ITM 102 - Final Notes.docx

35 Pages
180 Views
Unlock Document

Department
Information Technology Management
Course
ITM 102
Professor
Catherine Middleton
Semester
Fall

Description
ITM 102 – Business Information Systems (part 2) Chapter 8: Securing Information Systems Chapter 8: Key Questions 1. Why are information systems vulnerable to destruction, error, and abuse? 2. What is the business value of security and control? o What are some of the main security problems? 3. What are the components of an organizational framework for security and control? 4. What are the most important tools and technologies for safeguarding information resources? Why systems are vulnerable?  Accessibility of networks  Hardware problems (breakdowns, configuration errors, damage from improper use or crime)  Software problems (programming errors, installation errors, unauthorized changes)  Disaster, e.g. …?  Use of networks/computers outside of firm’s control o BYOD  Loss and theft of portable devices Loss and theft of personal devices  What are the potential impacts?  How can you prevent or reduce danger? System vulnerabilities and abuses Internet vulnerabilities  Network open to anyone  Size of internet means abuses can have wide impact  Use of fixed internet addresses with cable or DSL modems creates fixed targets for hackers (this is not the default with Canadian ISPs)  Unencrypted VOIP  E-mail, P2P, IM o Interception o Attachments with malicious software o Transmitting trade secrets Wireless security challenges  Radio frequency bands easy to scan  SSIDs (service set identifiers) o Identify access points o Broadcast multiple times (but you can turn off broadcast) o Evil twins o War driving (and more)  Eavesdroppers drive by buildings and try to detect SSID and gain access to network and resources  Wired Equivalent Privacy (WEP) o Security standard for 802.11; use is optional o Uses shared password for both users and access point o Users often fail to implement WEP or stronger systems Viruses, Trojan Horses, Worms, etc.  Symantec guides to scary internet stuff: o Denial of service o Pests on your PC: Viruses, Trojans and Worms  Viruses, Worms, Trojans Oh My!  Viruses, Worms and Botnet explained Computer viruses  Rogue software programs that attach to other programs in order to be executed, usually without user knowledge or permission  Deliver a “payload”  Can spread by email attachments Trojan Horse  A software program that appears to be benign, but then does something unexpected  Often “transports” a virus into a computer system  Name is based on Greek ruse during Trojan war Worms  Programs that copy themselves from one computer to another over networks  Can destroy data, programs, and halt operation of computer networks Rules for protecting your computer  Anti-virus software, update regularly  Install firewall  Latest security updates  Don’t open email attachments you don’t trust (or follow Twitter spam)  Check your sharing settings, Bluetooth visibility (also on your mobile devices) Get free anti-virus software from Ryerson Activate the firewall on your computer What information are you sharing?  iTunes  Bluetooth  Files  Internet Hackers and computer crime  Backers: individuals who attempt to gain unauthorized access to a computer system o Cracker: a hacker with criminal intent  Cybervandalism: intentional disruption, defacement, or destruction of a Web site or system  Both can lead to data breaches Denial of Service (DoS) Attacks  Hackers flood a server with false communications in order to crash the system  Distributed DoS: uses numerous computers to crash the network o Cast to company is downtime, but data is not compromised  Often use botnets Other types of crimes  Spoofing o Masquerading as someone else, or redirecting a Web link to an unintended address  Sniffing o On eavesdropping program that monitors information travelling over a network Spoofing example More computer crimes  Identity theft o A crime in which the imposter obtains key pieces of personal information  Phishing o Setting up fake Web sites or sending email messages that look legitimate, and using them to ask for confidential data  Pharming o Redirects users to a bogus web site  Click fraud o Bogus clicks to drive up pay-per-clicks Even more security problems  Global Threats: Cyberterrorism and Cyberwarfare o Exploitation of systems by terrorists  Internal threats: employees o This is an important one o Intentional and unintentional impacts  Software vulnerability o servicealerts.blog.ryerson.ca/2012/09/20/sohpos-anti-virus-software-thursday-september- 20-2012 Business Value of Security, Control  Failed computer systems can lead to significant or total loss of business function  Firms now more vulnerable than ever o Confidential personal and financial data o Trade secrets, new products, strategies  A security breach may cut into firm’s market value almost immediately  Inadequate security and controls also bring forth issues of liability General controls Application controls  Input controls  Processing controls  Output controls Steps to securing systems  Risk assessment o Determine level of risk to the firm in the case of improper controls o Risk management and planning video o Protect your company from verbal hackers  Security policy o Acceptable Use Policy (AUP) o Authorization policies o Authorization Management Systems Disaster recovery/business continuity  The role of auditing o Find small (“salami slicing”) as well as large problems  Fault-tolerant computer systems  High-availability computing  Recovery-oriented computing  Security outsourcing Sample audit report Authentication  Passwords  Tokens, also two-step processes  Smart card  Biometric authentication Firewalls  Hardware and software controlling flow of incoming and outgoing network traffic o Packet filtering o Network Address Translation (NAT) o Application proxy filtering More security measures  Intrusion Detection Systems o Full-time monitoring tools placed at the most vulnerable points of the corporate networks to detect and deter intruders  Antivirus and Antispyware o Checks computer systems for viruses  Unified Threat Management Systems o Includes firewall, VPN, antispam, intrusion detection etc. Ensuring System Availability  Online transaction processing  Fault-tolerant computing  High-availability computing  Controlling Network Traffic o Deep packet inspection  Security Outsourcing Chapter 9: Enterprise Applications: Supply Chain Management & CRM Chapter 9: Key Questions 1. How do enterprise systems help businesses achieve operational excellence? 2. How do supply chain management systems coordinate planning, production, and logistics with suppliers? 3. How do customer relationship management systems achieve customer intimacy? 4. What are the challenges posed by enterprise applications? 5. How are enterprise applications used in platforms for new cross-functional services? What are enterprise systems?  Suite of integrated software modules and a common central database  The database collects data from many different divisions and departments in a firm and from a large number of business processes  Information collected from one process can be accessed and used by other process in the firm What is ERP?  Enterprise Resource Planning  Electric Data Interchange Enterprise software is:  Built around thousands of predefined business processes that reflect best practices o Finance/accounting: General ledger, accounts payable, etc. o Human resources: Personnel administration, payroll, etc. o Manufacturing/production: Purchasing, shipping, etc. o Sales/marketing: order processing, billing, sales planning, etc. Enterprise systems overview  Allows for real-time queries  Real-time updating Business Value of Enterprise software  A more uniform organization  More efficient operations and customer-driven business processes  Firm-wide information for improved decision making The supply chain A network of organizations and business processes for procuring raw materials, transforming these materials into intermediate and finished products and distributing them to customers Nike’s supply chain Supply chain management  Inefficiencies cut into a company’s operating costs o Can waste up to 25% of operating expenses  Just-in-time strategy: o Components arrive as they are needed o Finished goods shipped after leaving assembly line  Safety stock o Buffer for lack of flexibility in supply chain  Bullwhip effect o Information about product demand gets distorted as it passes from one entity to next across supply chain SCM software  Supply chain planning systems o Model existing supply chain o Demand planning o Optimize sourcing, manufacturing plans o Establish inventory levels o Identifying transportation modes  Supply chain execution systems o Manage flow of products through distribution centers and warehouses Push vs. Pull supply chain models Global Supply Chains & he Internet  Before internet, supply chain coordination hampered by difficulties of using disparate internal supply chain systems o Enterprise systems supply some integration of internal supply chain processes but not designed to deal with external supply chain processes Business Value of SCM systems  Match supply to demand  Reduce inventory levels  Improve delivery service  Speed product time to market  Use assets more effectively  Reduced supply chain costs  Increased sales Customer Relationship Management Systems  Capture and integrate customer data from across the organization  Consolidate the data  Analyze the data  Distribute the results to various systems and customer touch points across the enterprise  Touch Point: a method of interaction with the customer (aka “contact point”) CRM software  Most packages have modules for o Sales force automation (SFA): Sales prospect and contact information, and sales quote generation capabilities; etc. o Customer service: Assigning and managing customer service requests; Web-based self- service capabilities; etc. o Marketing: Capturing prospect and customer data, scheduling and tracking direct- marketing mailings or e-mail; etc. CRM capabilities Business Value of CRM Systems  Increased customer satisfaction  Reduced direct-marketing costs  More effective marketing  Lower costs for customer acquisition/retention  Increased sales revenue  Reduced churn rate o Churn rate:  Number of customers who stop using or purchasing products or services from a company  Indicator of growth or decline of firm’s customer base  But why can CRM fall? Next generation enterprise applications  Enterprise solutions/suites: o Replacing stand-alone enterprise, CRM, SCM systems o Make these applications more flexible, Web-enabled, integrated with other systems  Open-source and on-demand applications o SaaS, Salesforce.com  Service platform: Integrates multiple applications to deliver a seamless experience for all parties o Order-to-cash process  Portals: o Increasingly, new services delivered through portals Enterprise Application Challenges  Highly expensive to purchase and implement enterprise applications – total cost may be 4 to 5 times the price of software  Requires fundamental changes o Technology changes o Business processes changes o Organizational changes  Incurs switching costs, dependence on software vendors  Requires data standardization, management, cleansing Chapter 10: E-Commerce: Digital Markets & Digital Goods Chapter 10: Key Questions 1. What are the unique features of e-commerce, digital markets, and digital goods? 2. What are the principal e-commerce business and revenue models? 3. How has e-commerce transformed marketing? 4. How has e-commerce affected business-to-business transactions? 5. What is the role of mobile commerce in business, and what are the most important m-commerce applications? 6. What issues must be addressed when building an e-commerce Web site? E-commerce Today  The use of the Internet and the Web to transact business  Digitally enabled transactions  Began in 1995 when advertisements were allowed  E-commerce continues to grow To understand potential market  Look for stats on Internet users, demographics of users o http://pewinternet.org/Data-Tools/Get-The-Latest-Statistics.aspx (US data, Canadian data is not so easily available)  Stats on mobile phone users o http://cwta.ca/facts-figures/ Why E-commerce is different  Ubiquity o Internet/Web technology available everywhere: work, home, etc., and anytime  Global reach o The technology reaches across national boundaries, around Earth  Universal standards o One set of technology standards: Internet standards  Richness o Supports video, audio, and text messages  Interactivity o The technology works through interaction with the user  Information density o Vast increases in information density – the total amount and quality of information available to all market participants  Personalization/customization o Technology permits modification of messages, goods  Social technology o The technology promotes user content generation and social networking Unique features of e-commerce technology Impacts of e-commerce  Reduces information asymmetry  Lowers Menu Costs (cost of changing prices)  Dynamic Pricing Priceline  Disintermediation  Digital goods Disintermediation Types of e-commerce  Business-to-customer (B2C): Retailing of products and services directly to individual customers  Business-to-business (B2B): Sales of goods and services to other businesses  Consumer-to-consumer (C2C): Individuals using the Web for private sales or exchange (eBay.ca,kijiji) E-commerce business models  Portal (ex. Yahoo)  E-tailer (ex. GAP)  Content provider (ex. thestar.com)  Transaction broker (ex. Questrade)  Market creator (ex. eBay)  Service provider (ex. Google: apps for business)  Community provider (ex. facebook, LinkedIn) Bricks and clicks  Marketing: use internet to bring customers to physical stores  Visit physical stores to see merchandise, then buy online or  Research products online and then buy in-store (or pick up in store) E-commerce revenue models  Advertising  Sales  Subscription  Free/fermium  Transaction fee  Affiliate Web 2.0: Social networking  Most populart Web 2.0 service: social networking o Social networking sites sell banner ads, user preference information, and music videos and e-books  Social shopping sites o Swap shopping ideas with friends (Kaboodle, ThisNext, Pinterest, Want button) Web 2.0: Wisdom of crowds  Wisdom of crowds/crowdsourcing o Large numbers of people can make better decisions about topics and products than a single person  Prediction markets o Peer-to-peer betting markets on specific outcomes (elections, sales figures, designs for new products) E-commerce marketing  Long Tail Marketing  Behavioural targeting o E.g. Facebook ads o Privacy issues o Builds on databases, tracking Personalization B2B  Electronic data interchange (EDI)  Private industrial networks (private exchanges)  Net marketplaces  Exchanges M-commerce  Location-based services  Banking and financial services  Wireless advertising and retailing  Games and entertainment  M-commerce trends infographic  Social e-commerce + conversion + mobile Building a web store  Business idea/business model  Register domain name (yourbusiness.com)  Select a web hosting company  Design your web site o What do you want the site to do for your business? o Think about mobile access o Interactivity, “stickiness”  Establish payment mechanisms Build or buy…? Costs? Chapter 12: Enhancing Decision Making Chapter 12: Key Questions 1. What are the different types of decisions and how does the decision-making process work? 2. How do information systems support the activities of managers and management decision making? 3. How do business intelligence and business analytics support decision making? 4. How do different decision-making constituencies in an organization use business intelligence? 5. What is the role of information systems in helping people working in a group make decisions more efficiently? Why is better decision making needed?  Improved financial outcomes for firms  Better products or services for customers Types of Decisions  Unstructured decisions o Novel, non-routine decisions requiring judgement and insights o Examples: approve capital budget; decide corporate objectives  Structured decisions o Routine decisions with definite procedures o Examples: restock inventory; determine special offers to customers  Semi-structured decisions
More Less

Related notes for ITM 102

Log In


OR

Join OneClass

Access over 10 million pages of study
documents for 1.3 million courses.

Sign up

Join to view


OR

By registering, I agree to the Terms and Privacy Policies
Already have an account?
Just a few more details

So we can recommend you notes for your school.

Reset Password

Please enter below the email address you registered with and we will send you a link to reset your password.

Add your courses

Get notes from the top students in your class.


Submit