MIS
Core ERP Modules
-Financial Management -Operations Management -Human Resource Management
What are Major Benefits of ERP Systems?
-Organizational flexibility and agility -Decision support -Quality and efficiency
Cloud Based Systems Benefits
1: Cloud Computing Has a Positive Impact on Employees 2: Cloud Computing Can Save Money 3: Cloud Computing Can Improve Organizational Flexibility and Competitiveness
Employee Monitoring Systems
Systems that monitor employees computers, e-mail activities, and Internet surfing activities
VPN (Virtual Private Network)
a private network that uses a public network (usually the Internet) to connect users. VPNs essentially integrate the global connectivity of the Internet with the security of a private network and thereby extend the reach of the organization's networks. VPNs are called virtual because they have no separate physical existence.
Firewall
a system that prevents a specific type of information from moving between untrusted networks, such as the Internet, and private networks, such as your company's network.
Authentication
confirms the identity of the person requiring access.
DDOS
denial of service attack that sends a flood of data packets from many comprised computers simultaneously
Vulnerability
is the possibility that the system will be harmed by a threat
Physical Control
prevent unauthorized individuals from gaining access to a company's facilities. Common physical controls include walls, doors, fencing, gates, locks, badges, guards, and alarm systems.
Transaction Processing System (TPS)
supports the monitoring, collection, storage, and processing of data from the organization's basic business transactions, each of which generates and collects data continuously, in real time.
Physical Threats
-Carelessness with laptops: Losing or misplacing laptops, leaving them in taxis, and so on. -Carelessness with computing devices: Losing or misplacing these devices, or using them carelessly so that malware is introduced into an organization's network. -Opening questionable e-mails: Opening e-mails from someone unknown, or clicking on links embedded in e-mails (see phishing attack in Table 4.2). -Careless Internet surfing: Accessing questionable Web sites; can result in malware and/or alien software being introduced into the organization's network. -Poor password selection and use: Choosing and using weak passwords (see strong passwords in the "Authentication" section later in this chapter).
Employee based threat
-Carelessness with one's office: Leaving desks and filing cabinets unlocked when employees go home at night; not logging off the company network when leaving the office for any extended period of time. -Carelessness using unmanaged devices: Unmanaged devices are those outside the control of an organization's IT department and company security procedures. These devices include computers belonging to customers and business partners, computers in the business centers of hotels, and so on. -Carelessness with discarded equipment: Discarding old computer hardware and devices without completely wiping the memory; includes computers, smartphones, BlackBerry® units, and digital copiers and printers. -Careless monitoring of environmental hazards: These hazards, which include dirt, dust, humidity, and static electricity, are harmful to the operation of computing equipment.
Deliberate Threats to Information Systems?
-Espionage or Trespass -Information Extortion -Sabotage or Vandalism -Theft of Equipment or Information -Identity Theft -Compromises to Intellectual Property -Software Attacks -Alien Software -Supervisory Control and Data Acquisition (SCADA) Attacks -Cyberterrorism and Cyber warfare
Major Causes of ERP Implementation Failure?
-Failure to involve affected employees in the planning and development phases and in change management processes -Trying to do too much too fast in the conversion process -Insufficient training in the new work tasks required by the ERP system -The failure to perform proper data conversion and testing for the new system
Three major disadvantages of using cloud-based ERP systems are:
-It is not clear whether cloud-based ERP systems are more secure than on-premise systems -Companies that adopt cloud-based ERP systems sacrifice their control over a strategic IT resource -Lack of control over IT resources when the ERP system experiences problems
What are Major Limitations of ERP Implementations?
-Since ERP's are based on best practices companies may need to change their methods of achieving business objectives -ERP systems can be complex, expensive, and time-consuming to implement.
ERP Support for Business Processes:
-The Procurement, Fulfillment, and Production Processes -Interorganizational Processes: ERP with SCM and CRM
Three major advantages of using a cloud-based ERP system are:
-The system can be used from any location that provides Internet access -Companies using cloud-based ERP avoid the initial hardware and software expenses that are typical of on-premise implementations -Cloud-based ERP solutions are scalable, meaning it is possible to extend ERP support to new business processes and new business partners (e.g., suppliers) by purchasing new ERP modules.
Five Factors Contributing to Vulnerability
-Today's interconnected, interdependent, wirelessly networked business environment -Smaller, faster, cheaper computers & storage devices -Decreasing skills necessary to be a computer hacker -International organized crime taking over cybercrime -Lack of management support
Cloud Based Systems Concerns
1. Legacy IT Systems 2. Reliability 3. Privacy 4. Security 5. The Regulatory and Legal Environment 6. Criminal Use of Cloud Computing
What are the Functional Areas used by TPSs
Accounting and Finance Marketing Production/Operations Management Human Resource Management
Multiple Sources of Data
Internal Data Sources Personal Data Sources External Data Sources
System Threats
Remote Attacks Requiring User Action: Virus Worm Phishing Attack Spear Phishing Attack
Worm
Segment of computer code that performs malicious actions and will replicate, or spread, by itself (without requiring another computer program).
Virus
Segment of computer code that performs malicious actions by attaching to another computer program.
Authentication
Something the user is: (e.g., fingerprint scans, palm scans) Something the user has: [(ID) cards, smart ID cards, and tokens.] Something the user does: voice and signature recognition Something the user knows: passwords and passphrases
CRM (Customer Relationship Management)
These modules support all aspects of a customer's relationship with the organization. They help the organization to increase customer loyalty and retention, and thus improve its profitability. They also provide an integrated view of customer data and interactions, helping organizations to be more responsive to customer needs. (Extended ERP Modules)
Spear Phishing
attack the perpetrators find out as much information about an individual as possible to improve their chances that phishing techniques will obtain sensitive, personal information
Phishing
attacks target large groups of people
External Sources
ex. Commercial databases, government reports, and corporate Web sites.
Internal Sources
ex. Corporate databases, company documents
Disaster Recovery
purpose is to provide guidance to people who keep the business operating after a disaster occurs
ERP Systems
systems designed to correct a lack of communication among the functional area IS and they adopt a business process view of the overall organization to integrate the planning, management, and use of all of an organization's resources, employing a common software platform and database.
Encryption
the process of converting an original message into a form that cannot be read by anyone except the intended receiver
Phishing attacks
use deception to acquire sensitive personal information by masquerading as official-looking e-mails or instant messages.