Chapter1 (2) Merged

Foundations of Information Systems (IS
2121)
Dr A
Text Book:
Information Systems Today:
Managing the Digital World
Eighth Edition, 2018
Joseph Valacich,
Christoph Schneider
Course Learning Outcomes
• Understand the basic principle of IS and their role in
organization.
• Discuss the basic concepts of IT.
• Understand the telecommunication and E-commerce.
• Realize enterprise systems.
• Discuss career path, ethical and professional issues in IS.
2
Contents
# Topic Chapter No.
Week 1
Introduction to the course

Week 2,3 Managing in the Digital World
Chapter 1
Research Project
Week 4
Managing the Information Systems Infrastructure and Services Chapter 2

Week 5 Enabling Business-to-Consumer Electronic Commerce Chapter 3
Week 6 Enhancing Organizational Communication and Collaboration Using Social Media Chapter 4
Week 7 Midterm 1 Exam
Week 8,9 Enhancing Business Intelligence Using Big Data and Analytics Chapter 5
Enhancing Business Processes Using Enterprise Information Systems
Week 9,10 Chapter 6
Research Project Due
Week 11 Securing Information Systems Chapter 7
Week 12 Midterm 2 Exam
Week 13-15 Presentations
3
Evaluation System
Proportion Week due
20% 7th week First exam: Midterm 1
20% 12th week Second exam: Midterm 2
During the term Project + Presentation

15%
During the term

5% Quizzes
40 % Check Exams Timetable Final exam
4
Information Systems Today
Eighth Edition, Global Edition
Chapter # 1
Managing in the Digital World
Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Learning Objectives
• 1.1 Describe the characteristics of the digital world, contemporary societal
issues of the digital world, and IT megatrends shaping the digital future.
• 1.2 Explain what an information system is, contrasting its data, technology,
people, and organizational components.
• 1.3 Describe the dual nature of information systems in the success and failure
of modern organizations.
• 1.4 Describe how computer ethics affect the use of information systems and
discuss the ethical concerns associated with information privacy and
intellectual property.
• Learning Objective: Describe the
characteristics of the digital world,
contemporary societal issues of the
digital world, and IT megatrends
shaping the digital future.
• The Emergence of the Digital World

• Globalization and Societal Issues in the Digital World
• Five IT Megatrends That Shape the Digital World
The Emergence of the Digital World
• The proliferation of mobile devices such as smart phones, tablets, and

iPads are all around us
• Changes in technology enables new ways of working and socializing
• Boundaries between work and leisure time are blurring
The Digital Divide
• Many people are being left behind in the
Information Age
– Strong linkage between computer literacy and a
person’s ability to compete in the Information Age
– People in rural communities, the elderly, people
with disabilities, and minorities lag behind national
averages for Internet access and computer literacy
– The challenges in overcoming the digital divide
are ever greater in developing countries
Globalization and Societal Issues in the
Digital World
• The rapid rise of a new middle class in developing countries
has enabled established companies to reach millions of new
customers
• Tremendous decrease in communications costs has increased
the use of outsourcing
• Rapid urbanization has led to 50% of the world’s population
now living in cities
• The global shift in economic power and climate change are
other influencing factors
The Rise of Information Systems
Outsourcing
• Companies are
offshoring production to
overseas countries
(such as China) to
utilize talented workers
or reduce costs.
• Source: Lianxun
Zhanag/fotolia.
Key Reasons for Outsourcing
• To reduce or control costs
• To free up internal resources
• To gain access to world-class capabilities
• To increase the revenue potential of the organization
• To reduce time to market
• To increase process efficiencies
• To be able to focus on core activities
• To compensate for a lack of specific capabilities or skills
Challenges of Operating in the Digital
World
• Government
– Political instability
– Regulatory: laws, standards, individual freedoms
• Geo-economic
– Infrastructure differences
– Demographics
– Workers’ expertise
• Cultural
– Language differences, beliefs, attitudes, religion, life focus
– Privacy, standards, information ownership, and information
censorship
Five IT Megatrends That Shape the Digital
Future
Future: Mobile Devices
• Many believe that we’re
living in a post-PC era
• In the developing world
mobile devices often leapfrog
traditional PC’s
• Implications:
– Consumerization of IT
– Bring Your Own Device
(BYOD) to work is a major
concern
– Security concerns
The Move Towards Mobile Devices
• Employees can conduct business almost anytime,

anywhere.
• Customers have their phones with them 24/7, allowing
them to be reached throughout the day, wherever they
may be.
• This trend facilitates the increasing “consumerization of IT.”
• It also leads to security issues, as managers need to deal
with employers’ preference of “bring your own device”
(BYOD).
Future: Social Media
• Over 4.6 billion (and growing)
Facebook users share status
updates or pictures with
friends and family
• Companies harness the
power of the crowd by using
social media to get people to
participate in innovation and
other activities
• Organizations use social
media to encourage
employee collaboration
Social Media
• Users use apps such as Snapchat, Twitter, WhatsApp to

communicate
• Professors use social networks to provide students with course
related updates
Future: The Internet of Things
• A broad range of physical
objects that can
automatically share data
over the Internet
• The Industrial Internet of
Things (IIoT) enables the
convergence of IT and
operations technology to
enable mass-produced
customized products
• The Internet of everything?
The Internet of Things
The ability to connect “things” such as sensors, meters, signals,

motors, actuators, or cameras, the potential for gathering useful
data is limitless. Examples include:
• Monitoring home temperatures while on vacation remotely
• Alerting drivers of parking spaces and traffic volumes
• Cardiac monitors alerting physicians of potential health risks
• Smart cities, smart homes, and e-health
Future: Cloud Computing
• Web technologies enable using
the Internet as the platform for
applications and data
• Applications that use to be
installed on individual
computers are increasingly
kept in the cloud
– e.g., Gmail, Google Docs,
Google Calendar
• Can enabled advanced

analytics of massive amounts
of Big Data
Cloud Computing
• Cloud computing is really about sharing technology resources

and taking the pain out of using and sharing data and
applications.
• A major advantage is backup and reliability. If your computer
breaks, you haven’t lost your data.
• Also, you can access your files from any computer. For
example, have you ever used Dropbox?
• It requires connectivity to function, so the constant connectivity
we see at work and play is a key enabler.
Future: Big Data
• IDC estimates that in
2013, 4.4 zettabytes of
data were generated and
consumed
• What would that amount
equal? It is 4.4 trillion
gigabytes, or the • Increasing amounts of data
equivalent of about 140 increases the ability to detect
billion 32GB iPads (IDC, meaningful relationships and
2013) other insights which can
• Forecasted to grow to 180 contribute to business success
zettabytes by 2025
Big Data
• Businesses continue to gather ever more data from

internal and external sources. More collected data are
from both structured and unstructured sources, such as
natural language postings about a business..
• This presents new opportunities if it can be properly
analyzed and mined for information.
• The resources required to mine Big Data pose
tremendous challenges for business.
Information Systems Defined
• Learning Objective: Explain what
an information system is,
contrasting its data, technology,
people, and organizational
components
• Data: The Root and Purpose of Information Systems

• Hardware, Software, and Telecommunications Networks: The
Components of Information Systems
• People: The Builders, Managers, and Users of Information Systems
• Organizations: The Context of Information Systems
Information System vs. Information Technology
• Information system (IS) is the combination of people and

information technology that create, collect, process, store,
and distribute useful data.
• Information technology (IT) includes hardware, software,
and telecommunications networks.
Data: The Root and Purpose of
Information Systems
• Alone, raw data are not very useful

• When processed, data transforms into information
• When information is understood and used for decisions, it
becomes knowledge
People: The Builders, Managers, and Users
of Information Systems
• As the use of information systems grows, so does the
need for dedicated IS professionals
Rank Career Job Growth Median Pay
(10-year forecast) (in US$)
1 Software architect 23% 124,000
2 Video game designer 19% 79,900
3 Landman 13% 103,000
4 Patent agent 13% 126,000
5 Hospital administrator 23% 114,000
6 Continuous improvement manager 12% 96,600
7 Clinical nurse specialist 19% 89,300
8 Database developer 23% 88,200
9 Information assurance analyst 37% 96,400
10 Yoga instructor 13% 62,400
Careers in Information Systems
• Examples of Careers in IS
– Systems analyst
– Systems programmer
– Systems operators
– Network administrators
– Database administrators
– IS auditor
– Data Scientist!
– Data analyst!
What Makes IS Personnel So Valuable?
• A blend of technical, business, and system skills
Organizations: The Context of Information
Systems
• Information systems can help organizations
– Be more productive and profitable
– Gain competitive advantage
– Reach more customers
– Improve customer service
• This holds true for all types of
organizations—professional, social, religious,
educational, and government—and for all types of
industries—medical, legal, and manufacturing
Categories of Information Systems
Categories Categories
• Transaction processing system (TPS) • Geographic information system (GPS)
• Management information system (MIS) • Functional area information system
• Decision support system (DSS) • Customer relation management (CRM
system)
• Intelligent system • Enterprise resource planning system
(ERP)
• Business intelligence system • Supply chain management system
• Office automation system • Electronic commerce system
• Knowledge management system • Mobile app
• Social software
The Dual Nature of Information Systems
• Learning Objective: Describe
the dual nature of information
systems in the success and
failure of modern organizations.
• Case in Point: An Information System Gone Awry:

Outages Outrage Gamers
• Case in Point: An Information System that Works: FedEx
• Information Systems for Competitive Advantage
Information Systems Gone Awry
• IS Gone Awry—Outages Outrage Gamers
– In 2011 PlayStation system outage lasted 21 days, Christmas day
2014 denial-of-service attack caused PlayStation network to be
unavailable for 21 days
• IS Done Right—FedEx
– Delivers millions of pounds of freight to 220 countries,
continuously updates its system, handles 50 million tracking
requests every day
• Firms of all types and sizes can use information systems

to gain or sustain a competitive advantage over their rivals
– Whether it is a small mom-and-pop boutique or a large
government agency, every organization can find a way to use
information technology to beat its rivals
IS Ethics
how computer ethics affect the
use of information systems and
discuss the ethical concerns
associated with information
privacy and intellectual property.
• Information Privacy
• Intellectual Property
• The Need for a Code of Ethical Conduct
Computer Ethics
“Describes the moral issues and standards
of conduct as they pertain to the use of
information systems”
• Collecting and analyzing user data may
have negative impacts
– Social decay
– Increased consumerism
– Loss of privacy
Richard O. Mason: “PAPA” Ethical
Concerns—Privacy, Accuracy, Property, and
Accessibility
• Privacy: What information an individual should have to reveal to
others in the workplace or through transactions?
• Accuracy: Are individuals able to access data collected about
them, check for accuracy, and request correction of
inaccuracies?
• Property: Company that maintains data/databases kept on
individuals, and can sell the information as long as it doesn’t
violate stated privacy policies when gathering the data
• Accessibility: Company needs to ensure proper hiring, training,
and supervision of employees who have access to the data and
implement the necessary software and hardware security
safeguards.
Privacy
• Privacy on the Web
– Who owns the computerized
information about people? Answer: the
company that maintains the database of
The database of intentions.
customers is free to sell it…within limits
Source: Based on Batelle (2010)
• E-mail Privacy
– Legally, there is no right to e-mail
privacy
– Electronic Communications Privacy Act
(ECPA), passed in 1986, protects
phone conversations, but not e-mail
• Protecting your Privacy

– U.S. FTC Fair Information Practice
Principles notice/awareness, choice/
consent, access/participation, integrity/
security, enforcement/redress
Intellectual Property
• Copying digital music is
almost effortless
• In many non-Western
societies, using someone
else’s work is considered
praise for the creator
• Using another’s work
without purchase or
attribution has significant
legal and ethical
ramifications
The Need for a Code of Ethical Conduct:
Computer Ethics Institute Guidelines
• The guidelines prohibit:
– Using a computer to harm others
– Interfering with other people’s computer work
– Snooping in other people’s files
– Using a computer to steal
– Using a computer to bear false witness
– Copyright or using proprietary software without paying for it
– Using other people’s computer resources without authorization or compensation
– Appropriating other people’s intellectual output
• The Guidelines recommend:

– Thinking about social consequences of programs you write and systems you
design
– Using a computer in ways that show consideration and respect for others
END OF CHAPTER CONTENT
Managing in the Digital World: Open
Innovation
• Traditional Innovation—
– Conduct applied research and development is secret at great expense
– Time and complexity involved in bureaucratic process left actual research
out of date and out of touch with reality
– Results? Products developed failed due to being years late and no longer
relevant
• Open Innovation—
– Open R&D to customers, suppliers, other companies working together
– Results?
▪ Starbucks introduced “My Starbucks Idea” where customers post ideas
▪ Dell’s “IdeaStorm” resulted in 37,000 ideas posted of which 550 were
implemented
Coming Attractions: Memory Crystals
• In sci-fi, characters use devices that resemble large crystals
• Now a realty, researchers at University of Southampton (UK)
have created a nanostructured glass storage device
• Technique uses self-assembling nanostructures written into
fused quartz using tiny femtosecond (one-quadrillionth, or one
millionth of one-billionth, of a second) laser light pulses
• Data are encoded into 5 dimensions (height, length, width,
position, and orientation)
• Results? Allows massive amounts of data to be stored for long
periods of time in an indestructible format thus preserving our
civilization
Who’s Going Mobile: Wearable Technology
• Wearable technology = clothing or accessories
that incorporate electronic technologies
– Examples include:
▪ Smart watches
▪ Fitness trackers (Fitbit)
▪ Google Glass
▪ Oculus VT (Facebook)
– Exiting and futuristic
– Bit, privacy, and infrastructures issues abound
Green IT: The Green Internet of Things
• Past technologies have disrupted business and society for the past several
decades
• Next up? Green IT (for green computing) refers to the practice of using
computing resources more efficiently to reduce environmental impacts
• The Internet of Things (IoT) brings connectivity and IT to the forefront again
poised to revolutionize business and society
• New technologies designed for low power consumption
• Now, a device just needs to be connected to the Internet to be able to collect

and transmit sensory data
• Internet technologies have disrupted many businesses and social processes

by changing the scope and scale of interactions between people
Security Matters: Ransomware
• Security of our business and professional lives are more important
than ever as we live in an online world
• One new tactic, ransomware, seeks to extract money from victims by
planting a virus that renders data on computers useless until a ransom
is paid resulting in the release of the virus
• Examples of the ransomware virus—
– Hollywood Presbyterian Medical Center at Los Angeles was forced to pay $17,000
ransom after its network was broadly infected
– Another hospital in Ottawa decided not to pay the ransom and simply uploaded
data that had been backed up (after cleaning off the virus)
• With threats like ransomware becoming increasingly prevalent,

individuals and organizations will need to better avoid potential
infections
When Things Go Wrong: Technology
Addiction
• In 2015, the average person in the UK spent almost 10 hours consuming
media each day
• With more and more technology, doctors now argue that we are now
becoming addicted (Dopamine, the brain chemical associated with pleasure)
when stimulated by interacting online
• Being plugged-in to technology all the time reduces the brain’s ability to relax
• We are now consume the equivalent of 125 newspapers a day (five times
greater than 30 years ago)
• A Microsoft study indicates that our attention span has fallen from an average
of 12 seconds at the turn of the century to 8 seconds
• How can the situation be improved? Turn off our gadgets for a while each day,
eat right, stay hydrated, work-out regularly, get enough sleep
Ethical Dilemma: The Social and
Environmental Costs of the Newest
Gadgets
• Ethical dilemmas are faced every day involving choosing between two options,
each of which involves breaking a moral imperative
• For most, no definite solutions are available thus we should think about the
consequences of the actions involved in terms of benefits and harm
• Example: Apple
– Products are designed in California and assembled in China
– Chinese workers pushed to work long hours resulting in over 50,000 resignations
per month and up to 14 suicides
– Audit revealed factory workers worked excessive overtime and faced health and
safety issues
• Apple’s CEO faced a number of dilemmas related to profit maximization
• Many Chinese workers seek to work a few months for Apple rather than farm
for the entire year
Industry Outlook: Business Career Outlook
• There is a shortage of business professionals
with the necessary “global skills” for operating
in the digital world
• You can hone your global skills by:
– Gaining international experience
– Learning more than one language
– Sensitizing yourself to global cultural and political
issues
Chapter # 2
Managing the Information
Systems Infrastructure and
Services
Learning Objectives
• 2.1 Describe how changes in businesses’ competitive landscape influence
changing IS infrastructure needs.
• 2.2 Describe the essential components of an organization’s IS infrastructure.
• 2.3 Discuss managerial issues associated with managing an organization’s IS

infrastructure.
• 2.4 Describe cloud computing and other current trends that can help an
organizational address IS infrastructure-related challenges.
The IS Infrastructure (1 of 2)
how changes in businesses’
competitive landscape
influence changing IS
Infrastructure needs.
• Applications and Databases Supporting Processes
The IS Infrastructure (2 of 2)
• Countries and societies depend on an infrastructure
of roads, power, and communication to function
• Businesses rely on an information

systems infrastructure
– Hardware
– System software
– Storage
– Networking
– Data centers
Applications and Databases Supporting
Business Process
• Application Software
– Software Tools
▪ Process automation
▪ Decision support
▪ Other business and user needs
• Databases
– Collections of data
– Organized to facilitate data searches
IS Infrastructure Components
the essential components of an
organization’s IS infrastructure.
• Hardware
• System Software
• Storage
• Networking
• Data Centers
IS Infrastructure Components: Hardware-
Computer Types (Table 2.1)
Type of Number of Physical Size Typical Use Random Typical
Computer Simultaneo Access Cost
us Users Memory (in US$)
Supercomputer One to many Like an automobile Scientific research 5,000+ GB Up to $100
to as large as million
multiple rooms
Mainframe 1,000+ Like a refrigerator Transaction Up to 3,000 GB Up to $10
processing, million
enterprise-wide
applications
Server 10,000+ Like a DVD player Providing websites Up to 512 GB Up to
and mounted in a or access to $50,000
rack to fitting on a databases,
desktop applications or files
Workstation Typically one Fitting on a desk- Engineering, Up to 512 GB Up to
top to the size of a medical, graphic $100,000
file cabinet design
Personal One Fitting on a desk- Personal 512 MB to Up to $5,000
computer top productivity 32 GB
Mobile device One Handheld Personal 512 MB to Up to $750
productivity 2 GB
IS Infrastructure Components: Hardware-
Computer Types
There are many different levels of hardware:
• Supercomputers: are used to solve the most computationally demanding problems,

such as weather forecasting or scientific research.
• Mainframe computers: are used by businesses to host enterprise applications and

perform transaction processing.
• Servers: host content and information for online access and retrieval.
• Workstations: are powerful computers typically used by one individual for demanding
applications such as graphical design or engineering simulation.
• Personal computers: are used by normal computer users to facilitate their personal
productivity.
• Mobile devices: are used by users on the go with the ability to connect anywhere and at
anytime.
IS Infrastructure Components: System
Software
• Controls computer
hardware operations
• Operating systems
– Examples: Windows, OS X,
Ubuntu, Linux
– Manages hard drives and
storage
– Manages keyboard, mouse,
monitor, and printers
– Coordinates application
access to computing
resources
Operating systems
• Operating systems coordinate the interaction between

users, application software, hardware, and peripherals.
• The operating system provides a common layer for

different underlying devices, so that applications only
have to be developed for different operating systems,
rather than for each different computer model.
• System software makes computers functional,
managing all aspects of the hardware inside and
connected to the computer, and it also coordinates the
applications running on the computer.
IS Infrastructure Components: Storage
Storage Purpose
Type
Operational For processing transactions or for

data analysis
Backup Short-term copies of organi-
zational data, used to recover
from system related disaster
(Backup data are frequently
overwritten with newer
backups
Archival Long-term copies of
data organizational data, often
used for compliance and
reporting purposes
IS Infrastructure Components: Networking
• Both human and computer
communication involve
senders, a message to share,
and receivers.
Network requires:
• Sender and receiver
• Transmission pathway
• Rules/protocols for
communication
IS Infrastructure Components: Servers,
Clients, and Peers
• Servers
– Host (serve up) data, databases,
files applications, Web sites,
video, and other content for
access over the network
• Clients
– Consume hosted resources
• Peers (P2P)
– Serve and consume resources,
both a server and a client
interacting with similar computers
IS Infrastructure Components: Types of
Networks
Networks are typically used to connect devices within an organization,
or across organizational subunits.
Type Usage Size
Personal area Wireless communication Under 10 meters
network (PAN) between devices (Bluetooth)
Local area network Sharing of data, software Typically within a building
(LAN) applications, or other
resources between several
users
Wide area network Connect multiple LANs, Large physical distance
(WAN) often with distributed spanning multiple
ownership and management buildings or the area of a
city to worldwide (Internet)
The Internet and the World Wide Web
(WWW)
• The Internet is a large worldwide collection of
networks that use a common protocol to
communicate with each other
– The Internet is based on internetworking, or combining
networks to form larger networks
• The World Wide Web is a system of interlinked

documents on the Internet
– Web protocols (e.g., HTML and HTTP)
– Web pages (documents containing HTML)
– Web servers (provides access via a Web site)
– Web browsers (provides interface to Web pages)
The Internet and the World Wide Web
(WWW)
• HTML stands for Hypertext Markup Language, which is
the language understood by Web browsers like Google
Chrome or Internet Explorer.
• HTTP stands for Hypertext Transfer Protocol, which is the
communication protocol that Web servers use to process
requests from Web browsers.
Web Domain Names and Addresses
• Uniform Resource Locator
(URL) is used to identify and
locate a particular Web page
• Domain name is a term that
helps people recognize the
company or person
– Prefix, like “google” or
“Microsoft”
– Suffix, like .com, .edu, .org, .
gov, or two-letter country
codes
IP Addresses
• The Internet uses IP addresses
– IPV4: Old style, 32-bit, running out of addresses
– IPV6: New style, 128-bit, huge address space
• The WWW translates domain names into IP
addresses
– www.arizona.edu translates to (IPV4)
128.196.134.37
– A URL could be expressed directly as an IP
address, although it’s more common to use it’s
related domain name
World Wide Web Architecture
• Components
– Interconnected Web servers
– Utilize Transmission Control Protocol/Internet
Protocol (TCP/IP)
– Communicate over the Internet
▪ Clients request Web page hosted on server using the
server’s IP address
▪ Server breaks the Web page into packets
▪ Packets stream over Internet to client
▪ Client reassembles
▪ Client can request retransmission of any missing packets
▪ Web browser translates Web page into visible output
Extranets and Intranets (1 of 2)
• Companies have confidential data
• These data still need to be shared on a limited
basis
– Intranet: password-protected Web site
designed for sharing within the company
– Extranet: password-protected Web site
designed for sharing with select partners
• Data and communication are protected via fire-
walls and virtual private networks (VPNs)
Extranets and Intranets (2 of 2)
Intranet
architecture
Extranet
architecture
Firewall and VPN
• A firewall secures proprietary information stored within
the corporate local area network and/or wide area network
so that the information can be viewed only by authorized
users.
• A VPN allows employees to securely connect to the
company’s intranet while on the road or working from
home (i.e., telecommuting).
IS Infrastructure Components: Data
Centers
• Large amounts of data to be managed
• Dedicated space for infrastructure
components such as data centers
• Data center centralization facilitates
– Management
– Repairs
– Upgrades
– Security
Issues Associated with Managing the IS
Infrastructure
• Learning Objective: Discuss
managerial issues associated
with managing an organization’s
IS infrastructure
• Rapid Obsolescence and Shorter IT Cycles

• Big Data and Rapidly Increasing Storage Needs
• Demand Fluctuations
• Increasing Energy Needs
Six Generations of Computing (Table 2.4)
Genera Time Period Major Events
tion Characteristic
1 1946-1958 Vacuum tubes • Mainframe era begins
• ENIAC and UNIVAC were developed
2 1958-1964 Transistors • Mainframe era expands
• UNIVAC is updated with transistors
3 1964-1990s Integrated Circuits • Mainframe era ends, PC era begins
• IBM 360 with general purpose OS
• Microprocessor Intel; Microsoft, Apple
4 1990s-2000 Multiple and low • PC era ends, Interpersonal era begins
cost PCs • High-speed processors and networks
• High capacity storage, low cost high
performance video, audio, and data
5 2000-2010 Widespread • Interpersonal era ends, Internetworking
Internet accessibility begins, Price drops, performance expands
6 2010-Present Ubiquitous mobile • Advent of powerful mobile devices, big
connectivity data, cloud computing, Internet of Things,
Social networking
Big Data and Rapidly Increasing Storage
Needs
• Firms collect unprecedented levels of data
– Business intelligence (Chapter 5)
– Legal compliance (e.g., Sarbanes-Oxley)
• Unprecedented levels of data require
unprecedented infrastructure capabilities
– More storage space, powerful hardware, and database
management
– Ever-increasing Internet bandwidth
– Vicious cycle: enhanced capacity drives new
applications, requiring even more capacity
Demand Fluctuations
• Many companies face demand fluctuations
– Seasonal fluctuations (e.g., December holidays)
– Monthly fluctuations (month-end spikes)
• Demand fluctuations create inefficiencies
– Some estimate up to 70% of IS capacity only used
20% of the time
– IS infrastructure is typically not readily scalable
▪ Changing internal capacity takes time when equipment
needs to be specified, purchased, installed, and
configured.
▪ Cloud computing (next section) may be the answer
Increasing Energy Needs
• Computing can require a lot of power
– Hardware draws power, which generates heat
– Heat requires cooling, which requires more power
• Data centers can use large amounts of power
– 15 to 17 kilowatts per rack
– Large data centers have hundreds of server racks
– More power is required for cooling and lost
through other inefficiencies
Cloud Computing
cloud computing and other
current trends that can help an
organization address IS
infrastructure-related challenges.
• Managing the Cloud

• Advanced Cloud Applications
• Green Computing
What Is Cloud Computing?
• Cloud Computing is a way to allocate resources
much like a utility sells power
• Resources are used “on-
demand,” as needed
• Customers only pay for
what they consume
• Resources can be rapidly
allocated and reallocated
• Consumption becomes an operating expense

• % utilization and efficiency increase dramatically
Cloud Computing Characteristics
• On-Demand Self Service • Resource Pooling
• Rapid Elasticity • Measured Service
• Broad Network Access
Cloud Computing Service Models
• Infrastructure
as a Service
(IaaS)
• Platform as a
Service
(PaaS)
• Software as a
Service
(SaaS)
Cloud Computing Service Models
• Infrastructure as a Service (IaaS): Host virtual

machines on which the customer installs an
operating system
• Platform as a Service (PaaS): Host an environment
on which programs can be executed.
• Software as a Service (SaaS): Host preinstalled
applications to which users just buy access.
Public and Private Clouds
Public clouds offer additional advantages such as scalability and reliability,

but may raise concerns about security and compliance.
Managing the Cloud
• Availability/Reliability
• Scalability
• Viability
• Security, Privacy, and Compliance
• Diversity of Offerings
• Openness
• Costs
Advanced Cloud Applications:
Service-Oriented Architecture (SOA)
• Services—individual
components of
business processes
– Building blocks
• Principles of SOA
– Reusability
– Interoperability
– Componentization
Using SOA, multiple applications
can invoke services
Grid Computing (1 of 2)
• Extremely complex problems need heavy
computing power
Grid Computing (2 of 2)
• Traditionally handled by
supercomputers, but
– Supercomputers are very
expensive
– Even supercomputers may
not be able to handle the
demand
• Grid computing—combine
many small, networked
computers
– Decompose and distribute
large complex problems Copyright © 2018, 2016, 2014 Pearson Education, Ltd. All Rights Reserved
Content Delivery Networks
Content delivery networks

store copies of content
closer to the end user.
Content Delivery Networks
• Larger geographical distance

leads to longer content
transmission time.
• Content delivery networks

involves multiple servers at
various locations.
• The user’s request is routed

to the closest server.
Green Computing
• Driving forces
– Power bills
– Reputation
– Culture
• Approaches
– Virtualizing servers
– Cloud computing
– Power management software
– Reduced printing
– Retiring obsolete hardware responsibly
Managing in the Digital World:
From Google to Alphabet
• Google more than just a search engine!
• Formed a holding company named Alphabet
– Placed 10 companies under this umbrella in 2016
– Allows investors to invest in Alphabet or a subsidiary
– Allows Google to focus on what it does best
– Alphabet owns:
▪ Boston Dynamics (robotics)
▪ Verily (life sciences company)
▪ Nest Labs (home automation)
– One of the largest companies in the world
Who’s Going Mobile: Mobile Payments
Are Transforming Developing Countries
• Rapidly adopted cell phones and other mobile
devices
• Transformed whole economies and societies
• M-Pesa in Kenya revolutionized mobile technology
– Mobile payments have become mainstream
– 60% Of Kenyans use mobile payments via cell phones
• Transforming society in many developing
countries
Ethical Dilemma:
Putting People’s Lives Online
• Google Street View captures millions of
people in the everyday lives
– Put online for the world to see
– Not all pictures are of things people want online
▪ People in places or with people they don’t want
public
– Can be very intrusive; can even ruin lives
– If pictures can be monetized, do companies
have a shareholder duty to do so, regardless
of consequences to some individuals
Coming Attractions:
Making Death Optional?
• Humai is a small research company in Los
Angeles that wants to extend lives:
– Wants to use AI techniques to record a person’s
conversational style, behavior, and thought pattern
– When that person dies they then want to freeze the
brain using cryonics technology
– When available, implant the brain into an artificial body
– Embedded brain can then control the artificial body
Green IT:
Alphabet Renewables
• Alphabet transitioning to renewable energy
• Goal = 100% renewable energy by 2025
• A global leader in renewable energy, Alphabet
has signed contracts with:
– Duke Energy (51-megawatt solar project)
– Sweden project (76-megawatt wind generation project
– Chili project (80-megawatt wind generation project)
– Kenya ($12 million investment wind generation)
• $2 Billion total investment in clean renewables
When Things Go Wrong: Old and Dirty
Energy Drives Global Internet Growth
• Internet central to all aspects of modern society
• By 2018 more than 15 billion devices connected
– Will require massive amounts of energy
– Coal is a cheap energy source but not clean
– Coal provided 41% world’s electrical needs in 2013
• Apple is most aggressive clean energy user
(Greenpeace report)
• Other clean energy users include Facebook,
Google, Amazon, and Microsoft)
Security Matters:
Car Hacking
• Possibility of hacking into computer code that runs
multiple onboard computers in a car
• Modern vehicles also have Bluetooth for
connectivity
• Each system can be exploited by hackers in the
future
• Technology and vehicle component manufacturers
working together to make supply chains more
secure and to prevent tampering.
Industry Analysis:
Movie Industry
• Computers allow studio-quality digital editing at an
affordable price
– Independent filmmakers can compete
• CGI for digital effects (Dreamworks, Universal, Weta
Digital, Pixar)
• Movies released in digital formats
• Movie theaters switching to digital projection systems
• Theaters receive movies electronically instead of on
reels
Chapter # 3
Enabling Business-to-
Consumer Electronic
Commerce
Learning Objectives
• 3.1 Describe different approaches to competing in cyberspace as well as
different forms of electronic government and e-finance.
• 3.2 Describe business-to-consumer electronic commerce strategies.
• 3.3 Understand the keys to successful electronic commerce websites and

explain the different forms of Internet marketing.
• 3.4 Describe mobile commerce, consumer-to-consumer electronic commerce,

and consumer-to-business electronic commerce.
• 3.5 Describe how to conduct financial transactions and navigate the legal
issues of electronic commerce.
Electronic Business: E-Commerce and
E-Government
different approaches to
competing in cyberspace as well
as different forms of electronic
government and e-finance.
• Types of Electronic Commerce

• E-finance
E-Commerce (EC) Defined
• The exchange of goods, services, and money among

firms, between firms and their customers, and between
customers, supported by communication technologies and,
in particular, the Internet
Types of Electronic Commerce (Table 3.1)
Type of EC Description Example
Business-to- Transactions between A person buys a book from
consumer (B2C) businesses and their Amazon.com
customers
Business-to- Transactions among A manufacturer conducts
business (B2B) businesses business over the Web with its
suppliers
Consumer-to- Transactions between A person offers his
business (C2B) customers and photography at shutterstock .
businesses com
Consumer-to- Transactions between A person purchases some
consumer (C2C) people not necessarily memorabilia from another
working together person via eBay.com
All of the above types of EC are in the private sector

E-Government
• Government-to-
Citizens (G2C)
• Government-to-
Business (G2B)
• Government-to-
Government (G2G)
E-finance
• E-finance is the use of information systems to
provide financial services and markets
• E-finance consists of:
– E-banking and online brokerage
▪ Paying bills online using electronic bill pay
▪ People can turn to multiple sites to get the latest information
about stock prices
• Fintech
– Refers to technologies that support activities in the
financial sector.
Business-To-Consumer E-Commerce
• Learning Objective:
Describe business-to-
consumer electronic
commerce strategies.
• E-tailing: Capabilities and Opportunities

• Benefits of E-tailing
• Drawbacks of E-tailing
E-tailing: Capabilities and Opportunities
(1 of 2)
• Firms from across the world can effectively compete
for customers and gain access to new markets
• Disintermediation
– Cutting out the “middleman” and reaching customers
more directly and efficiently
• The Long Tail refers to the ability to cater to niche
markets instead of selling mainstream products
• Mass Customization
– Firms can tailor their products and services to meet a
customer’s particular needs
E-tailing: Capabilities and Opportunities
(2 of 2)
• Group Buying
– If enough people agree to purchase the product or service,
they get significant discounts
• New Revenue and Pricing Models
– Companies can earn revenues not only through traditional
sales, but also through subscription, licensing, or
transaction fees
– Companies and individuals can earn money through Web
advertising or affiliate marketing
• Social Commerce
– Utilizing social networks to build lasting relationships and
advertise products
Mass Customization
Mass customization
generates additional
value for customers and
profits for producers
New Revenue and Pricing Models
Priceline.com lets consumers name
their own price for travel-related
services.
Reverse pricing
“Name your
own price”
Benefits of e-Tailing
• Product benefits: With no store size and shelf
space restrictions, companies can sell a far wider
variety of goods
• Place benefits: Internet storefronts are available
on almost every computer connected to the
Internet
• Price benefits: Online retailers are efficient, with
high volumes and low overhead that allow for
very competitive pricing
Drawbacks of E-tailing
• Trust
– This is especially a concern for new online businesses
without a proven track record
• Direct Product Experience
– E-tailing doesn’t provide sensory information
• Product Delivery and Returns
– Except for direct downloads, e-tailing requires
additional delivery time for products
– Returns may also be a hassle, compared to just going
to the store
Electronic Commerce Websites and
Internet Marketing
Understand the keys to
successful electronic commerce
websites and explain the
different forms of Internet
marketing.
• Designing Websites to Meet Online Consumers’ Needs

• Internet Marketing
Designing Websites to Meet Online
Consumers’ Needs
• Structural Firmness
– No bad links, understandable error messages, privacy/
security, speed
• Functional Convenience
– Ease of use, simple navigation, user feedback, help
features, on-click ordering, flexible payment, order
tracking
• Representational Delight
– Aesthetically pleasing, professional look and feel, color/
font/images, consistent layout, no clutter
Internet Marketing
• If you build it, they

won’t come unless
you market it
• Research firm, Forrester, estimates that by

2019, companies will spend 35% of their
advertising budget on Internet marketing
Search Engine Optimization (SEO)
• SEO attempts to
improve a page’s
ranking in search
engines like
Google
• Techniques
include having
other pages link to
the page, keeping
content updated,
and including key
words
Paid Search
• Paid Search is a way to ensure that your
company’s page appears on the first page users
see
• Paid Inclusion is where some search engines
offer to elevate a page’s position in the organic
results after paying a fee
• Google is paid on a pay-per-click basis which can
become very expensive
Mobile Commerce, Consumer-To-
Consumer EC, and Consumer-To-Business
EC
mobile commerce, consumer-to-
consumer electronic commerce,
and consumer-to-business
electronic commerce.
• C2C EC
• C2B EC
Mobile EC
• Location-Based M-Commerce
– Services can be offered tailored to a person’s needs
based on their current location
• Information on the Go
– Customers can get further information about a product
wherever they are, including in the store, but this can
lead to “showrooming”
• Product and Content Sales
– Consumers use mobile apps to make purchases while
on the go
C2C EC
• When building a marketing app, businesses

must decide if the platform they build will be
scalable
Opportunities and Threats of C2C EC
(Table 3.3)
Opportunities Threats
Consumers can buy and sell to No quality control
broader markets
Eliminates the middleman that Higher risk of fraud
increases the final price of products
and services
Always available for consumers, Harder to use traditional
24/7/365 payment methods (checks,
cash, ATM cards)
Market demand is an efficient
mechanism for setting prices in the
electronic environment
Increases the numbers of buyers and
sellers who can find each other
E-Auctions and Online Classifieds
• E-Auctions
– Individual sellers can sell or barter items at online auctions
– Consumers place bids
– Examples: eBay.com and swap.com
– Revenue model based on small transaction fees, highly
profitable
• Online Classifieds
– Just advertising, no online transactions
– Freecycling
– Examples: craigslist.com
C2B EC
• Relatively new phenomenon, consumers can sell small

pieces of work (e.g., photos) or services to businesses
• It might argued that anyone who made a living doing this
is actually in business for themselves
Securing Payments and Navigating Legal
Issues in EC
mobile commerce, consumer-
to-consumer electronic
commerce, and consumer-to-
business electronic commerce.
• Securing Payments in the Digital World

• Legal Issues in EC
Securing Payments in the Digital World
• Must be sure that online transactions are secure
• Issues related to different forms of online
payments are:
1. Payment Services—involves the use of independent
payment services such as PayPal, Google Wallet
2. Cryptocurrencies—involves the use of a non-
banking currency such as Bitcoin.
3. Managing Risk—businesses are financially liable for
fraudulent transactions, thus have to look for these
and sometimes have to reject risky transactions
Bitcoins
How bitcoins are

exchanged
Ways to Protect Yourself When Shopping
Online
• Use a secure browser • Give payment
information only to
• Check the site’s privacy
businesses you know
policy
and trust
• Read and understand
• Keep records of your
the refund and shipping
online transactions and
policies
check your e-mail
• Keep your personal
• Review you monthly
information private
credit card and bank
Source: Based on Privacy transactions
Rights Clearinghouse (2016)
Possible Indicators of Fraud
• Email
addresses
• Shipping and
billing
addresses
• Transactions
patterns
Legal Issues in EC
• Taxation
– Sales taxes
– Internet Freedom Act: Internet sales are treated like mail-
order sales
• Digital Rights Management

– Preventing unauthorized duplication
– Restrict which devices can play media
– Limit number of times media can be played
• Net Neutrality
– Should the Internet be open? Or should Internet access
come first to the highest bidder?
Taobao and the World of E-commerce
• Taobao is the largest digital marketplace in China
– By 2011 more registered users (370 million) than the
population of the United States
– Online marketplace for multiple companies
– Online consumer-to-consumer sales, much like eBay
– Notorious for piracy and counterfeit goods
• 360buy new-fast growing competitor

– Not on the list of notorious markets
• Sales in China pose huge logistics headaches

– Widely varying population densities
– No “overnight-shipping” infrastructure
Coming Attractions:
The AI Hedge Fund
• In the past hedge fund and money managers have
relied on mathematical and statistical models
• Now AI is used to emulate human intelligence in making
trading decisions
• Machine learning algorithms are able to bring together
data from many sources to improve these models
• Critics doubt the AI approach will be any better than the
existing players in the future
• If AI succeeds and everyone has the same programs
how will one be competitive over another?
Ethical Dilemma:
The Ethics of Reputation Management
• Online reviews can be critical to a customer’s buying
decision
• Biased and fake reviews can affect a business’s
profitability, or even survival
• Owners are tempted to post fake positive reviews
• Competitors are tempted to post fake negative
reviews
• Reputation management can help offset negative
biased reviews, but poses ethical dilemmas
Security Matters:
Too Small to Be Hacked?
• Cybercriminals steal data that can be converted into
cash (credit card numbers, personal info)
• They now have begun to take a users data hostage by
encrypting it
– Demands ransom payment to unlock data
– If paid, will the data be released?
• Experts recommend paying a 3rd party to maintain
system security
• Technology alone cannot protect a business if the
system user is the weak link
When Things Go Wrong:
Buying Likes
• Many businesses entice users to “like” their
business page on Facebook, Twitter, or other
social media sites for some reward
• Campaigns and contests can be deeply biased by
automated “like” and votes, giving unfair
advantage to users who game the system
• Social media platforms try to suppress this type of
devious behavior, but it can be a cat-and-mouse
game
Green IT:
Green Online Shopping
• Fossil fuel requirements
– Retail shopping—use cars to drive to many stores in different
locations
– Online shopping—most of the fuel use is by delivery vehicles
• Carnegie Mellon study revealed a purchase of a thumb drive

from an online retailer and shipped directly to the customer
can result in 35% savings
• Primary drivers of energy consumption for online shopping is
the packaging (boxes) and fuel for delivery of packages
• Research suggests the online shopping might not be that
green after all, due to increase in particulate matter emissions
Who’s Going Mobile:
Mobile Payments
• Electronic funds transfer (EFT) technologies are
paving the way for cashless societies
• The smartphone is becoming a natural payment
companion
• Near field communication (NFC) allows for simply
waving an NFC-enabled phone in front of a
reading device to make a payment
• Potential problems: merchant costs, privacy
concerns
Industry Analysis:
Retailing
• Retailing has embraced new technologies
– Barcode scanning for price, inventory
management, self-checkout
– RFID functions like a barcode bus uses wireless
technologies, and can be integrated with other
information technologies
– New forms of electronic payment, whether by pin,
phone barcode, near-field communications (NFC)
technologies, or fingerprint, are gaining traction
Chapter # 4
Enhancing Organizational
Communication and
Collaboration Using Social
Media
Learning Objectives
• 4.1 Explain organizations’ needs for communication and collaboration.
• 4.2 Explain social media and evolving web capabilities.
• 4.3 Describe various social media applications, and explain their role in
enhancing communication, collaboration, cooperation, and connection.
• 4.4 Describe how companies can manage enterprise-oriented social media

applications and deal with potential pitfalls associated with social media.
The Need for Communication and
Collaboration
Explain organizations’
needs for communication
and collaboration.
• Virtual Teams
• Groupware
• Videoconferencing
• Intranets and Employee Portals
Collaboration
• Collaboration is where two or more people
are working together to achieve a common
goal
• A small company can collaborate very
easily usually at a set time and place
• Global companies require effective and
efficient communication channels for
collaboration
Categories of Collaboration Tools (Table 4.1)
Category Description Instances Examples
Electronic Tools allowing users to Fax, e-mail, voice mail, MOS Outlook,
Communication convey verbal and written blogs, wikis, static Blogger,
tools information and send files, websites Wikipedia
documents, or other
content
Electronic Tools allowing information Internet forums, Apple
conferencing sharing and rich instant messaging, FaceTime,
tools interactions between application sharing, Skype, Google
users video-conferencing Hangouts,
WebEx
Collaboration Tools used to facilitate Electronic Calendars, Google Docs,
management virtual or collocated knowledge MS Office
tools meetings and manage management systems, Online, MS
group activities intranets, online SharePoint
document systems
Virtual Teams
• Virtual teams are composed of members from different

geographic areas and assembled as needed to
collaborate on a certain project
Groupware
• Groupware is a class of software that enables

people to work together more effectively
Groupware
• Synchronous tools: means at the same time,
such as when two people are talking on the
telephone.
– Include shared whiteboards, online chat, electronic meeting
systems, and video communication systems.
• Asynchronous tools: means disconnected in

time, such as when someone reads an email a
day after it was sent.
– Include e-mail, mailing lists, workflow automation systems,
intranets, group calendars, collaborative writing tools, and
discussion forums.
Electronic Meeting System (EMS)
An electronic
meeting system
utilizes
networked
computers and
sophisticated
software to
support various
group tasks
Videoconferencing
• Desktop Videoconferencing
– Simple and low cost
– Internet based
• Dedicated Videoconferencing
– Organizational conference rooms
– Multiple people and/or locations
– Highly realistic/excellent video and audio quality
– Can be extremely expensive, up to $500K
Intranets and Employee Portals
• Real-Time Access to
Information
– Updated information
instantly available
throughout the organization
• Enterprise Search
– Company focused, including
corporate databases
• Collaboration
– Document sharing and co-
editing
• Employee Portals
– Employee benefits self-
service
The Evolving Web
Explain social media and
evolving web capabilities.
• Evolving Web Capabilities

• Evolving Social Interaction
• The Evolving Workspace
• Future Web Capabilities
Evolving Web Capabilities
mashups
• network
effect
• Web 2.0 applications shift a Web user’s role from

a passive consumer of content to its creator
Mashups
• A mashup is a new application (or website) that

uses data from one or more service providers.
• A mashup could combine mapping data, photos,
reference information, hotel prices, and weather
information to provide a comprehensive overview of travel
destinations.
Evolving Social Interaction
• Web 2.0 technologies change how people
interact and enable social media
– Online information at our fingertips
– Personal expression available 24/7
• Individuals often post very private information
– About themselves
– About others
– Without thinking about the consequences
Evolving Social Interaction: Shifting
Perspectives (Table 4.2)
Web 1.0 Web 2.0
Me Me and You
Read Read and write
Connect ideas Connect ideas and people
Search Receive and give recommendations
to friends and others
Find Share
Techies rule Users rule
Organizations Individuals
Future Web Capabilities
• The Semantic Web
– A set of design principles that will allow computers
to better index web pages, topics, and subjects
– Enhanced search results
• Web 3.0
– To be centered around mobility
– The contextual web where tremendous amounts
of content available to users will be filtered by
contextual factors (e.g., time, location, etc.)
Social Media and the Enterprise
Describe various social
media applications, and
explain their role in
enhancing communication,
collaboration, cooperation,
and connection.
• Enhancing Communication Using Social Media

• Enhancing Cooperation with Social Media
• Enhancing Collaboration with Social Media
• Enhancing Connection with Social Media
Enhancing Communication Using Social
Media
• Blogs
– Topical blogs of interest to customers
– Critics call blogs “amateurization of journalism”
• Microblogging
– Post news to customers
– An example is Twitter which is limited to 140 characters
– Example: Coca-Cola’s official Twitter account
• Instant Messaging
– Enables multiple participants to have conversations
– Example: WhatsApp allows group chat, free texts
Enhancing Cooperation with Social Media
• Media Sharing
– Via Flickr, Instagram,
Vimeo, YouTube,
SlideShare
– Webcasting, podcasting
• Tagging
• Social Bookmarking
– Manually adding
metadata to content – Allows users to refine data
• Geotagging • Social Cataloging

– Geospatial data added – Creation of a
categorization system by
users
Enhancing Collaboration with Social Media
• Cloud-Based Collaboration Tools
• Content Management Systems
– Learning management systems
• Collective Intelligence
– Open source software
– Wikis
• Human-Based Computing (Crowdsourcing)
Wikis
• A wiki is a website allowing people to create, edit,

or delete content as well as discuss content
Web-Based Collaboration Tools (Table 4.4)
Type Names
Spreadsheets Google Drive, Zoho Sheet, Microsoft Excel Online
Word processors ThinkFree, Zoho Writer, Google Drive, Microsoft Word
Online
Presentation Google Drive, Zoho Show, Microsoft PowerPoint
Online, Prezi
Office suites Zoho, Google Apps, Microsoft Office Online
Project Management Trac, Redmine, eGroupWare, Collabtive
Notes/task Evernote, Wunderlist, Microsoft OneNote Online
management
Cloud storage/ Dropbox, Google Drive, Microsoft OneDrive,
sharing SugarSync, iCloud
Enhancing Connection with Social Media
• Social Networking
– One of the most popular uses of the Internet
– Facebook had 1.65 billion users as of March 2016
– Social Search
▪ Increase the relevance of search results
• Viral Marketing
– Good marketing techniques can be driven by word-of-
mouth or person-to-person communication
– The power of viral marketing can be a great tool
Downsides and Dangers of using Social
Media Applications
• Online Product Reviews
• Microblogging
• Social Networks
• Bad Vibes Going Viral
• Lessons Learned
– Identify a crises team
– Identify your worst social media nightmare
– Monitor your social media environment
– Act fast. The first 24 hours count
• Societal Impacts of Social Media

Facebook.com
• Facebook had 1.65 billion users in March 2016
• Many companies now have Facebook pages
– When users “like” a company, they can receive
updates from the company
– Consumers can leave comments for companies
– Companies can interact with customers and track
customer loyalty
– Future demand is predicated based on customers’
“likes”
Green IT:
U.S. Military is Moving Toward Renewables
• Renewable energy sources: sunlight, rain, tides,
geothermal heat
• U.S. Military is largest consumer of energy in the
United States (consuming 2% of nation’s total)
– Primary motivator “is bombs on target” meaning it
must have energy security, both on bases, and when
deployed globally
– Senior leaders believe that renewable sources,
coupled with analytic capabilities provided by
information systems, will provide greater energy
options
Coming Attractions:
Dissolvable Electronics
• Pharmaceutical industry fighting bacteria that evolve to
resist antibiotics
– Antibiotics take years to develop, and can lose effectiveness
quickly
• Possible solution: electronic devices that generate heat

to kill the bacteria
– Developed by researchers at University of Illinois
– After surgery, the devices are placed in the wound
– The devices are “biocompatible” and dissolve after doing their
job
• Still in research phase

Security Matters: Terrorism Is Winning the
Social Media Battle
• Terrorism is the use of violence in order to purport a
political, religious, or ideological change
• In 60s and 70s commercial airline hijacking was
broadcast on live TV, thus causing more hijackings
• New technologies (Facebook, YouTube, Twitter)
enable terrorist to use social media to create fear
and to recruit new members
• Attempts by governments to thwart the use of social
media by terrorists has not been successful
Going SoLoMo: Yelp
• SoLoMo = the intersection of social, local, and
mobile services
• Example: Yelp.com
– A review and rating platform providing information on
local businesses from previous customers
– Started in 2004
– Integrated with iOS 6 mapping and directions app
– Incorporates local business advertising
Ethical Dilemma:
Anonymity, Trolling, and Cyberharassment
• Deindividuation is a loss of self-awareness often causing
antisocial behavior by those operating on social media
anonymously (Internet troll)
• An Internet troll is one who creates discord on the Internet
by starting arguments or upsetting people
• Cyberharassment, usually by trolls, usually involves
defamation or revealing person information on others to
start cyber lynch mobs
– Example: Gamergate (2014) targeted several women in the video
gaming industry and wrote disparaging blog posts about them
which led to threatening them with assault, rape, and murder.
Crowdfunding Failures
• Crowdfunding refers to the practice of funding a
project or venture by raising small amounts of money
from a large number of investors via the Internet
• Some projects over promise and under-deliver
– Mostly from lack of experience or underestimation
• Example: Zano drone project collected $3.4 million to

build a miniature quadcopter drone
– Drones under performed leading Zano to file bankruptcy
• Example: Laser Razor collected $4 million before

Kickstarter pulled the plug (no product ever created)
Industry Analysis:
Online Travel
• The first wave (1.0) of online travel involved major
online travel agencies (OYAs)
• Online Travel 2.0 is in the works, allowing individuals
to profit
– Example: Airbnb
▪ Allows travelers to offer their homes for rent
▪ Airbnb value as of April 2016 is $USD 30 billion
– Example: Uber
▪ Social taxi service
▪ Individuals can provide rides and make some money
– Both use ratings and reviews to ensure quality
Chapter # 5
Enhancing Business
Intelligence Using Big Data
and Analytics
Learning Objectives
• 5.1 Describe the need for business intelligence and advanced analytics and
how databases serve as a foundation for making better business decisions.
• 5.2 Explain core concepts of business intelligence and advanced analytics.
• 5.3 Describe how organizations can enhance decision making by using

knowledge management and geographic information systems.
Enhancing Organizational Decision Making
the need for business intelligence
and advanced analytics and how
databases serve as a foundation
for making better business
decisions.
• Why Organizations Need Business Intelligence and

Advanced Analytics
• Databases: Providing Inputs into Business Intelligence
and Advanced Analytics
Business Intelligence, Advanced Analytics,
Business Analytics
• Looking back and answering important questions require
analyzing data of past and current transactions to
understand what happened
• Business Intelligence (BI) refers to tools and techniques
for analyzing and visualizing past data
• Advanced analytics refers to tools and techniques used
to understand why something happened, predict future
outcomes, or discover hidden patterns in large data sets
• Business analytics is used as an umbrella term for all
these concepts
Business Intelligence and Advanced
Analytics (Table 5.1)
• The need for business intelligence and advanced analytics
goes beyond traditional businesses; rather all types of
organizations utilize it to improve their data-driven
decision making as seen in the examples below
Context Example
Political parties Model the influence of social media on election
outcomes
Government Analyze performance of public benefits programs
Defense Manage maintenance and logistics during overseas
deployments
Hospitals Predict patient volume and resource utilization
Nonprofit organizations Manage fundraising campaigns and target donors
Big Data
Understanding Big Data
• Businesses are dealing with the challenge
of “Big Data”
– High Volume
▪ Unprecedented amounts of data
– High Variety
▪ Structured data
▪ Unstructured data
– High Velocity
▪ Rapid processing to maximize value
Databases: Providing Inputs into Business
Intelligence and Advanced Analytics
• Data and knowledge are an organization’s most
valuable resource
• Enabling interactive Web sites using databases:
– E-commerce makes extensive use of databases
– Product catalog data are stored in databases and
available to users
– Customer billing and shipping
– E-commerce applications process millions of
transactions per day
Databases: Foundation Concepts
Databases: Tables and Records
This sample data table for the entity Students includes 7 attributes and 10 records
Source: Microsoft Access
Databases: Advantages (Table 5.2)
Advantages Description
Minimal data redundancy There is a single copy of the data
Improved data consistency Eliminating redundancy improves consistency
Increase security Simplifies enforcement of access restrictions
Improved data quality Centralized control, minimized redundancy, and
improved data consistency enhance data quality
Improved data accessibility A centralized system makes it easier to deploy and
and sharing control access in or out of the organization
Enforcement of standards Centralized data management standardizes rules
Program-data independence Easier to evolve and alter software to changing
business needs when independent
Increased productivity of Data standards make it easier to build and modify
application development applications
Reduced program maintenance Changes in data replicate seamlessly
Databases: E ective Management
• The Data Model
– What data will be captured
– How the data will be represented
• The Data Dictionary
– Document of database metadata
▪ Attribute name
▪ Type of data
▪ Valid values
▪ Business rules
Databases: Entering and Querying Data
Online Transaction Processing
• Online Transaction Processing (OLTP)
– Systems that interact with customers and run a
business in real time
• Data Warehouses
– Integrate data from multiple database and other
data sources
– Contain historic as well as current data
• Data Marts
– Subset of a data warehouse, limited in scope
Operational vs. Informational Systems
(Table 5.4)
Characteristic Operational System Informational System
Primary Run the business on a Support managerial decision
Purpose current basis making
Type of data Current representation of Historical or point-in-time
state of the business (snapshot)
Primary users Online customers, clerks, Managers, business analysts,
salespersons, administration and customers (checking
status and history)
Scope of Narrow and simple updates Broad and complex queries
usage and queries and analyses
Design goal Performance Ease of access and use
Data Warehouses: Extract, Transform, Load
Building a data warehouse involves integrating data from multiple sources.

Extracting is the process of obtaining the necessary data. Transformation is
done to ensure that the data are in a common format and are free of errors.
Finally, the extracted and transformed data are loaded into the warehouse for
use by decision makers.
Business Intelligence and Advanced
Analytics
• Learning Objective: Explain
core concepts of business
intelligence and advanced
analytics.
• Business Intelligence
• Advanced Analytics
Business Intelligence Tools
• Decision Support Systems
– Used to support decision making at all levels
in the organization
• Online Analytical Processing (OLAP)
– Process of quickly conducting complex, multi-
dimensional analyses of data stored that is
optimized for retrieval usually using graphical
software tools
OLAP Terms and Concepts
• Measures
– Facts, numerical data that can be aggregated
• Dimensions
– Provides a way to summarized the data
– Hierarchically arranged to enable drill-down and roll-up
• Cubes
– Multidimensional structure of dimensions and measures
• Slicing and Dicing
– Analyzing data on a subset of dimensions
Information Visualization (Digital
Dashboards)
• Digital dashboards are
used to visually present
key performance
indicators used by
management
• Data usually highly
aggregate
• They use a variety of
design elements to
present data in a user
friendly way
Visual Analytics
• Visual analytics is the combination of various
analysis techniques and interactive visualization
to solve complex problems
Advanced Analytics
• Advanced analytics are designed to help users
gain a deeper understanding of why things
happen and then build predictive models to
support decision making
• Data science describes the advanced analytics
field of study and practice
• Advanced analytics are often used by business
analysts to take decisions out of their hands, thus
freeing up valuable resources
Data Mining
• Discovering “hidden” predictive relationships in the
data
• Complicated algorithms run on large data warehouses
• Types of data mining algorithms
– Association discovery
– Clustering
– Classification
– Text and Web content
mining
Text Mining
• Web content mining refers to

extracting textual information
from Web documents after-
which text mining is used to
apply analytical techniques to
produce useful reports
Data Mining Results
• Data mining
results can be
delivered to
users in a
variety of ways
Machine Learning
Intelligent Systems
• Artificial intelligence (AI) is the science of
enabling information technologies to simulate
human intelligence
• Intelligent agent (also called a bot) is a program
that works in the background to provide some
service when a specific event occurs.
– Examples include:
▪ Apple’s Siri
▪ Microsoft’s Cortana
Knowledge Management and Geographic
Information Systems
how organizations can enhance
decision making by using
knowledge management and
geographic information systems.
• Knowledge Management Systems

• Geographic Information Systems
Knowledge Management Systems
• Explicit knowledge
– Easily codified
and documented
• Tacit knowledge
– Embedded in
people’s minds
– Hard to get at
– Important for best
practices
Goal: gain the greatest value
from knowledge assets
Social Network Analysis
• Social network analysis is a technique that maps
people’s contacts to discover connections or
missing links within the organization
Geographic Information Systems
• A geographic information system (GIS) is a
system for creating, storing, analyzing, and
managing geographically referenced information
• GIS benefits greatly
from advances in
machine learning,
especially for
recognizing and
classifying
geographical features
Chapter # 6
Enhancing Business
Processes Using Enterprise
Information Systems
Learning Objectives
• 6.1 Explain core business processes that are common in organizations.
• 6.2 Describe what enterprise systems are and how they have evolved.
• 6.3 Describe enterprise resource planning systems and how they help to
improve internal business processes.
• 6.4 Understand and utilize the keys to successfully implementing enterprise

systems.
Electronic Business: E-Commerce and
E-Government
Explain core business
processes that are common
in organizations.
• Core Business Processes

• Organizational Activities Along the Value Chain
• Value Systems: Connecting Multiple Organizational Value
Chains
Organizations and Functions
Core Business Processes
• Order-to-Cash
– The process of selling goods or services and collecting
revenue for them
• Procure-to-Pay
– The process of ordering goods or services and paying
for them
• Make-to-Stock/Make-to-Order
– The process of manufacturing goods, either based on
forecasts or based on orders
The Order-to-Cash Process
• Functional Areas in Order-to-Cash

– Sales and Marketing
– Accounting and Finance
– Manufacturing and Operations
The Procure-to-Pay Process
• Functional Areas in Procure-to-Pay

– Supply Chain Management
– Accounting and Finance
– Manufacturing and Operations
The Make-to-Stock and Make-to-Order
Processes
An Example Supply Chain
Organizational Activities Along the Value
Chain
Value Systems: Connecting Multiple
Organizational Value Chains
Source: Based on Porter and Millar (1985), Christensen (1997)
Enterprise Systems
Describe what enterprise
systems are and how they
have evolved
• The Rise of Enterprise Systems

• Supporting Business Processes
The Rise of Enterprise Systems
• Standalone Applications (Legacy Systems)
– Each department had their own proprietary
systems that were not designed to
communicate with other systems
– Information reentered from one system to the
next manually
• Enterprise System (Integrated Suite)
– All departments are integrated into one system
– No duplication of data and more efficient
Standalone Systems
Integrated Enterprise Systems
Supporting Business Processes:
Internally Focused Systems
Supporting Business Processes:
Externally Focused Systems
Improving Business Processes Through
Enterprise Systems
• Packaged software (off-the-shelf software) is
written by third-party vendors for the needs of
many users
• Custom software (developed by contractors) is
designed for a specific organization.
• Enterprise systems are designed in modules with
components that can be selected as needed
• Modules are designed around functional areas (e.
g., accounting, human resources, etc.)
Business Process Management
• Business Process
Management
– Actively managing
business processes
– Using a structured
approach
– May be ongoing
– Many include radical
process
reengineering
Enterprise Resource Planning
Describe enterprise
resource planning systems
and how they help to
improve internal business
processes.
• Responding to Compliance and Regulatory Demands
• Choosing an ERP System
• Enabling Business Processes Using ERP Core Components
• ERP Installation
• ERP Limitations
Responding to Compliance and
Regulatory Demands
• ERP systems have built-in control systems
– Mirror organizational processes
– Support segregation of duties
– Monitor business activities
• ERP systems don’t solve all compliance
problems, but they help a lot
Choosing an ERP System
• ERP Control
– Centralized or decentralized across business units
– Policies and procedures
▪ Do they need to be flexible?
▪ Do they need to be standardized?
• ERP Business Requirements

– What modules are available?
– How well do they meet specific business needs?
Enabling Business Processes Using ERP
Core Components
• ERP systems support core business processes
• Assist with:
– Order-to-cash
– Procure-to-pay
– Make-to-stock/Make-to-order
– Other business processes
• Often packaged industry-specific ERP versions

– Support industry-specific core processes
▪ Health care
▪ Automotive
▪ Construction
▪ Retail
▪ Specialized manufacturing industries
ERP Installation
• Configuration is critical
– Specifying the data to be in the underlying
database
– Thousands of decisions related to business
processes
– Companies need to understand how they do
business to implement and configure their
ERP systems
ERP Limitations
• ERP systems often require organizations to
change their business processes
• Once implemented, a company is locked in
• Difficult and costly to make future changes
• Modifications require extra costly
programming
Achieving Enterprise System Success
Understand and utilize the
keys to successfully
implementing enterprise
systems
• Secure Executive Sponsorship
• Get Help from Outside Experts
• Thoroughly Train Users
• Take a Multidisciplinary Approach to Implementations
• Evolve the Implementation
ERP Recommendations
• Recommendations
– Secure executive sponsorship
– Get help from outside experts
– Thoroughly train users
– Take a multidisciplinary approach to
implementations
– Evolve the implementation
Secure Executive Sponsorship
• Executive Sponsorship is Critical
– Primary reason for ERP failure
– Critical for buy-in
– Dictates resource availability
– Necessary to authorize business improvements
– Key to removing obstacles
Get Help from Outside Experts
• ERP systems are very complex
• Typically, IS departments aren’t familiar
with new systems
• Experts can help
– Specify needs
– Select a suitable vendor
– Manage the implementation project
– Provide technical expertise
Thoroughly Train Users
• ERP systems are complex from the user
perspective as well
– Training costs are often poorly judged
– When systems go live it takes employees time
to regain productivity
• Proper training can:
– Alleviate concerns
– Mitigate productivity loss
– Set expectations
Take a Multidisciplinary Approach to
Implementation
• ERP systems often affect the entire
organization
– The entire organization is a stakeholder
– The entire organization needs involvement
– Failure to have representatives can result in
unmet critical needs
– The project team can’t be experts in every aspect
of user needs
– Departments may become hostile if left out of the
implementation and needs assessment
Evolve the Implementation
• Recent trend is to move away from large-
scale ERP
– Using cloud-based ERP allows scalability and
agility
• Another trend: managing businesses in real
time
– Take advantage of in-memory computing and
mobile access
Amazon.com
• Amazon has grown from an online bookstore to a
complete marketplace
– Almost any product can be purchased through Amazon
– Amazon uses enterprise information systems to
optimize processes, and it now provides this to others
– Amazon Web Services (AWS) is an IS infrastructure
rented to companies for their enterprise system needs
– AWS provides cloud services and hosting for other
companies
Green IT: Why Your Enterprise Systems
Should Be in the Cloud
• Green IT refers to using computers resources more
efficiently and environmentally responsible
• Big part of Green IT movement focuses on cloud
computing
• One benefit of moving IT to the cloud is that the
organization will become known as a sustainable
business
• Benefits include:
– Low capital outlays, lower operating costs, better IT
resource utilization, increased security, and better ability to
adjust to demand changes
Ethical Dilemma:
Too Much Intelligence? RFID and Privacy
• RFID tags being used to tag pharmaceuticals
– RFID tags can be read by anyone with an RFID
reader, creating concerns that a person’s
medications could be revealed
• RFID chips can be embedded in people
– Mexico’s attorney general and senior staff
– Alzheimer’s and diabetes patients
– Implant in kids to prevent kidnapping
• Lots of public opposition, what are the
dangers?
Coming Attractions: Internet of Things
Will Transform ERP and Organizations
• The IoT refers to a broad range of physical objects
that are interconnected and automatically share data
over the Internet
• The integration of “things” will significantly transform
the way organizations do business
• Complex machines can have dozens of sensors to
provide massive amounts of data
• When IoT technologies provide data for enterprise-
wide systems, the enterprise will have a better
understanding of virtually every aspect of the business
Security Matters: To Update or Not to
Update, That Shouldn’t Be the Question
• Virtually all software has known or unknown flaws
• In May 2016 36 unmanned organizations were
running misconfigured or outdated SAP software
• Many organizations fail to upgrade their systems
because they feel new features are not needed
• Failing to upgrade an ERP system can be
problematic and risks the entire company
• Given the size, scope, and complexity, a system
failure can lead an organization to bankruptcy
Who’s Going Mobile: Big ERP Systems
Embracing Small Mobile Devices
• ERP users originally used client PCs to access ERP
systems
• Mobile users can now access ERP systems on the road
• There are many benefits to mobile ERP
– Improved service quality
– Improved productivity
– Strengthened customer relationships
– Improved competitive advantages
– Improved data timeliness and accuracy
• Examples: SAP, Microsoft
When Things Go Wrong: Software Error
Frees Prisoners Early and Is Linked to Killings
• U.S. has highest incarceration rate in the world
• In 2015 a software glitch was blamed for the early
release of 3,200 prisoners
• Software problem discovered when a crime victim
believed a convicted prisoner was released early
• Two of those prisoners were involved in a murder
• A few of them were apprehended that were living
positive lives and resulted in an unwelcomed
surprise
Industry Analysis:
The Automobile Industry
• More than 800 million cars on the road, 83 million
sold worldwide since 2013
– Sales predicted to climb to 100 million by 2018
– China, Brazil, Russia, India, other developing countries
• Growing global demand for energy-efficient cars

• Auto industry efforts:
– Evolving global network of suppliers
– Broader supply chains bring new innovations to market
– USB ports, hard drives, mobile data connectivity
– Google working on a self-driving car
– Marketing enhancements vis virtual showrooms
Chapter # 7
Securing Information Systems
Learning Objectives
• 7.1 Define computer crime and describe several types of computer crime.
• 7.2 Describe and explain differences between cyberwar and cyberterrorism.
• 7.3 Discuss the process of managing IS security and describe various IS

controls that can help in ensuring IS security.
Cyber Security Vs. Information Security
Computer Crime
• Learning Objective: Define
computer crime and describe
several types of computer crime.
• Hacking and Cracking
• Types of Computer Criminals and Crimes
• Computer Viruses and Other Destructive Code
• Cyberharassment, Cyberstalking, and Cyberbullying
• Software Piracy
• Cybersquatting
• Laws Against Computer Crime
What is Computer Crime?
• “Using a computer to commit an illegal act”
• Targeting a computer while committing an offense

– Unauthorized access of a server to destroy data
• Using a computer to commit an offense
– Using a computer to embezzle funds
• Using computers to support criminal activity
– Maintaining books for illegal gambling on a computer
Hacking and Cracking
• Hackers
– Anyone who can gain unauthorized
access to computers
– White hat hackers don’t intend to do
harm
• Crackers
– Individuals who break into computer
systems with the intent to commit crime • Malicious hackers are
or do damage referred to as black
– Also called black hat hackers hats and those not
– Hacktivists: Crackers who are motivated to do harm
motivated by political or ideological are referred to as
goals and who use cracking to promote white hats
their interests
Who Commits Computer Crimes?
• Computer criminals come in all shapes and sizes, in
order of infractions they are:
1. Current or former employees; most organizations report
insider abuses as their most common crime (CSI, 2011)
2. People with technical knowledge who commit business or
information sabotage for personal gain
3. Career criminals who use computers to assist in crimes
4. Outside crackers—commit millions of intrusions per year
• Studies show that only 10% of cracker attacks

cause damage
How Do They Do It?
• Technology • Exploiting human
– Vulnerability weaknesses
scanners • Phishing
– Packet sniffers
• Social engineering
– Keyloggers
– Brute force • Shoulder surfing
• Dumpster diving
Types of Computer Crimes
• Unauthorized Access
– Stealing information
– Stealing use of computer
resources
– Accessing systems with the
intent to commit information
modification
• Information Modification
– Changing data for financial gain
(e.g., embezzlement)
– Defacing a Web site (e.g.,
hacktivists making a statement)
Unauthorized Data Modification
• Unauthorized data
modification can occur in
many ways
• Some are based on
insider threats
– Disgruntled employees,
contractors
• Edward Snowden is a
recent example
Other Threats to IS Security
Other Threats to IS Security
Employees keep passwords or access codes on slips of paper in plain sight
Individuals have never bothered to install antivirus software, or they install the software
but fail to keep it up to date
Computer uses within an organization continue to use default network passwords after a
network is set up instead of passwords that are more difficult to break
Employees are careless about letting outsiders view computer monitors, or they
carelessly give out information over the telephone
Organizations fail to limit access to company files and system resources
Organizations fail to install effective firewalls or intrusion detection systems, or they
install an intrusion detection system but fail to monitor it regularly
Organizations fail to conduct proper background checks on new hires
Fired employees are resentful and install harmful code, such as computer viruses, when
they leave the company
Threats From Mobile Devices
Mobile Threats
Individuals lose their mobile devices and don’t have capabilities to remotely
wipe data from the device
Individuals keep sensitive data on mobile devices and do not use passcodes
Individuals “jailbreak” their mobile phones.
Individuals use poorly designed mobile applications that can have security
vulnerabilities
Individuals use unsecure wireless networks, leaving their devices vulnerable to
different types of attacks
Computer Viruses and Other Destructive
Code
• Computer viruses
• Worms, Trojan horses, and other sinister
programs
• Denial of service
• Spyware, spam, cookies
• The rise of botnets and the cyberattack supply
chain
• Identity theft
Computer Viruses
Worms, Trojan horses, and Ransomware
• Worm: a variation of a virus that is targeted at networks, is designed

to spread by itself without the need for an infected host file to be
shared.
• Trojan horses: appears to be legitimate, benign programs but carry a
destructive payload. Unlike viruses, Trojan horses typically do not
replicate themselves but, like viruses, can do much damage.
• Ransomware: holds a user’s computer hostage by locking or taking
control of the user’s computer or encrypting files or documents. Once
infected, the scammers demand a ransom to be paid by a certain
deadline in order to unlock the computers or decrypt the files
Denial-of-Service Attacks
Spyware, Spam, and Cookies
• Spyware
– Software that monitors the activity on a computer, such as the
Web sites visible or even the key-strokes of the user
• Spam
– Bulk unsolicited e-mail sent to millions of users at extremely low
cost, typically seeking to sell a product, distribute malware, or
conduct a phishing attack
• Cookies
– A small file Web sites place on a user’s computer; can be
legitimate (to capture items in a shopping cart) but can be abused
(to track individuals’ browsing habits) and can contain sensitive
information (like credit card numbers) and pose a security risk
The Rise of Botnets and the Cyberattack
Supply Chain
• Botnets are software robots working together with
zombie computers
• 85% Of all e-mail spam is sent by only six botnets
• Example phishing attack:
– A programmer writes a phishing attack template and sells it
– A phisher purchases the template and designs the attack
– The phisher contracts with a cracker to host the phishing
Web site
– The phisher contracts a bot herder to sent the botnets
– The collector works with a mule herder to withdraw funds
from banks
Identity Theft
• Identity theft is one of the
fastest growing information
crimes
• Stealing Social Security, credit
card, bank account numbers
and information
• Possible solutions
– Government and private sector
working together to change
practices
– Use of biometrics and encryption
Software Piracy (Table 7.1)
Region Piracy Level Dollar Loss
(In US$ billions)
North America 17% 10.0
Western Europe 28% 10.2
Asia/Pacific 61% 19.1
Latin America 55% 5.8
Middle East and Africa 57% 3.7
Central and Eastern Europe 58% 3.1
Worldwide 39% 52.2
Source: Based on Business Software Alliance. (2016
Cybersquatting
• Cybersquatting
– Buying and holding a domain name with the
intent to sell it later for a big profit
– The 1999 Anti-Cybersquatting Consumer
Protection Act makes it a crime if the intent is
to profit from the goodwill of a trademark
belonging to someone else
Laws Against Computer Crime
• Federal Laws
– The Computer Fraud and Abuse Act of 1986
▪ A crime to access government computers or
communications
▪ A crime to extort money by damaging computer systems
▪ A crime to threaten the president, vice president,
members of Congress, administration officials
– Electronic Communications Privacy Act of 1986
▪ A crime to break into any electronic communications
service, including telephone services
▪ Prohibits the interception of any type of electronic
communications
Computer Crime
and explain differences between
cyberwar and cyberterrorism.
• .
• Cyberwar
• Cyberterrorism
Cyberwar (1 of 2)
• Cyberwar Vulnerabilities
– Command-and Control systems
– Intelligence collection, processing, and
distribution systems
– Tactical communication systems and methods
– Troop and weapon positioning systems
– Friend-or-foe identification systems
– Smart weapons systems
Cyberwar (2 of 2)
• Cyberwar strategy includes controlling Internet-
based propaganda
– Web vandalism
• “Patriot hackers”—governments sometimes
blame independent citizens or groups for
cyberwar attacks
• Stuxnet—malware against an Iranian system
– Originally blamed on patriot hackers, then
revealed to be developed by the U.S. and Israel
Cyberterrorism (1 of 2)
• What kinds of attacks are considered
cyberterrorism?
– Attacks by individuals and organized groups
– Political, religious, or ideological goals
• How the Internet is changing the business
processes of terrorists
– Terrorists are leveraging the Internet to
coordinate their activities, recruit, and perform
fundraising
Cyberterrorism (2 of 2)
• Assessing the cyberterrorism threat
– The Internet is generally open and accessible
from anywhere in the world
– There have been many attacks, and although not
significantly damaging, the will and potential exist
• The globalization of terrorism
– Terrorism is now a global business
– Attacks can be launched from anywhere in the
world
Cyberterrorist Categories and Internet Use
(Tables 7.3 & 7.4)
Categories of Cyberterrorist Attacks How Terrorist Are Using the
Internet
Coordinated bomb attacks Information dissemination
Manipulation of financial and banking Data mining
information
Manipulation of the pharmaceutical Fundraising
industry
Manipulation of transportation control Recruiting and mobilization
systems
Manipulation of civilian infrastructures Networking & Information sharing
Manipulation of nuclear power plants Training
Planning and coordinating
Information gathering
Location monitoring
Managing Information Systems Security
• Learning Objective: Discuss
the process of managing IS
security and describe various IS
controls that can help in
ensuring IS security..
• Assessing Risks
• Developing a Security Strategy
• Implementing Controls and Training
• Monitoring Security
Threats to IS Security
• Securing against these threats
must consider these goals:
– Availability
▪ Ensuring that legitimate users can
access the system
– Integrity
▪ Preventing unauthorized
manipulations of data and systems
– Confidentiality
▪ Protecting data form unauthorized
access
– Accountability
▪ Ensuring that actions can be traced
Information Systems Security Process
• Information systems security is an ongoing process
Assessing IS Risks
• Options for addressing risk
– Risk Reduction
▪ Actively installing counter-
measures
– Risk Acceptance
▪ Accepting any losses that
occurs
– Risk Transference
▪ Have someone else absorb
the risk (insurance,
outsourcing)
– Risk Avoidance Interplay between threats,
vulnerabilities, and impacts
▪ Using alternative means,
avoiding risky tasks
Developing a Security Strategy
• After assessing risk, a strategy is
developed detailing the information
security controls
• Types of controls:
– Preventive
– Detective
– Corrective
• Use the principles of least permissions and
least privileges
Policies and Procedures
• Not all security measures are technical in nature.
Managerial activities are important
• Policies and procedures include:
– Confidential information policy
– Security policy
– Use policy
– Backup policy
– Account management policy
– Incident handling procedures
– Disaster recovery plan
Disaster Planning
• Business continuity plan—how a business continues
operating after a disaster
• Disaster recovery plan—detailed procedures for recovering
from systems-related disasters
• Questions for a disaster recovery plan:
– What events are considered a disaster?
– What should be done to prepare the backup site?
– What is the chain of command; who declares a disaster?
– What hardware and software are needed?
– Which personnel are needed?
– What is the sequence for moving back to the original location?
– Which providers can be drawn on to aid in disaster recovery?
Backups
• Backup sites are critical for business continuity in
the event a disaster strikes
• Backup media include CD, external hard drives,
and tapes
• Cold backup site—an empty warehouse with all
necessary connections for power and
communication but nothing else
• Hot backup site—fully equipped backup facility, all
needed equipment and one-to-one replication of
current data
Designing the Recovery Plan
• Recovery time objectives
– Specify the maximum time allowed to recover from
a catastrophic event
– Minutes, hours, days?
• Recovery point objectives
– Specify how current the backup data should be
– Mission-critical transactions data need to be very
current
– Hot backup involves mirrored data
Implementing Controls and Training
• Commonly used controls:
– Physical access restrictions
– Firewalls
– Encryption
– Virus monitoring and prevention
– Secure data centers
– Systems development controls
– Human controls
Physical Access Restrictions
• Physical access controls typically focus on
authentication
– Something you have
▪ Keys
▪ Smart cards
– Something you know
▪ Password
▪ PIN code
– Something you are
▪ Biometrics
A smart card
Source: al62/Fotolia
Types of Physical Access Restrictions
• Methods for implementing physical access control
– Biometrics
▪ Identification via fingerprints, retinal patterns in the eye, facial features, or
other bodily characteristics
– Two-Factor Authentication
▪ The use of two types of credentials to gain access to a system
– Access-Control Software
▪ Allowing computer users access only to those files related to their work
▪ Restricting type of access (read, write, delete, etc.)
– Wireless LAN (WLAN) Controls
▪ Securing wireless networks prevents drive-by-hacking
– Virtual Private Networks(VPN)
▪ Also called a secure tunnel
Firewalls
• Firewalls filter traffic
– Incoming and/or outgoing traffic
– Filter based on traffic type
– Filter based on traffic source
– Filter based on traffic destination
– Filter based on combinations of parameters
Encryption and VPN
Firewalls
• A Firewall is part of a computer system designed to detect
intrusion and prevent unauthorized access to or from a private
network
• Think of it as a “security fence”
Virus Monitoring and Prevention
• Standard precautions
– Install antivirus software
– Do not use flash drives or shareware from
unknown or suspect sources
– Delete without opening any e-mail from unknown
sources
– Do not blindly open any e-mail attachments
– If your computer system contracts a virus, report it
Secure Data Centers
• Securing the
facility’s infrastructure
– Site selection
– Physical access
restrictions
– Intrusion detection
– Uninterruptible
power supply
– Protection from
environmental
threats
Other Controls
• Mobile device
management
• Systems develop-
ment controls
• Human controls
• Deployment and
training
Monitoring Security
• Monitoring external events
– Information Sharing and Analysis Centers, United States Computer
Emergency Readiness Team
• IS Auditing
– External entity reviews the controls to uncover any potential problems
• Sarbanes-Oxley Act
– Best practices: Control Objectives for Information and related Technology
(COBIT)
• Responding to Security Incidents

• Computer Forensics
– Examining the computers of crime victims for evidence
– Auditing computer activity logs
The Sarbanes-Oxley Act
• The Sarbanes-Oxley (S-OX) Act addresses
financial controls
– Companies must demonstrate that controls are in
place
– Companies must preserve evidence documenting
compliance
– Information systems typically used to meet
compliance requirements
– Growing need for IS auditors
Managing in the Digital World: Not So
“Anonymous”—Activists, Hacktivists, or Just Plain
Criminals?
• Anonymous
– A loose collection of hacktivists
– Practice civil disobedience by taking part in cyber-
attacks on Web sites (e.g., WikiLeaks)
– Politically active: launching attacks on Israeli
government for Gaza Strip military actions
– Well known for Internet vigilantism
– Claiming to have good intentions, but activities are
illegal
– Dilemma between pursuing ideological goals and
crossing the bounds of legality
Green IT: Anonymous Protests the Killing
of Dolphins and Whales in Japan
• Anonymous is a hacking group that plots its own
course in “green computing”
• Every year from Sept-March thousands of dolphins
are slaughtered for consumption
• 2016, Anonymous targeted hundreds of Japanese
websites in defense of whales and dolphins
• They targeted Nissan with a denial-of-service attack
and stated that they had no intention of stealing any
information just support of green computing
The Bug That Almost Killed the Internet
• OpenSSL is a popular encryption framework
used to secure many Internet-based
transactions
• Its heartbleed bug is a flow that was created in
2011 and wasn’t fixed until 2014
• Attackers can compromise encryption keys,
user names, passwords, and sensitive data
• The vulnerability potentially affects thousands of
companies and millions of users
Backdoors in Any Mobile Phone?
• In 2015, the San Bernardino terrorist attack killed 14 and
injured 22.
• FBI requested Apple to give them a backdoor so they
could access the phone used in the attack
• Apple refused (customer security), and the FBI sued Apple
• FBI found a way to get the phone unlocked
• Security advocates state that “security of general
population” is more important than personal security
• Debate will rage on over privacy for many years
Ethical Dilemma: Ethics and Cyberwar:
Just Because We Can, Should We?
• Exponential increase in technology has outpaced
the laws to govern the same
• Drones can be flown by personnel in a safe place
to drop bombs without being harmed
• Cyberwar raises many serious issues for society
• Collateral damage to civilian targets is a concern
• Repairing damage by cyberattacks may be difficult
• What about a country’s power grid, banking?
Security Matters: Back to the Future: Analog
May Be the Future of Securing Critical
Infrastructure
• The world has moved from analog to digital
• Digital easier to be hacked and attacked, and then
shared online with others
• Cyberterrorism expert advocates to go back to analog
for security purposes
• Any digital system connected to a network can be
hacked from anywhere worldwide
• An old-school analog system requires a human operator
to turn a dial or flip a switch (analog equipment cannot
be infected by malware)
Coming Attractions:
Can You Become Your Password?
• Passwords are easy to forget, fingerprints are not
• Once criminals gain access to your biometric you
are compromised forever (can’t change it)
• Researchers have suggested Brain Scans
(reading a sentence) because each person’s
brain acts differently
• Brainwaves would be used by the security system,
and they do not leave any tracks and cannot be
manipulated by cyber criminals
Industry Analysis:
Cybercops Track Cybercriminals
• Police departments have been playing catch-up with
technology, but are now making great strides
– Computer Crime and Intellectual Property Section of DOD is
dedicated to tracking cybercrime
– FBI has dedicated cybercrime resources in 56 field offices
– Every state has a computer crime investigation unit
– Software tools for law enforcement have improved significantly
Examples:
▪ Software Forensic Tool Kit
▪ Statewide Network of Agency Photos (SNAP) database
• While criminals may now be using technology to commit

crimes, law enforcement is using technology to catch them

Chapter1 (2) Merged

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Chapter1 (2) Merged

Uploaded by

Copyright:

Available Formats

Foundations of Information Systems (IS

Eighth Edition, 2018

Week 5 Enabling Business-to-Consumer Electronic Commerce Chapter 3

Week 12 Midterm 2 Exam

Week 13-15 Presentations

20% 7th week First exam: Midterm 1

20% 12th week Second exam: Midterm 2

During the term Project + Presentation

During the term

40 % Check Exams Timetable Final exam

• The Emergence of the Digital World

• The proliferation of mobile devices such as smart phones, tablets, and

• Employees can conduct business almost anytime,

• Users use apps such as Snapchat, Twitter, WhatsApp to

The ability to connect “things” such as sensors, meters, signals,

• Can enabled advanced

• Cloud computing is really about sharing technology resources

• Businesses continue to gather ever more data from

• Data: The Root and Purpose of Information Systems

• Information system (IS) is the combination of people and

• Alone, raw data are not very useful

• Case in Point: An Information System Gone Awry:

• Firms of all types and sizes can use information systems

• Protecting your Privacy

• The Guidelines recommend:

• New technologies designed for low power consumption

• Now, a device just needs to be connected to the Internet to be able to collect

• Internet technologies have disrupted many businesses and social processes

• With threats like ransomware becoming increasingly prevalent,

• Apple’s CEO faced a number of dilemmas related to profit maximization

• 2.2 Describe the essential components of an organization’s IS infrastructure.

• 2.3 Discuss managerial issues associated with managing an organization’s IS

• Applications and Databases Supporting Processes

• Businesses rely on an information

• Supercomputers: are used to solve the most computationally demanding problems,

• Mainframe computers: are used by businesses to host enterprise applications and

• Operating systems coordinate the interaction between

• The operating system provides a common layer for

Operational For processing transactions or for

• The World Wide Web is a system of interlinked

• Rapid Obsolescence and Shorter IT Cycles

• Managing the Cloud

• Consumption becomes an operating expense

• Infrastructure as a Service (IaaS): Host virtual

Public clouds offer additional advantages such as scalability and reliability,

Content delivery networks

• Larger geographical distance

• Content delivery networks

• The user’s request is routed

• 3.2 Describe business-to-consumer electronic commerce strategies.

• 3.3 Understand the keys to successful electronic commerce websites and

• 3.4 Describe mobile commerce, consumer-to-consumer electronic commerce,

• Types of Electronic Commerce

• The exchange of goods, services, and money among

All of the above types of EC are in the private sector

• E-tailing: Capabilities and Opportunities

• Designing Websites to Meet Online Consumers’ Needs

• If you build it, they

• Research firm, Forrester, estimates that by

• When building a marketing app, businesses

• Relatively new phenomenon, consumers can sell small

• Securing Payments in the Digital World

How bitcoins are

• Digital Rights Management