Home Depot Research Articles

Node.js Security

In the last few years we have witnessed tremendous technological growth: mobile devices, clouds, virtual reality and the Internet of Things. We can shop, buy tickets, talk to family and friends from a mobile phone, a tablet or a TV. But there is a dark side. Sony, Apple, Adobe, Target, Home Depot and many other companies, large and small, have been hacked in recent years. The number of cyberattacks is not reducing, it is increasing every day — and the situation will only get worse. Node.js is one of the fastestgrowing platforms for controlling the security of applications. This paper takes a look at the application security world and the use of Node.js in authentication, authorisation, sessions management, cryptography and other security-related topics.

An Updated Look at the Factors Contributing to the Final Selling Price of Auctioned Gift Cards

ABSTRACTMuch has changed in 10 years, and this study follows up on one previously published that employed linear regression on Home Depot gift cards sold on eBay, which utilized the standard auction format as a proxy for a homogeneous good. The previous study looked at data beginning in 2006 and found results indicating that a number of variables associated with the card influenced the percentage of total value obtained for the card. Gift cards are used much more widely today than previously, and eBay has many more fixed price listings than auctions. It is now much more difficult to see variables related to buyers, leave negative feedback, and accept anything but electronic payment. This article looks at a number of the variables examined in the first study and updates the findings using a dataset of Home Depot cards auctioned over a 2-month time period in 2016.

The spread of “big box” retail firms and spatial stratification

AbstractLarge “big box” retail firms, including general merchandisers (e.g., Walmart and Target) as well as “category killers” (e.g., Home Depot and Toys “R” Us), have spread rapidly across the United States over the past 4 decades. These firms have been lauded for their presumed consumer benefits linked to expansive product selections and discount prices. They have also been criticized for their perceived negative effects on locally owned businesses, jobs, and wages. We provide an overview of the existing literature and point to promising directions for the development of theory and research on this topic. We, in this article, highlight the importance of this shift in economic organization and encourage sociologists to critically examine the stratification consequences of the rise and spread of these firms.

A Chip Off the Old Block or a New Direction for Payment Cards Security? The Chip & PIN Debate, Apple Pay, and the Law & Economics of Preventing Payment Card Fraud

The issue of consumer payments and data security has reached a high level of public and regulatory interest as a result of a number of recent high-profile data breaches that compromised consumer payment card numbers, such as at Target, Home Depot, and Michael’s. In addition, the ecosystem of consumer payments security has changed dramatically in recent years as a result of the introduction and rapid spread of contactless payment technologies, such as ApplePay. In response to growing concerns about payments fraud, payment card networks in the United States have moved toward the rapid replacement of traditional magnetic stripe payment card technology to new EMV computer chip-based technology, which creates a unique encrypted identifier for each transaction, thereby making it more difficult for thieves to steal card numbers and create counterfeit cards. Notably, however, American card issuers and networks have chosen not to adopt the PIN method of verification that has been standard in the United Kingdom and much of Europe for the past decade or so, but instead have adopted signature as the preferred method of customer verification. Many large retail chains and retail trade associations have nevertheless lobbied for regulatory or statutory action to impose a PIN-verification requirement in addition to the addition of EMV chips. This article conducts an economic analysis of the regulation of consumer payment cards and payment cards fraud. We examine the marginal benefits from heightened levels of payment cards security (such as requiring PIN verification for purchases) and marginal costs as well, such as the impact on speed, convenience, and functionality for consumers and merchants, especially uptake of electronic payments by smaller merchants. We examine the dynamic evolution of payment cards anti-fraud technology over time and suggest that there is little evidence of market failure in the provision of payments security by card networks and issuers and little reason to believe that mandating one exclusive, decades old, static verification technology (namely Chip & PIN) would be likely to improve overall consumer welfare and economic efficiency today. We conclude that rather than blindly adopting the particular verification technology Europe put into place many years ago, U.S. regulators should be alert to the evolving and contemporary nature of consumer payments and fluid nature of threats to data privacy and not freeze or hamper the adaptability of the payments system.

Zone Pricing in Retail Oligopoly

We quantify the welfare effects of zone pricing, or setting common prices across distinct markets, in retail oligopoly. Although monopolists can only increase profits by price discriminating, this need not be true when firms face competition. With novel data covering the retail home improvement industry, we find that Home Depot would benefit from finer pricing but that Lowe’s would prefer coarser pricing. The use of zone pricing softens competition in markets where firms compete, but it shields consumers from higher prices in markets where firms might otherwise exercise market power. Overall, zone pricing produces higher consumer surplus than finer pricing discrimination does.

Stihl Incorporated: Go-to-Market Strategy for Next-Generation Consumers

Andreas Stihl AG is the world's leading manufacturer of chain saws and other outdoor handheld power equipment. Based on marketing challenges in its high-volume retail channel—mass merchants such as The Home Depot and Lowe's—Stihl's U.S. unit has narrowed its distribution system to a single channel: independent retail dealers specializing in yard maintenance equipment. This risky and highly publicized decision has proved extremely successful, raising profits, attracting more dealers into exclusive relationships with Stihl, and strengthening the brand's top-quality positioning. But Stihl management are concerned that this channel system may not fit tomorrow's demographics, dominated by homeowners from the so-called Generation X and Generation Y. The case outlines Stihl's business and channel systems and customer needs, then poses a series of questions that management believes must be answered to determine whether to maintain or move away from reliance on its specialty retailers and how to adapt its system.To understand issues related to retail channel strategy development in fast-changing consumer markets, as well as the challenges of adapting legacy routes-to-market systems to changing consumer service output demands.

Waste-to-Hope: Measuring Sustainability Benefits of Product Philanthropy Partnership

This study investigates the sustainability-related impacts of the Framing Hope program, an innovative private and nonprofit sector partnership between the nonprofit Good360 and The Home Depot. Specifically, this paper estimates the energy savings, landfill space not filled, and the energy- and landfill-related cost savings associated with the Good360 product philanthropy program with The Home Depot, illustrating that benefits accrue to both company and communities by linkages between environmental, socioeconomic, and energy dimensions. Findings suggest that by redirecting products from the waste stream into usable community resources, considerable landfill space, costs, and energy savings were realized. Product donations can serve as an important platform for sustainable community development and capacity building. This research adds to the growing body of knowledge on environmental performance, corporate giving, and cross-sector partnerships in sustainable and social entrepreneurship.

Plug Power loan deal with NY Green Bank to boost fuel cell use

In the US, Plug Power in upstate New York has closed a $25 million senior loan facility agreement with NY Green Bank, to support the deployment of 1300 fuel cell systems in New York over the next three years at distribution centres for clients such as Walmart and Home Depot.

Efficient method for transfer of microinjected eggs to mouse ampulla for generating transgenic mice.

BackgroundThe new method described here is highly efficient in transferring microinjected mouse eggs (MEs) through the bursa membrane of a surrogate mother mouse to the ampulla of the oviduct without damaging the blood vessels on the bursa membrane.ResultsThis method causes no loss of blood, and it produces newborn pups/founders from approximately 70% of the transferred MEs, because only a small hole is made on the blood vessel–free area of the bursa membrane and ampulla of the surrogate mother mouse. The infundibulum remains intact. The small hole on the bursa membrane/ampulla may already heal up before the delivery of the new pups. The method described here consists of a simple operation with a home-assembled drill head holding a self-closing fine forceps on one end, while the drill head assembly body is hooked up with the light housing clamp of a dissecting light microscope. The drill head assembly body can be alternatively hooked/tied up to an appropriate size of clamp (purchased from Home Depot) screwed to any light stand with folding segments.ConclusionThis system is able to steadily hold the self-closing fine forceps without shaking and to let the operator use their two hands to steadily hold and quickly insert the pipet carrying the MEs into the ampulla without any delay. Generally MEs stay alive for approximately 15 min at room temperature. The shorter the insertion time is, the more MEs that will survive. Thus, this method may produces more pups/founders.Electronic supplementary materialThe online version of this article (doi:10.1186/s40064-016-3760-6) contains supplementary material, which is available to authorized users.

News Briefs

Toyota pledges $22 million for research into robotics, autonomous driving. Home Depot Foundation awards over $1.75 million for veterans housing. Texas Instruments pledges $5.4 million for STEM programs. Tyson Foods commits $15 million for Arkansas children's hospital. Citi Foundation awards $3 million for youth employment program. CME Group Foundation awards $3.6 million for math programs. Companies donate $10 million for grand opening of Museum of African American History. MasterCard Foundation commits $15 million to financial inclusion initiative. Lowes to fund renovations at Boys and Girls Clubs nationwide.

Adaptive memory artificial bee colony algorithm for green vehicle routing with cross-docking

Cross-docking distribution is becoming increasingly prevalent in supply chain management (SCM) due to the replacement of storage and order-picking with efficient product consolidation. Several successful cross-docking applications have been put into practice by companies such as Wal-Mart, FedEx, and Home Depot. Cross-docking consists of interrelated operations which require proper synchronization. Only a few early attempts have addressed the vehicle routing problem in this context. Moreover, the social consciousness of sustainable development has brought up the issue of green SCM which is not only environment-friendly but also beneficial to business values. This paper first addresses a previously studied problem and then proposes a new problem version for planning the least cost green vehicle routing in which the deployed vehicles transport the final products from suppliers to customers through a cross-dock subject to a CO2 intensity constraint. We develop an adaptive memory artificial bee colony (AMABC) algorithm to tackle both problems. Compared to a Tabu search proposed in the literature, the AMABC algorithm can reach higher fuel efficiency by managing the loading along the route and yield less cost and CO2 intensities. Statistical tests of simulation and geographic data show that the AMABC method is robust against the problem size and convergence of the objective value is guaranteed with high confidence.

Be a Change Agent: The Founder of Home Depot Turns to Integrative Health: An Interview with Bernie Marcus

Be a Change Agent: The Founder of Home Depot Turns to Integrative Health: An Interview with Bernie Marcus

American-style options in jump-diffusion models: estimation and evaluation

We propose dynamic programming coupled with finite elements for valuing American-style options under Gaussian and double exponential jumps à la Merton [J. Financ. Econ., 1976, 3, 125–144] and Kou [Manage. Sci., 2002, 48, 1086–1101], and we provide a proof of uniform convergence. Our numerical experiments confirm this convergence result and show the efficiency of the proposed methodology. We also address the estimation problem and report an empirical investigation based on Home Depot. Jump-diffusion models outperform their pure-diffusion counterparts.

The Relationship between Board-Level Technology Committees and Reported Security Breaches

ABSTRACT After several high-profile data security breaches (e.g., Target Corporation, Michaels Stores, Inc., The Home Depot), corporate boards are prioritizing the oversight of Information Technology (IT) risk. Firms are also increasingly faced with disclosure decisions regarding IT security breaches. This study proposes that firms can use the creation of a board-level technology committee as part of the firm's information technology governance (ITG) to signal the firm's ability to detect and respond to security breaches. Using reported security breaches during the time period 2005–2014, results indicate that firms with technology committees are more likely to have reported breaches in a given year than are firms without the committee. Further analysis suggests that this positive association is driven by relatively young technology committees and external source breaches. Specifically, as a technology committee becomes more established, its firm is not as likely to be breached. To obtain further evidence on the perceived value of a technology committee, this study uses a returns analysis and finds that the presence of a technology committee mitigates the negative abnormal stock returns arising from external breaches. Findings add to the evolving ITG literature, as well to the signaling theory and disclosure literatures.

THE QUEST FOR RELIABLE CYBER SECURITY

The sun set on another long day at the headquarters of ReliaQuest where Brian Murphy leaned back in his chair and exhaled deeply as he considered the cyber security breaches that had consumed the media in recent weeks. Retail giants like Target, Lowe’s and Home Depot had fallen victim to serious data breaches. He pondered how his company, ReliaQuest, could make a difference in a world saturated with an invisible army of hackers. Companies had to fend off attacks 100% of the time, but the hackers only had to be successful once. As Brian contemplated the brand new Secure Operations Center (SOC) being built in his offices in downtown Tampa, he reflected on his recent pitch to a multi-billion dollar global medical device company. The company wanted all of ReliaQuest’s solutions—the Assess, Secure, and Manage options. This would be a multi-million dollar contract over several years. But the CIO and CEO had been very clear, with the contract would come a demand for a 100% guarantee that ReliaQuest solutions would prevent any information system breach and eliminate the possibility of any loss of data for their customers, suppliers, or employees. Cyber security, as Brian thought of it, was the largest and most expensive cat and mouse game in the corporate world, and often undervalued by companies until a breach occurred. How could ReliaQuest offer solutions that companies would value with or without a breach? How could Brian’s team provide alternatives to companies who frequently did not even understand the wide variety of cyber security threats? What kinds of risks to data and information security were acceptable? What was the cost/benefit analysis on a breach? What sort of role should the client company play in protecting their data and that of their customers, vendors, and employees? Was there such a thing as too much security? Certainly there could be too little security, right? Could ReliaQuest, or any cyber security company, “guarantee” zero breaches, or losses of sensitive data and information? What could ReliaQuest offer its clients when every solution promised came with the risk of a breach and loss of data?

Reboot: Major League Soccer’s 2018 Relaunch of Chivas USA as the Los Angeles Football Club

The Los Angeles Football Club (LAFC) will begin play in 2018 as a new franchise in Major League Soccer (MLS). LAFC will replace Chivas USA as the second MLS franchise in the Los Angeles area. Chivas USA competed in 10 seasons of MLS, beginning with the 2005 season. Chivas USA was modeled after its parent organization, Club Deportivo Guadalajara (otherwise known as Guadalajara or Chivas Guadalajara) of the first-division Mexican League. MLS is highly regarded for its diversity initiatives, and Chivas USA was to focus on reaching the large Hispanic/Latino audience in the Los Angeles area. The club played alongside the Los Angeles Galaxy, one of MLS’s inaugural franchises, in the Home Depot Center (now StubHub Center) in Carson, California.

Bill George: the era of self-serving leadership is over but global markets pose the next authenticity challenge for leaders

Purpose – This interview covers research published in three major books by Bill George. The first was in response to a massive governance crisis as high-flyers like Enron, WorldCom and Tyco crashed. George’s first book, offered an alternative to self-serving leadership, was “Authentic Leadership” in 2003. Having been a highly successful CEO, he watched with grave concern as the stock market and media mistakenly venerated CEOs like Bob Nardelli at Home Depot and Hewlett-Packard’s Carly Fiorina for their charisma, style and image rather than their character and substance. Design/methodology/approach – In 2005-2006 he created a research team at Harvard Business School to determine how to develop authentic leaders. This project still stands as the largest, in-depth research of leaders ever undertaken. The result was his second book, True North, published in 2007. Findings – A third book, Discover Your True North, the result of a second Harvard study displays the dramatic changes for the better in leadership in the past decade. Practical implications – The best of today’s corporate leaders are less hierarchical and bureaucratic than their predecessors. They focus primarily on gaining alignment around their organization’s mission and values, and empowering their employees to step up and lead rather than merely following rules and processes. They operate less in their self-interest, and more in service to others and pursuit of greater societal good on a global scale. The new leaders are authentic and open, rather than focused on leadership style and charisma. Originality/value – Bill George’s research has defined an effective alternative to self-serving leadership, one that can be a model for 21st Century leaders facing the demands of a rapid change, continuous innovation global marketplace. Authentic leaders make good strategists.

Cyberspace's Dynamic Duo: Forging a Cybersecurity Public-Private Partnership

As of 2015, cyber threats have become more prevalent due to high-profile cases like the Target, JPMorgan Chase & Co., Home Depot, and Sony Entertainment breaches. In order to prevent what former Secretary of Defense Leon Panetta characterized as a “Cyber Pearl Harbor,” the US government has to engage the private sector in order to build a solid public-private partnership (PPP) for cybersecurity. For there to be a successful cybersecurity PPP between the US government and the private sector, there must be a PPP founded on a model composed of four essential elements: a high level of trust between the public and private entities that corresponds to a mutual belief in the positive gains of both partners; clear baseline guidance imposed from legislation, which should be reinforced with government training and financial incentives; a bottom-up structural approach for efficient operations that allows for more autonomy at lower levels on local needs and resources; and, gaining influential community involvement in the formation of PPPs from all levels of the participating organizations, as well as civil leadership and the general public. This article is available in Journal of Strategic Security: http://scholarcommons.usf.edu/jss/vol8/iss5/9

News Briefs

Morgan Stanley selects Cleveland for Healthy Cities program. State Street launches new workforce training initiative. Home Depot pledges $1.6 million for veterans' housing. MassMutual awards $2.5 million for special needs education center. HSBC launches new $150 million Community Fund. MetLife awards $1.8 million to expand financial services in rural China. GE Foundation awards $14 million for health care initiative. Boeing commits $15 million for STEM program at Museum of Flight. Charity Navigator taps ex‐Microsoft exec for CEO.

The digital identity issue

We all know that passwords are beyond their sell-by date – the IT industry has been telling us for years, and it seems that recently every week there is the next high-profile hack, with the likes of Sony, Home Depot and Target reported in the past year. In fact, the recent McAfee (Intel Security) report on global cybercrime quotes a conservative estimate of $375bn in losses caused by data breaches, while global credit card fraud, mainly due to identity theft and impersonation, runs in the region of $30bn a year. 1 Passwords are well beyond their ‘sell-by’ date and attempts to fix the password problem, such as SAML and OAUTH, are not being implemented, mainly because they do not solve key issues. Neither do these solutions address the need to encompass all entities in a single digital identity ecosystem that can work globally. If we are to address all these issues it's time to go back to fundamentals, figure out what is broken and design Identity 3.0 to fix it, says Paul Simmonds of the Global Identity Foundation.