Upload
edwina-palmer
View
217
Download
1
Tags:
Embed Size (px)
Citation preview
Management Information Systems
Exam Preparation Workshop 2013
Table of Contents
Information Systems, Organizations, and Strategy Ethical and Social Issues in Information Systems IT Infrastructure and Emerging Technologies Telecommunications, the Internet and Wireless Technology Securing Information Systems Achieving Operational Excellence and Customer Intimacy:
Enterprise E-Commerce: Digital Markets, Digital Goods Managing Knowledge and Collaboration
Structure of Paper
• The paper consists of Five (5) questions.• ALL questions are based on the case study
provided• The total for the paper is 100 marks• The duration of the paper is 3 Hours
Information Systems, Organizations, and Strategy
• Organizations and Information Systems are both a structured method of turning raw products (data/people) into useful entities (information/producers).
Organizational Structures
Using Information Systems to Achieve Competitive Advantage
Porter’s Five Forces• Traditional competitors: always nipping at your heals with new products and
services trying to steal your customers.• New market entrants: not constrained by traditional ways of producing goods and
services, they can easily jump into your markets and lure customers away with cheaper or better products and services.
• Substitute products and services: customers may be willing to try substitute products and services if they decide your price is too high or the quality of your products and services is too low.
• Customers: fickle to say the least, they are now armed with new information resources that make it easier for them to jump to your competitors, new market entrants, or substitute products.
• Suppliers: the number of suppliers used may determine how easy or difficult your business will have in controlling your supply chain. Too few suppliers and you lose a lot of control.
THINK POINT
• How has the competitive forces models changed as a result of the Internet and the emergence of digital firms?
Ethical and Social Issues in Information Systems
• It probably goes without saying that the security and ethical issues raised by the Information Age, and specifically the Internet, are the most explosive to face our society in decades.
• For companies, being transparent is a double-edged sword. • On one hand, it shows that they have nothing to hide and are
operating on the up and up; consumers appreciate this.• On the other hand, transparency can be dangerous for companies
from a competition standpoint. By being open about their business and financial practices, they risk giving competitors information that can be used to one-up them. Thus, companies must find a delicate middle ground.
Relationship between ethical, social, and political issues in an information
society
The relationship between ethical, social, and political issues in an information society
• The introduction of new information technology has a ripple effect, raising new ethical, social, and political issues that must be dealt with on the individual, social, and political levels. These issues have five moral dimensions: information rights and obligations, property rights and obligations, system quality, quality of life, and accountability and control.
Five moral dimensions of the information age
• Information rights and obligations• Property rights and obligations• Accountability and control• System quality• Quality of life
Key technology trends that raise ethical issues
• Doubling of computer power More organizations depend on computer systems for
critical operations• Rapidly declining data storage costs Organizations can easily maintain detailed databases on
individuals• Networking advances and the Internet Copying data from one location to another and accessing
personal data from remote locations is much easier
Key technology trends that raise ethical issues (cont.)
Advances in data analysis techniques Companies can analyze vast quantities of data gathered on
individuals for:• Profiling Combining data from multiple sources to create dossiers of
detailed information on individuals• Non-obvious relationship awareness (NORA) Combining data from multiple sources to find obscure
hidden connections that might help identify criminals or terrorists
Basic concepts for ethical analysis
• Responsibility: Accepting the potential costs, duties, and obligations for
decisions• Accountability: Mechanisms for identifying responsible parties• Liability: Permits individuals (and firms) to recover damages done to them • Due process: Laws are well known and understood, with an ability to appeal to
higher authorities
How cookies identify web visitors
Accountability, Liability, Control
Computer-related liability problemsIf software fails, who is responsible?• If seen as part of machine that injures or harms,
software producer and operator may be liable• If seen as similar to book, difficult to hold
author/publisher responsibleWhat should liability be if software seen as service?Would this be similar to telephone systems not being
liable for transmitted messages?
IT Infrastructure and Emerging Technologies
• The shared technology resources that provide the platform for the firm’s specific information system applications.
• Includes investment in hardware, software, and services, such as consulting, education, and training.
Defining IT infrastructure
Set of physical devices and software required to operate enterprise
Set of firm wide services including:• Computing platforms providing computing services• Telecommunications services• Data management services• Application software services• Physical facilities management services• IT management, standards, education, research and
development services
Evolution of IT infrastructure
• General-purpose mainframe and minicomputer era: 1959 to present
• Personal computer era: 1981 to present• Client/server era: 1983 to present• Enterprise computing era: 1992 to present• Cloud Computing and Mobile Computing era: 2000
to present
IT Infrastructure
Internet platforms
• Hardware, software, management services to support company Web sites, (including Web hosting services) intranets, extranets
• Internet hardware server market: Dell, HP/Compaq, IBM
• Web development tools/suites: Microsoft (FrontPage, .NET) IBM (WebSphere) Sun (Java), independent software developers: Macromedia/Adobe, RealMedia
The emerging mobile digital platform
• Grid computing• Cloud computing and Computing Utility• Autonomic computing • Virtualization and Multicore processors
Grid Computing
• Involves connecting geographically remote computers into a single network capable of working in parallel on business problems that require short-term access to large computational capacity
• Rather than purchase huge mainframes or super computers, firms can chain together thousands of smaller desktop clients into a single computing grid
Cloud Computing
• Firms off-load peak demand for computing power to remote, large-scale data processing centres
• Firms pay only for the computing power they use, as with an electrical utility
• Excellent for firms with spiked demand curves caused by seasonal variations in consumer demand, e.g. holiday shopping
• Saves firms from purchasing excessive levels of infrastructure• Data permanently stored in remote servers, accessed and
updated over the Internet by users
Service Outsourcing and Cloud Services
• Three external sources for software:• Software packages and enterprise software• Software outsourcing (domestic or offshore) Domestic: • Primarily for middleware, integration services, software
support Offshore:• Primarily for lower level maintenance, data entry, call centers,
although outsourcing for new-program development is increasing
Service Outsourcing and Cloud Services
• Cloud-based software services Software as a service (SaaS) Accessed with Web browser over Internet Ranges from free or low-cost services for
individuals to business and enterprise software Users pay on subscription or per-transaction E.g. Salesforce.com Service Level Agreements (SLAs): formal
agreement with service providers
Telecommunications, the Internet and Wireless Technology: Web 1.0, 2.0 and 3.0
Principal functions of all telecommunications systems
A telecommunications system is a collection of compatible hardware and software arranged to communicate information, such as text, graphic images, voice, or video, from one location to another. The principal functions of all telecommunications systems include the transmission of information, establishing an interface between sender and receiver, routing messages along the most efficient path, performing elementary information processing to get the right message to the right receiver, checking and editing transmitted information for errors and formats, converting messages from the speeds of one device to those of another, controlling the flow of information, routing messages, and maintaining overall network structure.
The Internet
• The Internet is an international network of networks connecting hundreds of millions of people.
• The Internet is the primary infrastructure for e-commerce, e-business, and the digital firm.
• Individuals access the Internet through Internet Service Providers, popular online services, or through their company's network. An individual cannot access the Internet directly.
• Instead individuals with a computer equipped with a modem pay a small fee to an Internet Service
• Provider to access the Internet. People can also subscribe to popular online services, such as America Online and Microsoft Network.
Securing Information Systems
• Information systems are vulnerable to technical, organizational, and environmental threats from internal and external sources. The weakest link in the chain is poor system management.
• If managers at all levels don‘t make security and reliability their number one priority, then the threats to an information system can easily become real.
Network Vulnerabilities
Types of Information Systems Security Breaches
1. Malware
There are many methods to install malware on systems, including the use of client-side software vulnerabilities. Browsers remain a top target for vulnerabilities.
2. Malicious insiders
There is no way to eliminate the threat of malicious insiders completely, but through good security policies and followed procedures, the incidents could be a fraction of what they are today.
3. Exploited vulnerabilities
Vulnerability exploit is at the heart of hacking and data breaches. Worms, viruses, malware, and a host of other attack types often rely on vulnerability exploit to infect, spread and perform the actions cyber criminals want. And yet, organizations are still not doing what they need to for patch management. Hackers are more often exploiting client side vulnerabilities and other vulnerabilities associated with 3rd party applications.
4. Careless employees
Careless and untrained insiders will continue to be a very serious threat to organizations in 2010. Insiders can be broken down into three categories: careless & untrained employees, employees that are duped or fall prey to social engineering type attacks, and malicious employees. Protecting a network and critical and sensitive data is done very differently for each type. Policies, procedures, training and a little technology can make a world of difference in reducing an organization's risk to careless insiders.
5. Mobile devices
Mobile devices have become a plague for information security professionals. There are worms and other malware that specifically target these devices such as the iPhone worm that would steal banking data and enlist these devices in a botnet. Theft is still a major cause of data breaches as mobile devices, especially laptops, are the main culprits. Tens of thousands of laptops are stolen each year and often these have sensitive data that require public disclosure as a data breach.
6. Social networking
Social networking sites such as Facebook, MySpace, Twitter and others have changed the way people communicate with each other, but these sites can pose serious threats to organizations. One main problem is that there is a trust component to these sites which makes them fertile ground for identity thieves. There is also a personal safety issue. Social networking sites are a stalker's dream come true. Social networking sites are breeding grounds for SPAM, scams, scare ware and a host of other attacks and these threats will continue to rise.
7. Social engineering
Social engineering is always a popular tool used by cyber criminals and phishing is still a popular method for doing just that. In fact, these new venues make social engineering even more effective. This year will have an added measure of complexity when it comes to social engineering attacks. Beginning sometime mid-2010, domain names will be expanded to include Japanese, Arabic, Hindi and even Greek characters, and with all of these characters being available for domain names, no longer will looking at a domain help one determine if it's legitimate or not.
8. Zero-day exploits
Zero-day exploits are when an attacker can compromise a system based on a known vulnerability but no patch or fix exists, and they have become a very serious threat to information security. Zero-day vulnerabilities are being discovered in traditionally very secure protocols such as SSL and TLS. The zero-day vulnerability could also be in providers.
9. Cloud computing security threats
Using cloud based (i.e. Internet based) applications may not be as secure as once thought with many stories in 2009 regarding cloud based security issues. Many are calling for forced encryption to access "in the cloud" services. As cloud computing grows in popularity over the next few years, cloud security will become a very big issue.
10. Cyber espionage
Cyberespionage is a threat that's being heard more and more all the time and there have been a flood of stories in 2009 on this subject. Most of these incidents surround government bodies and agencies and therefore have not been a huge threat to most individual organizations. However, since cyber espionage has major implications for the government, it is a rising threat that must be closely monitored.
Achieving Operational Excellence and Customer Intimacy: Enterprise
• Enterprise systems aim to correct the problem of firms not having integrated information.
• Also known as enterprise resource planning (ERP) systems, their main goal is to bridge the communication gap among all departments and all users of information within a company
ERP Systems
• SCM ( Supply Chain Management Systems)• CRM ( Customer Relationship Management
Systems)• ESS (Executive Support Systems)• DSS ( Decision Support Systems)• MIS (Management Information Systems)• TPS (Transaction Processing Systems)
E-Commerce: Digital Markets, Digital Goods
• Electronic commerce or ecommerce is a term for any type of business, or commercial transaction, that involves the transfer of information across the Internet. It covers a range of different types of businesses, from consumer based retail sites, through auction or music sites, to business exchanges trading goods and services between corporations. It is currently one of the most important aspects of the Internet to emerge.
How the Internet changes the markets for digital goods
Types of Electronic Commerce
E-commerce is divided into three major categories to make it easier to distinguish between the types of transactions that take place.
• Business-to-consumer (B2C): Most visible• Business-to-business (B2B): Greatest dollar
amount of transactions• Consumer-to-consumer (C2C): Greater
geographic reach
Electronic Payment Systems for E-Commerce
Managing Knowledge and Collaboration
• Knowledge systems are often used by and support professional employees such as engineers, researchers, analysts, and highly skilled technical workers. Portals provide easy-to-use access to these systems and help provide internal and external information others have discovered to be successful solutions or best practices.
Requirements of knowledge work systems
Conclusion
• Management Information systems are typically computer systems used for managing five primary components: hardware, software, data (information for decision making), procedures (design, development and documentation), people (individuals, groups, or organizations). Management information systems cover all aspects from types of systems to new age technological tools.