Professional Documents
Culture Documents
2121)
Dr A
Text Book:
Information Systems Today:
Managing the Digital World
Joseph Valacich,
Christoph Schneider
Course Learning Outcomes
• Understand the basic principle of IS and their role in
organization.
• Discuss the basic concepts of IT.
• Understand the telecommunication and E-commerce.
• Realize enterprise systems.
• Discuss career path, ethical and professional issues in IS.
2
Contents
# Topic Chapter No.
Week 1
Introduction to the course
Week 2,3 Managing in the Digital World
Chapter 1
Research Project
Week 4
Managing the Information Systems Infrastructure and Services Chapter 2
Week 6 Enhancing Organizational Communication and Collaboration Using Social Media Chapter 4
Week 7 Midterm 1 Exam
Week 8,9 Enhancing Business Intelligence Using Big Data and Analytics Chapter 5
Enhancing Business Processes Using Enterprise Information Systems
Week 9,10 Chapter 6
Research Project Due
Week 11 Securing Information Systems Chapter 7
3
Evaluation System
Proportion Week due
4
Information Systems Today
Eighth Edition, Global Edition
Chapter # 1
Managing in the Digital World
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Learning Objectives
• 1.1 Describe the characteristics of the digital world, contemporary societal
issues of the digital world, and IT megatrends shaping the digital future.
• 1.2 Explain what an information system is, contrasting its data, technology,
people, and organizational components.
• 1.3 Describe the dual nature of information systems in the success and failure
of modern organizations.
• 1.4 Describe how computer ethics affect the use of information systems and
discuss the ethical concerns associated with information privacy and
intellectual property.
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Information Systems Today
• Learning Objective: Describe the
characteristics of the digital world,
contemporary societal issues of the
digital world, and IT megatrends
shaping the digital future.
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
The Emergence of the Digital World
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
The Digital Divide
• Many people are being left behind in the
Information Age
– Strong linkage between computer literacy and a
person’s ability to compete in the Information Age
– People in rural communities, the elderly, people
with disabilities, and minorities lag behind national
averages for Internet access and computer literacy
– The challenges in overcoming the digital divide
are ever greater in developing countries
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Globalization and Societal Issues in the
Digital World
• The rapid rise of a new middle class in developing countries
has enabled established companies to reach millions of new
customers
• Tremendous decrease in communications costs has increased
the use of outsourcing
• Rapid urbanization has led to 50% of the world’s population
now living in cities
• The global shift in economic power and climate change are
other influencing factors
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
The Rise of Information Systems
Outsourcing
• Companies are
offshoring production to
overseas countries
(such as China) to
utilize talented workers
or reduce costs.
• Source: Lianxun
Zhanag/fotolia.
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Key Reasons for Outsourcing
• To reduce or control costs
• To free up internal resources
• To gain access to world-class capabilities
• To increase the revenue potential of the organization
• To reduce time to market
• To increase process efficiencies
• To be able to focus on core activities
• To compensate for a lack of specific capabilities or skills
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Challenges of Operating in the Digital
World
• Government
– Political instability
– Regulatory: laws, standards, individual freedoms
• Geo-economic
– Infrastructure differences
– Demographics
– Workers’ expertise
• Cultural
– Language differences, beliefs, attitudes, religion, life focus
– Privacy, standards, information ownership, and information
censorship
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Five IT Megatrends That Shape the Digital
Future
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Five IT Megatrends That Shape the Digital
Future: Mobile Devices
• Many believe that we’re
living in a post-PC era
• In the developing world
mobile devices often leapfrog
traditional PC’s
• Implications:
– Consumerization of IT
– Bring Your Own Device
(BYOD) to work is a major
concern
– Security concerns
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
The Move Towards Mobile Devices
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Five IT Megatrends That Shape the Digital
Future: Social Media
• Over 4.6 billion (and growing)
Facebook users share status
updates or pictures with
friends and family
• Companies harness the
power of the crowd by using
social media to get people to
participate in innovation and
other activities
• Organizations use social
media to encourage
employee collaboration
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Social Media
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Five IT Megatrends That Shape the Digital
Future: The Internet of Things
• A broad range of physical
objects that can
automatically share data
over the Internet
• The Industrial Internet of
Things (IIoT) enables the
convergence of IT and
operations technology to
enable mass-produced
customized products
• The Internet of everything?
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
The Internet of Things
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Five IT Megatrends That Shape the Digital
Future: Cloud Computing
• Web technologies enable using
the Internet as the platform for
applications and data
• Applications that use to be
installed on individual
computers are increasingly
kept in the cloud
– e.g., Gmail, Google Docs,
Google Calendar
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Cloud Computing
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Five IT Megatrends That Shape the Digital
Future: Big Data
• IDC estimates that in
2013, 4.4 zettabytes of
data were generated and
consumed
• What would that amount
equal? It is 4.4 trillion
gigabytes, or the • Increasing amounts of data
equivalent of about 140 increases the ability to detect
billion 32GB iPads (IDC, meaningful relationships and
2013) other insights which can
• Forecasted to grow to 180 contribute to business success
zettabytes by 2025
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Big Data
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Information Systems Defined
• Learning Objective: Explain what
an information system is,
contrasting its data, technology,
people, and organizational
components
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Data: The Root and Purpose of
Information Systems
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
People: The Builders, Managers, and Users
of Information Systems
• As the use of information systems grows, so does the
need for dedicated IS professionals
Rank Career Job Growth Median Pay
(10-year forecast) (in US$)
1 Software architect 23% 124,000
2 Video game designer 19% 79,900
3 Landman 13% 103,000
4 Patent agent 13% 126,000
5 Hospital administrator 23% 114,000
6 Continuous improvement manager 12% 96,600
7 Clinical nurse specialist 19% 89,300
8 Database developer 23% 88,200
9 Information assurance analyst 37% 96,400
10 Yoga instructor 13% 62,400
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Careers in Information Systems
• Examples of Careers in IS
– Systems analyst
– Systems programmer
– Systems operators
– Network administrators
– Database administrators
– IS auditor
– Data Scientist!
– Data analyst!
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
What Makes IS Personnel So Valuable?
• A blend of technical, business, and system skills
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Organizations: The Context of Information
Systems
• Information systems can help organizations
– Be more productive and profitable
– Gain competitive advantage
– Reach more customers
– Improve customer service
• This holds true for all types of
organizations—professional, social, religious,
educational, and government—and for all types of
industries—medical, legal, and manufacturing
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Categories of Information Systems
Categories Categories
• Transaction processing system (TPS) • Geographic information system (GPS)
• Management information system (MIS) • Functional area information system
• Decision support system (DSS) • Customer relation management (CRM
system)
• Intelligent system • Enterprise resource planning system
(ERP)
• Business intelligence system • Supply chain management system
• Office automation system • Electronic commerce system
• Knowledge management system • Mobile app
• Social software
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
The Dual Nature of Information Systems
• Learning Objective: Describe
the dual nature of information
systems in the success and
failure of modern organizations.
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Information Systems Gone Awry
• IS Gone Awry—Outages Outrage Gamers
– In 2011 PlayStation system outage lasted 21 days, Christmas day
2014 denial-of-service attack caused PlayStation network to be
unavailable for 21 days
• IS Done Right—FedEx
– Delivers millions of pounds of freight to 220 countries,
continuously updates its system, handles 50 million tracking
requests every day
• Information Privacy
• Intellectual Property
• The Need for a Code of Ethical Conduct
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Computer Ethics
“Describes the moral issues and standards
of conduct as they pertain to the use of
information systems”
• Collecting and analyzing user data may
have negative impacts
– Social decay
– Increased consumerism
– Loss of privacy
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Richard O. Mason: “PAPA” Ethical
Concerns—Privacy, Accuracy, Property, and
Accessibility
• Privacy: What information an individual should have to reveal to
others in the workplace or through transactions?
• Accuracy: Are individuals able to access data collected about
them, check for accuracy, and request correction of
inaccuracies?
• Property: Company that maintains data/databases kept on
individuals, and can sell the information as long as it doesn’t
violate stated privacy policies when gathering the data
• Accessibility: Company needs to ensure proper hiring, training,
and supervision of employees who have access to the data and
implement the necessary software and hardware security
safeguards.
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Privacy
• Privacy on the Web
– Who owns the computerized
information about people? Answer: the
company that maintains the database of
The database of intentions.
customers is free to sell it…within limits
Source: Based on Batelle (2010)
• E-mail Privacy
– Legally, there is no right to e-mail
privacy
– Electronic Communications Privacy Act
(ECPA), passed in 1986, protects
phone conversations, but not e-mail
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
The Need for a Code of Ethical Conduct:
Computer Ethics Institute Guidelines
• The guidelines prohibit:
– Using a computer to harm others
– Interfering with other people’s computer work
– Snooping in other people’s files
– Using a computer to steal
– Using a computer to bear false witness
– Copyright or using proprietary software without paying for it
– Using other people’s computer resources without authorization or compensation
– Appropriating other people’s intellectual output
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
END OF CHAPTER CONTENT
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Managing in the Digital World: Open
Innovation
• Traditional Innovation—
– Conduct applied research and development is secret at great expense
– Time and complexity involved in bureaucratic process left actual research
out of date and out of touch with reality
– Results? Products developed failed due to being years late and no longer
relevant
• Open Innovation—
– Open R&D to customers, suppliers, other companies working together
– Results?
▪ Starbucks introduced “My Starbucks Idea” where customers post ideas
▪ Dell’s “IdeaStorm” resulted in 37,000 ideas posted of which 550 were
implemented
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Coming Attractions: Memory Crystals
• In sci-fi, characters use devices that resemble large crystals
• Now a realty, researchers at University of Southampton (UK)
have created a nanostructured glass storage device
• Technique uses self-assembling nanostructures written into
fused quartz using tiny femtosecond (one-quadrillionth, or one
millionth of one-billionth, of a second) laser light pulses
• Data are encoded into 5 dimensions (height, length, width,
position, and orientation)
• Results? Allows massive amounts of data to be stored for long
periods of time in an indestructible format thus preserving our
civilization
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Who’s Going Mobile: Wearable Technology
• Wearable technology = clothing or accessories
that incorporate electronic technologies
– Examples include:
▪ Smart watches
▪ Fitness trackers (Fitbit)
▪ Google Glass
▪ Oculus VT (Facebook)
– Exiting and futuristic
– Bit, privacy, and infrastructures issues abound
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Green IT: The Green Internet of Things
• Past technologies have disrupted business and society for the past several
decades
• Next up? Green IT (for green computing) refers to the practice of using
computing resources more efficiently to reduce environmental impacts
• The Internet of Things (IoT) brings connectivity and IT to the forefront again
poised to revolutionize business and society
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Security Matters: Ransomware
• Security of our business and professional lives are more important
than ever as we live in an online world
• One new tactic, ransomware, seeks to extract money from victims by
planting a virus that renders data on computers useless until a ransom
is paid resulting in the release of the virus
• Examples of the ransomware virus—
– Hollywood Presbyterian Medical Center at Los Angeles was forced to pay $17,000
ransom after its network was broadly infected
– Another hospital in Ottawa decided not to pay the ransom and simply uploaded
data that had been backed up (after cleaning off the virus)
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
When Things Go Wrong: Technology
Addiction
• In 2015, the average person in the UK spent almost 10 hours consuming
media each day
• With more and more technology, doctors now argue that we are now
becoming addicted (Dopamine, the brain chemical associated with pleasure)
when stimulated by interacting online
• Being plugged-in to technology all the time reduces the brain’s ability to relax
• We are now consume the equivalent of 125 newspapers a day (five times
greater than 30 years ago)
• A Microsoft study indicates that our attention span has fallen from an average
of 12 seconds at the turn of the century to 8 seconds
• How can the situation be improved? Turn off our gadgets for a while each day,
eat right, stay hydrated, work-out regularly, get enough sleep
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Ethical Dilemma: The Social and
Environmental Costs of the Newest
Gadgets
• Ethical dilemmas are faced every day involving choosing between two options,
each of which involves breaking a moral imperative
• For most, no definite solutions are available thus we should think about the
consequences of the actions involved in terms of benefits and harm
• Example: Apple
– Products are designed in California and assembled in China
– Chinese workers pushed to work long hours resulting in over 50,000 resignations
per month and up to 14 suicides
– Audit revealed factory workers worked excessive overtime and faced health and
safety issues
• Many Chinese workers seek to work a few months for Apple rather than farm
for the entire year
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Industry Outlook: Business Career Outlook
• There is a shortage of business professionals
with the necessary “global skills” for operating
in the digital world
• You can hone your global skills by:
– Gaining international experience
– Learning more than one language
– Sensitizing yourself to global cultural and political
issues
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Information Systems Today
Eighth Edition, Global Edition
Chapter # 2
Managing the Information
Systems Infrastructure and
Services
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Learning Objectives
• 2.1 Describe how changes in businesses’ competitive landscape influence
changing IS infrastructure needs.
• 2.4 Describe cloud computing and other current trends that can help an
organizational address IS infrastructure-related challenges.
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
The IS Infrastructure (1 of 2)
• Learning Objective: Describe
how changes in businesses’
competitive landscape
influence changing IS
Infrastructure needs.
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
The IS Infrastructure (2 of 2)
• Countries and societies depend on an infrastructure
of roads, power, and communication to function
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Applications and Databases Supporting
Business Process
• Application Software
– Software Tools
▪ Process automation
▪ Decision support
▪ Other business and user needs
• Databases
– Collections of data
– Organized to facilitate data searches
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
IS Infrastructure Components
• Learning Objective: Describe
the essential components of an
organization’s IS infrastructure.
• Hardware
• System Software
• Storage
• Networking
• Data Centers
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
IS Infrastructure Components: Hardware-
Computer Types (Table 2.1)
Type of Number of Physical Size Typical Use Random Typical
Computer Simultaneo Access Cost
us Users Memory (in US$)
Supercomputer One to many Like an automobile Scientific research 5,000+ GB Up to $100
to as large as million
multiple rooms
Mainframe 1,000+ Like a refrigerator Transaction Up to 3,000 GB Up to $10
processing, million
enterprise-wide
applications
Server 10,000+ Like a DVD player Providing websites Up to 512 GB Up to
and mounted in a or access to $50,000
rack to fitting on a databases,
desktop applications or files
Workstation Typically one Fitting on a desk- Engineering, Up to 512 GB Up to
top to the size of a medical, graphic $100,000
file cabinet design
Personal One Fitting on a desk- Personal 512 MB to Up to $5,000
computer top productivity 32 GB
Mobile device One Handheld Personal 512 MB to Up to $750
productivity 2 GB
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
IS Infrastructure Components: Hardware-
Computer Types
There are many different levels of hardware:
• Servers: host content and information for online access and retrieval.
• Workstations: are powerful computers typically used by one individual for demanding
applications such as graphical design or engineering simulation.
• Personal computers: are used by normal computer users to facilitate their personal
productivity.
• Mobile devices: are used by users on the go with the ability to connect anywhere and at
anytime.
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
IS Infrastructure Components: System
Software
• Controls computer
hardware operations
• Operating systems
– Examples: Windows, OS X,
Ubuntu, Linux
– Manages hard drives and
storage
– Manages keyboard, mouse,
monitor, and printers
– Coordinates application
access to computing
resources
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Operating systems
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
IS Infrastructure Components: Networking
• Both human and computer
communication involve
senders, a message to share,
and receivers.
Network requires:
• Sender and receiver
• Transmission pathway
• Rules/protocols for
communication
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
IS Infrastructure Components: Servers,
Clients, and Peers
• Servers
– Host (serve up) data, databases,
files applications, Web sites,
video, and other content for
access over the network
• Clients
– Consume hosted resources
• Peers (P2P)
– Serve and consume resources,
both a server and a client
interacting with similar computers
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
IS Infrastructure Components: Types of
Networks
Networks are typically used to connect devices within an organization,
or across organizational subunits.
Type Usage Size
Personal area Wireless communication Under 10 meters
network (PAN) between devices (Bluetooth)
Local area network Sharing of data, software Typically within a building
(LAN) applications, or other
resources between several
users
Wide area network Connect multiple LANs, Large physical distance
(WAN) often with distributed spanning multiple
ownership and management buildings or the area of a
city to worldwide (Internet)
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
The Internet and the World Wide Web
(WWW)
• The Internet is a large worldwide collection of
networks that use a common protocol to
communicate with each other
– The Internet is based on internetworking, or combining
networks to form larger networks
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Web Domain Names and Addresses
• Uniform Resource Locator
(URL) is used to identify and
locate a particular Web page
• Domain name is a term that
helps people recognize the
company or person
– Prefix, like “google” or
“Microsoft”
– Suffix, like .com, .edu, .org, .
gov, or two-letter country
codes
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
IP Addresses
• The Internet uses IP addresses
– IPV4: Old style, 32-bit, running out of addresses
– IPV6: New style, 128-bit, huge address space
• The WWW translates domain names into IP
addresses
– www.arizona.edu translates to (IPV4)
128.196.134.37
– A URL could be expressed directly as an IP
address, although it’s more common to use it’s
related domain name
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
World Wide Web Architecture
• Components
– Interconnected Web servers
– Utilize Transmission Control Protocol/Internet
Protocol (TCP/IP)
– Communicate over the Internet
▪ Clients request Web page hosted on server using the
server’s IP address
▪ Server breaks the Web page into packets
▪ Packets stream over Internet to client
▪ Client reassembles
▪ Client can request retransmission of any missing packets
▪ Web browser translates Web page into visible output
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Extranets and Intranets (1 of 2)
• Companies have confidential data
• These data still need to be shared on a limited
basis
– Intranet: password-protected Web site
designed for sharing within the company
– Extranet: password-protected Web site
designed for sharing with select partners
• Data and communication are protected via fire-
walls and virtual private networks (VPNs)
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Extranets and Intranets (2 of 2)
Intranet
architecture
Extranet
architecture
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Firewall and VPN
• A firewall secures proprietary information stored within
the corporate local area network and/or wide area network
so that the information can be viewed only by authorized
users.
• A VPN allows employees to securely connect to the
company’s intranet while on the road or working from
home (i.e., telecommuting).
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
IS Infrastructure Components: Data
Centers
• Large amounts of data to be managed
• Dedicated space for infrastructure
components such as data centers
• Data center centralization facilitates
– Management
– Repairs
– Upgrades
– Security
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Issues Associated with Managing the IS
Infrastructure
• Learning Objective: Discuss
managerial issues associated
with managing an organization’s
IS infrastructure
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Big Data and Rapidly Increasing Storage
Needs
• Firms collect unprecedented levels of data
– Business intelligence (Chapter 5)
– Legal compliance (e.g., Sarbanes-Oxley)
• Unprecedented levels of data require
unprecedented infrastructure capabilities
– More storage space, powerful hardware, and database
management
– Ever-increasing Internet bandwidth
– Vicious cycle: enhanced capacity drives new
applications, requiring even more capacity
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Demand Fluctuations
• Many companies face demand fluctuations
– Seasonal fluctuations (e.g., December holidays)
– Monthly fluctuations (month-end spikes)
• Demand fluctuations create inefficiencies
– Some estimate up to 70% of IS capacity only used
20% of the time
– IS infrastructure is typically not readily scalable
▪ Changing internal capacity takes time when equipment
needs to be specified, purchased, installed, and
configured.
▪ Cloud computing (next section) may be the answer
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Increasing Energy Needs
• Computing can require a lot of power
– Hardware draws power, which generates heat
– Heat requires cooling, which requires more power
• Data centers can use large amounts of power
– 15 to 17 kilowatts per rack
– Large data centers have hundreds of server racks
– More power is required for cooling and lost
through other inefficiencies
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Cloud Computing
• Learning Objective: Describe
cloud computing and other
current trends that can help an
organization address IS
infrastructure-related challenges.
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
What Is Cloud Computing?
• Cloud Computing is a way to allocate resources
much like a utility sells power
• Resources are used “on-
demand,” as needed
• Customers only pay for
what they consume
• Resources can be rapidly
allocated and reallocated
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Cloud Computing Characteristics
• On-Demand Self Service • Resource Pooling
• Rapid Elasticity • Measured Service
• Broad Network Access
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Cloud Computing Service Models
• Infrastructure
as a Service
(IaaS)
• Platform as a
Service
(PaaS)
• Software as a
Service
(SaaS)
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Cloud Computing Service Models
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Public and Private Clouds
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Managing the Cloud
• Availability/Reliability
• Scalability
• Viability
• Security, Privacy, and Compliance
• Diversity of Offerings
• Openness
• Costs
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Advanced Cloud Applications:
Service-Oriented Architecture (SOA)
• Services—individual
components of
business processes
– Building blocks
• Principles of SOA
– Reusability
– Interoperability
– Componentization
Using SOA, multiple applications
can invoke services
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Advanced Cloud Applications:
Grid Computing (1 of 2)
• Extremely complex problems need heavy
computing power
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Advanced Cloud Applications:
Grid Computing (2 of 2)
• Traditionally handled by
supercomputers, but
– Supercomputers are very
expensive
– Even supercomputers may
not be able to handle the
demand
• Grid computing—combine
many small, networked
computers
– Decompose and distribute
large complex problems Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Advanced Cloud Applications:
Content Delivery Networks
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Advanced Cloud Applications:
Content Delivery Networks
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Green Computing
• Driving forces
– Power bills
– Reputation
– Culture
• Approaches
– Virtualizing servers
– Cloud computing
– Power management software
– Reduced printing
– Retiring obsolete hardware responsibly
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
END OF CHAPTER CONTENT
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Managing in the Digital World:
From Google to Alphabet
• Google more than just a search engine!
• Formed a holding company named Alphabet
– Placed 10 companies under this umbrella in 2016
– Allows investors to invest in Alphabet or a subsidiary
– Allows Google to focus on what it does best
– Alphabet owns:
▪ Boston Dynamics (robotics)
▪ Verily (life sciences company)
▪ Nest Labs (home automation)
– One of the largest companies in the world
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Who’s Going Mobile: Mobile Payments
Are Transforming Developing Countries
• Rapidly adopted cell phones and other mobile
devices
• Transformed whole economies and societies
• M-Pesa in Kenya revolutionized mobile technology
– Mobile payments have become mainstream
– 60% Of Kenyans use mobile payments via cell phones
• Transforming society in many developing
countries
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Ethical Dilemma:
Putting People’s Lives Online
• Google Street View captures millions of
people in the everyday lives
– Put online for the world to see
– Not all pictures are of things people want online
▪ People in places or with people they don’t want
public
– Can be very intrusive; can even ruin lives
– If pictures can be monetized, do companies
have a shareholder duty to do so, regardless
of consequences to some individuals
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Coming Attractions:
Making Death Optional?
• Humai is a small research company in Los
Angeles that wants to extend lives:
– Wants to use AI techniques to record a person’s
conversational style, behavior, and thought pattern
– When that person dies they then want to freeze the
brain using cryonics technology
– When available, implant the brain into an artificial body
– Embedded brain can then control the artificial body
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Green IT:
Alphabet Renewables
• Alphabet transitioning to renewable energy
• Goal = 100% renewable energy by 2025
• A global leader in renewable energy, Alphabet
has signed contracts with:
– Duke Energy (51-megawatt solar project)
– Sweden project (76-megawatt wind generation project
– Chili project (80-megawatt wind generation project)
– Kenya ($12 million investment wind generation)
• $2 Billion total investment in clean renewables
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
When Things Go Wrong: Old and Dirty
Energy Drives Global Internet Growth
• Internet central to all aspects of modern society
• By 2018 more than 15 billion devices connected
– Will require massive amounts of energy
– Coal is a cheap energy source but not clean
– Coal provided 41% world’s electrical needs in 2013
• Apple is most aggressive clean energy user
(Greenpeace report)
• Other clean energy users include Facebook,
Google, Amazon, and Microsoft)
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Security Matters:
Car Hacking
• Possibility of hacking into computer code that runs
multiple onboard computers in a car
• Modern vehicles also have Bluetooth for
connectivity
• Each system can be exploited by hackers in the
future
• Technology and vehicle component manufacturers
working together to make supply chains more
secure and to prevent tampering.
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Industry Analysis:
Movie Industry
• Computers allow studio-quality digital editing at an
affordable price
– Independent filmmakers can compete
• CGI for digital effects (Dreamworks, Universal, Weta
Digital, Pixar)
• Movies released in digital formats
• Movie theaters switching to digital projection systems
• Theaters receive movies electronically instead of on
reels
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Information Systems Today
Eighth Edition, Global Edition
Chapter # 3
Enabling Business-to-
Consumer Electronic
Commerce
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Learning Objectives
• 3.1 Describe different approaches to competing in cyberspace as well as
different forms of electronic government and e-finance.
• 3.5 Describe how to conduct financial transactions and navigate the legal
issues of electronic commerce.
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Electronic Business: E-Commerce and
E-Government
• Learning Objective: Describe
different approaches to
competing in cyberspace as well
as different forms of electronic
government and e-finance.
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
E-Commerce (EC) Defined
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
E-finance
• E-finance is the use of information systems to
provide financial services and markets
• E-finance consists of:
– E-banking and online brokerage
▪ Paying bills online using electronic bill pay
▪ People can turn to multiple sites to get the latest information
about stock prices
• Fintech
– Refers to technologies that support activities in the
financial sector.
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Business-To-Consumer E-Commerce
• Learning Objective:
Describe business-to-
consumer electronic
commerce strategies.
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
E-tailing: Capabilities and Opportunities
(1 of 2)
• Firms from across the world can effectively compete
for customers and gain access to new markets
• Disintermediation
– Cutting out the “middleman” and reaching customers
more directly and efficiently
• The Long Tail refers to the ability to cater to niche
markets instead of selling mainstream products
• Mass Customization
– Firms can tailor their products and services to meet a
customer’s particular needs
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
E-tailing: Capabilities and Opportunities
(2 of 2)
• Group Buying
– If enough people agree to purchase the product or service,
they get significant discounts
• New Revenue and Pricing Models
– Companies can earn revenues not only through traditional
sales, but also through subscription, licensing, or
transaction fees
– Companies and individuals can earn money through Web
advertising or affiliate marketing
• Social Commerce
– Utilizing social networks to build lasting relationships and
advertise products
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Mass Customization
Mass customization
generates additional
value for customers and
profits for producers
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
New Revenue and Pricing Models
Priceline.com lets consumers name
their own price for travel-related
services.
Reverse pricing
“Name your
own price”
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Benefits of e-Tailing
• Product benefits: With no store size and shelf
space restrictions, companies can sell a far wider
variety of goods
• Place benefits: Internet storefronts are available
on almost every computer connected to the
Internet
• Price benefits: Online retailers are efficient, with
high volumes and low overhead that allow for
very competitive pricing
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Drawbacks of E-tailing
• Trust
– This is especially a concern for new online businesses
without a proven track record
• Direct Product Experience
– E-tailing doesn’t provide sensory information
• Product Delivery and Returns
– Except for direct downloads, e-tailing requires
additional delivery time for products
– Returns may also be a hassle, compared to just going
to the store
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Electronic Commerce Websites and
Internet Marketing
• Learning Objective:
Understand the keys to
successful electronic commerce
websites and explain the
different forms of Internet
marketing.
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Designing Websites to Meet Online
Consumers’ Needs
• Structural Firmness
– No bad links, understandable error messages, privacy/
security, speed
• Functional Convenience
– Ease of use, simple navigation, user feedback, help
features, on-click ordering, flexible payment, order
tracking
• Representational Delight
– Aesthetically pleasing, professional look and feel, color/
font/images, consistent layout, no clutter
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Internet Marketing
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Mobile Commerce, Consumer-To-
Consumer EC, and Consumer-To-Business
EC
• Learning Objective: Describe
mobile commerce, consumer-to-
consumer electronic commerce,
and consumer-to-business
electronic commerce.
• C2C EC
• C2B EC
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Mobile EC
• Location-Based M-Commerce
– Services can be offered tailored to a person’s needs
based on their current location
• Information on the Go
– Customers can get further information about a product
wherever they are, including in the store, but this can
lead to “showrooming”
• Product and Content Sales
– Consumers use mobile apps to make purchases while
on the go
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
C2C EC
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Opportunities and Threats of C2C EC
(Table 3.3)
Opportunities Threats
Consumers can buy and sell to No quality control
broader markets
Eliminates the middleman that Higher risk of fraud
increases the final price of products
and services
Always available for consumers, Harder to use traditional
24/7/365 payment methods (checks,
cash, ATM cards)
Market demand is an efficient
mechanism for setting prices in the
electronic environment
Increases the numbers of buyers and
sellers who can find each other
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
E-Auctions and Online Classifieds
• E-Auctions
– Individual sellers can sell or barter items at online auctions
– Consumers place bids
– Examples: eBay.com and swap.com
– Revenue model based on small transaction fees, highly
profitable
• Online Classifieds
– Just advertising, no online transactions
– Freecycling
– Examples: craigslist.com
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
C2B EC
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Securing Payments in the Digital World
• Must be sure that online transactions are secure
• Issues related to different forms of online
payments are:
1. Payment Services—involves the use of independent
payment services such as PayPal, Google Wallet
2. Cryptocurrencies—involves the use of a non-
banking currency such as Bitcoin.
3. Managing Risk—businesses are financially liable for
fraudulent transactions, thus have to look for these
and sometimes have to reject risky transactions
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Bitcoins
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Ways to Protect Yourself When Shopping
Online
• Use a secure browser • Give payment
information only to
• Check the site’s privacy
businesses you know
policy
and trust
• Read and understand
• Keep records of your
the refund and shipping
online transactions and
policies
check your e-mail
• Keep your personal
• Review you monthly
information private
credit card and bank
Source: Based on Privacy transactions
Rights Clearinghouse (2016)
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Possible Indicators of Fraud
• Email
addresses
• Shipping and
billing
addresses
• Transactions
patterns
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Legal Issues in EC
• Taxation
– Sales taxes
– Internet Freedom Act: Internet sales are treated like mail-
order sales
• Net Neutrality
– Should the Internet be open? Or should Internet access
come first to the highest bidder?
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
END OF CHAPTER CONTENT
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Managing in the Digital World:
Taobao and the World of E-commerce
• Taobao is the largest digital marketplace in China
– By 2011 more registered users (370 million) than the
population of the United States
– Online marketplace for multiple companies
– Online consumer-to-consumer sales, much like eBay
– Notorious for piracy and counterfeit goods
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Security Matters:
Too Small to Be Hacked?
• Cybercriminals steal data that can be converted into
cash (credit card numbers, personal info)
• They now have begun to take a users data hostage by
encrypting it
– Demands ransom payment to unlock data
– If paid, will the data be released?
• Experts recommend paying a 3rd party to maintain
system security
• Technology alone cannot protect a business if the
system user is the weak link
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
When Things Go Wrong:
Buying Likes
• Many businesses entice users to “like” their
business page on Facebook, Twitter, or other
social media sites for some reward
• Campaigns and contests can be deeply biased by
automated “like” and votes, giving unfair
advantage to users who game the system
• Social media platforms try to suppress this type of
devious behavior, but it can be a cat-and-mouse
game
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Green IT:
Green Online Shopping
• Fossil fuel requirements
– Retail shopping—use cars to drive to many stores in different
locations
– Online shopping—most of the fuel use is by delivery vehicles
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Information Systems Today
Eighth Edition, Global Edition
Chapter # 4
Enhancing Organizational
Communication and
Collaboration Using Social
Media
Learning Objectives
• 4.1 Explain organizations’ needs for communication and collaboration.
• 4.3 Describe various social media applications, and explain their role in
enhancing communication, collaboration, cooperation, and connection.
• Virtual Teams
• Groupware
• Videoconferencing
• Intranets and Employee Portals
Collaboration
• Collaboration is where two or more people
are working together to achieve a common
goal
• A small company can collaborate very
easily usually at a set time and place
• Global companies require effective and
efficient communication channels for
collaboration
Categories of Collaboration Tools (Table 4.1)
Category Description Instances Examples
Electronic Tools allowing users to Fax, e-mail, voice mail, MOS Outlook,
Communication convey verbal and written blogs, wikis, static Blogger,
tools information and send files, websites Wikipedia
documents, or other
content
Electronic Tools allowing information Internet forums, Apple
conferencing sharing and rich instant messaging, FaceTime,
tools interactions between application sharing, Skype, Google
users video-conferencing Hangouts,
WebEx
Collaboration Tools used to facilitate Electronic Calendars, Google Docs,
management virtual or collocated knowledge MS Office
tools meetings and manage management systems, Online, MS
group activities intranets, online SharePoint
document systems
Virtual Teams
• Enterprise Search
– Company focused, including
corporate databases
• Collaboration
– Document sharing and co-
editing
• Employee Portals
– Employee benefits self-
service
The Evolving Web
• Learning Objective:
Explain social media and
evolving web capabilities.
mashups
• network
effect
• Microblogging
– Post news to customers
– An example is Twitter which is limited to 140 characters
– Example: Coca-Cola’s official Twitter account
• Instant Messaging
– Enables multiple participants to have conversations
– Example: WhatsApp allows group chat, free texts
Enhancing Cooperation with Social Media
• Media Sharing
– Via Flickr, Instagram,
Vimeo, YouTube,
SlideShare
– Webcasting, podcasting
• Tagging
• Social Bookmarking
– Manually adding
metadata to content – Allows users to refine data
• Viral Marketing
– Good marketing techniques can be driven by word-of-
mouth or person-to-person communication
– The power of viral marketing can be a great tool
Downsides and Dangers of using Social
Media Applications
• Online Product Reviews
• Microblogging
• Social Networks
• Bad Vibes Going Viral
• Lessons Learned
– Identify a crises team
– Identify your worst social media nightmare
– Monitor your social media environment
– Act fast. The first 24 hours count
Chapter # 5
Enhancing Business
Intelligence Using Big Data
and Analytics
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Learning Objectives
• 5.1 Describe the need for business intelligence and advanced analytics and
how databases serve as a foundation for making better business decisions.
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Enhancing Organizational Decision Making
• Learning Objective: Describe
the need for business intelligence
and advanced analytics and how
databases serve as a foundation
for making better business
decisions.
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Business Intelligence, Advanced Analytics,
Business Analytics
• Looking back and answering important questions require
analyzing data of past and current transactions to
understand what happened
• Business Intelligence (BI) refers to tools and techniques
for analyzing and visualizing past data
• Advanced analytics refers to tools and techniques used
to understand why something happened, predict future
outcomes, or discover hidden patterns in large data sets
• Business analytics is used as an umbrella term for all
these concepts
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Business Intelligence and Advanced
Analytics (Table 5.1)
• The need for business intelligence and advanced analytics
goes beyond traditional businesses; rather all types of
organizations utilize it to improve their data-driven
decision making as seen in the examples below
Context Example
Political parties Model the influence of social media on election
outcomes
Government Analyze performance of public benefits programs
Defense Manage maintenance and logistics during overseas
deployments
Hospitals Predict patient volume and resource utilization
Nonprofit organizations Manage fundraising campaigns and target donors
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Big Data
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Understanding Big Data
• Businesses are dealing with the challenge
of “Big Data”
– High Volume
▪ Unprecedented amounts of data
– High Variety
▪ Structured data
▪ Unstructured data
– High Velocity
▪ Rapid processing to maximize value
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Databases: Providing Inputs into Business
Intelligence and Advanced Analytics
• Data and knowledge are an organization’s most
valuable resource
• Enabling interactive Web sites using databases:
– E-commerce makes extensive use of databases
– Product catalog data are stored in databases and
available to users
– Customer billing and shipping
– E-commerce applications process millions of
transactions per day
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Databases: Foundation Concepts
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Databases: Tables and Records
This sample data table for the entity Students includes 7 attributes and 10 records
Source: Microsoft Access
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Databases: Advantages (Table 5.2)
Advantages Description
Minimal data redundancy There is a single copy of the data
Improved data consistency Eliminating redundancy improves consistency
Increase security Simplifies enforcement of access restrictions
Improved data quality Centralized control, minimized redundancy, and
improved data consistency enhance data quality
Improved data accessibility A centralized system makes it easier to deploy and
and sharing control access in or out of the organization
Enforcement of standards Centralized data management standardizes rules
Program-data independence Easier to evolve and alter software to changing
business needs when independent
Increased productivity of Data standards make it easier to build and modify
application development applications
Reduced program maintenance Changes in data replicate seamlessly
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Databases: E ective Management
• The Data Model
– What data will be captured
– How the data will be represented
• The Data Dictionary
– Document of database metadata
▪ Attribute name
▪ Type of data
▪ Valid values
▪ Business rules
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Databases: Entering and Querying Data
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Online Transaction Processing
• Online Transaction Processing (OLTP)
– Systems that interact with customers and run a
business in real time
• Data Warehouses
– Integrate data from multiple database and other
data sources
– Contain historic as well as current data
• Data Marts
– Subset of a data warehouse, limited in scope
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Operational vs. Informational Systems
(Table 5.4)
Characteristic Operational System Informational System
Primary Run the business on a Support managerial decision
Purpose current basis making
Type of data Current representation of Historical or point-in-time
state of the business (snapshot)
Primary users Online customers, clerks, Managers, business analysts,
salespersons, administration and customers (checking
status and history)
Scope of Narrow and simple updates Broad and complex queries
usage and queries and analyses
Design goal Performance Ease of access and use
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Data Warehouses: Extract, Transform, Load
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Business Intelligence and Advanced
Analytics
• Learning Objective: Explain
core concepts of business
intelligence and advanced
analytics.
• Business Intelligence
• Advanced Analytics
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Business Intelligence Tools
• Decision Support Systems
– Used to support decision making at all levels
in the organization
• Online Analytical Processing (OLAP)
– Process of quickly conducting complex, multi-
dimensional analyses of data stored that is
optimized for retrieval usually using graphical
software tools
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
OLAP Terms and Concepts
• Measures
– Facts, numerical data that can be aggregated
• Dimensions
– Provides a way to summarized the data
– Hierarchically arranged to enable drill-down and roll-up
• Cubes
– Multidimensional structure of dimensions and measures
• Slicing and Dicing
– Analyzing data on a subset of dimensions
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Information Visualization (Digital
Dashboards)
• Digital dashboards are
used to visually present
key performance
indicators used by
management
• Data usually highly
aggregate
• They use a variety of
design elements to
present data in a user
friendly way
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Visual Analytics
• Visual analytics is the combination of various
analysis techniques and interactive visualization
to solve complex problems
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Advanced Analytics
• Advanced analytics are designed to help users
gain a deeper understanding of why things
happen and then build predictive models to
support decision making
• Data science describes the advanced analytics
field of study and practice
• Advanced analytics are often used by business
analysts to take decisions out of their hands, thus
freeing up valuable resources
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Data Mining
• Discovering “hidden” predictive relationships in the
data
• Complicated algorithms run on large data warehouses
• Types of data mining algorithms
– Association discovery
– Clustering
– Classification
– Text and Web content
mining
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Text Mining
• Data mining
results can be
delivered to
users in a
variety of ways
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Machine Learning
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Intelligent Systems
• Artificial intelligence (AI) is the science of
enabling information technologies to simulate
human intelligence
• Intelligent agent (also called a bot) is a program
that works in the background to provide some
service when a specific event occurs.
– Examples include:
▪ Apple’s Siri
▪ Microsoft’s Cortana
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Knowledge Management and Geographic
Information Systems
• Learning Objective: Describe
how organizations can enhance
decision making by using
knowledge management and
geographic information systems.
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Knowledge Management Systems
• Explicit knowledge
– Easily codified
and documented
• Tacit knowledge
– Embedded in
people’s minds
– Hard to get at
– Important for best
practices
Goal: gain the greatest value
from knowledge assets
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Social Network Analysis
• Social network analysis is a technique that maps
people’s contacts to discover connections or
missing links within the organization
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Geographic Information Systems
• A geographic information system (GIS) is a
system for creating, storing, analyzing, and
managing geographically referenced information
• GIS benefits greatly
from advances in
machine learning,
especially for
recognizing and
classifying
geographical features
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
END OF CHAPTER CONTENT
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Information Systems Today
Eighth Edition, Global Edition
Chapter # 6
Enhancing Business
Processes Using Enterprise
Information Systems
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Learning Objectives
• 6.1 Explain core business processes that are common in organizations.
• 6.2 Describe what enterprise systems are and how they have evolved.
• 6.3 Describe enterprise resource planning systems and how they help to
improve internal business processes.
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Electronic Business: E-Commerce and
E-Government
• Learning Objective:
Explain core business
processes that are common
in organizations.
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Core Business Processes
• Order-to-Cash
– The process of selling goods or services and collecting
revenue for them
• Procure-to-Pay
– The process of ordering goods or services and paying
for them
• Make-to-Stock/Make-to-Order
– The process of manufacturing goods, either based on
forecasts or based on orders
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
The Order-to-Cash Process
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
The Make-to-Stock and Make-to-Order
Processes
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
An Example Supply Chain
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Organizational Activities Along the Value
Chain
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Value Systems: Connecting Multiple
Organizational Value Chains
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Enterprise Systems
• Learning Objective:
Describe what enterprise
systems are and how they
have evolved
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
The Rise of Enterprise Systems
• Standalone Applications (Legacy Systems)
– Each department had their own proprietary
systems that were not designed to
communicate with other systems
– Information reentered from one system to the
next manually
• Enterprise System (Integrated Suite)
– All departments are integrated into one system
– No duplication of data and more efficient
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Standalone Systems
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Integrated Enterprise Systems
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Supporting Business Processes:
Internally Focused Systems
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Supporting Business Processes:
Externally Focused Systems
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Improving Business Processes Through
Enterprise Systems
• Packaged software (off-the-shelf software) is
written by third-party vendors for the needs of
many users
• Custom software (developed by contractors) is
designed for a specific organization.
• Enterprise systems are designed in modules with
components that can be selected as needed
• Modules are designed around functional areas (e.
g., accounting, human resources, etc.)
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Business Process Management
• Business Process
Management
– Actively managing
business processes
– Using a structured
approach
– May be ongoing
– Many include radical
process
reengineering
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Enterprise Resource Planning
• Learning Objective:
Describe enterprise
resource planning systems
and how they help to
improve internal business
processes.
• Responding to Compliance and Regulatory Demands
• Choosing an ERP System
• Enabling Business Processes Using ERP Core Components
• ERP Installation
• ERP Limitations
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Responding to Compliance and
Regulatory Demands
• ERP systems have built-in control systems
– Mirror organizational processes
– Support segregation of duties
– Monitor business activities
• ERP systems don’t solve all compliance
problems, but they help a lot
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Choosing an ERP System
• ERP Control
– Centralized or decentralized across business units
– Policies and procedures
▪ Do they need to be flexible?
▪ Do they need to be standardized?
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Enabling Business Processes Using ERP
Core Components
• ERP systems support core business processes
• Assist with:
– Order-to-cash
– Procure-to-pay
– Make-to-stock/Make-to-order
– Other business processes
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
ERP Limitations
• ERP systems often require organizations to
change their business processes
• Once implemented, a company is locked in
• Difficult and costly to make future changes
• Modifications require extra costly
programming
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Achieving Enterprise System Success
• Learning Objective:
Understand and utilize the
keys to successfully
implementing enterprise
systems
• Secure Executive Sponsorship
• Get Help from Outside Experts
• Thoroughly Train Users
• Take a Multidisciplinary Approach to Implementations
• Evolve the Implementation
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
ERP Recommendations
• Recommendations
– Secure executive sponsorship
– Get help from outside experts
– Thoroughly train users
– Take a multidisciplinary approach to
implementations
– Evolve the implementation
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Secure Executive Sponsorship
• Executive Sponsorship is Critical
– Primary reason for ERP failure
– Critical for buy-in
– Dictates resource availability
– Necessary to authorize business improvements
– Key to removing obstacles
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Get Help from Outside Experts
• ERP systems are very complex
• Typically, IS departments aren’t familiar
with new systems
• Experts can help
– Specify needs
– Select a suitable vendor
– Manage the implementation project
– Provide technical expertise
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Thoroughly Train Users
• ERP systems are complex from the user
perspective as well
– Training costs are often poorly judged
– When systems go live it takes employees time
to regain productivity
• Proper training can:
– Alleviate concerns
– Mitigate productivity loss
– Set expectations
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Take a Multidisciplinary Approach to
Implementation
• ERP systems often affect the entire
organization
– The entire organization is a stakeholder
– The entire organization needs involvement
– Failure to have representatives can result in
unmet critical needs
– The project team can’t be experts in every aspect
of user needs
– Departments may become hostile if left out of the
implementation and needs assessment
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Evolve the Implementation
• Recent trend is to move away from large-
scale ERP
– Using cloud-based ERP allows scalability and
agility
• Another trend: managing businesses in real
time
– Take advantage of in-memory computing and
mobile access
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
END OF CHAPTER CONTENT
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Managing in the Digital World:
Amazon.com
• Amazon has grown from an online bookstore to a
complete marketplace
– Almost any product can be purchased through Amazon
– Amazon uses enterprise information systems to
optimize processes, and it now provides this to others
– Amazon Web Services (AWS) is an IS infrastructure
rented to companies for their enterprise system needs
– AWS provides cloud services and hosting for other
companies
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Green IT: Why Your Enterprise Systems
Should Be in the Cloud
• Green IT refers to using computers resources more
efficiently and environmentally responsible
• Big part of Green IT movement focuses on cloud
computing
• One benefit of moving IT to the cloud is that the
organization will become known as a sustainable
business
• Benefits include:
– Low capital outlays, lower operating costs, better IT
resource utilization, increased security, and better ability to
adjust to demand changes
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Ethical Dilemma:
Too Much Intelligence? RFID and Privacy
• RFID tags being used to tag pharmaceuticals
– RFID tags can be read by anyone with an RFID
reader, creating concerns that a person’s
medications could be revealed
• RFID chips can be embedded in people
– Mexico’s attorney general and senior staff
– Alzheimer’s and diabetes patients
– Implant in kids to prevent kidnapping
• Lots of public opposition, what are the
dangers?
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Coming Attractions: Internet of Things
Will Transform ERP and Organizations
• The IoT refers to a broad range of physical objects
that are interconnected and automatically share data
over the Internet
• The integration of “things” will significantly transform
the way organizations do business
• Complex machines can have dozens of sensors to
provide massive amounts of data
• When IoT technologies provide data for enterprise-
wide systems, the enterprise will have a better
understanding of virtually every aspect of the business
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Security Matters: To Update or Not to
Update, That Shouldn’t Be the Question
• Virtually all software has known or unknown flaws
• In May 2016 36 unmanned organizations were
running misconfigured or outdated SAP software
• Many organizations fail to upgrade their systems
because they feel new features are not needed
• Failing to upgrade an ERP system can be
problematic and risks the entire company
• Given the size, scope, and complexity, a system
failure can lead an organization to bankruptcy
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Who’s Going Mobile: Big ERP Systems
Embracing Small Mobile Devices
• ERP users originally used client PCs to access ERP
systems
• Mobile users can now access ERP systems on the road
• There are many benefits to mobile ERP
– Improved service quality
– Improved productivity
– Strengthened customer relationships
– Improved competitive advantages
– Improved data timeliness and accuracy
• Examples: SAP, Microsoft
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
When Things Go Wrong: Software Error
Frees Prisoners Early and Is Linked to Killings
• U.S. has highest incarceration rate in the world
• In 2015 a software glitch was blamed for the early
release of 3,200 prisoners
• Software problem discovered when a crime victim
believed a convicted prisoner was released early
• Two of those prisoners were involved in a murder
• A few of them were apprehended that were living
positive lives and resulted in an unwelcomed
surprise
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Industry Analysis:
The Automobile Industry
• More than 800 million cars on the road, 83 million
sold worldwide since 2013
– Sales predicted to climb to 100 million by 2018
– China, Brazil, Russia, India, other developing countries
Chapter # 7
Securing Information Systems
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Learning Objectives
• 7.1 Define computer crime and describe several types of computer crime.
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Cyber Security Vs. Information Security
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Computer Crime
• Learning Objective: Define
computer crime and describe
several types of computer crime.
• Hacking and Cracking
• Types of Computer Criminals and Crimes
• Computer Viruses and Other Destructive Code
• Cyberharassment, Cyberstalking, and Cyberbullying
• Software Piracy
• Cybersquatting
• Laws Against Computer Crime
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
What is Computer Crime?
• “Using a computer to commit an illegal act”
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Hacking and Cracking
• Hackers
– Anyone who can gain unauthorized
access to computers
– White hat hackers don’t intend to do
harm
• Crackers
– Individuals who break into computer
systems with the intent to commit crime • Malicious hackers are
or do damage referred to as black
– Also called black hat hackers hats and those not
– Hacktivists: Crackers who are motivated to do harm
motivated by political or ideological are referred to as
goals and who use cracking to promote white hats
their interests
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Who Commits Computer Crimes?
• Computer criminals come in all shapes and sizes, in
order of infractions they are:
1. Current or former employees; most organizations report
insider abuses as their most common crime (CSI, 2011)
2. People with technical knowledge who commit business or
information sabotage for personal gain
3. Career criminals who use computers to assist in crimes
4. Outside crackers—commit millions of intrusions per year
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
How Do They Do It?
• Technology • Exploiting human
– Vulnerability weaknesses
scanners • Phishing
– Packet sniffers
• Social engineering
– Keyloggers
– Brute force • Shoulder surfing
• Dumpster diving
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Types of Computer Crimes
• Unauthorized Access
– Stealing information
– Stealing use of computer
resources
– Accessing systems with the
intent to commit information
modification
• Information Modification
– Changing data for financial gain
(e.g., embezzlement)
– Defacing a Web site (e.g.,
hacktivists making a statement)
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Unauthorized Data Modification
• Unauthorized data
modification can occur in
many ways
• Some are based on
insider threats
– Disgruntled employees,
contractors
• Edward Snowden is a
recent example
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Other Threats to IS Security
Other Threats to IS Security
Employees keep passwords or access codes on slips of paper in plain sight
Individuals have never bothered to install antivirus software, or they install the software
but fail to keep it up to date
Computer uses within an organization continue to use default network passwords after a
network is set up instead of passwords that are more difficult to break
Employees are careless about letting outsiders view computer monitors, or they
carelessly give out information over the telephone
Organizations fail to limit access to company files and system resources
Organizations fail to install effective firewalls or intrusion detection systems, or they
install an intrusion detection system but fail to monitor it regularly
Organizations fail to conduct proper background checks on new hires
Fired employees are resentful and install harmful code, such as computer viruses, when
they leave the company
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Threats From Mobile Devices
Mobile Threats
Individuals lose their mobile devices and don’t have capabilities to remotely
wipe data from the device
Individuals keep sensitive data on mobile devices and do not use passcodes
Individuals “jailbreak” their mobile phones.
Individuals use poorly designed mobile applications that can have security
vulnerabilities
Individuals use unsecure wireless networks, leaving their devices vulnerable to
different types of attacks
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Computer Viruses and Other Destructive
Code
• Computer viruses
• Worms, Trojan horses, and other sinister
programs
• Denial of service
• Spyware, spam, cookies
• The rise of botnets and the cyberattack supply
chain
• Identity theft
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Computer Viruses
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Worms, Trojan horses, and Ransomware
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Denial-of-Service Attacks
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Spyware, Spam, and Cookies
• Spyware
– Software that monitors the activity on a computer, such as the
Web sites visible or even the key-strokes of the user
• Spam
– Bulk unsolicited e-mail sent to millions of users at extremely low
cost, typically seeking to sell a product, distribute malware, or
conduct a phishing attack
• Cookies
– A small file Web sites place on a user’s computer; can be
legitimate (to capture items in a shopping cart) but can be abused
(to track individuals’ browsing habits) and can contain sensitive
information (like credit card numbers) and pose a security risk
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
The Rise of Botnets and the Cyberattack
Supply Chain
• Botnets are software robots working together with
zombie computers
• 85% Of all e-mail spam is sent by only six botnets
• Example phishing attack:
– A programmer writes a phishing attack template and sells it
– A phisher purchases the template and designs the attack
– The phisher contracts with a cracker to host the phishing
Web site
– The phisher contracts a bot herder to sent the botnets
– The collector works with a mule herder to withdraw funds
from banks
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Identity Theft
• Identity theft is one of the
fastest growing information
crimes
• Stealing Social Security, credit
card, bank account numbers
and information
• Possible solutions
– Government and private sector
working together to change
practices
– Use of biometrics and encryption
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Software Piracy (Table 7.1)
Region Piracy Level Dollar Loss
(In US$ billions)
North America 17% 10.0
Western Europe 28% 10.2
Asia/Pacific 61% 19.1
Latin America 55% 5.8
Middle East and Africa 57% 3.7
Central and Eastern Europe 58% 3.1
Worldwide 39% 52.2
Source: Based on Business Software Alliance. (2016
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Cybersquatting
• Cybersquatting
– Buying and holding a domain name with the
intent to sell it later for a big profit
– The 1999 Anti-Cybersquatting Consumer
Protection Act makes it a crime if the intent is
to profit from the goodwill of a trademark
belonging to someone else
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Laws Against Computer Crime
• Federal Laws
– The Computer Fraud and Abuse Act of 1986
▪ A crime to access government computers or
communications
▪ A crime to extort money by damaging computer systems
▪ A crime to threaten the president, vice president,
members of Congress, administration officials
– Electronic Communications Privacy Act of 1986
▪ A crime to break into any electronic communications
service, including telephone services
▪ Prohibits the interception of any type of electronic
communications
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Computer Crime
• Learning Objective: Describe
and explain differences between
cyberwar and cyberterrorism.
• .
• Cyberwar
• Cyberterrorism
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Cyberwar (1 of 2)
• Cyberwar Vulnerabilities
– Command-and Control systems
– Intelligence collection, processing, and
distribution systems
– Tactical communication systems and methods
– Troop and weapon positioning systems
– Friend-or-foe identification systems
– Smart weapons systems
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Cyberwar (2 of 2)
• Cyberwar strategy includes controlling Internet-
based propaganda
– Web vandalism
• “Patriot hackers”—governments sometimes
blame independent citizens or groups for
cyberwar attacks
• Stuxnet—malware against an Iranian system
– Originally blamed on patriot hackers, then
revealed to be developed by the U.S. and Israel
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Cyberterrorism (1 of 2)
• What kinds of attacks are considered
cyberterrorism?
– Attacks by individuals and organized groups
– Political, religious, or ideological goals
• How the Internet is changing the business
processes of terrorists
– Terrorists are leveraging the Internet to
coordinate their activities, recruit, and perform
fundraising
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Cyberterrorism (2 of 2)
• Assessing the cyberterrorism threat
– The Internet is generally open and accessible
from anywhere in the world
– There have been many attacks, and although not
significantly damaging, the will and potential exist
• The globalization of terrorism
– Terrorism is now a global business
– Attacks can be launched from anywhere in the
world
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Cyberterrorist Categories and Internet Use
(Tables 7.3 & 7.4)
Categories of Cyberterrorist Attacks How Terrorist Are Using the
Internet
Coordinated bomb attacks Information dissemination
Manipulation of financial and banking Data mining
information
Manipulation of the pharmaceutical Fundraising
industry
Manipulation of transportation control Recruiting and mobilization
systems
Manipulation of civilian infrastructures Networking & Information sharing
Manipulation of nuclear power plants Training
Planning and coordinating
Information gathering
Location monitoring
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Managing Information Systems Security
• Learning Objective: Discuss
the process of managing IS
security and describe various IS
controls that can help in
ensuring IS security..
• Assessing Risks
• Developing a Security Strategy
• Implementing Controls and Training
• Monitoring Security
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Threats to IS Security
• Securing against these threats
must consider these goals:
– Availability
▪ Ensuring that legitimate users can
access the system
– Integrity
▪ Preventing unauthorized
manipulations of data and systems
– Confidentiality
▪ Protecting data form unauthorized
access
– Accountability
▪ Ensuring that actions can be traced
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Information Systems Security Process
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Assessing IS Risks
• Options for addressing risk
– Risk Reduction
▪ Actively installing counter-
measures
– Risk Acceptance
▪ Accepting any losses that
occurs
– Risk Transference
▪ Have someone else absorb
the risk (insurance,
outsourcing)
– Risk Avoidance Interplay between threats,
vulnerabilities, and impacts
▪ Using alternative means,
avoiding risky tasks
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Developing a Security Strategy
• After assessing risk, a strategy is
developed detailing the information
security controls
• Types of controls:
– Preventive
– Detective
– Corrective
• Use the principles of least permissions and
least privileges
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Policies and Procedures
• Not all security measures are technical in nature.
Managerial activities are important
• Policies and procedures include:
– Confidential information policy
– Security policy
– Use policy
– Backup policy
– Account management policy
– Incident handling procedures
– Disaster recovery plan
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Disaster Planning
• Business continuity plan—how a business continues
operating after a disaster
• Disaster recovery plan—detailed procedures for recovering
from systems-related disasters
• Questions for a disaster recovery plan:
– What events are considered a disaster?
– What should be done to prepare the backup site?
– What is the chain of command; who declares a disaster?
– What hardware and software are needed?
– Which personnel are needed?
– What is the sequence for moving back to the original location?
– Which providers can be drawn on to aid in disaster recovery?
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Backups
• Backup sites are critical for business continuity in
the event a disaster strikes
• Backup media include CD, external hard drives,
and tapes
• Cold backup site—an empty warehouse with all
necessary connections for power and
communication but nothing else
• Hot backup site—fully equipped backup facility, all
needed equipment and one-to-one replication of
current data
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Designing the Recovery Plan
• Recovery time objectives
– Specify the maximum time allowed to recover from
a catastrophic event
– Minutes, hours, days?
• Recovery point objectives
– Specify how current the backup data should be
– Mission-critical transactions data need to be very
current
– Hot backup involves mirrored data
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Implementing Controls and Training
• Commonly used controls:
– Physical access restrictions
– Firewalls
– Encryption
– Virus monitoring and prevention
– Secure data centers
– Systems development controls
– Human controls
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Physical Access Restrictions
• Physical access controls typically focus on
authentication
– Something you have
▪ Keys
▪ Smart cards
– Something you know
▪ Password
▪ PIN code
– Something you are
▪ Biometrics
A smart card
Source: al62/Fotolia
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Types of Physical Access Restrictions
• Methods for implementing physical access control
– Biometrics
▪ Identification via fingerprints, retinal patterns in the eye, facial features, or
other bodily characteristics
– Two-Factor Authentication
▪ The use of two types of credentials to gain access to a system
– Access-Control Software
▪ Allowing computer users access only to those files related to their work
▪ Restricting type of access (read, write, delete, etc.)
– Wireless LAN (WLAN) Controls
▪ Securing wireless networks prevents drive-by-hacking
– Virtual Private Networks(VPN)
▪ Also called a secure tunnel
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Firewalls
• Firewalls filter traffic
– Incoming and/or outgoing traffic
– Filter based on traffic type
– Filter based on traffic source
– Filter based on traffic destination
– Filter based on combinations of parameters
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Encryption and VPN
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Firewalls
• A Firewall is part of a computer system designed to detect
intrusion and prevent unauthorized access to or from a private
network
• Think of it as a “security fence”
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Virus Monitoring and Prevention
• Standard precautions
– Install antivirus software
– Do not use flash drives or shareware from
unknown or suspect sources
– Delete without opening any e-mail from unknown
sources
– Do not blindly open any e-mail attachments
– If your computer system contracts a virus, report it
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Secure Data Centers
• Securing the
facility’s infrastructure
– Site selection
– Physical access
restrictions
– Intrusion detection
– Uninterruptible
power supply
– Protection from
environmental
threats
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Other Controls
• Mobile device
management
• Systems develop-
ment controls
• Human controls
• Deployment and
training
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Monitoring Security
• Monitoring external events
– Information Sharing and Analysis Centers, United States Computer
Emergency Readiness Team
• IS Auditing
– External entity reviews the controls to uncover any potential problems
• Sarbanes-Oxley Act
– Best practices: Control Objectives for Information and related Technology
(COBIT)
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
END OF CHAPTER CONTENT
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Managing in the Digital World: Not So
“Anonymous”—Activists, Hacktivists, or Just Plain
Criminals?
• Anonymous
– A loose collection of hacktivists
– Practice civil disobedience by taking part in cyber-
attacks on Web sites (e.g., WikiLeaks)
– Politically active: launching attacks on Israeli
government for Gaza Strip military actions
– Well known for Internet vigilantism
– Claiming to have good intentions, but activities are
illegal
– Dilemma between pursuing ideological goals and
crossing the bounds of legality
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Green IT: Anonymous Protests the Killing
of Dolphins and Whales in Japan
• Anonymous is a hacking group that plots its own
course in “green computing”
• Every year from Sept-March thousands of dolphins
are slaughtered for consumption
• 2016, Anonymous targeted hundreds of Japanese
websites in defense of whales and dolphins
• They targeted Nissan with a denial-of-service attack
and stated that they had no intention of stealing any
information just support of green computing
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
When Things Go Wrong:
The Bug That Almost Killed the Internet
• OpenSSL is a popular encryption framework
used to secure many Internet-based
transactions
• Its heartbleed bug is a flow that was created in
2011 and wasn’t fixed until 2014
• Attackers can compromise encryption keys,
user names, passwords, and sensitive data
• The vulnerability potentially affects thousands of
companies and millions of users
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Who’s Going Mobile:
Backdoors in Any Mobile Phone?
• In 2015, the San Bernardino terrorist attack killed 14 and
injured 22.
• FBI requested Apple to give them a backdoor so they
could access the phone used in the attack
• Apple refused (customer security), and the FBI sued Apple
• FBI found a way to get the phone unlocked
• Security advocates state that “security of general
population” is more important than personal security
• Debate will rage on over privacy for many years
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Ethical Dilemma: Ethics and Cyberwar:
Just Because We Can, Should We?
• Exponential increase in technology has outpaced
the laws to govern the same
• Drones can be flown by personnel in a safe place
to drop bombs without being harmed
• Cyberwar raises many serious issues for society
• Collateral damage to civilian targets is a concern
• Repairing damage by cyberattacks may be difficult
• What about a country’s power grid, banking?
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Security Matters: Back to the Future: Analog
May Be the Future of Securing Critical
Infrastructure
• The world has moved from analog to digital
• Digital easier to be hacked and attacked, and then
shared online with others
• Cyberterrorism expert advocates to go back to analog
for security purposes
• Any digital system connected to a network can be
hacked from anywhere worldwide
• An old-school analog system requires a human operator
to turn a dial or flip a switch (analog equipment cannot
be infected by malware)
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Coming Attractions:
Can You Become Your Password?
• Passwords are easy to forget, fingerprints are not
• Once criminals gain access to your biometric you
are compromised forever (can’t change it)
• Researchers have suggested Brain Scans
(reading a sentence) because each person’s
brain acts differently
• Brainwaves would be used by the security system,
and they do not leave any tracks and cannot be
manipulated by cyber criminals
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Industry Analysis:
Cybercops Track Cybercriminals
• Police departments have been playing catch-up with
technology, but are now making great strides
– Computer Crime and Intellectual Property Section of DOD is
dedicated to tracking cybercrime
– FBI has dedicated cybercrime resources in 56 field offices
– Every state has a computer crime investigation unit
– Software tools for law enforcement have improved significantly
Examples:
▪ Software Forensic Tool Kit
▪ Statewide Network of Agency Photos (SNAP) database