Ethics & Security

ETHICS AND SECURITY

Weekly Questions – Week Five

Explain the ethical issues surrounding information technology.

The ethical issues surrounding information technology include privacy, copyright, and property issues.

Privacy is one of the largest ethical issues facing organisations. It is the interest of a person protecting their life from unwanted intrusion and public scrutiny, as people have the right to be left alone when they want, to have control over their personal possessions, and not to be observed without their consent. This is further related to the issue o confidentiality, which is the assurance that messages and information are available to only those who are authorised to view them.

Property issues are also a majorly ethical issue regarding information technology, as the ownership of information such as company emails, pictures on network, business plans, within organisations is becoming highly debated seeing that a growing number of employees are being fired due to misuse of email. This ownership of information also relates to copyright infringement, as advances in technology make it easier for people to copy everything from music to pictures without consent from the owner.

Describe a situation involving technology that is ethical but illegal.

Acting ethically is not always legal.

Information ethics concern the ethical and moral issues arising from the development and use of information technologies, as well as the creation, collection, duplication, distribution, and processing of information itself.

Describe and explain one of the computer use policies that a company might employ.

The use of email within organisations counts for up to 80% of communication within the organisation, therefore emphasising the importance of employing the email privacy policy. This policy details the extent to which email messages can be read by others and how employees may use email and the Internet within the organisation, stating what activities are permitted and not permitted. It also details the type of information that will be recorded and the members of the organisation that will have access to that information. Organisations can mitigate the risks of email and instant messaging communication tools by implementing and adhering to an email privacy policy.

What are the 5 main technology security risks?

Human Error: Sensitive data can be lost due to a number of simple human errors including lack of inadequate training on procedures, leaving a public computer logged on which allows anyone access to any data available on that computer. Tailgating, shoulder surfing, opening questionable emails, and poor password selection are also major human errors that pose as security risks to the security of an organisation, opening them up for attempted social engineering and identity theft. Another example of human error within technology is if employees are not proficient in their duties, for instance and employee who deletes important customer records, they have evidently lost the data and are a risk to the organisation.

Natural Disasters: Events that lead to destruction of data systems, which include fire, floods, earthquakes and tsunami’s as well as blackouts, brownouts and system failures. Terrorism is also a major threat to entire companies as both person and computer systems are destroyed, for example, the tragic events of 9/11.

Technical Failures: these include software bugs and hardware crashes.

Deliberate Acts: These include sabotage, and white-collar crimes.

Management Failure: These include lack of procedure and document training. 

Outline one way to reduce each risk.

Human Error: Employ automatic sign-out systems on company computers if unattended for a specific amount of time, as well as stronger password implementation and password expiry.

Technical Failures: Organisations should provide back-up servers and software security systems including firewalls.

Deliberate Acts: the use of authentication and authorisation such as fingerprint scan or voice signature to prevent hackers.

Management Failures: Implementing a security plan.

We, as people, are the first line of defence.

Organisations must enable employees, customers, and partners to access information electronically.

the biggest issue surrounding information security is not a technical issue, but a people issue.

33% of security incidents originate within the organisation.

INSIDERS ARE LEGITIMATE USERS WHO PURPOSELY OR ACCIDENTLY MISUSE THEIR ACCESS TO THE ENVIRONMENT AND CAUSE SOME KIND OF BUSINESS-AFFECTING ACCIDENT. 

What is a disaster recovery plan? What strategies might a firm employ?

A disaster recovery plan is a process of regaining access to computer systems and data after a disaster has taken place. The plan consists of a communication plan, alternative sites, business continuity, and the location of backup data. The business continuity plan outlines exactly what happens in a business/organisation once the disaster has occurred, containing well documented procedures, off-site data, and regular recovery testing so that the business is able to proceed as usual. 

eBusiness

EBUSINESS

Weekly Questions – Week Four

http://www.youtube.com/watch?v=M8y1hSRLkDo

Why has the web grown so dramatically?

There are multiple reasons for the dramatic growth of the web. Firstly, the microcomputer revolution made it possible for an average person to own a computer, and advancements in networking hardware, software, and media made it possible for business PC’s to be inexpensively connected to larger networks. The web is also a fast, convenient and inexpensive communication channel for both business and personal use, as email is now an indispensable tool. Basic web pages are easy to create and extremely flexible, and along with Microsoft’s Internet Explorer to, more people are allowed and welcomed to produce and navigate the web rather than aiming it at people with certain academic ability.

What is the Web 2.0, how does it differ from 1.0?

Web 2.0 is a set of economic, social and technology trends that collectively form the basis for the net generation of the Internet – a more mature, distinctive medium characterised by user participation, openness and network effects. It is also referred to as the Live Web, as users can collaborate and build their own content. Web 2.0 differs from 1.0 in many ways, as 2.0 is not only linking text, it is also linking people. This development is apparent through the changes between 1.0 and 2.0 including the online encyclopedias - Britannica Online (1.0) to Wikipedia (2.0) – music file sharing/downloading – Mp3.com (1.0) to Napster (2.0) – and even personal websites (1.0) to Blogs (2.0).

A short video on Web 2.0

How could a web 2.0 technology be used in business?

Web 2.0 technology can be used in businesses to enhance communication. An example of this could be CEO’s using Blogs to enhance communication and build trust within the organisation, also further developing a positive image of the company. Also, RSS feed provides website statistics to managers and has the potential to update customers with product updates ad company news.

What is eBusiness, how does it differ from eCommerce?

eBusiness is the conducting of business on the internet, including buying and selling, serving customers and collaborating with business partners. eCommerce is the buying and selling of goods and services over the internet, referring only to online transactions. The primary difference between eCommerce and eBusiness is that eBusiness also refers to online exchanges of information, such as a manufacturer allowing its suppliers to monitor production schedules or a financial institution allowing its customers to review their banking, credit card and mortgage accounts.

eBusiness vs. eCommerce

"Ebusiness goes far beyond ecommerce or buying and selling over the Internet, and deep into the processes and cultures of an enterprise. It is the powerful business environment that is created when you connect critical business systems directly to customers, employees, vendors, and business partners, using Intranets, Extranets, ecommerce technologies, collaborative applications, and the Web."

See further at http://www.ebusinessprogrammers.com/ebusiness/ecommerce_and_ebusiness.asp

What is pure and partial eCommerce?

Pure and partial eCommerce refers to the product, process and delivery agent of eCommerce being physical or digital. For example, Brick-and-mortar organizations are purely physical, whereas click-and-mortar organisations are those that conduct some eCommerce activities, yet their business is primarily done in the physical world i.e. partial eCommerce. Virtual organisations are companies that engage solely in ecommerce, which is also known as pure play.

List and describe the various eBusiness models.

A diagram on the relation of the various eBusiness models.

An eBusiness model is an approach to conducting electronic business on the Internet, and these business transactions take place between the two main entities – businesses and consumers. There are four main types of eBusiness models:

- Business-to-business (B2B), which applies to businesses buying from and selling to each other over the Internet.

- Business-to-consumer (B2C), which applies to any business that sells its products or services to consumers over the Internet. Common B2C eBusiness models include e-shops and e-mails.

- Consumer-to-business (C2B), which applies to any consumer that sells a product or service to a business over the Internet. An example of this would be an individual using advertising services on Amazon.com. 

- Consumer-to-consumer (C2C), which applies to sites primarily offering goods and services to assist consumers interacting with each other over the Internet. An example of this is eBay which is the most successful C2C online auction website, linking like-minded buyers and sellers for a small commission.

List and describe the major B2B models.

There are 4 main B2B models:

-       Buyer side; a corporate based acquisition site that uses reverse auctions, negotiations, group purchasing, or any other e-procurement method. Groups of buyers open an e-market place and invite buyers to bid on services/goods, also known as the request for quote (RFQ) methodology (the invitation to participate in a bidding system.

-       Seller side; a web-based niche marketplace in which one company sells to many business buyers from e-catalogues or auctions frequently over an extranet. The three major pricing methods used are selling from electronic catalogues, selling via forward auctions, and one-to-one selling usual under a negotiated long term contract.

-       Electronic exchange; where sellers, buyers, and the services are all linked via the exchange.

-       Collaborative commerce; where the Hub Manager is the central link between buyers, sellers, universities, governments, communities, and other industry associations.

Outline 2 opportunities and 2 challenges faced by companies doing business online.

Two opportunities faced by companies doing business online is that they are available to an extremely broader market, as well as eliminating the factor of distance between the business and the consumer. These to opportunities allow the company to expand their business over the Internet, which essentially expands it globally without having to physically go the distance of offering your services to consumers.

Two challenges that companies may face by doing business online are security threats, and having different legal systems within different countries. There are always security threats to personal information being entered into the internet i.e. a consumer’s billing information being entered into an online store, which may result in the consumer being reuctant to use the company’s online service. Also, different legal systems in different countries pose as a challenge to companies taking their business online as the legal system of the origin of the business is the only one that is applicable to the business, whereas in countries with a different legal system, particular attributes of the online business may be illegal. 

Strategic Decision Making - Week 3 Questions

STRATEGIC DECISION MAKING

Weekly Questions – Week Three

A general diagram for strategic decision making.

Define TPS and DSS, and explain how an organisation can use these systems to make decisions and gain competitive advantages.

TPS (Transaction Processing Systems) are the basic business systems that serve the operational level in an organisation, and DSS (Decision Support Systems) model information to support managers and business professionals during the decision-making process. TPS supplies transaction-based data to the DSS. The DSS then summarises and aggregates the information from the many different TPS systems, which assists the managers in making informed decisions. These decisions can be made through the interpretation of the data such as sales, manufacturing and transportation data in the DSS from order entry, inventory and shipping data in the TPS, which all compile the managerial reports that assist in business improvement decisions and allow competitive advantages.

Describe the three quantitative models typically used by decision support systems.

The three quantitative models often used by DSS are as follows;

Sensitivity analysis studies the impact that changes in one or more parts of the model have on other parts of the model.

The What-if analysis checks the impact of a change in an assumption on the proposed solution.

Goal-seeking analysis finds the inputs necessary to achieve a goal such as a desired level of output.

Describe a business process and their importance to an organisation.

A business process is a standardised set of activities that accomplish a specific task. They transform a set of inputs to a set of outputs for another person or process using people and tools. As organisations pride themselves on providing breakthrough products and services for customers, an organisation must have a complete understanding of all its business processes, which will automatically satisfy customers and spur profits.

http://www.youtube.com/embed/JUInjQvzIkE


This short video further explains business processes.

Compare business process improvement and business process re-engineering.

Business process improvement attempts to understand and measure the current process and make performance improvements accordingly. Improving business processes is paramount in order to stay competitive in today’s electronic marketplace, as customers are demanding better products and services. Business process re-engineering (BPR) is the analysis and redesign of workflow within and between enterprises, relying on a different school of thought than business process improvement. BPR starts redeveloping business processes with a clean slate, assuming that the current process is irrelevant so that they are able to disassociate themselves from today’s process and focus solely on a new one.

Describe the importance of business process modelling (or mapping) and business process models.

Business process modelling (or mapping) is the activity of creating a detailed flowchart or process map of a work process, showing its inputs, tasks and activities in a structured sequence. A business process model is a graphic description of a process showing the sequence of process tasks, which is developed for a specific purpose and from a selected viewpoint. These are both used in determining whether each process is appropriately structured, also displaying input-output relations among process-dependant operations and departments. Business process models must be created to document the step-by-step process sequence of the activities that are required to convert inputs to outputs for the specific process.

Information Systems in Business - Week 2 Questions

INFORMATION SYSTEMS IN BUSINESS

Weekly Questions – Week Two

Explain information technology’s role in business and describe how you measure success.

Information technology plays a significant role in business. Once IT systems are embedded within a business, the business is positively impacted as they are given the potential to improve and expand through their exposure to broader, global markets improving productivity, and reducing costs simultaneously. Additionally, this impact spreads throughout various aspects and departments of the business including HR, sales, marketing, accounting and operations not only as a resource of business processes, but also an enabler of business success.

This Diagram demonstrates how people, information. and information technology are linked.

The success of IT is difficult to measure, alongside the fact that they are used to simultaneously improve productivity and reduce costs within a business. In order to gain a substantial measurement of IT success within a business, Key Performance Indicators (KPI’s) and metrics are used. These methods are most suitable in obtaining a measurement of IT success, as today’s fast paced business environment requires nothing short of efficient and effective processes.

KPI Model

List and describe each of the forces in Porter’s Five Forces Model.

A diagram of Porter's Five Forces Model

Michael Porter’s Five Forces Model consists of the following forces that mark the foundation process of information systems;

Suppliers (supplier power) – this relates to the amount of other existing suppliers. The fewer suppliers within one’s target market, the stronger the supplier power, whereas multiple suppliers to the same market results in weak supplier power.

Potential Entrants (threat of mobility) – this relates to the opportunity for other suppliers to enter into the market. The easier it is to enter, the stronger the threat of mobility.

Buyers (buyer power) – this relates to the available choices that the buyer may have. The larger amount of choices they have, the stronger the buyer power, whereas lesser choices for the buyer results in weak buyer power.

Substitutes (threat of substitutes) – this relates to the availability of alternatives to one’s product. The more substitutes for one’s product available, the stronger the threat. 

Industry Rivalry – this relates to the level of competition within a particular market. Rivalry becomes higher as competition is more intense.

Describe the relationship between business processes and value chains.

A business process is a standardised set of activities that accomplish a specific task, for example, processing a customer’s order. The value chain approach views an organisation as a series of processes, each of which adds value to the product or service for each customer. The business process of an organisation and the value chain they create play an integral role in strategy execution, as the value chain can be used to evaluate the effectiveness of the organisation’s business process. This evaluation can create a competitive advantage, as the value chain must enable to organisation to provide unique value to its customers, bettering their business processes.

Compare Porter’s three generic strategies.

Porter’s three generic strategies, broad cost leadership, broad differentiation and focused strategy are all closely linked and have equal significance among one another. Porter believes that an organisation should follow only one of the three strategies when entering a new market, as aiming to be all things for all people and projecting a consistent image to the entire marketplace is extremely difficult. Broad strategies reach a large market segment, while focused strategies target a niche market and concentrate on either cost leadership or differentiation. 




The following link is a great explanation of these strategies:


http://marketingteacher.com/lesson-store/lesson-generic-strategies.html