Decision Analytics

Decision Analytics is the discipline of leveraging analytics and performance modeling to create a
tight link between key operational processes and desired strategic outcomes. Basically based
on fact based decision making and discarding decision making based on educated guesswork

The practice involves building performance models that highlight the key processes supporting
the strategy; developing cause-and-effect analytical models that highlight the key drivers of the
business; and leveraging technology solutions such as dashboards to provide insights to those
on the front lines of the business.

GPT (General Purpose Technologies)

Innovations which cause jumps in an economy’s normal march of progress
For example: Electric power, transistor

Organizational complements
Organizational complements are the organizational innovations, or changes in the way
companies get work done. Organizational complements which allow process GPTs to deliver
improved performance are-
Better skilled workers
Redesigned processes

Enterprise IT functions:
1. Redesigning business processes.
2. Standardizing work flows.
3. Monitoring activities and events efficiently.
Managing 3 Types of IT

Three tasks:
Selection: Executives have to select IT applications that will deliver organizational capabilities
Adoption: Executives must lead adoption methods that result in creation of complements
Exploitation: must shape exploitation of IT by ensuring that technologies, capabilities and
complements stay align

Inside-Out Approach
An inside-out approach puts the spotlight squarely on the business before evaluating the
technology landscape
Focuses on the capabilities that IT can provide rather than on the technologies themselves

Outside-in approach
Companies usually select technologies when something new comes into the market without
giving a thought that the technology is going to help or not.

Business intelligence (BI):

A broad category of applications and Techniques. For gathering, storing, analyzing and
providing access to data. Better business and strategic decisions. Include query and reporting,
OLAP, DW, DSS, data mining, forecasting and statistical analysis.

Data mining​ (knowledge discovery in databases):

– Discovery of interesting (non-trivial, implicit, previously unknown and potentially useful), valid,
actionable information or patterns from data in large databases
• Alternative names
– Knowledge discovery(mining) in databases (KDD), knowledge extraction, data/pattern
analysis, data archeology, data dredging, information harvesting, BI etc.

Data Mining Tasks

• Classification. Infers the defining characteristics of a certain group.
• Clustering. Identifies groups of items that share a particular characteristic. Clustering differs
from classification in that no predefining characteristic is given.
• Association. Identifies relationships between events that occur at one time.
• Sequencing. Identifies relationships that exist over a period of time.
• Forecasting. Estimates future values based on patterns within large sets of data.
• Regression. Maps a data item to a prediction variable.
• Time Series analysis examines a value as it varies over time.

“Other” Mining Environments

• Text Mining is the application of data mining to non-structured or less-structured text files
• Web Mining is the application of data mining techniques to data related to the World Wide
Web. The data may be present in web pages or related to Web activity.
• Spatial Mining is the application of data mining techniques to data that have a location
component.
• Temporal Mining is the application of data mining techniques to data that are maintained for
multiple points in time.

Data Warehouse​ is a repository of

* Subject-Oriented
* Historical data
* Easily accessible: Access Tools
* Ready for Analytical Processing
* Exclusively for Decision-Making activities
* For the Entire Enterprise
The integrated data source must be made consistent to present a unified view of the data to the
users.

A data mart
* small scaled-down version of a DW
* designed for a department or strategic business unit
* Contain less information compare to DW
* Response time better than DW
* Easier accessibility than DW.

Multidimensional databases (sometimes called OLAP)

* Data in these databases: Cubes
* Data Cubes: Preprocessed Query
* Organize facts by dimensions, such as geographical region, product line, salesperson, time.
ERP:
Enterprise systems are commercial software packages which promises seamless integration of:
Financial and accounting information
Human resource information
Supply chain information
Customer information

An enterprise system imposes its own logic on a company’s strategy, culture, and organization
At the heart of the enterprise system is a central database that draws data from and feeds data
into a series of applications supporting diverse company functions
Using a single database dramatically streamlines the flow of information throughout a business
Companies are spending an aggregate of $10 billion/ year (approx.) on an ERP systems
(excluding the consulting fees)

Examples of Bad implementation: FoxMeyer Drug finds that ERP implementation lead the
organization towards its bankruptcy
Mobil Europe spent hundreds of millions of dollars on its ERP system only to abandon it when
its merger partner objected

Reasons for Failure of ERP

1. ERP implementation are generally complex often requires significant money, time and
expertise
2. ERP imposes its own logic on companies strategies, organization and culture
 3. The same type of ERP solution in used by all companies in an industry-thereby erasing
the competitive advantage and source of differentiation

Advantages of Implementing ERP

1. Centralized control over systems
2. Provides functionality to interact with other modules
3. Provides integrated, enterprise-wide common tools, processes and systems
4. Integrated and increased control of budgeting, planning and financial statement, etc.

Disadvantages of ERP
1. ERP pushes a company toward full integration even when a certain degree of
business-unit segregation may be in its best interests
2. ERP pushes a company toward generic processes instead of customized processes
3. If a company rushes to install an enterprise system without first having a clear
understanding of the business implications, it could prove to be disastrous
4. If the logic of the system may conflict with the logic of the business, then either the
implementation will fail, wasting huge sums of money or the system will weaken
important sources of competitive advantage

Example: When not implementing ERP was better

Air Products and Chemicals saw that many of its competitors were installing large, complex
enterprise systems. After a thorough evaluation, it decided not to follow their lead
The company’s existing systems, while not state-of-the-art, were adequate to meet its needs
and prices of the products also didn’t increase.

Check ​ERP vs CRM​ slide for more

McFarlan Strategic Grid (Check slides for more)

Threat-​--a potential cause of an incident that may result in harm to a system or organization
Vulnerability​---a weakness of an asset (resource) or a group of assets that can be exploited by
one or more threats
Risk​---potential for loss, damage, or destruction of an asset as a result of a threat exploiting a
vulnerability

Example:​ In a system that allows weak passwords,

• Vulnerability---password is vulnerable for dictionary or exhaustive key attacks
• Threat---An intruder can exploit the password weakness to break into the system
• Risk---the resources within the system are prone for illegal access/modify/damage by the
intruder.
• Threat agent---entities that would knowingly seek to manifest a threat

Malware (malicious software)

• Viruses: ​Rogue software program that attaches itself to other
software programs or data files in order to be executed

• Worm:​ Independent programs that copy themselves from one

computer to other computers over a network.

Trojan horses
Software that appears benign (legitimate software) but does something other than expected.
Users are typically tricked by some form of social engineering into loading and executing
Trojans on their systems.
Ransomware
Ransomware is a subset of malware in which the data on a victim's computer is locked, typically
by encryption, and payment is demanded before the ransomed data is decrypted and access
returned to the victim. The motive for ransomware attacks is nearly always monetary, and unlike
other types of attacks, the victim is usually notified that an exploit has occurred and is given
instructions for how to recover from the attack. Payment is often demanded in a virtual currency,
such as bitcoin, so that the cybercriminal's identity isn't known.

Spoofing
–Misrepresenting oneself by using fake e-mail addresses or masquerading as someone else
–Redirecting Web link to address different from intended one, with site masquerading as
intended destination

Sniffer
–Eavesdropping program that monitors information traveling over network
–Enables hackers to steal proprietary information such as e-mail, company files, and so on

Denial-of-service attacks (DoS)

Flooding server with thousands of false requests to
crash the network. Distributed denial-of-service attacks (DDoS) Use of numerous computers to
launch a DoS

• Botnets
Networks of “zombie” PCs infiltrated by bot malware
Deliver 90 percent of world spam, 80 percent of worlmalware
Eg: Grum botnet: controlled 560K to 840K computers

• Identity theft
Theft of personal Information (social security ID, driver’s license, or credit card numbers) to
impersonate someone else

• Phishing
Setting up fake Web sites or sending e-mail messages that look like legitimate businesses to
ask users for confidential personal data

• Evil twins
Wireless networks that pretend to offer trustworthy Wi-Fi connections to the Internet. An evil twin
is a fraudulent Wi-Fi access point that appears to be legitimate but is set up to eavesdrop on
wireless communications. The evil twin is the wireless LAN equivalent of the phishing scam.

Tools for protection: ​Firewall, Antivirus, Intrusion detection systems, Security Policy