Embed Size (px)
Citation preview
Software 11/03/2012 6:59:00 PM
9.1
What is a software and what is the difference from hardware ?
computing hardware : we‘re talking about the physical components of information
technology—the equipment that you can physically touch, including computers, storage
devices, networking equipment, and other peripherals.
It‘s software that makes the magic of computing happen.--> more precisely ,it’s the
instructions—the software code—that enable a computer to do something wonderful, driving
the limitless possibilities of information technology.
Software refers to a computer program or collection of programs—sets of instructions that
tell the hardware what to do. Software gets your computer to behave like a Web browser or
word processor, makes your iPod play music and video, and enables your bank‘s ATM to
spit out cash.
Conclusion : Software refers to a computer program or collection of programs. It enables
computing devices to perform tasks.
What are the major classifications of software and give examples of each.
Conclusion :
You can think of software as being part of a layer cake, with hardware at the bottom; the
operating system controlling the hardware and establishing standards, the applications
executing one layer up, and the users at the top.
*understand that softwares are everywhere, from computers to cellphones to ATM,cars
9.2 Operating Systems
What is an operating system and why computing devices require operating systems. ?
The operating system has come role to control the computing hardware
Differences between the Windows and Mac operating systems are evident throughout the
user interface, particularly when a program interacts with hardware.( These items look and
behave differently because each of these functions touches the hardware, and the team that
developed Microsoft Windows created a system distinctly different from their Macintosh
counterparts at Apple)
Conclusion : The operating system (sometimes called the ―OS‖) provides a common set of
controls for managing computer hardware, making it easier for users to interact with
computers and for programmers to write application software. ex Similarly, when Apple
provided developers with a common set of robust, easy-to-use standards for the iPhone and
(via the App Store) an easy way for users to install these applications on top of the
iPhone/iPod touch/iPad‘s operating system (iOS), software development boomed, and Apple
became hands-down the most versatile mobile computing device available
How embedded systems extend Moore‘s Law, allowing firms to create ―smarter‖ products
and services ?
many smaller, special-purpose computing devices have their operating systems installed on
nonvolatile memory, often on read-only memory (ROM) chips.
Control programs stored on chips are sometimes referred to as firmware(software store on
non-volatile memory chips).
Another term you might hear is embedded systems.--> As computing gets cheaper, special-
purpose technology is increasingly becoming embedded into all sorts of devices like cars,
picture frames, aircraft engines, photocopiers, and heating and air conditioning systems
Moore‘s law enables embedded systems.
Ex : The Otis Elevator Company, a division of United Technologies, uses embedded systems
in its products to warn its service centers when the firm‘s elevators, escalators, and moving
walkways need maintenance or repair
Conclusion : Embedded systems are special-purpose computer systems designed to perform
one or a few dedicated functions, and are frequently built into conventional products like
cars, air conditioners, and elevators.
Embedded systems can make products and services more efficient, more reliable, more
functional, and can enable entire new businesses and create or reinforce resources for
competitive advantage.
9.3 Application Software
Application software focuses on the work of a user or an organization.
What is the difference between desktop and enterprise software ?
Operating systems are designed to create a platform( product and services that allow for the
developtment of software product and other complementary goods) so that programmers can
write additional applications, allowing the computer to do even more useful things.
While operating systems control the hardware, application software (or even just apps)
perform the work that users and firms are directly interested in accomplishing where real
work gets done
Desktop software refers to applications installed on a personal computer—your browser,
your Office suite (e.g., word processor, spreadsheet, presentation software), photo editors,
and computer games are all desktop software.
Enterprise software refers to applications that address the needs of multiple, simultaneous
users in an organization or work group.--> enterprise software programs to keep track of their
inventory, record sales, manage payments to suppliers, cut employee paychecks, and handle
other functions.
Conclusion : The more application software that is available for a platform, the more
valuable that platform becomes.. Desktop applications are typically designed for a single
user. Enterprise software supports multiple users in an organization or work group.
What are the categories of enterprise software ?
customer relationship management (CRM) systems used to support customer-related sales
and marketing activities
supply chain management (SCM) systems that can help a firm manage aspects of its value
chain, from the flow of raw materials into the firm through delivery of finished products and
services at the point-of-consumption
business intelligence (BI) systems, which use data created by other systems to provide
reporting and analysis for organizational decision making
Conclusion : These systems are used in conjunction with database management systems,
programs that help firms organize, store, retrieve, and maintain data.
What is an ERP (enterprise resource planning) software package ?
Since many firms have similar procedures for accounting, finance, inventory management,
and human resource functions, it often makes sense to buy a software package (a software
product offered commercially by a third party) to support some of these functions.
enterprise resource planning (ERP) software packages serve precisely this purpose
(integrate the functions of business : accounting, inventory, human ressources).
Conclusion :
What is the relationship between the DBMS (database system) and the other
enterprise software systems
Most enterprise software works in conjunction with a
database management system (DBMS), sometimes referred to as a ―database system.‖
The database system stores and retrieves the data that an application creates and uses.
it‘s often useful to think of a firm‘s database systems as sitting above the operating system,
but under the enterprise applications
Many ERP systems and enterprise software programs are configured to share the same
database system so that an organization‘s different programs can use a common, shared set of
data.( Firms that don‘t have common database systems with consistent formats across their
enterprise often struggle to efficiently their value chain.)
Exemple of efficient coordination of software between organization : Sell a product?
Deduct it from your inventory. When inventory levels get too low, have your computer
systems send a message to your supplier‘s systems so that they can automatically build and
ship replacement product to your firm.
Conclusion : The DBMS stores and retrieves the data used by the other enterprise
applications. Different enterprise systems can be configured to share the same database
system in order share common data.
firms with common database systems and standards often benefit from increased
organizational insight and decision-making capabilities.
Recognize both the risks and rewards of installing packaged enterprise systems
Conclusion : Enterprise systems can cost millions of dollars in software, hardware,
development, and consulting fees, and many firms have failed when attempting large-scale
enterprise system integration. Simply buying a system does not guarantee its effective
deployment and use.
When set up properly, enterprise systems can save millions of dollars and turbocharge
organizations by streamlining processes, making data more usable, and easing the linking of
systems with software across the firm and with key business partners.
9.4 Distributed Computing
Understand the concept of distributed computing and its benefits.
When computers in different locations can communicate with one another, this is often
referred to as distributed computing.
Let‘s start with the term server. This is a tricky one because it‘s frequently used in two ways:
(1) in a hardware context a server is a computer that has been configured to support requests
from other computers (e.g., Dell sells servers) and (2) in a software context a server is a
program that fulfills requests (e.g., the Apache open source Web server)
Understand the client-server model of distributed computing.
The World Wide Web, like many other distributed computing services, is what geeks call a
client-server system.
Client-server refers to two pieces of software, a client that makes a request, and a server that
receives and attempts to fulfill the request
Ex : the client is the browser (e.g., Internet Explorer, Firefox, Safari). When you type a Web
site‘s address into the location field of your browser, you‘re telling the client to ―go find the
Web server software at the address provided, and tell the server to return the Web site
requested.‖
Know what Web services are and the benefits that Web services bring firms.
more advanced distributed environments may use a category of software called an
application server.
The application server (or app server) houses business logic for a distributed system.
The World Wide Web consortium defines Web services as software systems designed to
support interoperable machine-to-machine interaction over a network
Individual Web services served up by the app server are programmed to perform different
tasks: ex.-->returning a calculation (―sales tax for your order will be $11.58‖), accessing a
database program (―here are the results you searched for‖), or even making a request to
another server in another organization (―Visa, please verify this customer‘s credit card
number for me‖).
In this multitiered distributed system, client browsers on various machines (desktop, laptop,
mobile) access the system through the Web server. The cash register doesn’t use a Web
browser, so instead the cash register logic is programmed to directly access the services it
needs from the app server. Web services accessed from the app server may be asked to do a
variety of functions, including perform calculations, access corporate databases, or even
make requests from servers at other firms (for example, to verify a customer’s credit card).
Appreciate the importance of messaging standards and understand how sending messages
between machines can speed processes, cut costs, reduce errors, and enable new ways of
doing business
When computers can talk together (instead of people), this often results in fewer errors, time
savings, cost reductions, and can even create whole new ways of doing business!
Each Web service defines the standard method for other programs to request it to perform a
task and defines the kind of response the calling client can expect back.
These standards are referred to as application programming interfaces (APIs).
Look at the advantages that Web services bring a firm like Amazon. Using Web services, the
firm can allow the same order entry logic to be used by Web browsers, mobile phone
applications, or even by third parties who want to access Amazon product information and
place orders with the firm
Organizations that have created a robust set of Web services around their processes and
procedures are said to have a service-oriented architecture (SOA).
Example : Southwest Airlines had a Web site where customers could book flights, but many
customers also wanted to rent a car or book a hotel, too. To keep customers on
Southwest.com, the firm and its hotel and rental car partners created a set of Web services
and shared the APIs. Now customers visiting Southwest.com can book a hotel stay and rental
car on the same page where they make their flight reservation. This process transforms
Southwest.com into a full service travel destination and allows the site to compete head-to-
head with the likes of Expedia, Travelocity, and Orbitz.
KEY TAKEAWAYS
Client-server computing is a method of distributed computing where one program (a client)
makes a request to be fulfilled by another program (a server).
Server is a tricky term and is sometimes used to refer to hardware. While server-class
hardware refers to more powerful computers designed to support multiple users, just about
any PC or notebook can be configured to run server software.
Web servers serve up Web sites and can perform some scripting.
Most firms serve complex business logic from an application server.
Isolating a system‘s logic in three or more layers (presentation or user interface, business
logic, and database) can allow a firm flexibility in maintenance, reusability, and in handling
upgrades.
Web services allow different applications to communicate with one another. APIs define the
method to call a Web service (e.g., to get it to do something), and the kind of response the
calling program can expect back.
Web services make it easier to link applications as distributed systems, and can make it easier
for firms to link their systems across organizations.
Popular messaging standards include EDI (older) and XML. Sending messages between
machines instead of physical documents can speed processes, drastically cut the cost of
transactions, and reduce errors.
Distributed computing can yield enormous efficiencies in speed, error reduction, and cost
savings and can create entirely new ways of doing business.
When computers can communicate with each other (instead of people), this often results in
fewer errors, time savings, cost reductions, and can even create whole new ways of doing
business.
Web services, APIs, and open standards not only transform businesses, they can create entire
new firms that change how we get things done.
9.5 Writing Software
Understand, at a managerial level, what programming languages are and how software is
developed.
Programmers write software in a programming language.
most commercial software is written in C++ (pronounced “see plus plus”) or C#
(pronounced “see sharp”)
Most professional programmers use an integrated development environment (IDE) to
write their code : The IDE includes a text editor, a debugger for sleuthing out errors, and
other useful programming tools.
The IDE will also compile a programmer’s code, turning the higher-level lines of instructions
that are readable by humans into lower-level instructions expressed as the patterns of ones
and zeros that are readable by a computer’s microprocessor.
Conclusion : Programs are often written in a tool called an IDE, an application that includes an
editor (a sort of programmer’s word processor), debugger, and compiler, among other tools.
Recognize that an operating system and microprocessor constrain the platform upon which
most compiled application software will run.
Look at the side of a box of commercial software and you’re likely to see system
requirements that specify the operating system and processor that the software is designed
for (e.g., “this software works on computers with Windows 7 and Intel-compatible
processors”).
Conclusion : Compiling takes code from the high-level language that humans can
understand and converts them into the sets of ones and zeros in patterns representing
instructions that microprocessors understand. Most software is written for a platform—a
combination of an operating system and microprocessor.
Understand what Java is and why it is significant.
Know what scripting languages are.
Java is a programming language designed to run everywhere (developped by Sun
Microsystems)
Java programmers don’t write code with specific operating system commands (say for
Windows, Mac OS X, or Linux), instead they use special Java commands to control their user
interface or interact with the display and other hardware
Java Virtual Machine (JVM), a software layer that interprets Java code so that it can be
understood by the operating system and processor of a given computer
Java’s platform independence—the ability for developers to “write once, run
everywhere”—is its biggest selling point
As long as the machine receiving the Java code has a JVM, then the Java application should
run. However, Java has not been popular for desktop applications. Since Java isn’t
optimized to take advantage of interface elements specific to the Mac or Windows, most
Java desktop applications look clunky and unnatural.
Conclusion : Java is designed to be platform independent. Computers running Java have a
separate layer called a Java Virtual Machine that translates (interprets) Java code so that it can
be executed on an operating system/processor combination. In theory, Java is “write once, run
everywhere,” as opposed to conventional applications that are written for an operating system
and compiled for an OS/processor combination.
Java is popular on mobile phones, enterprise computing, and to make Web sites more
interactive. Java has never been a successful replacement for desktop applications, largely
because user interface differences among the various operating systems are too great to be
easily standardized.
9.6 Understanding Technology beyond the Price Tag: Total Cost of Ownership (TCO) and
the Cost of Tech Failure
What are the different cost categories that comprise total cost of ownership ?
Managers should recognize that there are a whole host of costs that are associated with
creating and supporting an organization’s information systems.
There are costs associated with design and documentation (both for programmers and for
users
There are also testing costs. New programs should be tested thoroughly across the various
types of hardware the firm uses, and in conjunction with existing software and systems,
before being deployed throughout the organization.
Any errors that aren’t caught can slow down a business or lead to costly mistakes that could
ripple throughout an organization.
Studies have shown that errors not caught before deployment could be one hundred times
more costly to correct than if they were detected and corrected beforehand
The price tag and complexity of these tasks can push some managers
to think of technology as being a cost sink rather than a strategic
resource.
These tasks are often collectively referred to as the
total cost of ownership (TCO) of an information system
Conclusion : The total cost of ownership of systems can include software development and
documentation, or the purchase price and ongoing license and support fees, plus
configuration, testing, deployment, maintenance, support, training, compliance auditing,
security, backup, and provisions for disaster recovery. These costs are collectively referred
to as TCO, or a system’s total cost of ownership
How come once a system is implemented, the costs of maintaining and supporting the
system continue. ?
Once a system is “turned on,” the work doesn’t end there. Firms need to constantly engage
in a host of activities to support the system that may also include the following:
providing training and end user support
collecting and relaying comments for system improvements
auditing systems to ensure compliance (i.e., that the system operates within the firm’s legal
constraints and industry obligations)
providing regular backup of critical data
planning for redundancy and disaster recovery in case of an outage
vigilantly managing the moving target of computer security issues
Conclusion :.
What are the reasons that technology development projects fail and the measures that can
be taken to increase the probability of success ?
Sometimes technology itself is to blame, other times it’s a failure to test systems
adequately, and sometimes it’s a breakdown of process and procedures used to set
specifications and manage projects.
Ex : a multimillion-dollar loss on the NASA Mars Observer was traced back to a laughably
simple oversight—Lockheed Martin contractors using English measurements, while the folks
at NASA used the metric system. [5] Yes, a $125 million taxpayer investment was lost
because a bunch of rocket scientists failed to pay attention to third grade math.
The most common factors include the following: [6]
Unrealistic or unclear project goals
Poor project leadership and weak executive commitment
Inaccurate estimates of needed resources
Badly defined system requirements and allowing “feature creep” during development
Poor reporting of the project’s status
Poor communication among customers, developers, and users
Use of immature technology
Unmanaged risks
Inability to handle the project’s complexity
Sloppy development and testing practices
Poor project management
Stakeholder politics
Commercial pressures (e.g., leaving inadequate time or encouraging corner-cutting)
Improve Success
Information systems organizations can work to implement procedures to improve the
overall quality of their development practices.
Mechanisms for quality improvement include
capability maturity model integration (CMMI), which gauge an organization’s process
maturity and capability in areas critical to developing and deploying technology projects,
and provides a carefully chosen set of best practices and guidelines to assist quality and
process improvement.
why reinvent the wheel when there is an opportunity to learn from and follow blueprints
used by those who have executed successful efforts.
When methodologies are applied to projects that are framed with clear business goals and
business metrics, and that engage committed executive leadership, success rates can
improve dramatically
Conclusion : Information systems development projects fail at a startlingly high rate. Failure
reasons can stem from any combination of technical, process, and managerial decisions.
One in three technology development projects fail to be successfully deployed. S
organizations can employ project planning and software development methodologies to
implement procedures to improve the overall quality of their development practices.
Software in Flux: Partly Cloudy and Sometimes Free 11/03/2012 6:59:00 PM
10.1 Introduction
How low marginal costs, network effects, and switching costs have combined to help create
a huge and important industry
Unlike physical products assembled from raw materials, the marginal cost to produce an
additional copy of a software product is effectively zero
Network effects and switching cost can also offer a leading software firm a degree of
customer preference and lock in that can establish a firm as a standard, and in many cases
creates winner-take-all (or at least winner-take-most) markets.
Conclusion : The software business is attractive due to near-zero marginal costs and an
opportunity to establish a standard—creating the competitive advantages of network
effects and switching costs.
What are the changes that the software industry is experimenting ? (include open source
software, cloud computing and software as a service)
But as great as the business has been, the fundamental model powering the software
industry is under assault. Open source software (OSS) offerings—free alternatives where
anyone can look at and potentially modify a program’s code—pose a direct challenge to the
assets and advantages cultivated by market leaders
How can we compete with free
And if free software wasn’t enough of a shock, the way firms and users think about software
is also changing
A set of services referred to as cloud computing is making it more common for a firm to
move software out of its own IS shop so that it is run on someone else’s hardware
In one variant of this approach known as software as a service (SaaS), users access a
vendor’s software over the Internet, usually by simply starting up a Web browser.
With SaaS, you don’t need to own the program or install it on your own computer.
Hardware clouds can let firms take their software and run it on someone else’s hardware
Another software technology called virtualization can make a single computer behave like
many separate machines. This function helps consolidate computing resources and creates
additional savings and efficiencies.
Conclusion : New trends in the software industry, including open source
software (OSS), hardware clouds, software as a service (SaaS), and
virtualization are creating challenges and opportunity across tech markets.
Understanding the impact of these developments can help a manager make
better technology choices and investment decisions. These transitions are
important. They mean that smaller firms have access to the kinds of burly,
sophisticated computing power than only giants had access to in the past.
10.2 Open Source
What is open source software and understand how it differs from conventional
offerings ?
Open source software (OSS) is often described as free. While most OSS can be
downloaded for free over the Internet, it’s also “free” as in liberated
The source code for OSS products is openly shared. Anyone can look at the
source code, change it, and even redistribute it, provided the modified
software continues to remain open and free.
The old notion of open source being fueled on the contributions of loners
tooling away for the glory of contributing to better code is now largely
inaccurate.
OSS is not only available for free, but also makes source code available for
review and modification
While open source alternatives are threatening to conventional software
firms, some of the largest technology companies now support OSS initiatives
and work to coordinate standards, product improvements, and official
releases.
10.3 Why Open Source?
What are the primary reasons firms choose to use OSS (open sourcing) ?
Cost : Free alternatives to costly commercial code can be a tremendous motivator,
particularly since conventional software often requires customers to pay for every copy
used and to pay more for software that runs on increasingly powerful hardware
Reliability : the more people who look at a program’s code, the greater the likelihood that
an error will be caught and corrected. The open source community harnesses the power of
legions of geeks who are constantly trawling OSS products, looking to squash bugs and
improve product quality
How OSS can beneficially impaxt industry and government ?
Security : OSS advocates also argue that by allowing “many eyes” to examine the code,
the security vulnerabilities of open source products come to light more quickly and can be
addressed with greater speed and reliability. Many OSS vendors offer security focused
(sometimes called hardened) versions of their products. These can include systems that
monitor the integrity of an OSS distribution, checking file size and other indicators to be
sure that code has not been modified and redistributed by bad guys
Scability : allows a firm to scale from start-up to blue chip without having to significantly
rewrite their code, potentially saving big on software development costs.
Agility and Time to Market : Vendors who use OSS as part of product offerings may be able
to skip whole segments of the software development process, allowing new products to
reach the market faster than if the entire software system had to be developed from
scratch, in-house. (Motorola has claimed that customizing products built on OSS has helped
speed time-to-market for the firm’s mobile phones, while the team behind the Zimbra e-
mail and calendar effort built their first product in just a few months by using some forty
blocks of free code.)
10.4 Examples of Open Source Software
There are thousands of open source products available, covering nearly every software
category. Many have a sophistication that rivals commercial software products.
Not all open source products are contenders. Less popular open source products are not
likely to attract the community of users and contributors necessary to help these products
improve over time (again we see network effects are a key to success—this time in
determining the quality of an OSS effort).
Just about every type of commercial product has an open source equivalent.
10.5 Why Give It Away? The Business of Open Source
Understand the disproportional impact OSS has on the IT market.
By lowering the cost of computing, open source efforts make more computing options
accessible to smaller firms. More reliable, secure computing also lowers costs for all users.
OSS also diverts funds that firms would otherwise spend on fixed costs, like operating
systems and databases, so that these funds can be spent on innovation or other more
competitive initiatives.
Think about Google, a firm that some estimate has over 1.4 million servers. Imagine the
costs if it had to license software for each of those boxes!
Understand how vendors make money on open source.
One way is by selling support and consulting services
in revenue from paying customers subscribing for access to software updates and support
services
ex : Oracle, a firm that sells commercial ERP and database products, provides Linux for free,
selling high-margin Linux support contracts for as much as five hundred thousand dollars
And every dollar saved on buying someone else’s software product means more money IBM
customers can spend on IBM computers and services
With OSS, hardware firms spend less money than they would in the brutal, head-to-head
competition where each once offered a “me too” operating system that was incompatible
with rivals but offered little differentiation.
Microsoft recognizes that if a whole generation of first-time computer users grows up
without Windows, they may favor open source alternatives years later when starting their
own businesses. As a result, Microsoft has begun offering low-cost versions of Windows (in
some cases for as little as seven dollars) in nations where populations have much lower
incomes.
Know what SQL and MySQL are
MySQL (pronounced “my sequel”) is the “M” in the LAMP stack, and is used by
organizations as diverse as FedEx, Lufthansa, NASA, Sony, UPS, and YouTube.
The “SQL” in name stands for the structured query language, a standard method for
organizing and accessing data
Since all of these databases are based on the same standard, switching costs are lower, so
migrating from a commercial product to MySQL’s open source alternative is relatively easy.-
-> BAD GOR COMMERCIAL FIRLMS
Conclusion: MySQL is the dominant open source database software product. Adoption of the
SQL standard eases some issues with migrating from commercial products to MySQL.
10.6 Cloud Computing: Hype or Hope?
What is the concepts of cloud computing
Its replacing computing resources (either an organization’S or individual’s harware with
services provided over the internet.
What are the two major categories of cloud computing
(1) software as a service (SaaS), where a firm subscribes to a third-party software-replacing
service that is delivered online, and
(2) models often referred to as utility computing, which can include variants such as
platform as a service (PaaS) and infrastructure as a service (IaaS).
Using these latter techniques, an organization develops its own systems, but runs them
over the Internet on someone else’s hardware.
10.7 The Software Cloud: Why Buy When You Can Rent?
How come firms usins SaaS product dramatically lower several costs associated with their
information system ?
Firms using SaaS products can dramatically lower several costs associated with the care and
feeding of their information systems, including software licenses, server hardware, system
maintenance, and IT staff.
Cloud computing tells you don’t download or buy any more software. Instead let someone
else run it on their hard disk and deliver the result over the internet.
Organizations that adopt SaaS forgo the large upfront costs of buying and installing
software packages. For large enterprises, the cost to license, install, and configure products
like ERP and CRM systems can easily run into the hundreds of thousands or even millions of
dollar
Know how SaaS vendors earn their money.
Most SaaS firms earn money via a usage-based pricing model akin to a monthly
subscription.
What are the benefits to users that accrue from using SaaS.
Save money:
additional costs like annual maintenance contracts have also been rising as rivals fail or get
bought up
There’s also the added cost for the IT staff needed to run these systems.
Firms that adopt software as a service never actually buy a system’s software and
hardware, so these systems become a variable operating expense
Reduce the financial risks associated with making a large capital investment in information
systems
SaaS offerings also provide the advantage of being highly scalable. :
Some firms might expect systems to be particularly busy during tax time or the period
around quarterly financial reporting deadlines, while others might have their heaviest
system loads around a holiday season.
But sometimes these loads are difficult to predict, and if the difference between high
workloads and average use is great, a lot of that expensive computer hardware will spend
most of its time doing nothing.
In SaaS, however, the vendor is responsible for ensuring that systems meet demand
fluctuation. Vendors frequently sign a service level agreement (SLA) with their customers to
ensure a guaranteed uptime and define their ability to meet demand spikes.
the potential for higher quality and service levels :
SaaS firms handle backups, instantly deploy upgrades and bug fixes, and deal with the
continual burden of security maintenance
Be able to list the benefits to vendors from deploying SaaS.
While a packaged software company like SAP must support multiple versions of its software
to accommodate operating systems like Windows, Linux, and various flavors of Unix, an
SaaS provider develops, tests, deploys, and supports just one version of the software
executing on its own servers.
SaaS vendors are more attuned to customer needs. Since SaaS firms run a customer’s
systems on their own hardware, they have a tighter feedback loop in understanding how
products are used (and why they fail)—potentially accelerating their ability to enhance their
offerings
impact distribution costs and capacity. ;
As much as 30 percent of the price of traditional desktop software is tied to the cost of
distribution—pressing CD-ROMs, packaging them in boxes, and shipping them to retail
outlets. [4] Going direct to consumers can cut out the middleman, so vendors can charge
less or capture profits that they might otherwise share with a store or other distributor.
SaaS allows a vendor to counter the vexing and costly problem of software piracy. It’s just
about impossible to make an executable, illegal copy of a subscription service that runs on a
SaaS provider’s hardware.
What are the risks associated with SaaS ?
The largest concerns involve the tremendous dependence a firm develops with its SaaS
vendor
And in addition to the switching costs associated with switching on conventional software
platforms, switching SaaS vendors may involve the slow and difficult task of transferring
very large data files over the Internet.
Having all of your eggs in one basket can leave a firm particularly vulnerable.
If a traditional software company goes out of business, in most cases its customers can still
go on using its products. But if your SaaS vendor goes under, you’re hosed.
They’ve got all your data, and even if firms could get their data out, most organizations
don’t have the hardware, software, staff, or expertise to quickly absorb an abandoned
function.
Firms that buy and install packaged software usually have the option of sticking with the old
stuff as long as it works, but organizations adopting SaaS may find they are forced into
adopting new versions
any radical changes in a SaaS system’s user interface or system functionality might result in
unforeseen training costs, or increase the chance that a user might make an error.
Relying on an Internet connection also means that data is transferred to and from a SaaS
firm at Internet speeds, rather than the potentially higher speeds of a firm’s internal
network.
Any time a firm allows employees to access a corporation’s systems and data assets from a
remote location, a firm is potentially vulnerable to abuse and infiltration.
Conclusion :
Risks are
concern about the long-term viability of partner firms.
users may be forced to migrate to new versions—possibly incurring unforeseen training
costs and shifts in operating procedures.
reliance on a network connection—which may be slower, less stable, and less secure.
data asset stored off-site—with the potential for security and legal concerns.
limited configuration, customization, and system integration options compared to packaged
software or alternatives developed in-house.
the user interface of Web-based software is often less sophisticated and lacks the richness of
most desktop alternatives.
ease of adoption may lead to pockets of unauthorized IT being used throughout an
organization.
10.9 The Hardware Cloud: Utility Computing and Its Cousins
Distinguish between SaaS and hardware clouds.
While SaaS provides the software and hardware to replace an internal information system,
sometimes a firm develops its own custom software but wants to pay someone else to
run it for them.
That’s where hardware clouds, utility computing, and related technologies come in.
In this model, a firm replaces computing hardware that it might otherwise run on-site with a
service provided by a third party online.-->hardware computing
What are the concepts of cloud computing, cloudbursting, and black swan events.
In a cloudbursting scenario a firm’s data center running at maximum capacity can
seamlessly shift part of the workload to IBM’s cloud, with any spikes in system use metered,
utility style.
Cloudbursting is appealing because forecasting demand is difficult and can’t account for the
ultrarare, high-impact events, sometimes called black swans.
Understand the challenges and economics involved in shifting computing hardware to the
cloud.
For all the hype about cloud computing, it doesn’t work in all situations.
Installing a complex set of systems on someone else’s hardware can be a brutal challenge
and in many cases is just about impossible. (sometimes inhouse software)
For that reason we can expect most cloud computing efforts to focus on new software
development projects rather than options for old software.
Firms considering cloud computing need to do a thorough financial analysis, comparing the
capital and other costs of owning and operating their own systems over time against the
variable costs over the same period for moving portions to the cloud. For high-volume, low-
maintenance systems, the numbers may show that it makes sense to buy rather than rent.
Cloud costs can seem super cheap at first. Sun’s early cloud effort offered a flat fee of one
dollar per CPU per hour. But users often also pay for the number of accesses and the
number of data transfers
If a cloud vendor fails you and all your eggs are in one basket, then you’re down, too.
Vendors with multiple data centers that are able to operate with fault-tolerant provisioning,
Conclusion: Cloud computing varieties include platform as a service (PaaS), where vendors
provide a platform (e.g., the operating system and supporting software like database
management systems) but where client firms write their own code; and infrastructure as a
service (IaaS), where cloud vendors provide and manage the underlying infrastructure
(hardware and networking), while clients can create their own platform, choosing operating
systems, applications, and configurations.
Benefits and risks are similar to those discussed in SaaS efforts. Benefits include the use of the
cloud for handling large batch jobs or limited-time tasks, offloading expensive computing tasks,
and cloudbursting efforts that handle
10.10 Clouds and Tech Industry Impact
Cloud computing’s impact across industries is proving to be broad and significant.
Clouds can lower barriers to entry in an industry, making it easier for start-ups to launch
and smaller firms to leverage the backing of powerful technology.
Clouds may also lower the amount of capital a firm needs to launch a business, shifting
power away from venture firms in those industries that had previously needed more VC
money.
Clouds can shift resources out of capital spending and into profitability and innovation.
Hardware and software sales may drop as cloud use increases, while service revenues will
increase.
Cloud computing can accelerate innovation and therefore changes the desired skills mix and
job outlook for IS workers. Tech skills in data center operations, support, and maintenance
may shrink as a smaller number of vendors consolidate these functions.
Demand continues to spike for business-savvy technologists. Tech managers will need even
stronger business skills and will focus an increasing percentage of their time on strategic
efforts. These latter jobs are tougher to outsource, since they involve an intimate
knowledge of the firm, its industry, and its operations.
The market for expensive, high margin, sever hardware is threatened by companies moving
applications to the cloud instead of investing in hardware.
Server farms require plenty of cheap land, low cost power, ultrafast fiber-optic connections,
and benefit from mild climates.
Sun, Microsoft, IBM, and HP have all developed rapid-deployment server farm modules that
are pre configured and packed inside shipping containers
10.11 Virtualization
What is virtualization software and how does it impact cloud computing ?
It si a software tool in the cloud computing toolbox
A server running virtualization software can create smaller compartments in memory that
each behave as a separate computer with its own operating system and resources
(transform one computing into multiple computer)
Virtualization can generate huge savings
Using virtualization, firms can buy and maintain fewer servers, each running at a greater
capacity. It can also power down servers until demand increases require them to come
online
What are the benefits to a fimr using virtualization ?
Virtualization software can lower a firm’s hardware needs, save energy, and boost
scalability.
Data center virtualization software is at the heart of many so-called private clouds and
scalable corporate data centers, as well as the sorts of public efforts described earlier.
Virtualization also works on the desktop, allowing multiple operating systems (Mac OS X,
Linux, Windows) to run simultaneously on the same platform.
Virtualization software can increase data center utilization to 80 percent or more.
While virtualization is used to make public cloud computing happen, it can also be used in-
house to create a firm’s own private cloud.
A number of companies, including Microsoft and Dell, have entered the growing
virtualization market.
10.12 Make, Buy, or Rent
An organization can purchase packaged software from a vendor, use open source offerings,
leverage SaaS or other type of cloud computing, outsource development or other IT
functions to another firm either domestically or abroad, or a firm can develop all or part of
the effort themselves
When presented with all of these options, making decisions about technologies and systems
can seem pretty daunting.
The key variable to consider when choosing which option better suits the firm are :
Competitive Advantage—Do we rely on unique processes, procedures, or technologies that
create vital, differentiating competitive advantage? If so, then these functions aren’t a good
candidate to outsource or replace with a package software offering.
Security—Are there unacceptable risks associated with using the packaged software, OSS,
cloud solution, or an outsourcing vendor? Are we convinced that the prospective solution is
sufficiently secure and reliable? Can we trust the prospective vendor with our code, our data,
our procedures and our way of doing business? Are there noncompete provisions for vendor
staff that may be privy to our secrets? For off-site work, are there sufficient policies in place
for on-site auditing? If the answers to any of these questions is no, outsourcing might not
be a viable option.
Legal and Compliance—Is our firm prohibited outright from using technologies? Are there
specific legal and compliance requirements related to deploying our products or services?
Even a technology as innocuous as instant messaging may need to be deployed in such a
way that it complies with laws requiring firms to record and reproduce the electronic
equivalent of a paper trail.
Skill, Expertise, and Available Labor—Can we build it? The firm may have skilled
technologists, but they may not be sufficiently experienced with a new technology. Even if
they are skilled, managers much consider the costs of allocating staff away from existing
projects for this effort.
Cost—Is this a cost-effective choice for our firm? A host of factors must be considered when
evaluating the cost of an IT decision. The costs to build, host, maintain, and support an
ongoing effort involve labor (software development, quality assurance, ongoing support,
training, and maintenance), consulting, security, operations, licensing, energy, and real
estate. Any analysis of costs should consider not only the aggregate spending required over
the lifetime of the effort but also whether these factors might vary over time.
Time—Do we have time to build, test, and deploy the system?
Vendor Issues—Is the vendor reputable and in a sound financial position? Can the vendor
guarantee the service levels and reliability we need? What provisions are in place in case the
vendor fails or is acquired? Is the vendor certified via the Carnegie Mellon Software Institute
or other standards organizations in a way that conveys quality, trust, and reliability?
Social Media, Peer Production and Web 2.011/03/2012 6:59:00 PM
What is the unexpected rise and impact of social media and peer production systems ?, and
understand how these services differ from prior generation tools. :
“Web 2.0,” these new services are targeted at harnessing the power of the Internet to
empower users to collaborate, create resources, and share information in a distinctly different
way
The peer production leveraged by collaborating users isn’t only used to create social media; it
can be used to create services, too, and these are also considered to be part of Web 2.0.
do not only benefits from the service but the users also TAKE part of the service
Description Features Technology Providers
Blogs Short for “Web log”—an online publication
that keeps a running chronology of entries.
Readers can comment on posts. Can connect
to other blogs through blog rolls or trackbacks.
Key uses: Share
ideas, obtain
feedback, mobilize
a community.
1. Immediate
publication and
distribution
2. Reverse chronology
3. Comment threads
4. Persistence
5. Searchability
6. Tags
7. Trackbacks
• Blogger (Google)
• WordPress
• Tumblr
• Posterous
Wikis A Web site that anyone can edit directly from
within the browser.
Key uses: Collaborate on common tasks
or to create a common knowledge base.
• Collaborative content
creation
• All changes are
attributed
• Revision history, with
the ability to roll
back changes and
revert to earlier
• Socialtext
• PBWorks
• Google Sites
• Atlassian
• Jive
• Microsoft
(SharePoint)
• Apple OS X Server
versions
• Automatic notification
of updates
• Searchability
• Tags
• Monitoring
Electronic
Social
Network
Online community that allows users to
establish a personal profile, link to other
profiles (i.e., friends), share content, and
communicate with members via messaging,
posts. Most personal relationships are
reciprocal (i.e., both parties agree to be
“friends”).
Key Uses: Discover and reinforce
affiliations; identify experts; message
individuals or groups; virally share media.
• Detailed personal
profiles using
multimedia
• Affiliations with
groups,
organizations,
and individuals
• Messaging and public
discussions
• Media sharing
• “Feeds” of recent
activity among
members
Open/Public
Private Platforms
• Ning
• Lithium
• SelectMinds
• LiveWorld
• IBM/Lotus
Connections
• Salesforce.com
• Socialtext
Microblog
ging
Short, asynchronous messaging system. Users
send messages to “followers” who aren’t
required to follow back.
Key Uses: distribute time-sensitive
information, share opinions, virally spread
ideas, run contests and promotions, solicit
feedback, provide customer support, track
commentary on firms/products/issues,
organize protests.
• 140-character
messages sent
and received
from mobile
device
• Ability to respond
publicly or
privately
• Can specify tags to
classify
Open/Public
Private Platforms
• Socialtext Signals
• Yammer
• Salesforce.com
(Chatter)
discussion topics
for easy
searching and
building
comment threads
• Follower lists
7.2 BLOGS
What is a blog ?
This is clearly a long tail phenomenon, loaded with niche content that remains ―discoverable‖
through search engines and that is often shared via other types of social media like Facebook and
Twitter.
Trackbacks (citation links back to original blog post) and blog rolls (a list of a blogger‘s
favorite sites—a sort of shout-out to blogging peers) also help distinguish and reinforce the
reputation of widely read blogs.
Well-known blogs can be powerfully influential, acting as flashpoints on public opinion
Understand the benefits and risks of blogging
Corporations that blog can enjoy immediate and unfiltered distribution of their ideas, with
no limits on page size, word count, or publication deadline. And they can gather
immediate feedback from readers via comments
Immediate and unfiltered publication. The ability to reach the public without limits on
publication size and without having posts filtered, edited, or cut by the mainstream
media.
Ease of use. Creating a new post usually involves clicking a single button.
Comment threads. Readers can offer comments on posts.
Reverse chronology. Posts are listed in reverse order of creation, making it easy to see the
most recent content.
Persistence. Posts are maintained indefinitely at locations accessible by permanent links.
Searchability. Current and archived posts are easily searchable.
Tags. Posts are often classified under an organized tagging scheme.
Trackbacks. Allows an author to acknowledge the source of an item in their post, which
allows bloggers to follow the popularity of their posts among other bloggers.
Appreciate the growth in the number of blogs, their influence, and their capacity to generate
revenue.
Blog comments can be a hothouse for spam and the disgruntled
Employee blogging can be difficult to control and public postings can ―live‖ forever in
the bowels of an Internet search engine or as content pasted on other Web sites
7.3 Wikis
What is a Wiki ? How can corporate and people used them at their advantages ?
A wiki is a Web site anyone can edit directly within a Web browser (provided the site
grants the user edit access).
What are Wikis‘ feature ?
Wikis support what you see is what you get (WYSIWYG) editing that, while not as robust
as traditional word processors, is still easy enough for most users to grasp without training or
knowledge of arcane code or markup language. Users can make changes to existing content
and can easily create new pages or articles and link them to other pages in the wiki.
Click the ―History‖ link on Wikipedia, for example, and you can see when edits were
made and by whom. This feature allows the community to roll back a wiki to a prior
page, in the event that someone accidentally deletes key info, or intentionally defaces a
page.
How can organization use wikis to leverage technology ?
Wikis can be vital tools for collecting and leveraging knowledge that would otherwise be
scattered throughout an organization; reducing geographic distance; removing boundaries
between functional areas; and flattening preexisting hierarchies. Companies have used wikis
in a number of ways:
The greater the number of wiki users, the more likely the information contained in the wiki will
be accurate and grow in value.
7.4 Social Networks
Know what social networks are, be able to list key features, and understand how they are used by
individuals, groups, and corporations.
Social network is an online community that allow users to establish a profile and
communicate with users
Feeds are inherently viral. By seeing what others are doing on a social network, and by
leveraging the power of others to act as word-of-mouth evangelists, feeds can rapidly
mobilize populations, prompt activism, and offer low-cost promotion and awareness of a
firm‘s efforts. ** most important feature of social network
feeds can rapidly mobilize populations, prompt activism, and offer low-cost promotion
and awareness of a firm‘s efforts
Typical features of a social network include support for the following:
Detailed personal profiles
Affiliations with groups (e.g., alumni, employers, hobbies, fans, health conditions,
causes); with individuals (e.g., specific ―friends‖); and with products, firms, and other
organizations
Private messaging and public discussions
Media sharing (text, photos, video)
Discovery-fueling feeds of recent activity among members (e.g., status changes, new
postings, photos, applications installed)
The ability to install and use third-party applications tailored to the service (games, media
viewers, survey tools, etc.), many of which are also social and allow others to interact
Understand the difference between major social networks MySpace, Facebook, and LinkedIn.
LinkedIn has become a vital tool for many businesses and professionals.
n LinkedIn, members post profiles and contact information, list their work history, and
can be ―endorsed‖ by others on the network.
Recognize the benefits and risks of using social networks.
Information spreads virally via news feeds. Feeds can rapidly mobilize populations, and
dramatically spread the adoption of applications. The flow of content in social networks is
also difficult to control and sometimes results in embarrassing public disclosures.
Feeds have a downside and there have been instances where feed mismanagement has caused
user discontent, public relations problems, and the possibility of legal action.
Be aware of trends that may influence the evolution of social networks.
The use of public social networks within private organizations is growing, and many
organizations are implementing their own, private, social networks.
Firms are also setting up social networks for customer engagement and mining these sites
for customer ideas, innovation, and feedback.
7.5 Twitter and rise of microbloggin
Explain the rise of twitter (scale, scope and broad appeal)
Twitter is a microblogging that allows users to post 140 character messages vie the web.
How does individuals, corporate and political movement use twitter ?
They can classify comments on a given topic using hash tags allowing others to find related
tweets
The users can also spread news during disasters, terror attack and major events
The political movement need twitter to support the voice of the activist
It is also used as a business tool (starbucks used twitter to spread free samples of new product
such as VIA instant coffee line), massage clinics tweet last minute cancellation
Twitter is incredible for raison millions via Text-to –donate and other fundraisers
Firms are leveraging Twitter in a variety of ways, including promotion, customer response,
gathering feedback, and time-sensitive communication.
Like other forms of social media, Twitter can serve as a hothouse that attracts opinion and forces
organizational transparency and accountability.
What is the different between twitter, microbloggind and facebook , conventional blogs and
other web 2.0 efforts ?
Unlike facebook you do not have to ‗‘friend‘‘ someone to access that person on twitter
Unlike status updates found on services like Facebook and LinkedIn, Twitter‘s default supports
asymmetric communication, where someone can follow updates without first getting their
approval. This function makes Twitter a good choice for anyone cultivating a following—
authors, celebrities, organizations, and brand promoters.
What is the commercial viability of the effort, its competitive environment and converns
regarding limited revenue ?
- You don‘t need to tweet to get value. Many Twitter users follow friends, firms, celebrities, and
thought leaders, quickly gaining access to trending topics.
- Twitter has been following a ―grow-first-harvest-later‖ approach
- The site‘s rapid rise has allowed it to attract enough start-up capital to enable it to
approach revenue gradually and with caution, in the hopes that it won‘t alienate users with
too much advertising
- Twitter‘s ―deliberately cautious‖ approach to revenue development, the ad model
featuring sponsored ―promoted tweets‖ rolled out first as part of the search, with distribution
to individual Twitter feeds progressing as the firm experiments and learns what works best
for users and advertisers.
- Another issue—as the service grew, many Twitter users rarely visited the firm‘s Web
site. Instead, most active users would post and read tweets using one of many—often free—
applications provided by third parties, such as Seesmic, TweetDeck, and Twhirl.
- Exposing data can be a good move as it spawned an ecosystem of over one hundred
thousand complementary third-party products and services that enhance Twitter‘s reach and
usefulness (generating network effects from complementary offerings similar to other
―platforms‖ like Windows, iPhone, and Facebook).--> downfall to such opennes : If users
don‘t visit Twitter.com, that makes it difficult to count users, serve profiling technologies
such as tracking cookie
- All this creates what is known as the ―free rider problem,‖ where others benefit from a
service while offering no value in exchange Encouraging software and service partners to
accept ads for a percentage of the cut could lessen the free rider problem
-Users can link a Twitter account used on their iOS devices to other apps, which means no
need to log in or manually add an account each time you add an app that you‘ll want to tweet
from
- Microblogging does appear to be here to stay
Conclusion: Sites like Twitter have made data available to third parties via an API
(application programming interface). The API has helped a rich ecosystem of over seventy
thousand Twitter-supporting products and services emerge. But by making data available to
third parties, firms may suffer from the free rider problem where others firms benefit from a
service without providing much benefit back to the sponsor itself.
7.6 Key Words and Concepts of the Web 2.0
What is RSS and how effective business use this terms and technology?
RSS (an acronym that stands for both “really simple syndication” and “rich site
summary”) enables busy users to scan the headlines of newly available content and click
on an item’s title to view items of interest, thus sparing them from having to continually
visit sites to find out what’s new. Users begin by subscribing to an RSS feed for a Web
site, blog, podcast, or other data source. The title or headline of any new content will
then show up in an RSS reader. Subscribe to the New York Times Technology news
feed, for example, and you will regularly receive headlines of tech news from the Times.
Many firms use RSS feeds as a way to mange information overload, opting to distribute
content via feed rather than e-mail. Some even distribute corporate reports via RSS. RSS
readers are offered by third-party Web sites such as Google and Yahoo! and they have
been incorporated into all popular browsers and most e-mail programs.
RSS fosters the rapid sharing and scanning of information, including updates from
Web 2.0 services such as blogs, wikis, and social networks. RSS feeds can be
received via Web browsers, e-mail, cell phones, and special RSS readers.
What is Folksonomies and how effective business use this terms and technology?
Folksonomies (sometimes referred to as social tagging) are keyword-based classification
systems created by user communities as they generate and review content. (The label is
meant to refer to a people-powered taxonomy.) Example : Twitter‘s hash tags all make
heavy use of folksonomies.
By leveraging the collective power of the community to identify and classify content,
objects on the Internet become easier to locate, and content carries a degree of
recommendation and endorsement.
It helps adding values to the pile of data !
Folksonomies allow users to collaboratively tag and curate online media, making
it easy for others to find useful content. Since folksonomies are created by users
themselves, they are often more easily understood and embraced than
classification schemes imposed by site owners.
What is Mash-ups and how effective business use this terms and technology?
Mash-ups are combinations of two or more technologies or data feeds into a single,
integrated tool
Ex : Some of the best known mash-ups leverage Google‘s mapping tools. Mapnificent.net
combines transit agency data with Google Maps to let users find locations that are close
to public transportation.
Mash-ups are made easy by a tagging system called XML (for extensible markup
language).
Site owners publish the parameters of XML data feeds that a service can accept or offer
(e.g., an address, price, product descriptions, images). Other developers are free to
leverage these public feeds using application programming interfaces (APIs)
Using APIs and XML, mash-up authors smoosh together seemingly unrelated data
sources and services in new and novel ways
Mash-ups promote the useful combination of different Web services, such as maps and
other information feeds. Mash-up authors leverage technologies such as APIs and XML
to combine seemingly unrelated data sources and services in new and novel ways.
What is Location-based services and how effective business use this terms and technology?
Computing devices increasingly know where you are
Business leverage the location-based services like Twitter, Facebook, and Google Buzz
to allow you to tweet or post a status update attached with a physical location as
determined by your phone‘s global positioning system (GPS)
Augmented-reality apps can overlay real data on top of images from a GPS and
compass-equipped smartphone ex : Wikitude overlays images appearing through your
phone‘s camera lens with geotagged data from Wikipedia. Point your Yelp app down the
street and activate the monocle feature to see starred reviews hover over the top of
establishments that appear on screen.
Perhaps the best known among the location-based pure plays is Foursquare. The service
allows players to ―check in‖ at different locations, allowing players to earn ―badges‖
displayed in the app for completing specific achievements (―gym rat‖ for exercise buffs,
―school night‖ for weeknight bar hoppers). Check into a location more than anyone else
and you become that spot‘s ―mayor.‖
Location-based services are increasingly combining geolocated data with social media.
Users can now quickly see related social media surrounding an area, even overlaying this
data on top of maps and images through a phone‘s camera lens. Sites like Foursquare are
morphing into loyalty and customer-rewards programs. While users are largely in control
of sharing location data, some fear privacy and security issues from oversharing.
What is Virtual worlds and how effective business use this terms and technology?
In virtual worlds, users appear in a computer-generated environment in the form of an
avatar, or animated character.
Many corporations and organizations have established virtual outposts by purchasing
―land‖ in the world of Second Life, while still others have contracted with networks to
create their own, independent virtual worlds.
Virtual worlds allow users to interact with and within a computer-generated alternate
reality.
What is Rich Media and how effective business use this terms and technology?
Rich media is content such as text, graphics, animation, video, audio, etc.
Internet media is increasingly becoming ―richer,‖ leveraging audio, video, and animation.
Organizations and users are creating and distributing rich media online, with interesting
content spreading virally.
7.7 Prediction Markets and the Wisdom of Crowd
What is the wisdowm of crowd (applied to social network) and what are the necessary
criteria for a crowd to be smart ?
Many social software efforts leverage what has come to be known as the
wisdom of crowds.
Its the idea that a group of individuals (the crowd often consists mostly of untrained
amateurs), collectively has more insight than a single or small group of trained
professionals.
the idea of crowd wisdom is at the heart of wikis, folksonomy tagging systems, and many
other online efforts.
One technique for leveraging the wisdom of crowds is a prediction market, where a
diverse crowd is polled and opinions aggregated to form a forecast of an eventual
outcome.
Ex : When Best Buy asked its employees to predict gift card sales, the ―crowd‘s‖
collective average answer was 99.5 percent accurate; experts paid to make the prediction
were off by 5 percent.
Criteria : The crowd must
1. be diverse, so that participants are bringing different pieces of information to the
table,
2. be decentralized, so that no one at the top is dictating the crowd‘s answer,
3. offer a collective verdict that summarizes participant opinions,
4. be independent, so that each focuses on information rather than the opinions of
others.
Google, which runs several predictive markets, underscored these principles when it
found that predictions were less accurate when users were geographically proximate,
meaning folks in the same work group who sat near one another typically thought too
much alike. ex of decentralized
7.8 Crowdsourcing
What is crowdsourcing and what are the values assigned with crowdsourcing ?
The power of Web 2.0 also offers several examples of the democratization of production
and innovation. Need a problem solved? Offer it up to the crowd and see if any of their
wisdom offers a decent result. This phenomenon, known as crowdsourcing
How did compangies used crowdsourcing succesfully ?
Crowdsourcing tackles challenges through an open call to a broader community of
potential problem solvers. Examples include Goldcorp‘s discovering of optimal mining
locations in land it already held, Facebook‘s leverage of its users to create translations of
the site for various international markets, and Netflix‘s solicitation of improvements to its
movie recommendation software.
The compagny Goldcorp a mining firm was struggling to gain a return from its 55,000-
acre Canadian property holdings
Goldcorp offered up all the firm‘s data, on the company‘s Web site. Along with the data,
McEwen ponied up $575,000 from the firm as prize money for the Goldcorp Challenge
to anyone who came up with the best methods and estimates for reaping golden riches.
Eighty percent of the new targets identified by entrants yielded ―substantial quantities of
gold.
Netflix followed Goldcorp‘s lead, offering anonymous data to any takers, along with a
one-million-dollar prize to the first team that could improve the accuracy of movie
recommendations by 10 percent
The winning team represented an astonishing brain trust that Netflix would never have
been able to harness on its own
Several firms run third-party crowdsourcing forums, among them InnoCentive for
scientific R&D, TopCoder for programming tasks, and Amazon‘s Mechanical Turk for
general work.
Amazon.com has even created an online marketplace for crowdsourcing called
Mechanical Turk. Anyone with a task to be completed or problem to be solved can put it
up for Amazon, setting their price for completion or solution. For its role, Amazon takes
a small cut of the transaction. And alpha geeks looking to prove their code chops can turn
to TopCoder, a firm that stages coding competitions that deliver real results for
commercial clients, such as ESPN. TopCoder contests have attracted roughly 300,000
participants from 200 countries
Facebook leveraged crowd wisdom to develop versions of its site localized in various
languages. Facebook engineers designated each of the site‘s English words or phrases as
a separate translatable object. Members were then invited to translate the English into
other languages, and rated the translations to determine which was best. Using this form
of crowdsourcing, fifteen hundred volunteers cranked out Spanish Facebook in a month.
7.9 Get Smart !
What are the skills and issues involved in creating and staffing an effective social media
awareness and response team (SMART) ?
Given the power of social media, it‘s time for all firms to get SMART, creating a social
media awareness and response team
SMART capabilities, including creating the social media team, establishing firmwide
policies, monitoring activity inside and outside the firm, establishing the social media
presence, and managing social media engagement and response.
1. Creating the team :
Firms need to treat social media engagement as a key corporate function with
clear and recognizable leadership within the organization.
Important to have someone ―dedicated 100% of the time, rather than someone
who‘s got a day job on top of a day job
While firms are building social media responsibility into job descriptions, also
recognize that social media is a team sport that requires input from staffers
throughout an organization. The social media team needs support from public
relations, marketing, customer support, HR, legal, IT, and other groups
, consider that the social media team at Starbucks (regarded by some as the best in
the business) is organized under the interdisciplinary ―vice president of brand,
content, and online.‖
2. Establishing policies :
Establishing corporate policies and setting employee expectations are imperative
for all organizations
Most guidelines emphasize the ―three Rs‖: representation, responsibility, and
respect.
Representation. Employees need clear and explicit guidelines on expectations for
social media engagement.
Responsibility. Employees need to take responsibility for their online actions.
Firms must set explicit expectations for disclosure, confidentiality and security,
and provide examples of engagement done right, as well as what is unacceptable
Respect. Best Buy‘s policy for its Twelpforce explicitly states participants must
―honor our differences‖ and ―act ethically and responsibly.‖ Many employees can
use the reminder. Sure customer service is a tough task and every rep has a story
about an unreasonable client. But there‘s a difference between letting off steam
around the water cooler and venting online
Firms must train employees and update their knowledge as technologies, effective
use, and threats emerge. Security training is a vital component of establishing
social media policy. Penalties for violation should be clear and backed by
enforcement. Ex : Kenneth Cole making light of the outburst in egypt to promote
excitement for new collection
3. Monitoring activities (inside, outisde) :
Concern over managing a firm‘s online image has led to the rise of an industry
known as online reputation management.
Ex : All firms can take advantage of Google Alerts, Twitter search and Twitter
clients like TweetDeck can display all mentions of a particular term, Facebook
provides a summary of page activity to administrators (including stats on visits,
new fans, wall posts, etc.), while Facebook‘s Insights tool measures user
exposure, actions, and response behavior relating to a firm‘s Facebook pages and
ads.
Location-based services like Foursquare have also rolled out robust tools for
monitoring how customers engage with firms in the brick-and-mortar world.
Foursquare‘s analytics and dashboard present firms with a variety of statistics,
such as who has ―checked in‖ and when, a venue‘s male-to-female ratio, and
which times of day are more active for certain customers.
Firms are leveraging social media both inside their firms and via external services
(e.g., corporate groups on Facebook and LinkedIn), and these spaces should also
be on the SMART radar. This kind of monitoring can help firms keep pace with
employee sentiment and insights, flag discussions that may involve proprietary
information or other inappropriate topics, and provide guidance for those who
want to leverage social media for the firm‘s staff
4. Establishing social media presence :
Many firms take an embassy approach to social media, establishing presence at
various services with a consistent name. Ex : facebook.com/starbucks,
twitter.com/starbucks, youtube.com/starbucks, flickr.com/starbucks, and so on.
While a big brand like Starbucks is often a target of criticism, social media also
provides organizations with an opportunity to respond fairly to that criticism and
post video and photos of the firm‘s efforts. In Starbucks‘ case, the firm shares its
work investing in poor coffee-growing communities as well as efforts to support
AIDS relief. A social media presence allows a firm to share these works without
waiting for conventional public relations (PR) to yield results or for journalists to
pick up and interpret the firm‘s story
A word to the self-reflective: Customer conversations will happen online even if
you don‘t have any social media embassies. Users can form their own groups,
hash tags, and forums. A reluctance to participate may signal that the firm is
facing deeper issues around its product and service.
The voice of the firm should come from the firm. In fact, it should come from
employees who can provide authentic expertise. Starbucks‘ primary Twitter feed
is managed by Brad Nelson, a former barista
5. Managing social media engagement and response :
Having an effective social media presence offers ―four Ms‖ of engagement: it‘s a
megaphone allowing for outbound communication; it‘s a magnet drawing
communities inward for conversation; and it allows for monitoring and mediation
of existing conversations.
Many firms will selectively and occasionally retweet praise posts, underscoring
the firm‘s commitment to customer service. Highlighting service heroes also
reinforces exemplar behavior to employees who may be following the firm online,
too. Users are often delighted when a major brand retweets their comments, posts
a comment on their blog, or otherwise acknowledges them online—just be sure to
do a quick public profile investigation to make sure your shout-outs are directed
at customers you want associated with your firm. Escalation procedures should
also include methods to flag noteworthy posts, good ideas, and opportunities that
the social media team should be paying attention to
Many incidents can be responded to immediately and with clear rules of
engagement. For example, Starbuck issues corrective replies to the often-tweeted
urban legend that the firm does not send coffee to the U.S. military because of a
corporate position against the war. A typical response might read, ―Not true, get
the facts here‖ with a link to a Web page that sets the record straight.
Prominent bloggers and other respected social media participants can provide
keen guidance and insight. The goal isn‘t to create a mouthpiece, but to solicit
input, gain advice, gauge reaction, and be sure your message is properly
interpreted.
In the event of a major crisis, firms can leverage online media outside the social
sphere.
What are the implications of ethical issues in social media such as “sock puppetry” and
“astroturfing” and provide examples and outcomes of firms and managers who used social
media as a vehicle for dishonesty ?
Astroturfing and Sock Puppets : Fake personas set up to sing your own praises are
known as sock puppets among the digerati, and the practice of lining comment and
feedback forums with positive feedback is known as astroturfing.
Social media can be a cruel space. Sharp-tongued comments can shred a firm‘s reputation
and staff might be tempted to make anonymous posts defending or promoting the firm.
Don‘t do it! Not only is it a violation of FTC rules, IP addresses and other online
breadcrumbs often leave a trail that exposes deceit.
Ex : Whole Foods CEO John Mackey fell victim to this kind of temptation, but his
actions were uncovered.
For years, Mackey used a pseudonym to contribute to online message boards, talking up
Whole Foods stock and disparaging competitors. When Mackey was unmasked, years of
comments were publicly attributed to him. The New York Times cited one particularly
cringe-worthy post where Mackey used the pseudonym to complement his own good
looks, writing, ―I like Mackey‘s haircut. I think he looks cute!‖
Google in Three Parts: Search, Online Advertising, and Beyond 11/03/2012 6:59:00 PM
The firm‘s market capitalization (market cap), the value of
the firm calculated by multiplying its share price by the number of shares, makes Google
the most valuable media company on the
planet.
Online advertising represents the only advertising category that, over the last several
years, has been consistently trending with positive growth.
Google dominates Internet search volume and controls the lion‘s share of the Internet
search advertising business and online advertising dollars. The firm also earns more total
advertising revenue than any other firm, online or off.
Google‘s market cap makes it the most valuable media company in the world; it has been
rated as having one of the world‘s strongest brands, and it ranks among the most
profitable firms in the United States.
Understand the mechanics of search, including how Google indexes the Web and ranks
its organic search results.
Before diving into how the firm makes money, let’s first understand how Google’s core
service, search, works.
Perform a search (or query) on Google or another search engine, and the results you’ll
see are referred to by industry professionals as organic or natural search.
Organic or natural search : search engines use different algorithms for determining
the order of organic search results, but at Google the method is called PageRank
PageRank results are a kind of popularity contest. Web pages that have more pages
linking to them are ranked higher.
The process of improving a page’s organic search results is often referred to as
search engine optimization (SEO).
SEO has become a critical function for many marketing organizations since if a firm’s
pages aren’t near the top of search results, customers may never discover its site.
The less scrupulous have tried creating a series of bogus Web sites, all linking back to
the pages they’re trying to promote (this is called link fraud, and Google actively works
to uncover and shut down such efforts—see the “Link Fraudsters” sidebar)
Example of Link Fraud : JCPenney is a big retailer, but not necessarily the first firm to
come to mind when you think of most retail categories. So the New York Times
suspected that something fishy was up when the retailer’s site came out tops for dozens
of Google searches, including the phrases “skinny jeans,” “dresses,” “bedding,” “area
rugs,” “home decor,” “comforter sets,” “furniture,” and “table cloths” someone paid to
have thousands of links placed on hundreds of sites scattered around the Web, all of
which lead directly to JCPenney.com.
Link fraud undercuts the credibility of Google‘s core search product JCPenney organic results
plummeted, in some cases from first to seventy-first death penalty‖
To create these massive indexes, search firms use software to crawl the Web and uncover as
much information as they can find. This software is referred to by several different names—
spiders, Web crawlers, software robots—but they all pretty much work the same way.
The spiders ask each public computer network for a list of its public Web
Then the spiders go through this list (―crawling‖ a site), following every available link until all
pages are uncovered.
Google will crawl frequently updated sites, like those run by news organizations, as often as
several times an hour
The method used to crawl the Web also means that if a Web site isn‘t the first page on a public
server, or isn‘t linked to from another public page, then it‘ll never be found.
But what if you want the content on your Web site to remain off limits to search engine indexing
and caching?
There are other techniques to keep the spiders out, too. Web site administrators can add a special
file (called robots.txt) that provides similar instructions on how indexing software should treat
the Web site
Conclusion :
Users don‘t really search the Web; they search an archived copy built by crawling and indexing
discoverable documents.
Google operates from a massive network of server farms containing hundreds of thousands of
servers built from standard, off-the-shelf items. The cost of the operation is a significant barrier
to entry for competitors. Google‘s share of search suggests the firm can realize economies of
scales over rivals required to make similar investments while delivering fewer results (and hence
ads).
Web site owners can hide pages from popular search engine Web crawlers using a number of
methods, including HTML tags, a no-index file, or ensuring that Web sites aren‘t linked to other
pages and haven‘t been submitted to Web sites for indexing.
Examine the infrastructure that powers Google and how its scale and complexity offer
key competitive advantages.
Google doesn‘t disclose the number of servers it uses, but by some estimates, it runs
over 1.4 million servers in over a dozen so-called server farms worldwide.
In the first three months of 2011 alone, the firm spent $890 million on data centers.
The size of this investment not only creates a barrier to entry, it influences industry
profitability, with market-leader Google enjoying huge economies of scale.
14.3 The Increase in online ad
understand how media consumption habits are shifting.
There are three factors driving online ad growth trends:
(1) increased user time online : So advertisers are simply following the market. Online channels
also provide advertisers with a way to reach consumers at work—something that was previously
much more difficult to do.
(2) improved measurement and accountability : Many advertisers have also been frustrated by
how difficult it‘s been to gauge the effectiveness of traditional ad channels such as TV, print, and
radio.
Well, with the Internet, now you know. While measurement technologies aren‘t perfect,
advertisers can now count ad impressions (the number of times an ad is shown on a Web site),
whether a user clicks on an ad, and the product purchases or other Web site activity that comes
from those clicks.
Measurement techniques allow advertisers to track the performance of their ads
Measurement metrics can be linked to payment schemes, improving return on investment (ROI)
and accountability compared to many types of conventional advertising.
(3) targeting : Various technologies and techniques also make it easier for firms to target users
based on how likely a person is to respond to an ad.
14.4 Search advertising
Understand Google‘s search advertising revenue model.
the practice of running and optimizing search engine ad campaigns is referred to as
search engine marketing (SEM)
Over two-thirds of Google‘s revenues come from ads served on its own sites, and the vast
majority of this revenue comes from search engine ads.
for the most part, the ads you‘ll see to the right (and sometimes top) of Google‘s organic search
results are text ads. These ads are keyword advertising, keyword advertising : ads are targeted
based on the words in a user‘s search query. Advertisers bid on the keywords and phrases that
they‘d like to use to trigger the display of their ad Linking ads to search was a brilliant move,
since the user‘s search term indicates an overt interest in a given topic.
Text ads appearing on Google search pages are billed on a pay-per-click (PPC) basis, meaning
that advertisers don‘t spend a penny unless someone actually clicks on their ad.-->if no one click
on an ad google doesnt make any money
If an advertiser wants to display an ad on Google search, they can set up a Google
AdWords advertising account in minutes, specifying just a single ad, or multiple ad campaigns
that trigger different ads for different keyword
Know the factors that determine the display and ranking of advertisements appearing on
Google‘s search results pages.
So in order to create a winning scenario for everyone, Google has developed a precise ad
ranking formula that rewards top performing ads by considering two metrics
1)the maximum CPC (cost per click) that an advertiser is willing to pay
2)the advertisement‘s quality score—a broad measure of ad performance.
Create high quality ads and your advertisements might appear ahead of competition, even if
your competitors bid more than you. But if ads perform poorly they‘ll fall in rankings or even
drop from display consideration.
Ad Rank = Maximum CPC × Quality Score
One factor that goes into determining an ad‘s quality score is the click-through rate (CTR) for
the ad, the number of users who clicked an ad divided by the number of times the ad was
delivered (the impressions). The CTR measures the percentage of people who clicked on an ad to
arrive at a destination-site.
Second factor :When an ad is clicked, advertisers don‘t actually pay their maximum CPC;
Google discounts ads to just one cent more than the minimum necessary to maintain an ad‘s
position on the page. So if you bid one dollar per click, but the ad ranked below you bids ninety
cents, you‘ll pay just ninety-one cents if the ad is clicked more fair for company because no
one is overbidding
Be able to describe the uses and technologies behind geotargeting.
Geotargeting occurs when computer systems identify a user‘s physical location (sometimes
called the geolocation) for the purpose of delivering tailored ads or other content. On Google
AdWords, for example, advertisers can specify that their ads only appear for Web surfers located
in a particular country, state, metropolitan region, or a given distance around a precise locale
Ads in Google Search are geotargeted based on IP address ; Every device connected to the
Internet has a unique IP address assigned by the organization connecting the device to the
network
IP addresses will change depending on how and where you connect to the Internet. Connect your
laptop to a hotel‘s Wi-Fi when visiting a new city, and you‘re likely to see ads specific to that
location
14.5 Ad network
Understand ad networks, and how ads are distributed and served based on Web site content.
Google originally developed AdSense to target ads based on keywords automatically detected
inside the content of a Web site. Ex : A blog post on your favorite sports team, for example,
might be accompanied by ads from ticket sellers or sports memorabilia vendors.
Recognize how ad networks provide advertiser reach and support niche content providers.
AdSense and similar online ad networks provide advertisers with access to the long tail of
niche Web sites by offering both increased opportunities for ad exposure as well as more-refined
targeting opportunities.
Be aware of content adjacency problems and their implications.
Contextual advertising based on keywords is lucrative, but like all technology solutions it has
its limitations. Vendors sometimes suffer from content adjacency problems ; when ads appear
alongside text they‘d prefer to avoid
Ex : a New York Post article detailed a gruesome murder where hacked up body parts were
stowed in suitcases. The online version of the article included contextual advertising and was
accompanied by…luggage ads.
To avoid such situation : ad networks provide opportunities for both advertisers and content
providers to screen out potentially undesirable pairings based on factors like vendor, Web site,
and category. Advertisers can also use negative keywords, which tell networks to avoid showing
ads when specific words appear (e.g., setting negative keywords to ―murder‖ or ―killer‖ could
have spared luggage advertisers from the embarrassing problem mentioned above)
Know the strategic factors behind ad network appeal and success.
While advertisers can use multiple ad networks, there are several key strategic factors driving the
Industry (network effect (two-sided), economies of scale)
The ability to reach more potential customers across more Web sites attracts
more advertisers to Google. And content providers (the Web sites that distribute
these ads) want there to be as many advertisers as possible in the ad networks
that they join, since this should increase the price of advertising, the number of
ads served, and the accuracy of user targeting. If advertisers attract content
providers, which in turn attract more advertisers, then we‘ve just described
network effects
More participants bringing in more revenue also help the firm benefit from scale
Economie.
14.6 More Ad Formats and Payment Schemes
Know the different formats and media types that Web ads can be displayed in
The specific ad formats supported depend on the ad network but can include the following:
1) image (or display) ads (such as horizontally oriented banners, smaller rectangular
buttons, and vertically oriented ―skyscraper‖ ads);
2) rich media ads (which can include animation or video);
3) interstitials (ads that run before a user arrives at a Web site‘s contents). The industry
trade group, the Internet Advertising Bureau (IAB) sets common standards for display ads
so that a single creative (the design and content of the advertisement) can run unmodified
across multiple ad networks and Web sites
Know the different ways ads are sold.
And there are lots of other ways ads are sold besides cost-per-click. Most graphical display ads
are sold according to the number of times the ad appears (the impression).
Ad rates are quoted in CPM, meaning cost per thousand impressions (the M representing the
roman numeral for one thousand). Display ads sold on a CPM basis are often used as part of
branding campaigns targeted more at creating awareness than generating click-throughs.
Ex :promoting products like soft drinks, toothpaste, or movies.
Cost-per-action (CPA) ads pay whenever a user clicks through and performs a specified action
such as signing up for a service, requesting material, or making a purchase. Affiliate programs
are a form of cost-per-action, where vendors share a percentage of revenue with Web sites that
direct purchasing customers to their online storefronts. Amazon runs the world‘s largest affiliate
program, and referring sites can earn 4 percent to 15 percent of sales generated from these click-
through
And rather than buying targeted ads, a firm might sometimes opt to become an exclusive
advertiser on a site. For example, a firm could buy access to all ads served on a site‘s main page
Know that games can be an ad channel under the correct conditions.
Finding a way to introduce ads without eroding the game experience can be a
challenge.
Branding ads often work best since click-throughs are typically not something
you want disrupting your gaming experience
Firms have also created online mini games (so-called advergames) for longer
term, immersive brand engagement
14.7 Customer Profiling and Behavioral Targeting
Be familiar with various tracking technologies and how they are used for customer profiling and
ad targeting.
Advertisers are willing to pay more for ads that have a greater chance of reaching their
target audience, and online firms have a number of targeting tools at their disposal
Much of this targeting occurs whenever you visit a Web site, where a behind-the-scenes
software dialogue takes place between Web browser and Web server that can reveal a
number of pieces of information, including IP address, the type of browser used, the
computer type, its operating system, and unique identifiers, called cookies.
IP addresses are leveraged extensively in customer profiling. An IP address not only
helps with geolocation, it can also indicate a browser‘s employer or university, which can
be further matched with information such as firm size or industry
Example :IBM has used IP targeting to tailor its college recruiting banner ads to specific
schools, for example, ―There Is Life After Boston College, Click Here to See Why.‖
The ability to identify a surfer‘s computer, browser, or operating system can also be used
to target tech ads. For example, Google might pitch its Chrome browser to users detected
running Internet Explorer, Firefox, or Safari; while Apple could target Mac ads just to
Windows users
But perhaps the greatest degree of personalization and targeting comes from cookies.
Visit a Web site for the first time, and in most cases, a dialogue between server and
browser takes place that goes something like this:
Server: Have I seen you before?
Browser: No.
Server: Then take this unique string of numbers and letters (called a cookie). I’ll use it to
recognize you from now on.
Upon accepting this cookie your browser has been tagged, like an animal. As you surf
around the firm‘s Web site, that cookie can be used to build a profile associated with your
activities
The next time you return to the Web site, your browser responds to the server‘s
―Have I see you before?‖ question with the equivalent of ―Yes, you know me;,‖
and it presents the cookie that the site gave you earlier. The site can then match this cookie
against your browsing profile, showing you the weather, stock quotes, sports scores, and
other info that it thinks you‘re interested in.
Cookies are used for lots of purposes. Retail Web sites like Amazon use cookies to pay
attention to what you‘ve shopped for and bought, tailoring Web sites to display products
that the firm suspects you‘ll be most interested in
Understand why customer profiling is both valuable and controversial.
Any server that serves you content can leverage these profiling technologies. You might be
profiled not just by the Web site that you‘re visiting (e.g., nytimes.com), but also by any ad
networks that serve ads on that site (e.g., Platform-A, DoubleClick, Google AdSense, Microsoft
adCenter).
By serving and tracking cookies in ads shown across partner sites, ad networks can build detailed
browsing profiles that include sites visited, specific pages viewed, duration of visit, and the types
of ads you‘ve seen and responded to.
And that surfing might give an advertising network a better guess at demographics like gender,
age, marital status, and more.
Recognize steps that organizations can take to help ease consumer and governmental
concerns.
The most popular Web browsers allow you to block all cookies, block just third-party cookies,
purge your cookie file, or even ask for your approval before accepting a cookie.
14.8 Profiling and Privacy
Understand the privacy concerns that arise as a result of using third-party or tracking cookies to
build user profiles.
Google AdSense would now issue a third-party cookie and would track browsing activity across
AdSense partner sites
Says one Google project manager, ―We‘re looking to make ads even more interesting.
But while targeting can benefit Web surfers, users will resist if they feel that they are being
mistreated, exploited, or put at risk.
Be aware of the negative consequences that could result from the misuse of third-party or
tracking cookies.
The U.S. Federal Trade Commission has already called for more transparency and user control in
online advertising and for requesting user consent (opt-in program that require consent
from the customers) when collecting sensitive data.
Know the steps Google has taken to demonstrate its sensitivity to privacy issues.
Google‘s roll-out of interest-based ads shows the firm‘s sensitivity to these issues. First, while
major rivals have all linked query history to ad targeting, Google steadfastly refuses to do this.
Other sites often link registration data (including user-submitted demographics such as gender
and age) with tracking cookies, but Google avoids this practice as well.
Each interest-based ad is accompanied by an ―Ads by Google‖ link that will bring users to a page
describing Google advertising and which provides access to the company‘s ―Ads Preferences
Manager.‖
Google also allows users to install a cookie that opts them out of interest-based tracking. And
since browser cookies can expire or be deleted, the firm has gone a step further, offering a
browser plug-in that will remain permanent, even if a user‘s opt-out cookie is purged.
14.9 Search Engines, Ad Networks, and FraudBe Be able to identify various types of online
fraud, as well as the techniques and technologies used to perpetrate these crimes.
Some of the more common types of fraud that are attempted in online advertising include the
following:
1. Enriching click fraud—when site operators generate bogus ad clicks to earn PPC income.
2. Enriching impression fraud—when site operators generate false page views (and hence ad
impressions) in order to boost their site‘s CPM earnings.
3. Depleting click fraud—clicking a rival‘s ads to exhaust their PPC advertising budget.
4. Depleting impression fraud—generating bogus impressions to exhaust a rival‘s CPM ad
budget.
5. Rank-based impression fraud—on-sites where ad rank is based on click performance,
fraudsters repeatedly search keywords linked to rival ads or access pages where rival ads
appear. The goal is to generate impressions without clicks. This process lowers the
performance rank (quality score) of a rival‘s ads, possibly dropping ads from rank results,
and allowing fraudsters to subsequently bid less for the advertising slots previously occupied
by rivals.
6. Disbarring fraud—attempting to frame a rival by generating bogus clicks or impressions that
appear to be associated with the rival, in hopes that this rival will be banned from an ad
network or punished in search engine listings.
7. Link fraud (also known as spamdexing or link farming)—creating a series of bogus Web sites,
all linking back to a page, in hopes of increasing that page‘s results in organic search.
Keyword stuffing—packing a Web site with unrelated keywords (sometimes hidden in fonts that
are the same color as a Web site‘s background) in hopes of either luring users who wouldn‘t
normally visit a Web site, or attracting higher-value contextual ads.
Understand how firms can detect, prevent, and prosecute fraudsters.
Each visitor is identified by an IP address, so lots of clicks from a single IP make
the bad guys easy to spot you cant just click like crazy
So organized crime tried to raise the bar, running so-called click farms to
spread fraud across dozens of IP addresses
Fraudsters then moved on to use zombie networks—hordes of surreptitiously
infiltrated computers, linked and controlled by rogue software.
hackers exploit security holes, spread viruses, or use so-called phishing
techniques to trick users into installing software that will lie dormant, awaiting
commands from a central location. The controlling machine then sends out tasks
for each zombie, instructing them to visit Web sites and click on ads in a way that
mimics real traffic. Zombie botnets can be massive.
HOWEVER, firms can prevent zombie network ;Higher click-through rates than comparable
sites? Caught. Too many visits to a
new or obscure site? Caught. Clicks that don‘t fit standard surfing patterns for
geography, time, and day? Caught.
CONCLUSION :
Fraud can undermine the revenue model behind search engines, ad networks, and the ad-
based Internet. It also threatens honest competition among rivals that advertise online.
There are many forms of online fraud, including enriching fraud (meant to line the
pockets of the perpetrators), depleting fraud (meant to waste the ad budgets of rivals),
disbarring fraud (meant to frame the innocent as fraudsters), and methods to lower rival
ad rank performance, or gain search engine ranking algorithms.
While fraudsters have devised ingenious ways to exploit the system (including click
farms and zombie attacks), IP addresses and detailed usage pattern monitoring
increasingly reveal bogus activity.
Fraud rates are widely disputed. However, it is clear that if widespread fraud were
allowed to occur, advertisers would see lower ROI from online ad efforts, and Internet
business models would suffer. The continued strength of the online advertising market
suggests that while fraud may be impossible to stop completely, most fraud is under
control.
14.10 The Battle Unfolds
Understand the challenges of maintaining growth as a business and industry mature.
it will likely be difficult for Google to find new growth markets that are as lucrative as
adsense and ads served on search
Emerging advertising outlets such as social networks have lower click-through rates than
conventional advertising, and Google has struggled to develop a presence in social media—
trends suggesting that Google will have to work harder for less money.
As outlined earlier, Google enjoys major scale advantages in search, and network effects
in advertising But the strength of Google‘s other competitive resources is less clear.
Because Google gathered such an impressive set of data ; Within Google‘s ad network, there
are switching costs for advertisers and for content providers.
Google partners have set up accounts and are familiar with the firm‘s tools and analytics.
Content providers would also need to modify Web sites to replace AdSense or DoubleClick
ads with rivals. But choosing Google doesn‘t cut out the competition
Another vulnerability may exist with search consumers. While Google‘s brand is strong,
switching costs for search users are incredibly low. Move from Google.com to Bing.com
and you actually save two letters of typing!
Recognize how the businesses of many firms in a variety of industries are beginning to
converge.
-Google‘s biggest deal to date was the purchase of Motorola Mobility. This makes Google a
mobile phone handset manufacturer
-it‘s tough to imagine any peer-produced video site displacing YouTube. Users go to
YouTube because there‘s more content, while amateur content providers go there seeking
more users (classic two-sided network effects). This critical advantage was the main reason
why, in 2006, Google paid $1.65 billion for what was then just a twenty-month-old start-up
-Google Wallet is another example of how the search giant is looking to deliver value
through mobile devices. Announced in the spring of 2011, Google Wallet allows phones to
replace much of the ―stuff‖ inside your wallet.
Appreciate the magnitude of this impending competition, and recognize the competitive
forces that will help distinguish winners from losers.
Critically evaluate the risks and challenges of businesses that Google, Microsoft, and other
firms are entering.
For big firms like Microsoft and Google, pushing stock price north requires not just new
markets, but billion-dollar ones. Adding even $100 million in new revenues doesn‘t do much
for firms bringing in $62 billion and $29 billion a year, respectively. That‘s why you see
Microsoft swinging for the fences, investing in the uncertain but potentially gargantuan
markets of video games, mobile phone software, cloud computing
CONCLUSION :
For over a decade, Google‘s business has been growing rapidly, but that business is
maturing.
Slower growth will put pressure on the firm‘s stock price, so a firm Google‘s size will
need to pursue very large, risky, new markets—markets that are also attractive to well-
financed rivals, smaller partners, and entrepreneurs.
Rivals continue to innovate in search. Competing with technology is extremely difficult
since it is often easy for a firm to mimic the innovations of a pioneer with a substitute
offering. Microsoft, with profits to invest in infrastructure, advertising, and technology,
may pose Google‘s most significant, conventional threat.
Although Microsoft has many distribution channels (Windows, Internet Explorer, Office)
for its search and other services, European and U.S. regulators will likely continue to
prevent the firm from aggressive product and service bundling.
Google is investing heavily in methods that promote wider Internet access. These include
offering free software to device manufacturers and several telecommunications and
lobbying initiatives meant to lower the cost of getting online. The firm hopes that more
users spending more time online will allow it to generate more revenue through ads and
perhaps other services.
Google Wallet uses NFC communications to allow mobile phones to make credit and
debit card payments, manage loyalty programs, redeem coupons, and more. Payments are
linked to existing credit cards. Google will not charge for transaction fees but plans to use
Wallet as a way to sell other services such as those offered by its Google Offers coupon
and deal program.
YouTube demonstrates how a firm can create a large and vastly influential business in a
short period of time but also that businesses that host and serve large files of end-user
content can be costly.
Google, Microsoft, and smaller rivals are also migrating applications to the Web,
allowing Office-style software to execute within a browser, with portions of this
computing experience and storage happening off a user‘s computer, ―in the cloud‖ of the
Internet. Revenue models for this business are also uncertain.
With scale and influence comes increased governmental scrutiny. Google has
increasingly become a target of antitrust regulators. The extent of this threat is unclear.
Google‘s extreme influence is clear. However, the firm‘s software is based on open
standards; competitors have a choice in ad networks, search engines, and other services;
switching costs are relatively low; users and advertisers aren‘t locked into exclusive
contracts for the firm‘s key products and services; and there is little evidence of
deliberate, predatory pricing or other ―red-flag‖ activity that usually brings government
regulation.
Security and Online Privacy 11/03/2012 6:59:00 PM
13.1 Introduction
Recognize that information security breaches are on the rise.
TJX example There was a personnel betrayal: the mastermind was an alleged FBI informant
who previously helped bring down a massive credit card theft scheme but then double-
crossed the Feds and used insider information to help his gang outsmart the law and carry out
subsequent hacks.
Understand the potentially damaging impact of security breaches.
The massive impact of the TJX breach should make it clear that security must be a top
organizational priority.
While the examples and scenarios presented here are shocking, the good news is that the vast
majority of security breaches can be prevented.
What is the source and motivation of those initiating information security attacks.
There are a lot of bad guys out there, and motivations vary widely, including the following:
Account theft and illegal funds transfer
Stealing personal or financial data
Compromising computing assets for use in other crimes
Extortion
Espionage
Cyberwarfare
Terrorism
Pranksters
Protest hacking (hacktivism)
Revenge (disgruntled employees)
While some steal cash for their own use, others resell their hacking take to others. There is a
thriving cybercrime underworld market in which data harvesters (cibercriminal who infiltrates
systems and collect data for illegal resale) sell to cash-out fraudsters (firms that purchase asset
for data harvesters) criminals who might purchase data from the harvesters in order to buy
(then resell) goods using stolen credit cards or create false accounts via identity theft.
Hackers might also infiltrate computer systems to enlist hardware for subsequent illegal acts.
Botnets of zombie computers (networks of infiltrated and compromised machines
controlled by a central command) are used for all sorts of nefarious activity.
Botnez includes sending spam from thousands of difficult-to-shut-down accounts, launching
tough-to-track click fraud efforts or staging what’s known as
distributed denial of service (DDoS) attacks (effectively shutting down Web sites by
overwhelming them with a crushing load of seemingly legitimate requests sent
simultaneously by thousands of machines).
Ex : Botnets have been discovered that are capable of sending out 100 billion spam messages
a day, and botnets as large as 10 million zombies have been identified.
Relate examples of various infiltrations in a way that helps raise organizational awareness of
threats.
Google has identified China as the nation of origin for a series of hacks targeting the Google
accounts of diplomats and activists.
Other threats come from malicious pranksters (sometimes called griefers or trolls), like the
group that posted seizure-inducing images on Web sites frequented by epilepsy sufferers
Others are hacktivists, targeting firms, Web sites, or even users as a protest measure.
Ex. In 2009, Twitter was brought down and Facebook and LiveJournal were hobbled as Russian-
sympathizing hacktivists targeted the social networking and blog accounts of the Georgian
blogger known as Cyxymu
And as power and responsibility is concentrated in the hands of a few revenge-seeking
employees can do great damage
Key takeways :
Computer security threats have moved beyond the curious teen with a PC and are
now sourced from a number of motivations, including theft, leveraging compromised
computing assets, extortion, espionage, warfare, terrorism, pranks, protest, and
revenge.
Threats can come from both within the firm as well as from the outside.
Cybercriminals operate in an increasingly sophisticated ecosystem where data
harvesters and tool peddlers leverage sophisticated online markets to sell to cash-out
fraudsters and other crooks.
Technical and legal complexity make pursuit and prosecution difficult.
Many law enforcement agencies are underfunded, underresourced, and underskilled
to deal with the growing hacker threat.
13.3 Where Are Vulnerabilities? Understanding the Weaknesses
What are the potential entry points for security compromise ?
Every physical or network ―touch point‖ is a potential vulnerability.
Bad Apples :
70 percent of loss-causing security incidents involve insiders.
Inside employees or temporary workers, contract workers (the leak comes from inside the
organization
Password :
Password are usely the same for all the sites.
If not, they are kept ‗‘safe‘‘ on a postite or email
The protection questions are easy to guess for strangers (especially with information on
the internet because of social media)
What are the infiltration techniques such as social engineering, phishing, malware, Web site
compromises (such as SQL injection), and more ?
1. Social Engineering :
Con games that trick employees into revealing information or performing other tasks
that compromise a firm are known as social engineering in security circles.
It‘s likely that a directory of a firm‘s employees, their titles, and other personal details is
online right now via social networks like LinkedIn and Facebook.
With just a few moments of searching, a skilled con artist (a social engineering) can piece
together a convincing and compelling story.
2. Phishing :
Phishing refers to cons executed through technology. The goal of phishing is to leverage
the reputation of a trusted firm or friend to trick the victim into performing an
action or revealing information.
phishing attacks specifically target a given organization or group of users.--> the more
you know information about the user the more convincing your trap is (ex download
resumer from monster.com)
Ex : (―Our Web site has been compromised, click to log in and reset your password.‖),
Ex phishing : Other phishing attempts might dupe a user into unwittingly downloading
dangerous software (malware) that can do things like record passwords and keystrokes,
provide hackers with deeper access to your corporate network
3. Malware :
Malware (for malicious software) seeks to compromise a computing system without
permission.
Some hackers will try to sneak malware onto a system via techniques like phishin
Microsoft‘s Internet Safety Enforcement Team claims that the mean time to infection for
an unprotected PC is less than five minutes.
Adobe is a particularly tempting target, as Flash and Acrobat Reader are now installed on
nearly every PC, including Mac and Linux machines.
Methods of infection are as follows:
8. Viruses. Programs that infect other software or files. They require an executable (a running
program) to spread, attaching to other executables. Viruses can spread via operating
systems, programs, or the boot sector or auto-run feature of media such as DVDs or USB
drives. Some applications have executable languages (macros) that can also host viruses
that run and spread when a file is open.
9. Worms. Programs that take advantage of security vulnerability to automatically spread, but
unlike viruses, worms do not require an executable. Some worms scan for and install
themselves on vulnerable systems with stunning speed (in an extreme example, the SQL
Slammer worm infected 90 percent of vulnerable software worldwide within just ten
minutes)
10. Trojans. Exploits that, like the mythical Trojan horse, try to sneak in by masquerading as
something they‘re not. The payload is released when the user is duped into downloading
and installing the malware cargo, oftentimes via phishing exploits.
While the terms above cover methods for infection, the terms below address the goal of the
malware:
• Botnets or zombie networks. Hordes of surreptitiously infected computers linked and
controlled remotely by a central command. Botnets are used in crimes where controlling
many difficult-to-identify PCs is useful, such as when perpetrating click fraud, sending
spam, registering accounts that use CAPTCHAs(those scrambled character images
meant to thwart things like automated account setup or ticket buying), executing
―dictionary‖ password cracking attempts, or launching denial-of-service attacks.
• Malicious adware. Programs installed without full user consent or knowledge that later serve
unwanted advertisements.
• Spyware. Software that surreptitiously monitors user actions, network traffic, or scans for files.
• Keylogger. Type of spyware that records user keystrokes. Keyloggers can be either software-
based or hardware, such as a recording ―dongle‖ that is plugged in between a keyboard
and a PC.
• Screen capture Variant of the keylogger approach. This category of software records the
pixels that appear on a user‘s screen for later playback in hopes of identifying proprietary
information.
Blended threats. Attacks combining multiple malware or hacking exploits.
4. Compromised Websites :
Some exploits directly target poorly designed and programmed Web sites.--> Consider
the SQL injection technique directly target poorly designed and programmed Web sites
How does it work ? : Imagine that you visit a Web site and are asked to enter your user
ID in a field on a Web page (say your user ID is smith). A Web site may be programmed
to take the data you enter from the Web page‘s user ID field (smith), then add it to a
database command (creating the equivalent of a command that says ―find the account for
‗smith‘‖). The database then executes that command.
In the end, it target websites that don’t verify user entry.
5. Push Button Hacking
hackers have created tools to make it easy for the criminally inclined to automate attacks.
The barrier of entry is becoming so low that literally anyone can carry out these
attacks.
Network Threats :
The network itself may also be a source of compromise. Recall that the TJX hack
happened when a Wi-Fi access point was left open and undetected.
Other troubling exploits have targeted the very underpinning of the Internet itself. This is
the case with so-called DNS cache poisoning. (The DNS, or domain name service, is a
collection of software that maps an Internet address, such as (http://www.bc.edu), to an
IP address, such as 136.167.2.220. 220) DNS cache poisoning exploits can redirect this
mapping and the consequences are huge. Imagine thinking that you‘re visiting your
bank‘s Web site, but instead your network‘s DNS server has been poisoned so that you
really visit a carefully crafted replica that hackers use to steal your log-in credentials and
drain your bank account
Physical Threats :
Organization must have backups to take into the potential impact of physical security
threats such as terrorism, or vandalism, as well.
Anything valuable that reaches the trash in a recoverable state is also a potential security
breach. Hackers and spies sometimes practice dumpster diving, sifting through trash in
an effort to uncover valuable data or insights that can be stolen or used to launch a
security attack.
Other compromises might take place via shoulder surfing, simply looking over
someone‘s shoulder to glean a password or see other proprietary information that might
be displayed on a worker‘s screen.
Identify various methods and techniques to thwart infiltration ?
Dont get cut ! : It‘s possible that the e-mail address has been spoofed (faked) or that it was
sent
via a colleague‘s compromised account.
know how to read the complete URL to look for tricks
zero-day exploit : attacks that are so new that they haven‘t been identified yet, so they cant
be prevented yet
There‘s no simple answer for the password problem. Biometrics (technologies that replace
conventionally typed passwords with things like fingerprint readers, facial recognition, or iris
scans )are often thought of as a solution, but are still rarely used, and PCs that include such
technologies are widely viewed as novelties.
SQL injection and other application weaknesses are particularly problematic because there‘s
not a commercial software patch or easily deployed piece of security software that can
protect a firm. Instead, firms have to meticulously examine the integrity of their Web sites to
see if they are vulnerable
Encryption scrambles data, making it essentially unreadable to any program that doesn‘t
have the descrambling password, known as a key.
To date, the largest known brute-force attacks, demonstration hacks launched by grids of
simultaneous code-cracking computers working in unison, haven‘t come close to breaking
the type of encryption used to scramble transmissions that most browsers use when
communicating with banks and shopping sites. The problem occurs when data is nabbed
before encryption or after decrypting, or in rare cases, if the encrypting key itself is
compromised.
Encryption is also employed in virtual private network (VPN) technology, which scrambles
data passed across a network. Public wireless connections pose significant security threats—
they may be set up by hackers that pose as service providers, while really launching attacks
on or monitoring the transmissions of unwitting users. The use of VPN software can make
any passed-through packets unreadable. Contact your firm or school to find out how to set up
VPN software.
KEY TAKEAWAYS
An organization‘s information assets are vulnerable to attack from several points of
weakness, including users and administrators, its hardware and software, its networking
systems, and various physical threats.
Social engineering attempts to trick or con individuals into providing information, while
phishing techniques are cons conducted through technology.
While dangerous, a number of tools and techniques can be used to identify phishing scams,
limiting their likelihood of success.
Social media sites may assist hackers in crafting phishing or social engineering threats,
provide information to password crackers, and act as conduits for unwanted dissemination of
proprietary information.
Most users employ inefficient and insecure password systems; however, techniques were
offered to improve one‘s individual password regime.
Viruses, worms, and Trojans are types of infecting malware. Other types of malware might
spy on users, enlist the use of computing assets for committing crimes, steal assets, destroy
property, serve unwanted ads, and more.
Examples of attacks and scams launched through advertising on legitimate Web pages
highlight the need for end-user caution, as well as for firms to ensure the integrity of their
participating online partners.
SQL injection and related techniques show the perils of poor programming. Software
developers must design for security from the start—considering potential security
weaknesses, and methods that improve end-user security (e.g., in areas such as installation
and configuration).
Encryption can render a firm‘s data assets unreadable, even if copied or stolen. While
potentially complex to administer and resource intensive, encryption is a critical tool for
securing an organization‘s electronic assets.
13.4 Take actions !
What are the critical steps one should take to improve information security ?
Here‘s a brief list of major issues to consider:
Surf smart. Think before you click—question links, enclosures, download request, and the
integrity of Web sites that you visit. Avoid suspicious e-mail attachments and Internet
downloads. Be on guard for phishing, and other attempts to con you into letting in malware.
Verify anything that looks suspicious before acting. Avoid using public machines (libraries,
coffee shops) when accessing sites that contain your financial data or other confidential
information.
Stay vigilant. Social engineering con artists and rogue insiders are out there. An appropriate
level of questioning applies not only to computer use, but also to personal interactions, be it
in person, on the phone, or electronically.
Stay updated. Turn on software update features for your operating system and any
application you use (browsers, applications, plug-ins, and applets), and manually check for
updates when needed. Malware toolkits specifically scan for older, vulnerable systems, so
working with updated programs that address prior concerns lowers your vulnerable attack
surface.
Stay armed. Install a full suite of security software. Many vendors offer a combination of
products that provide antivirus software that blocks infection, personal firewalls that repel
unwanted intrusion, malware scanners that seek out bad code that might already be nesting
on your PC, antiphishing software that identifies if you‘re visiting questionable Web sites,
and more. Such tools are increasingly being built into operating systems, browsers, and are
deployed at the ISP or service provider (e-mail firm, social network) level. But every
consumer should make it a priority to understand the state of the art for personal protection.
In the way that you regularly balance your investment portfolio to account for economic
shifts, or take your car in for an oil change to keep it in top running condition, make it a
priority to periodically scan the major trade press or end-user computing sites for reviews and
commentary on the latest tools and techniques for protecting yourself (and your firm).
Be settings smart. Don‘t turn on risky settings like unrestricted folder sharing that may act as
an invitation for hackers to drop off malware payloads. Secure home networks with password
protection and a firewall. Encrypt hard drives—especially on laptops or other devices that
might be lost or stolen. Register mobile devices for location identification or remote wiping.
Don‘t click the ―Remember me‖ or ―Save password‖ settings on public machines, or any
device that might be shared or accessed by others. Similarly, if your machine might be used
by others, turn off browser settings that auto-fill fields with prior entries—otherwise you
make it easy for someone to use that machine to track your entries and impersonate you. And
when using public hotspots, be sure to turn on your VPN software to encrypt transmission
and hide from network eavesdroppers.
Be password savvy. Change the default password on any new products that you install.
Update your passwords regularly. Using guidelines outlined earlier, choose passwords that
are tough to guess, but easy for you (and only you) to remember. Federate your passwords so
that you‘re not using the same access codes for your most secure sites. Never save passwords
in nonsecured files, e-mail, or written down in easily accessed locations.
Be disposal smart. Shred personal documents. Wipe hard drives with an industrial strength
software tool before recycling, donating, or throwing away—remember in many cases
―deleted‖ files can still be recovered. Destroy media such as CDs and DVDs that may contain
sensitive information. Erase USB drives when they are no longer needed.
Back up. The most likely threat to your data doesn‘t come from hackers; it comes from
hardware failure. [1] Yet most users still don‘t regularly back up their systems. This is
another do-it-now priority. Cheap, plug-in hard drives work with most modern operating
systems to provide continual backups, allowing for quick rollback to earlier versions if
you‘ve accidentally ruined some vital work. And services like EMC‘s Mozy provide
monthly, unlimited backup over the Internet for less than what you probably spent on your
last lunch (a fire, theft, or similar event could also result in the loss of any backups stored on-
site, but Internet backup services can provide off-site storage and access if disaster strikes).
Check with your administrator. All organizations that help you connect to the Internet—your
ISP, firm, or school—should have security pages. Many provide free security software tools.
Use them as resources. Remember—it‘s in their interest to keep you safe, too!
Recognize the major information security issues that organizations face, as well as the resources,
methods, and approaches that can help make firms more secure.
Processes and policies will include education and awareness
So information security should start with an inventory-style auditing and risk assessment for the
employees to know what they have to protect.
Economic decisions usually drive hacker behavior, too. While in some cases attacks are based on
vendetta or personal reasons, in most cases exploit economics largely boils down to
Adversary ROI = Asset value to adversary – Adversary cost
Methods organization can use :
Patch. Firms must be especially vigilant to pay attention to security bulletins and install software
updates that plug existing hole
Lock down hardware. Firms range widely in the security regimes used to govern purchase
through disposal system use.
Lock down the network. Network monitoring is a critical part of security, and a host of technical
tools can help.
Look for others in the textbook.
Conclusion :
End users can engage in several steps to improve the information security of themselves and
their organizations. These include surfing smart, staying vigilant, updating software and
products, using a comprehensive security suite, managing settings and passwords responsibly,
backing up, properly disposing of sensitive assets, and seeking education.
Frameworks such as ISO27k can provide a road map to help organizations plan and implement
an effective security regime.
Many organizations are bound by security compliance commitments and will face fines and
retribution if they fail to meet these commitments.
The use of frameworks and being compliant is not equal to security. Security is a continued
process that must be constantly addressed and deeply ingrained in an organization‘s culture.
Security is about trade-offs—economic and intangible. Firms need to understand their assets and
risks in order to best allocate resources and address needs.
Information security is not simply a technical fix. Education, audit, and enforcement regarding
firm policies are critical. The security team is broadly skilled and constantly working to identify
and incorporate new technologies and methods into their organizations. Involvement and
commitment is essential from the boardroom to frontline workers, and out to customers and
partners.
3/11/2012 6:59:00 PM
3/11/2012 6:59:00 PM
3/11/2012 6:59:00 PM
3/11/2012 6:59:00 PM
