E-Business & Info Security: Ethics, IP, and Database Management - Prof. Frederick Rodammer, Study notes of Information Technology

Download E-Business & Info Security: Ethics, IP, and Database Management - Prof. Frederick Rodammer and more Study notes Information Technology in PDF only on Docsity! ITM 309 Spring, 2011 Exam Two Topics: Review Outline - March 21, 2011 eBusiness – Chapter 3 eBay Case and Class Discussion 1.What is eBay’s e-business model and why has it been so successful?  Initially, it was C2C, but they also use B2C now (entrepreneurs) 2.Which type of online auctions is eBay using?  Forward online auction 3.Which metrics would you use if you were hired to assess the efficiency and effectiveness of eBay’s Web site? 4.What are some of the business challenges facing eBay and what is eBay doing to address them?  Rate sellers  Shipping on time with contractor  Security of customer financial information  Security of also tax laws eBusiness Models and Business Types  eBusiness model: an approach to conducting electronic business on the Internet o Business-to-business (B2B): applies to businesses buying from and selling to each other over the internet  Electronic marketplace (e-marketplace): interactive business communities providing a central market where multiple buyers and sellers can engage in e-business activities o Business-to-consumer (B2C): applies to any business that sells its products or services to consumers over the Internet  E-shop: a version of a retail store where customers can shop any time without leaving their home  E-mall: consists of a number of e-shops; it serves as a gateway through which a visitor can access other e-shops  **Brick-and-mortar business: physical store without the internet  **Pure-play business: internet only  **Click-and-mortar business: both physical store and on the internet (i.e. Best Buy) o Consumer-to-business (C2B): applies to any consumer that sells a product or service to a business over the internet  Ex) priceline.com  Demand for C2B e-business will increase over the next few years due to customer’s desire for greater convenience and lower prices o Consumer-to-consumer (C2C): applies to sites primarily offering goods and services to assist consumers interacting with each other over the Internet  Communities of interest: people interact with each other on specific topics (i.e. golf, stamp collecting)  Communities of relations: people come together to share certain life experiences (i.e. cancer patients, senior citizens, car enthusiasts)  Communities of fantasy: people participate in imaginary environments (i.e. fantasy football) Online Auctions  Electronic auction (e-auction): sellers and buyers solicit consecutive bids from each other and prices are determined dynamically  Forward auction: sellers use as a selling channel to many buyers and highest bid wins  Reverse auction: buyers use to purchase a product or service, selecting the seller with the lowest bid eBusiness Measurements  Most companies measure the traffic on the web site as the primary determinant of the site success  A large amount of web site traffic does not necessarily equate to large sales  Web site traffic analysis can include: o Cookie: info on customers and web activity o Click-through: go to another site o Banner ad o Interactivity: with target ad  Clickstream data: tracks the exact pattern of a consumers’ navigation through the site o Number of pageviews o Pattern of web sites visited o Length of stay on site o Date and time visited o Number of customers with shopping carts o Number of abandoned shopping carts  Metrics include: o Visitor metrics o Exposure metrics o Visit metrics o Hit metrics ? e-business Benefits  Highly accessible  an organization’s information is intellectual capital—it must be protected  information security: the protection of information from accidental or intentional misuse by persons outside or inside an org.  e-business automatically creates tremendous information security risks for orgs.  Lack of security o High risk o Low cost o Open access may lead to data loss or data integrity problems which may lead to productivity loss o No productivity loss  Overly restrictive security o High cost o Low risk o Restrictive access may lead to non-compliance with security processes which may lead to loss of security o Productivity loss Lines of Defense 1. People a. Org. must enable employees, customers, and partners to access info electronically b. The biggest issue surrounding the info security is not a technical issue, but a people issue c. 33% of security incidents originate within the org. i. insiders: legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident d. develop information security policies and information security plan i. information security: broad team about the protection of info from accidental or intentional misuse by persons inside or outside an org ii. information security policies: identify the rules required to maintain information security iii. information security plan: details how an org. will implement the information security policies 2. Technology a. Intellectual property: intangible creative work that is embodied in physical form b. Copyright: the legal protection afforded an expression of idea, such as a song, video game, etc. c. Fair use doctrine: it is legal to use copyrighted p=material in certain situations d. Pirated software: the unauthorized use, duplication, distribution, or sale of copyrighted software e. Counterfeit software: software that is manufactured to look like the real thing and sold as such Security Measures, Methods, and Tools  Information technology monitoring: tracking peoples activities by such measures as number of keystrokes, error rate, and number of transactions processed o Key logger/trapper: a program that, when installed on the computer, records every keystroke and mouse click o Hardware key logger: a hardware device that captures keystrokes on their journey from the keyboard to the mouse o Cookie: a small file deposed on a hard drive by a website containing info about customers and their web activities  Allow websites to record the comings and goings of customers, usually without their knowledge or consent o Adware: software that generates ads that install themselves on acomputer when a person downloads some other program from the internet o Spyware/sneakware/stealthware: software that comes hidden in free downloadable software and tracks online movements, mines the information stored on a computer, or uses a computer’s CPU and storage for some task the user knows nothing about o Web log: consists of one line of information for every visitor to a website and is usually stored on a web server o Clickstream: records info about a customer during a surfing session such as what websites were visited, how long the visit was, and what ads were viewed, and what was purchased Primary IT Security Areas 1. authentication (a method of confirming users’ identities) and authorization (the process of giving someone permission to do or have something) a. involves something the user knows (user ID and password) b. something the user has (smart card or token) c. something that is part of the user (fingerprint or voice signature) 2. prevention and resistance a. downtime can cost an org. anywhere from $100 to $1 million per hour b. technologies available to help prevent and build resistance to attacks include: i. content filtering ii. encryption iii. firewalls 3. detection and response a. if prevention and resistance strategies fail and there is a security breach, an org. can use detection and response tech. to mitigate the damage b. antivirus software is the most common type Databases and Data Warehouses – Chapter 6 Google Case and Class Discussion  Review the five common characteristics of high-quality information and share how you would rank them in order of importance to Google’s business.  What would be the ramifications to Google’s business if the search information it presented to its customers was of low quality? Ben and Jerry’s Case and Class Discussion  How is Ben & Jerry’s using business intelligence tools to remain competitive in a saturated market? o Track each ingredient  What is Ben & Jerry’s key focus in using Business Intelligence from their data warehouse to gain a competitive advantage? o Obsessed with business quality Foundation Data Concepts  Levels of data o Character: letter, number, symbol—single entity/instance o Field: grouping of characters—name, PID  Records: grouping of fields, related fields with attributes and length—“Name, PID, Section #”  Files: unique record, grouping of records with classification—all students in ITM 309  Database o integrated collection of logically related data elements o consolidates records into common pool of data elements o data is independent of application program and storage device Database Models, Fundamentals and Advantages  database fundamentals o information is everywhere in an org o information is stored in databases: maintains information about various types of objects (inventory), events (transactions), people (employees), and places (warehouses)  database models: o hierarchical database model: information is organized into a tree-like structure (using parent/child relationships) in such a way that it cannot have too many relationships o network database model: a flexible way of representing objects and their relationships o relational database model: store information in the form of logically related two- dimensional tables  database advantages: o increased flexibility  a well-designed database should:  handle changes quickly and easily  provide users with different views  Explain the fundamentals of wireless fidelity; How does it work ? o Operational efficiency: a critical business requirement aimed at shaving costs, increasing reach, and doing more with the same resources  Describe the strategic differences between UPS and FedEx’s use of wi-fi and technology in general. o UPS does it in phases, slower and more deliberate  Identify two types of wireless business opportunities the companies could use to gain a competitive advantage. o RFID tags, which could replace bar code scanners o GPS, which can precisely locate field units Telecommunications and Network Basics  Telecommunications system: enable the transmission of data over public or private networks o Virtual Private Network (VPN): secure network that uses the Internet as its main backbone net work, but relies on network firewalls, encryption, and other security features of its Internet and intranet connections and those of participating organizations  Network: a communications, data exchange, and resource-sharing system created by linking two or more computers and establishing standards, or protocols, so that they can work together  *Comparing o which is faster? o Which is harder to install/maintain/repair? o Which are more secure? Wireless and WiMax  Wireless fidelity (wi-fi): a means of linking computers using infrared or radio signals o Cellular phones and pagers o GPS o Cordless computer peripherals o Home-entertainment-system control boxes o Two-way radios o Satellite TV o **Problem: hot spots are very small, so coverage is sparse  WiMAX: a telecommunications technology aimed at providing wireless data over long distances in a variety of ways, from point-to-point links to full mobiles cellular type access LAN, WAN, MAN, and VPN  Local area network (LAN): is designed to connect a group of computers in close proximity to each other such as in an office building, a school, or a home  Wide area network (WAN): spans a large geographic area, such as a state, providence, or country  Metropolitan area network (MAN): a large computer network usually spanning a city RFID Technology and Wireless Technology  Radio Frequency Identification (RFID): use active or passive tags in the form of chips or smart labels that can store unique identifiers and relay this info to electronic readers o RFID tag: contains a microchip and an antenna, and typically work by transmitting a serial number via radio waves to an electronic reader, which confirms the identity of a person or object bearing the tag Mobile Workforce Trends  Social networking gets mobilized  Mobile TV  Multi-function devices become cheaper and more versatile  Location-based services  Mobile advertising  Wireless providers move into home entertainment  Wireless security moves to the forefront  Enterprise mobility Guest Speakers Appleseed Health Care 1. One way that BI systems aid the business of healthcare is by: a. Engaging internal customers (stakeholders) in business decisions; make a difference 2. Which of the following is a good first step in mining data? a. Ensuring that the system(s) from which the data will be extracted are open and allow for extracts. 3. Healthcare is an excellent industry to start a career because? a. ALL OF THE ABOVE, you are helping your fellow human being, you’ll learn skills Oracle, Inc. 1.Organizations today are data rich, but information poor . 2.Which is NOT considered a business and system challenge? --Lack of globalization reduced complexities in the value chain 3.What provide the best use of capital to drive efficient and innovation according to the economist: CEO briefing on the corporate priorities --Technology 4.Which is not considered one the 3 pillars of achieving excellence using enterprise performance management? --Being a fragmented enterprise