Chapter 3 - Class presentation

Our class presentation :)

MIS presentation.pptx.pdf by Leowanie Leow

Chapter 7 Case Study : Information Security Threats & Policies in Europe

Question 1: What is a botnet?

A botnet is network of autonomous malicious software agents that are under control of a bot commander.

Question 2: Digital Agenda of Europe main points?

a. To define the key role that information and communication technologies in year 2020.

b. To initiate calls for a single open European digital market.

c. To have broadband speeds of 30Mbps be available to all European citizens by 2020.

d. To implement measures to protect privacy and establishment of well function network of Computer Emergency Response Teams(CERT) to prevent cybercrime and respond effectively to cyber attacks.

Question 3: How a cyber attack can be carried out?

From a simple individual ping commands and message flooding to more sophisticated distributed denial of service (DDoS) attacks. Hacking is coordinated by using a large number of compromised servers organized in a botnet distributed around the world. 

Using botnet :

Network is created by installing malware that exploits the vulnerabilities of Web servers, operating systems, or applications to take control of the infected computers. Once computer is infected, it becomes part of network of thousands of zombies machines that are commanded to carry out the attack. 

Conflicker worm :

Downloaded and install other malware from controlled web sites, thus infected computers would be under full control of the hackers.

Stuxnet :

Propagated via USB devices with hidden shortcuts to execute programs with extensions of .Ink automatically when content of an infected USB drive was displayed. Worm is also capable of installing other malware.

Question 4: Describe some of the weaknesses exploited by malware.

There are a few of weaknesses exploited by malware. Firstly, once installed on a computer , Conflicker is able to download and install other malware from controlled Web sites, thus infected computers could be under full control of the hackers.

Secondly, the malware known as Stuxnet, infected Windows PCs running the Supervisory Control and Data Acquisitions (SCADA) control system from the German company Siemens. Stuxnet was propagated via USB devices. The malware, hidden in shortcuts to executable programs was executed automatically when the content of an infected USB drive was displayed.

 Thirdly, the worm was capable installing other malware. Initially, security experts disclosed that Stuxnet was designed to steal industrial secrets from SIMATIC WinCC, a visualization and control software system from Siemens.

Chapter 6 Case Study : Monitoring Employees on Networks: Unethical or Good Business?

Question 1: Should manager monitor employee e-mail and Internet usage? Why or why not?

Yes, manager should monitor employee e-mail and Internet usage because managers worry about the loss of time when employees are more focusing on personal rather than company business.

       When employees spend a lot their time checking e-mail and the internet it will automatically give effect to the company revenue due to the less of employee productivity. Besides that, some employees may even be billing time they spend pursuing personal interests online to clients, thus overcharging them. Means that, employee did not pay attention to what customer need from the company.

     Then, if personal traffic on company is too high, it can also clog the company’s network so that legitimate business work cannot be performed. Normally employee will use the network provided by the company to complete their job but when they use it for other things that is not necessary   like watch and download video files it cause the network to slow down. Next, when employees use e-mail or the Web (including social networks) at employer facilities or with employer equipment, anything they do, including anything illegal, carries the company’s name. For example, when the employee had done anything illegal like criminal by using the social networks at the work place they will automatically affect the company’s name.

       Moreover, they use company’s equipment and properties to do it. It will gave negative look to the customer toward the company’s name. Companies also fear leakage of confidential information and trade secrets through e-mail or social networks. Normally employee will accidentally sent confidentially or potentially embarrassing company e-mail to outsiders. This will cause the bad look toward the company by the others especially the customers and automatically give benefit to the competitors.

Question 2: Describe an effective e-mail and Web use policy for a company.

Policy: US companies have the legal right to monitor employees Internet and e-mail activity while they are at work.

• This policy is an effective policy because some managers are worries the loss of time and employee productivity when employees are focusing on personal rather than company business while using the Internet. This problem will lead into lost revenue.
• When employees use e-mail or the Web at employer facilities or with employer equipment, anything they do, including anything illegal carries the company’s name. Thus, when managers are monitoring the employee’s activity anything that may be suspicious can be prevent.
• Companies also fear leakage of confidential information and trade secrets through e-mail or social networks. Among managers who fired employees for Internet misuse, the majority did so because the employees’ e-mail contained sensitive, confidential, or embarrassing information.
• The function for this policy also, is to remember that they are personally responsible for what they publish, and to refrain from discussing controversial topics that are not related.

Question 3: Should managers inform employees that their Web behavior is being monitored? Or should managers’ monitors secretly? Why or why not?

Yes, managers should inform employees that their Web behavior is being monitored. This is because as like what IBM did. IBM now has “social computing guidelines” that cover employees’ activities on sites. The guidelines urge employees not to conceal their identities, to remember that they are personally responsible for what they publish, and to refrain from discussing controversial topics that are not related to their IBM role.

This shows also that every employee should be informed about their Web behavior monitored by the employer on the grounds of safety and care of the company's confidential information. Thus, each use of the internet conducted shall be based on things which were good to the common good and the good reputation of the company.

In addition, as a company dependent on widespread information sharing, innovation, and independence could very well find that monitoring creates more problems than it solves. Extensive information resource sharing without limitations can cause much information leading cause of the spread of rumors and false sources that may lead to the sharing of information on the dangers and bad of a company. So, this should be handling by every employee in order to overcome the problem from occur.

Manager monitored their employees’ Web behavior because Manager doesn’t want their employees sending confidential files or other confidential information to people via e-mail that aren't suppose to know the information. Manager need to be concerned about their employees talking about work related information that isn't supposed to leave the office. Next, Manager doesn’t want their employee looking at any inappropriate pictures while at work. Manager also don't want their company to get into trouble for employee's sneaking around to look at pornographic images or anything else sexual. Manager also doesn’t want them to cheat the time clock. Manager doesn’t want their employee to waste company’s money by paying the employee if she or he is just surfing around on the Internet that isn't work related. Manager don't want them being distracted by talking to buddies through instant messages while working. Employees would be able to accomplish more work if they didn't chat with buddies while working. It will save manager even more money if they don't let their employees talk to buddies through Instant messages while working.

Chapter 5 Case Study : Lego

Lego: Combining Business Intelligence with a Flexible Information System

Question 1: Explain the role of the database in SAP’s three-tier-system.

SAP’s business suite is based on a flexible three-tier client-server architecture that can easily be adapted to the new Service-Oriented Architecture (SOA) available in the latest versions of the software. In the first tier, a client interface-a browser-type graphical user interface (GUI) running on either a laptop, desktop, or mobile device-submits users’ requests to the application serves. The applications servers send the processed requests to the database system-receive and process clients’ requests to the database system-the third tier-which consists of one or more relational databases. SAP’s business suite supports database from different vendors, including those offered by Oracle, Microsoft, MySQL, and others. The relational database contain the tables that store data on LEGO’s products, daily operations, the supply chain, and thousands of employees. Managers can easily use the SAP query tool to obtain reports from the databases, because it does not require any technical skill. Additionally, the distributed architecture enables authorized personnel to have direct access to the database system from the company’s various locations, including those in Europe, North America, and Asia.

Question 2: Explain why distributed architectures are flexible.

Distribute architectures are flexible because they adapting company operations to these  changes required a flexible and robust IT infrastructure with business intelligence capabilities that could help management perform better forecasting and planning. As part of the solution, LEGO chose to move to SAP business suite software. SAP AG, a German company that specializes in enterprise software solutions, is one of the leading software companies in the world. SAP’s software products include a variety of applications designed to efficiently support all of a company’s essential functions and operations. LEGO chose to implement SAP’s Supply Chain Management (SCM), Product Lifecycle Management (PLM), and Enterprise Resources Planning (ERP) modules.

Question 3: Identify some of the business intelligence features included in SAP’s business software suite.

SAP’s Supply Chain Management(SCM) included features such as supply chain   monitoring and analysis as well as forecasting, planning and inventory optimization. In SAP’s Product Life-cycle Management(PLM) module enables managers to optimize development processes and systems. SAP’s Enterprise Resources Planning(ERP) modules includes among another applications, the Human Capital Management(HCM) application for personnel administration and development.

SAP’s business suite is based on a flexible three tier client-server architecture than can be easily adopted to the new Service-Oriented Architecture(SOA) available in the latest version of the software. The first tier, a client interface which a browser type running on either a laptop, desktop or mobile device. The second tier is application servers that receive and process client’s requests. In the third tier, it is consists of one or more relational database.

SAP’s business suite supports database from different vendors, including those offered by Oracle, Microsoft, MySQL and others.

Question 4: What are the main advantages and disadvantages of having multiple database in a distributed architecture? Explain.

Advantages	Disadvantages
Mutiple database contains the tables that store data on products, daily operation, supply chain and thousand of employees.	The additional overhead of these transactions can be a performance penalty when the total amount of data in the network is small. Users also see slower performance when accessing user data that is not local.
Managers can easily use the SAP query tool to obtain reports from the database because it does not require any technical skill.	Increased the use of database space. E very table must exist in every database. When the number of tables is very large, the amount of space used this way can be significant. Administrators must use database storage parameters to size tables and reduce database space consumption.
Distributed architecture enables authorized personnel to have direct access to database system fronm the company’s various locations including in Europe, North America and Asia	Administrators must keep the schemas of all databases synchronized and ensure that the network is configured to take optimal advantage of the distributed-database environment in terms of availability and performance. Although database backups are more flexible in a distributed-database environment, multiple databases add complexity to the backup process.

Chapter 3 Case Study : Automakers Become Software Companies

Question 1: How is software adding value to automakers’ products?

Software is adding value to automakers’ products by adding more value and freshness to their products without having to invest so heavily in new vehicle production. Besides that, with the inclusion of software in their cars, automakers are entering uncharted territory so they must now devote resources to updating and testing their software, as well as establishing ways to provide the updated software to their customers. Automobile software also has many of the technologies included in automobile software packages raise the same privacy concerns surrounding location tracking that have often plagued smart phone manufacturers and app developers. The existing of software also allow automakers’ automaker to aggregate and analyze the data from customers’ cars to identify quality problems and, if necessary quickly recalls. Just as with apps, the possibilities are limited only by the imagination of automakers.

Question 2: How are the automakers benefitting from software enhanced cars? How are the customers benefiting?

Software helps to alleviate urban congestion by investing in technology that responds to the problems created by traffic.the eventual system would require that cars feed increasing amounts of information to systems whose purpose would be to minimize highway congestion. Besides, automakers are entering uncharted territory with the inclusion of software in their car. This is establishing ways to provide the update software to their customer. Then, many of the technologies included in automobile software packages raises the same privacy concerns surrounding location tracking that have often plagued smartphone. This is the best way to roll out software upgrades to its customer. USB stick contains a software upgrade that will improve navigation controls, music and phone features, as well as the ability to control car temperature. The upgrade also contains code that will upgrade system speed and improve the interface based on common criticism. The customers must get into the habit of checking the Ford Web for software upgrade. 

Question 3: How much of a competitive advantage is software providing for automakers? Explain your answer. 

Software provides the automakers a competitive advantage of allowing cars to be managed via the cloud.

Software used by My Ford Touch has an in-dash touch screen available for controls with navigation, music, phone integration and temperature. It also has the Sync software which enables tablet and smart phones to access music and other apps using by only voice commands. This is a competitive advantage compared to other normal cars in the market, this feature of software makes it easier for customer to use the car for own interest.

Other than that, Ford has also come out with a software to solve urban congestion by helping cars to avoid traffic jams, to reserve parking space in advance, for future planning Ford is developing ways for vehicles to communicate with one another on the road to avoid collisions.

Software that operate online in the cloud for cars which enables users to be able to remotely track their cars or even diagnose problems with the car like problems of low tire pressure or need for an oil change. These software development are providing a new platform for automakers to enhance many car drivers’ life by just a touch of a finger through a touch panel.

Chapter 4 Case Study : iPhone

Question 1: What are the advantages and disadvantages of allowing employees to use their personal smartphones for work?

Advantages:

1. Managing and maintaining a large number of devices within an organization
2. It is easier to keep track of each mobile device and to roll out software upgrade or fixed, because all the employees using the same device.
3. A firm’s software development teams can benefit from having one person specially focused on new application that usable and useful.
4. A number of software product have emerged to help companies manage diverse mobile platforms.
5. Mobility experts can help a company leverage mobility more effectively.
6. Improve the productivity of the company
7. It can save company’s money

Disadvantages:

1. The mobile digital landscape is much more complicated because the operating system do not have well developed tools for security
2. Adequate technical support for every employee could be difficult
3. If a device is stolen or compromised, companies need ways to ensure confidential information is not freely available
4. Mobility puts assets and data at greater risk if they were located within company walls.
5. When employees make change to their phone, the companies will need to quickly regain the data and flexibly to ensure employee still remain productive.

Question 2: Factors that influence the usage of smartphone? 

People factor :

Individual employees are able to improve and gain more knowledge or skills by using smartphones to access to Internet to find information that they are not sure of. Hence, the productivity of individual employees increase.

Employees have their own choice of using which smartphone to own desire, the price, design, brand, quality and function of a smartphone varies accordingly to own employee choice. Some employee may prefer iOS, Android or Windows operating system to use in their smartphone because they may be more comfortable using the operating system that they are familiar with.

Organization :

Companies need an effective way to keep track of all the smartphone device used by employees so that company can configure their connections for Internet so employees are able to connect to the network. 

Company also need an inventory management to keep track of which device of smartphone that employees uses so that company are able to locate how the smartphone is being used and what kind of software that is used by the phone.

Technology :

The changes improvement in technology in our world today, companies may face problems when there is need to provide technical support for their employees if their smartphone is not working the way it is suppose to.

Company should consider developing software that secures all employees smartphone so that the information in smartphone is protected at anywhere and everywhere.

Question 3: Allowing employees to use their own smartphone for work will save  the company money. Do you agree ?  Why or why not ?

Yes, we agree on the statement thai said allowed employees to use their own smartphone for work will save company money.

The main reason why we agree because it is saves your company money on hardware such as computer and laptop.

The second for company to open up their smartphones is to capitalize on employees’ enthusiasm for  the technology. That enthusiasm translates into commitment that will help make an organization’s mobility strategy a success. Therefore it can save cost to hire expertise an technology.

The third reason is to control cost. Having employees to take over the expense of their smartphone, both the initial cost of the devices and their ongoing voice/data  contracts , benefits both sides of the equation . By being more efficient and effective at work , an employee can leverage an expense that he or she would be making anyway .The employee saves significant cost of an ongoing budget commitment to an ever-expanding circles of corporate-liable smartphones.