker, S. (2009) The stuff of thought: Language as a window to human nature. New York, NY: Penguin Books. Powel, J. (2009) 33 million people in the room: How to create, influence, and a run a successful business with social networking. Upper Saddle River, NJ: FT Press/Pearson Education. Tahmincioglu, E. (2009) Your boss wants you on Twitter: Companies recognizing value of having workers promote products. MSNBC Careers. Thill, J. V., and Bovee, C. L. (2004) Business communication today (8th ed.). Upper Saddle River, NJ: Prentice Hall. Washburn, S. (2008) The miscommunication gap. ESI Horizons, 9 (2). Wood, J. (1997). Communication in our lives (p. 22). Boston, MA: Wadsworth. Wyrick, J. (2008) Steps to writing well (10th ed.). Boston, MA: Thomson Wadsworth. Read More