BMAL-590 Information Management Systems
Content management systems allow multiple ________ to create, edit, and publish on a given site.
(users) contributors
Quality
, another component of project management, serves as an indicator of how well the result of a project satisfies the objectives of the project. The quality of information systems projects is usually determined based on whether there is improved performance and decision making within a business.
United Nations Declaration of Human Rights (UDHR)
1948, Article 12: "No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks." the right to privacy is articulated in many of the major international and regional human rights instruments
International Covenant on Civil and Political Rights (ICCPR)
1966, Article 17: "1. No one shall be subjected to arbitrary or unlawful interference with his privacy, family, home or correspondence, nor to unlawful attacks on his honour or reputation. 2. Everyone has the right to the protection of the law against such interference or attacks."
extranet
A private electronic network that links a company with its suppliers and customers
v-shaped model
An adaptation of the waterfall model testing is incorporated as an important part to the close of each phase.
content management system (CMS)
An application that is utilized to manage web content Content management systems allow multiple contributors to create, edit, and publish on a given site. Typically stored in a database, content in a content management system is displayed based on a set of templates. An enterprise content management system helps facilitate collaboration in the workplace by integrating document management, digital asset management, and records retention functionalities. The collaborative nature of a CMS is a significant advantage to traditional file management systems. Multiple users can log on simultaneously and contribute, schedule, or edit content for publication. The interface is usually browser-based allowing a CMS to be accessible from anywhere by any number of users. When a company uses a content management system to publish pages, it reduces the dependence on web developers to make changes to the website. In addition to streamlining the editing or posting of new content, it is more cost effective.
Information Technology (IT)
Any computer-based tool that people use to work with information and support the information and information-processing needs of an organization Therefore, IT falls under the IS umbrella as it deals with the technological components that are used in the information systems themselves. IT encompasses hardware, software, databases, and networks. The major emphasis of IT is to manage technology and help users make the most of its functionality
Global Threats: Cyberterrorism and Cyberwarfare
China, the United States, Brazil, Russia, and India are currently the sources of most of the world's online attacks. Over the years, hackers have stolen plans for missile tracking systems, satellite navigation devices, surveillance drones, and leading-edge jet fighters. Cyberwarfare poses a severe threat to the infrastructure of modern societies. Since the major financial, health, government, and industrial institutions of modern societies rely on the Internet for daily operations.
Privacy and Freedom in the Internet Age
Claims to privacy are also involved in the workplace. Information technology and systems have the potential to threaten individual claims to privacy by making the invasion of privacy affordable, profitable, and effective. The claim to privacy is protected in the U.S., German, and Canadian constitutions as well as in a variety of different ways in other countries through various statutes
_________ operating systems use code that is proprietary and kept secret to prevent its use by other entities.
Closed-source
closed-source
Closed-source operating systems use code that is proprietary and kept secret to prevent its use by other entities. Traditionally, they are sold for a profit. Closed-source operating systems include Microsoft Windows and Solaris Unix. MacOS is considered closed-source but does offer open-source components.
public clouds
Clouds that are operated by a third-party cloud service provider These cloud service providers deliver computing resources over the Internet. Amazon Web Services (AWS) and Microsoft Azure are examples of public cloud service providers. In a public cloud, all hardware, software, and supporting infrastructure is owned and managed by the cloud provider.
a few key technological trends:
Computing power doubles approximately every 18 months which means more organizations depend on computer systems for critical operations. This is known as Moore's Law of Microprocessors. The rapid decline of data storage costs means organizations can easily maintain detailed databases on individuals. This is known as the Law of Mass Digital Storage. Data analysis advances which mean companies can analyze vast quantities of data gathered on individuals to develop detailed profiles of individual behavior. Advances in networking mean that copying data from one location to another and accessing personal data from remote locations is much easier for businesses and individuals alike. Mobile device growth which means personal cell phones may be tracked without user consent or knowledge.
Fair Information Practices (FIP) of 1973
FIP is a set of standards governing the collection and use of information about individuals. These governing principles are based on the concept of a mutuality of interest between the record holder and the individual. The individual has an interest in engaging in a transaction, and the record keeper, usually a business or government agency, requires information about the individual to support the transaction. Once data is collected, the individual maintains an interest in the record, and the record keeper may not use the record to support other activities without the individual's consent.
Many of the American and European privacy laws are based on the
Fair Information Practices of 1973
Health Insurance Portability and Accountability Act (HIPAA) of 1996
HIPAA outlines medical privacy and security rules and procedures for the administration of health care billing as well as automating the transfer of health care data between health care providers, payers, and plans. HIPPA requires members of the health care industry to retain patient information for six years and ensure the confidentiality of those records. It specifies privacy, security, and electronic transaction standards for health care providers handling patient information.
botnets
Hackers create these botnets, or large groups of infected computers, by infecting other people's computers with malware giving a hacker control of their computers. The infected computer then becomes a slave, or zombie, serving a master computer belonging to someone else. Once hackers infect enough computers, they can use the amassed resources of the botnet to launch DDoS attacks, phishing campaigns, or unsolicited "spam" e-mail
Software
Hardware is useless without software. Typical software within an organization includes productivity applications, enterprise resource planning (ERP), and customer relationship management (CRM).
advancements in IT infrastructure
In 1965, Gordon Moore theorized that the number of components in an integrated circuit doubled approximately every year. He later revised his prediction to say that a doubling would occur every two years. This prediction— known today as "Moore's Law of Microprocessors"—has been remarkably accurate. Through the years microprocessors have become smaller, cheaper, and more powerful. Today we have an abundance of affordable, powerful electronics. A second technology driver of IT infrastructure is known as the Law of Mass Digital Storage. It is estimated that the amount of digital information is roughly doubling every year. Fortunately, the cost of storing digital information is falling at an exponential rate. In 2019, a 500-gigabyte hard disk drive retails for about $30. Metcalfe's Law. The inventor of Ethernet local area network technology, Robert Metcalfe, noted in 1970 that the power of a network grows exponentially as a function of the number of network nodes. As the number of members within a network increase, the value of the entire system grows exponentially and will continue to grow forever as members increase. a rapid decline in the expenses of communication and the exponential growth of the size of the Internet. An estimated 4.2 billion people worldwide now have Internet access. As communication costs decline, utilization of communication and computing facilities will continue to explode.
Dark Web
Internet content that cannot be indexed by Google and other search engines All manner of drugs, guns, credit card numbers, counterfeit money, stolen subscription credentials, and software that helps you break into other people's computers are all items available for purchase on the Dark Web Access to the dark web requires the use of a special anonymizing browser called Tor. Once a user connects via the Tor browser, web page requests are routed through a series of proxy servers operated by thousands of users around the globe. This process of anonymizing renders a user's IP address unidentifiable and untraceable making it virtually impossible to trace the source of the computer.
Malicious Software
Known as Malware the term used to describe any malicious program or code that is designed to be harmful to systems. Malware seeks to invade, damage, or disable computer systems, networks, and mobile devices, often by taking control over a device's operations. Malware is primarily aimed towards making money off of a business or individual persons illicitly. Although malware typically cannot damage the physical hardware of systems or network equipment it can and does steal, encrypt, or delete data, alter core computer functions, and spy on computer activity without the knowledge or permission of the user. The most common ways that malware accesses a system is through the Internet and e-mail. Malware can penetrate a computer when an individual unknowingly visits a hacked website, clicks on a game demo, downloads an infected file, installs a new toolbar from an unfamiliar provider, or opens a malicious e-mail attachment. Malware can hide in seemingly legitimate applications causing damage to systems and even entire enterprises.
Mainframes
Mainframes today continue to be used to handle vast volumes of transactions or for analyzing substantial quantities of data. Mainframes are also utilized for handling large workloads in data centers. The mainframe is utilized heavily within banking and telecommunications networks.
_________ allows someone else to use the resources of a computer to mine cryptocurrencies like Bitcoin or Monero.
Malicious cryptomining
information management system
Managers plan, control, and make decisions and as long as a system supports one or more of these activities
The Melissa virus
March 1999 $80 Million in "damages" Disguised as an important email from a friend Had an infected attachment Would then generate an email to the first 50 people on the person's outlook contact list with the infected attachment Would put a random name from the contact list in as the "From" The virus struck with such ferocity that companies' e-mail servers were overwhelmed with traffic; in some cases, leaving businesses without e-mail for weeks while technicians eradicated the threat.
Click fraud
Occurs when an individual or computer program fraudulently clicks on an online ad without any intention of learning more about the advertiser or making a purchase
Mobile Operating System Platforms
On mobile and tablet systems, closed-source operating systems include Apple iOS and the Symbian OS that was used by BlackBerry. The now-discontinued OS Symbian was the first popular smartphone operating system in the world. By 2009, it accounted for nearly half of the global smartphone operating systems market. RIM/Blackberry, also a pioneer in this market, held around 20 percent of the share. Despite the early start, both Symbian and RIM have been almost driven out of the market as new operating systems have been released. Android is based on the open-source Linux OS, though it has many proprietary, closed-source extensions. Introduced by Google in 2007 (Google, 2019), as of 2016, Android is the most popular smartphone operating system in the world. In 2009, 6.8 million Android smartphones were sold. By 2015, this figure had increased to more than 1.16 billion. At the beginning of 2016, Android accounted for around 85 percent of all smartphone sales to end users worldwide. (Statista, 2018) As of 2016, Apple's iOS is the second most popular operating system for smartphones.
open-source
Open-source operating systems use code that is freely-distributed and available to anyone to use, even for commercial purposes. Examples of open-source operating systems include Linux, FreeBSD, and OpenSolaris
virtual private network (VPN)
Private networks can also be extended across the Internet via a VPN A VPN lets its users send and receive data as if their devices were connected to the private network, even if they are not. Through a virtual point-to-point connection, users can access a private network remotely.
In business, organizations utilize information primarily in problem-solving or in decision-making processes
Problem-solving and decision-making require information. Gathering the correct information efficiently, storing it in such a way that it is accessible, and utilizing it to help an organization achieve its business goals are the keys to success in any business environment.
World Wide Web Consortium (W3C)
Responsible for setting Hypertext Markup Language and other programming standards for the web.
refers to potential problems threatening the success of a project. These potential problems may prevent a project from achieving its objectives by lowering the quality of project outputs, increasing time and cost, or preventing the project from being completed entirely.
Risk
Publicly traded companies must comply with the Public Company Accounting Reform and Investor Protection Act of 2002, better known as the
Sarbanes-Oxley Act
information technology
Systems thinking is supported by information technology refers to all technologies, especially computers and telecommunications, that collectively facilitate the building and maintaining of information management systems. Systems thinking is the basic reasoning behind an organization's dependence on computers and enterprise software applications.
five stages in the computing platform evolution
The Mainframe and Minicomputer Era (1959 to Present) was a period of highly centralized computing. This particular type of computing is carried out by professional programmers and systems operators. In recent years, the minicomputer has evolved into a midrange server and is part of a network. First introduced in 1981, the IBM PC is usually regarded as the beginning of the Personal Computer Era. The IBM PC was the first to be widely adopted by American businesses, initially using the DOS operating system and later the Microsoft Windows operating system. According to Gartner Dataquest, a leading research and advisory company, in April 2002 the billionth personal computer was shipped. The second billion mark was purportedly reached in 2007. In the Client/Server Era of computing (1983 to Present), desktop or laptop computers—which are referred to as clients—are networked to powerful server computers that provide the client computers with a variety of services. The term "server" references both the software application and the physical computer on which the network software runs. Servers today are typically more powerful versions of personal computers. In the Enterprise Computing Era (1992 to Present), the use of the Internet was adopted within businesses and developed into a trusted communications environment. Businesses began seriously using the Transmission Control Protocol/Internet Protocol (TCP/IP) networking standard to tie networks together. The resulting IT infrastructure links different pieces of computer hardware into an enterprise-wide network enabling information to flow freely across the organization. Cloud and Mobile Computing Era (2000 to Present) is still considered a new technology. Cloud computing is a method of computing that provides access to a shared pool of computing resources over a network or the Internet. These "clouds" of computing resources are accessed on an as-needed basis from any connected device or geographic location.
Computer Crime
The U.S. Department of Justice defines computer crime as "any violations of criminal law that involve a knowledge of computer technology for their perpetration, investigation, or prosecution."
project management
The application of knowledge, skills, tools, and techniques to achieve specific targets within the specified time and budgetary constraints Activities associated with project management include planning the work, assessing risk, estimating resources required to accomplish the job, organizing the work, acquiring human and material resources, assigning tasks, directing activities, controlling project execution, reporting progress, and analyzing the results.
IT infrastructure
The combination of hardware, software, network, and human resources that allow an organization to deliver information technology services to people within an organization There are several key components that make up IT infrastructure, one of which is hardware. Hardware makes it possible to support IT services. An organization needs computers, servers, routers, switches, and other equipment.
pharming
The fraudulent practice of directing Internet users to a bogus website The unsuspecting victim will appear to go to the correct web address; instead, it will be a fake site that the user then unsuspectingly provides confidential information to. This is done by gaining access to the Internet address information stored by Internet service providers who have flawed or unsecured software on their servers.
Data Management and Storage
The management of data can be a very dynamic process when you consider factors such as data growth, data storage costs, data protection, and long-term data storage capacity needs. Businesses today must also meet regulatory mandates with regard to data management in order to ensure compliance.
"bring your own device" (BYOD)
The popularity of smartphones has created an upsurge in employees using their mobile devices in the workplace. This trend has lead businesses to rethink the way they manage information technology equipment and services. Historically, at least in large businesses, the central IT department was responsible for selecting and managing the information technology and applications used by the business and its employees. Today, employees are playing a much more significant role in technology selection, making it more difficult for a business to manage and control devices.
"what you see is what you get" (WYSIWYG )
The second significant advantage of a content management system is that it allows non-technical people who don't know programming languages to create and manage their web content efficiently. WYSIWYG editors of a typical content management platform allow users to change the content of a site without needing to have a web development background.
Business Intelligence (BI)
The technology-driven process for analyzing and presenting information to support business decision-makers includes a wide variety of applications, tools, and methodologies. An organization collects data from both internal and external sources, prepares it for analysis then develops and runs queries against that data to support business intelligence. Reports, dashboards, and data visualizations can then be created to present actionable information to corporate decision-makers. Business intelligence tools benefit a business by accelerating and improving decision-making, optimizing internal business processes, and improving operational efficiencies to help gain a competitive advantage. Business intelligence programs may also incorporate forms of advanced analytics, such as data mining, predictive analytics, statistical, and big data analytics. Advanced analytics projects are often conducted and managed by separate teams of statisticians, data scientists, and other skilled analytics professionals. Business intelligence platforms are increasingly used as front-end interfaces for big data systems. Modern business intelligence software offers flexible backends, enabling the organization to connect to custom data sources. This, along with simple user interfaces, allows users to develop a unified view of diverse business data.
four categories of cloud computing services:
These categories include infrastructure as a service (IaaS), platform as a service (PaaS), software as a service (SaaS), and serverless
Encouraging ___________ participation in the design and operation of information systems can help facilitate positive organizational change.
User
Systems thinking
Viewing an organization in terms of its subsystems a complete approach to analysis focusing on the way a system's parts interrelate, and how systems work over time and within the context of larger systems. In order to solve problems, managers need to be able to identify the problem, which is done by recognizing the subsystems in which the problems occur and solving the problems within those subsystems' constraints and strengths. As an added benefit, systems thinking can also support managers by keeping them focused on the overall goals and operations of a business. Systems thinking encourages the manager to consider the entire system, not only their specific subsystem when solving problems or making decisions.
learning worker
We can instantly begin the process of learning anything, anywhere. The knowledge worker of the past is becoming the learning worker of today. This new movement is the age of "learning workers." These people typically have college degrees and advanced training, but what sets them apart is their knowledge of how to learn For businesses, this means establishing a culture of learning throughout the entire organization is even more critical. From onboarding to employee training, businesses must work to create training environments that enable continuous learning and rapid knowledge sharing among all employees.
end-user license agreement (EULA)
Where a complete listing of licensing terms and conditions is found When software is purchased, instead of the buyer "owning" the software, a licensing model is used. With the software license, the buyer purchases the legal right to use the software. These licenses give the user the right to use one or more copies of the software.
database
a collection of data organized to serve many applications efficiently by centralizing the data and controlling redundant data. Rather than storing data in separate files, data appears to users as being stored in a single location. A single database can serve multiple applications. Database technology reduces many of the issues of traditional file organization.
"zombie"
a computer that has been compromised by a hacker. In order to carry out DDoS attacks, perpetrators often use thousands of "zombie" PCs infected with malicious software to carry out such attacks.
server
a computer, a device, or a program that is dedicated to managing network resources. In theory, whenever computers share resources with client machines, they are considered servers. A client is a computer or a software application that accesses a service made available by a server. Businesses worldwide are estimated to have spent $448 billion on computer hardware in 2013, including servers and client devices.
Federal Trade Commission (FTC)
a federal agency empowered to prevent persons or corporations from using unfair methods of competition in commerce in 1998, the FTC extended the original FIP to provide guidelines for protecting online privacy.
COBIT
a framework of globally accepted practices, analytical tools, and models designed for the management and governance of enterprise IT systems. COBIT 5, is widely used by organizations focused on risk management and mitigation.
platform
a hardware or software architecture that serves as a foundation or base. The term "platform" initially denoted hardware and often still refers to only a CPU model or computer family but is also used to refer to a software platform.
Storage Area Network (SAN)
a high-speed network of storage devices that also connect those storage devices with servers. SANs are especially useful for backing up data and disaster recovery initiatives. Within a SAN, data can be transferred from one storage device to another without the need to connect to a server. This allows the backup process to speed up and eliminates the need to use CPU cycles for backup. Many SANs utilize fiber technology or other networking connectivity which allow networks to span large geographic distances. This enables organizations to keep their backup data in remote, geographically-dispersed locations.
rapid application development (RAD) method
a hybrid of the prototype method This method reduces the focus on initial planning to rapidly prototype and test potential solutions.
keylogger
a malware that records all of the user's keystrokes on the keyboard. The keylogger collects the gathered information and sends sensitive information such as usernames, passwords, or credit card details back to the attacker.
virus
a malware that when executed replicates itself by modifying other applications and infecting them with its own malicious bits of code.
Subscription-based software
a monthly or annual licensing. This licensing model requires periodic renewal fees at predetermined intervals as outlined in the end-user license agreement. Customers typically pay an initial subscription and are entitled to use the software only during the subscription term—unlike a perpetual license which allows the use of the software indefinitely. The subscription payment includes software licenses and often access to support services and new versions of the software as it becomes available
system development life cycle (SDLC)
a multistep, interative process used to provide a framework for technical and non-technical activities to deliver a quality system which meets the business's expectations. This lifecycle utilizes multiple steps to accomplish this. Planning is the first phase of the systems development process. It used to determine whether there is a need for a new system to achieve a business's strategic objectives and whether the business has the ability to acquire the resources required to build a system. This step is used to determine the scope of the problem and identify solutions. Resources, costs, time, benefits and other expenses should be considered at this stage. The second phase is systems analysis and requirements in which the business focuses on the source of their problem or need for change. Possible solutions are carefully analyzed to help determine whether they meet the functional requirements of the project. The needs of the end users are also examined to ensure the new system can meet their expectations as well. Systems analysis is vital in determining what the needs of the business are, how those needs will be met, and who is responsible for parts of the project, as well as establish a timeline. The third phase, systems design, describes the necessary specifications, features, and operations that will satisfy the functional requirements of the proposed system. In this step, end users will discuss and determine their specific business information needs for the proposed system. It's during this phase that end users will consider the essential components, structure, processing, and procedures for the system to accomplish its objectives. The fourth phase in the system development lifecycle is development. In this phase, the involvement of a programmer, network engineer or database developer signifies the start of production. The fifth phase, integration and testing, involve systems integration and system testing which is typically carried out by a quality assurance professional. It is determined in this phase if the proposed design meets the initial set of business goals. Testing will be repeated to check for errors until the end user finds it acceptable. Verification and validation are also an essential part of this phase, both of which will help ensure the program's successful completion. The sixth phase, implementation, involves the actual installation of the newly-developed system. In this phase, the project is put into production by moving the data and components from the old system into the new system. Once implementation is complete, the system is then said to be in production. Operations and maintenance are the seventh and final phase. It involves maintenance and regularly required updates. End users can fine-tune the system to meet additional user requirements if needed. Maintenance of a newly implemented system includes supporting needed changes to a production system to correct errors, meet new requirements, or improve processing as needed.
intranet
a network designed for the exclusive use of computer users within an organization that cannot be accessed by users outside the organization
database management system (DBMS)
a program used to create, process, and administer a database The database management system provides users and programmers with a systematic way to create, retrieve, update, and manage data. The database management system serves as an interface between the database and end users or application, ensuring that data is consistently organized and readily accessible. The DBMS manages three crucial components: the data, the database engine—which allows the data to be accessed or modified— and the database schema—which defines the database's logical structure. These foundational components help provide concurrency, security, data integrity, and consistent administration procedures. Typical database administration tasks supported by the database management system include change management, performance monitoring, and backup and recovery procedures. Many database management systems also provide features such as logging and auditing of activity which aids in ensuring only authorized access to the data. The database management system is perhaps most useful for providing a centralized view of data that can be accessed by multiple users. A database management system can limit what data each end user sees by offering many views of a single database schema.
Factor Analysis of Information Risk (FAIR)
a relatively new model that helps organizations quantify risk. The focus is on cybersecurity and operational risk, with the goal of making more well-informed decisions.
Chief Information Officer (CIO)
a senior manager who oversees the use of information technology in the business. Today's CIOs are expected to have a strong business background as well as information systems expertise and to assume a leadership role in integrating technology into the business's business strategy. Larger businesses today also have positions for a chief security officer, chief knowledge officer, and chief privacy officer, all of whom work closely with the CIO.
system
a set of detailed procedures, methods, processes, or course of action intended to achieve a specific result or carry out a particular activity. Components and parts of a system and interrelated steps work together for the good of the whole. A successful business attains results that are consistent, measurable, and ultimately benefit customers.
protocol
a set of rules that govern how systems communicate
Time
a significant component of project management. Project management typically establishes the amount of time required to complete substantial milestones of a project. Each of these milestones is further broken down into various tasks and activities. Project management tries to determine the time required to complete each task and establish a schedule for completing the work.
Spyware
a similar malware which secretly observes the activities of a user without permission and reports the activities back to the spyware creator.
Subsystem
a smaller component of a larger system
waterfall method
a steady sequence of activity that flows in a downward direction much like its name suggests. This traditional engineering process closes each phase upon completion.
Governance, risk, and compliance (GRC)
a structured approach to aligning information management systems department goals with the objectives of a business. Governance, risk, and compliance strives to manage risk while effectively meeting compliance requirements.
Worldwide Interoperability for Microwave Access (WiMAX)
a technology standard for long-range wireless networking, for both mobile and fixed connections. While WiFi's range is approximately 100 feet (30 m), WiMAX offers a radius of 30 miles (50 km). This increased range is due to the frequencies used and the power of the transmitter. At that distance oftentimes terrain, weather, and buildings will reduce the maximum range. However the potential exists to cover vast tracts of land.
Radio frequency identification (RFID)
a technology that uses small tags with embedded microchips. These microchips store information that can be used to uniquely identify an item as well as provide additional information about the item. The information can then be transmitted via radio signals over a short distance to RFID readers. The RFID readers then pass the data over a network to a computer for processing.
geographic information system or (GIS)
a tool that can analyze and display data using digital maps to enhance planning and decision-making. A geographic information systems application accesses a database that contains data regarding buildings, neighborhoods, cities, counties, states, countries, or even the entire world. By representing data on a map in different graphical forms, a decision-maker can quickly understand a situation taking place and act upon it.
Cloud computing
a trending model of computing in which computer processing, storage, software are provided as a pool of virtualized resources. These "clouds" of computing resources are accessed on an as-needed basis from any connected device and location over the Internet. Businesses have access to applications and IT infrastructure anywhere, at any time, and on any device.
perpetual software license
a type of license that once purchased, authorizes the use the program indefinitely. Traditionally, the perpetual license was the dominant licensing model used by most software vendors. Today, just 43 percent of software producers say perpetual software licenses contribute to half or more of their revenues.
worms
a type of malware which is self-replicating in order to spread to other computers over a network. Worms usually cause harm by destroying valuable data and files
A computer cannot make independent decisions or formulate steps for solving problems unless programmed to do so by
a user
exploit
a vulnerability in a system an attacker can take advantage of to gain access and take control of a system. Exploits are often linked to malvertising, which attacks through legitimate websites that unknowingly contain malicious content from a bad site. The malicious content then tries to install itself on a computer. Unfortunately, in this case, all one has to do is visit a legitimate site on the wrong day.
Ransomware
a widely used type of malware that locks a user out of a device and encrypts the files rendering them unusable. The unsuspecting user is then forced to pay a ransom in order to get access to the device. Ransomware is often considered the cyber criminal's weapon of choice due to the fact that it demands a quick, profitable payment in challenging to trace cryptocurrency. Defending against ransomware is very difficult as the code behind ransomware is easy to obtain through online criminal marketplaces.
Agile methods
are software-based systems that provide feedback through an iterative process and include Kanban, Extreme Programming (XP), and Dynamic systems development method (DSDM).
common forms of malware
adware, spyware, viruses, worms, trojans, ransomware, rootkit, keylogger, malicious crypto mining, and exploits.
Supply chain management systems or an SCM system
aids a business in the managing or dealings with suppliers. Suppliers, purchasing businesses, distributors, and logistics companies all benefit from these systems by the sharing of information about orders, production, inventory levels, and delivery of products and services. This allows for efficiencies in the sourcing, producing, and delivery of goods and services. SCM systems are often called Enterprise resource planning (ERP) systems. This is because the information they provide supports the planning of shipping resources such as personnel, funds, and raw materials. Supply chain management systems are the result of systems thinking and support systems thinking. They eliminate the need to reenter data that has already been captured somewhere else in the organization thereby saving time and money.
Open source licenses
allow software to be freely used, modified, and shared
customer relationship management (CRM) systems
allows the storage and management of prospect and customer information, like contact information, accounts, and sales opportunities, in one central location. These systems make information readily available to coordinate all of the business processes surrounding customers—such as marketing, sales, and service—to increase revenue.
Malicious cryptomining
an increasingly prevalent malware that is usually installed by a Trojan horse. Malicious cryptomining allows someone else to use the resources of a computer to mine cryptocurrencies like Bitcoin or Monero. The cryptominers then send the collected coins into their cryptocurrency account. Essentially, a malicious cryptominer makes money off of stolen computing resources.
hacker
an individual or group of individuals who intend to gain unauthorized access to a network or computer system.
Cost
another significant component of project management. Cost is based on the time it takes to complete a project multiplied by the cost of human resources required to complete the project. Information management systems project costs often include the cost of hardware, software, and workspace. Project management not only develops a budget for the project but also monitors the ongoing expenses of a project.
compliance
compliance
The branch of computer science known as _________ encompasses the creation of intelligent machines that work and react like humans.
artificial intelligence
These "clouds" of computing resources are accessed on a(n) __________ basis from any connected device and location over the Internet.
as-needed
Program Evaluation and Review Technique or a PERT
chart graphically depicts project tasks and their interrelationships. PERT charts list the specific activities that make up a project as well as project dependencies. The PERT chart portrays a project as a diagram consisting of numbered nodes representing project tasks. Each node is numbered and shows the task, duration, starting date, and completion date. The direction of the arrows on the lines indicate the sequence of tasks and displays which activities must be completed before the commencement of the next activity. PERT charts for large projects can be difficult to interpret at times, and project managers often use both techniques. These project management techniques help managers identify bottlenecks in the project and determine the impact specific problems will have on project completion times. They can also help systems developers partition projects into smaller, more manageable segments with defined, measurable business results. Standard control techniques can successfully chart the progress of the project against budgets and target dates, therefore deviations from the plan can be easily spotted.
information systems (IS)
collects, processes, stores, analyzes, and disseminates information for a specific purpose For instance, the hardware and software used to create, maintain and access an electronic health record is an information system. The computers, hard drives and other electronic devices used to store and distribute patient records are part of the system. These electronic devices on their own may be referred to as an information technology system, even though they are part of a particular information system. IS is the bridge between technology and the user.
Hybrid clouds
combine public and private clouds. In a hybrid cloud, data is configured to be shared between both clouds. By allowing data to move between private and public clouds, a hybrid cloud gives a business greater flexibility, more deployment options, and helps optimize your existing infrastructure, security, and compliance.
Infrastructure as a service (IaaS)
considered the most basic category of cloud computing services. With IaaS, IT infrastructure—servers and virtual machines (VMs), storage, networks, operating systems—is rented from a cloud provider. IaaS is most often billed on a pay-per-use subscription and a level of technical knowledge is required during configuration.
scope of a project
created to define what work is or is not included in a project. Project management determines all work required to complete a project successfully when beginning a project. Project managers should ensure that the scope of a project does not grow beyond what was initially intended.
Macintosh Operating System (Mac OS)
designed by Apple Inc. to be installed on the Apple Macintosh series of computers. First introduced in 1984, it is a graphical user interface (GUI) based OS has been released in multiple different versions over the years.
Capability Maturity Model Integration (CMMI)
developed by the Software Engineering Institute. CMMI is an approach that focuses on performance improvement. CMMI uses a scale to gauge an organization's performance, quality and profitability maturity level.
Expert systems (ES)
differ in that they rely on artificial intelligence techniques to support knowledge-intensive decision-making. It is essential to understand that a decision support system is only a decision aid, not an alternative to human decision making. With expert systems, the expertise resides in the program in the form of a knowledge base consisting of facts and relationships among the facts.
most common type of electronic evidence
Governance
ensuring that organizational activities, like managing IT operations, are aligned in a way that supports the organization's business goals.
Risk
entails ensuring that any risk associated with corporate activities is identified and addressed in a way that the organization's business goals are supported. In the IT context, this means having a comprehensive IT risk management process that rolls into an organization's enterprise risk management function.
four major categories for EAS
enterprise systems, customer relationship management systems, supply chain management systems, and knowledge management systems.
Why do businesses utilize business intelligence systems?
focuses on delivering information to support management decision-making. Business intelligence applications consist of sophisticated statistical models which are typically personalized for a particular industry or business. They also typically access large collections of data known as a database. With proper analysis models, business intelligence systems can identify consumer buying patterns and other valuable business intelligence that helps managers make decisions in the best interests of the business.
Information Technology Infrastructure Library (ITIL)
focuses on the management of IT services. ITIL strives to ensure that IT services support the core processes of the business.
Information management systems _________ provides a structure for aligning IT strategy with business strategy.
governance
denial-of-service (DoS) attack
hackers flood a network server or web server with many thousands of false requests for services in order to crash the network. The network receives so many requests that it cannot keep up with them and is unavailable to service legitimate requests.
Internet Architecture Board (IAB)
helps define the overall structure of the Internet.
Chief Security Officer (CSO)
in charge of information systems security for the business and is responsible for enforcing the business's information security policies. The CSO is responsible for educating and training users and information systems specialists about security, keeping management aware of security threats and breakdowns, and maintaining the tools and policies chosen to implement security. Information systems security and the need to safeguard personal data have become so important that corporations collecting vast quantities of personal data have established positions for a CPO
A(n) _________ is an exclusive network that can be accessed only by a specific group of people
intranet
Phishing
involves creating fake websites or sending e-mail messages that appear to be legitimate businesses to ask users for confidential information. The e-mail message tricks the unsuspecting recipient into giving confidential data by responding to the e-mail message, or by providing information to a bogus website. eBay, PayPal, Amazon.com, Walmart, and banks are among the top spoofed companies.
Knowledge management systems are an integral component of
knowledge management
Explicit knowledge
knowledge or skills which can be easily articulated and understood, and therefore easily transferred to others. Anything that can be written down in a manual—for example, instructions, mathematical equations, etc.—qualifies as explicit knowledge.
Gantt chart
lists project activities as well as their corresponding start and completion dates. The Gantt chart will also help visually represent the timing and duration of different tasks as well as resource requirements. Each task is depicted as a horizontal bar in which the length is proportional to the time required to complete it. While Gantt charts show when project activities begin and end, they do not depict task dependencies, or how tasks should be ordered.
Malicious software, better known as ________, is the term used to describe any malicious program or code that is designed to be harmful to systems.
malware
If an information systems project has the backing and commitment of __________, it is more likely to be embraced by users within the organization.
management
A geographic information system or (GIS) is a tool that can analyze and display data using digital _________ to enhance planning and decision-making.
maps
software as a service (SaaS)
models often ease the financial burden of buying software for a business by providing ongoing subscription payments instead of an initial significant capital investment.
Transaction processing systems (TPS)
most widely used information systems in the world. The primary function of transaction processing systems is to record data collected where an organization transacts business with other organizations. TPS's can include point-of-sale (POS) machines, automatic teller machines (ATM), and purchase order systems.
Wireless sensor networks (WSNs)
networks of interconnected wireless devices that are embedded in the physical environment to provide measurements of many points over large spaces. These devices have built-in processing, storage, and radio frequency sensors and antennas. They are linked into an interconnected network that routes the data they capture to a computer for analysis. Wireless sensor networks are valuable in areas such as monitoring environmental changes, monitoring traffic or military activity, protecting property, establishing security perimeters, monitoring supply chain management, or detecting chemical, biological, or radiological material.
Identity theft
occurs when a person gains unauthorized access to personal information and attempts to misuse it for gain. Examples of identity theft include making purchases on the credit card or using a social security number to obtain a loan. According to the National Bureau of Justice Statistics, in 2016 alone, 17.7 million people age 16 and older—roughly 10% of Americans in that age group—fell victim to identity theft, losing a total of $17.5 billion.
Trojan horse
one of the most dangerous types of malware. It usually represents itself as a useful piece of software in order to trick the user into installing it. Once a trojan horse is on a system, the attackers behind the Trojan gain unauthorized access to the affected computer. Trojans are used to steal financial information or install threats like ransomware. The term Trojan horse is based on the large wooden horse in history used by the Greeks to trick the Trojans into opening the gates to their fortified city during the Trojan War. Once inside the city walls, Greek soldiers hidden in the horse revealed themselves and captured the city.
two main source models of development:
open-source and closed-source
A ________ is the software that allows a user to run other applications on a computing device.
operating system
A category of application programs that allows a user to produce items such as documents, spreadsheets, graphs, worksheets, and presentations is known as ________ software
productivity
prototype method
proposes a plan to build numerous software methods that allow different elements to be tested out before fully developing them.
The Committee of Sponsoring Organizations of the Treadway Commission (COSO)
provides a model for evaluating internal controls. COSO's primary focus is less IT specific than the other frameworks, primarily concentrating on business aspects like fraud deterrence and enterprise risk management (ERM)
Rootkit
provides an attacker with administrator privileges on an infected system. It is typically designed to stay hidden from the user, other software, and the operating system.
spiral method
provides more process steps, which are graphically viewed in a spiral formation and is considered to offer greater flexibility and process adaptation.
three types of cloud deployments:
public, private, and hybrid
Business intelligence systems
refer to data and software tools for organizing, analyzing, and providing access to data with the goal of helping managers and other enterprise users make well-informed decisions. Business intelligence systems address the decision-making needs of all levels of management within a business.
Cloud Computing
refers to a model of computing in which access to a shared pool of computing resources is provided over a network or the Internet. Simply put, cloud computing is the delivery of computing services including servers, storage, databases, networking, software, analytics, and intelligence over the Internet. Cloud computing or at times simply referred to as "the cloud," offers faster innovation, flexible resources, and scalability. One of the many benefits of cloud computing is the elimination of much of the capital expense for a business. A business avoids having to purchase hardware, software, and operating on-site datacenters. Instead, the cloud service provider offers the infrastructure and the experts required to manage it. Most cloud computing services are provided on demand. Businesses are provisioned with the resources required within minutes. This provides the business with a great deal of flexibility and allows the ability to scale elastically. In cloud terms, "elastically" means delivering the right amount of IT resources right when it is needed. Another cost saving benefit of cloud computing is using a cloud service provider. This frees IT manager from hardware set up, software patching, and other time-consuming IT management chores allowing them to focus on achieving higher priority business goals.
knowledge management system
refers to any technology utilized to store and manage knowledge. A successful knowledge management system supports the underlying goals of codifying knowledge, improving collaboration, retrieving knowledge, and promoting overall organizational learning.
synergy
refers to the combined effects produced by two or more parts, elements, or individuals, which then produces an effect greater than the totality of their separate effects. This synergy between computers and humans is the backbone of modern business. Successful companies will find ways to harness this power to maximize business and organizational success. Synergy is realized by performing simultaneously and automatically the sequential steps and tasks that once had to be performed manually.
The Sarbanes-Oxley Act (SOX) of 2002 and the Gramm-Leach-Bliley Act are examples of _________ United States' businesses are expected to adhere to when providing products and services.
regulations
decision support systems (DSSs)
rely on models and formulas to produce concise information that can assist in decision making
artificial intelligence (AI)
replaces the human consultants that had been analyzing the data and monitoring the knowledge management processes. Today, cognitive computing, adaptive technology, and intelligent filtering tools have enormous implications for codifying knowledge and have become increasingly adopted by knowledge management systems
Chief Privacy Officer (CPO)
responsible for ensuring that the company complies with existing data privacy laws.
Chief Knowledge Officer (CKO)
responsible for the business's knowledge management program. The CKO helps design programs and systems to find new sources of knowledge or to make better use of existing knowledge in organizational and management processes.
_________ of a project is created to define what work is or is not included in a project.
scope
Project management for information systems entails five significant variables:
scope, time, cost, quality, and risk
The Knowledge Worker
someone whose job requires them to think. In 1959, Peter Drucker predicted that information would change the way people work.
A supply chain management systems or an SCM system aids a business in the managing or dealings with
suppliers
platform as a service (PaaS)
supplies an on-demand environment for testing, developing, delivering, and managing software applications. Platform as a service is designed to make it easier to quickly create web or mobile apps without having to set up or maintain the underlying infrastructure of servers, storage, network, and databases needed for development. PaaS includes basic configurations and requires a little bit of technical knowledge to utilize but not as much as IaaS.
Enterprise software applications
support business systems by ensuring the flow of information throughout the entire organization.
A ________ is a set of detailed procedures, methods, processes, or course of action intended to achieve a specific result or carry out a particular activity.
system
Wardriving
the act of searching for wireless networks by a person usually in a moving vehicle. Hackers utilize these tools to detect unprotected networks, monitor network traffic, and in some cases, gain access to corporate networks. In many cases, businesses do not have basic protections against wardriving. An intruder that has connected to a wireless network is capable of accessing other resources on the network. For example, the intruder could determine which other users are connected to the network and access their data.
Privacy
the claim of individuals to protect themselves from unwarranted interference in their lives—freedom from surveillance or interference from other individuals or organizations, including the state. Privacy requires the creation of barriers and boundaries to protect from unwarranted interference. Within information management systems, privacy helps us establish boundaries to limit who has access to our communications and our information.
Private Cloud
the computing resources are used exclusively by a single business. A private cloud may be physically located on the company's on-site data center or hosted through a third-party provider. The primary difference between a public and private cloud is that in a private cloud the services and infrastructure are maintained by the business or organization and not by a third-party provider.
information
the facts or conclusions derived that have meaning within a given context In order for information to be useful in decision-making and problem-solving, information must be presented in a meaningful and logical way within a specific context. The only thing more harmful than no information is partial or inaccurate information
The Information Systems Department
the formal organizational unit responsible for information technology services by keeping these systems operational. The information systems department is responsible for maintaining the hardware, software, data storage, and networks connectivity that comprise the businesses information technology infrastructure. Information systems department is usually considered a functional area of business or a part of a business that serves various purposes which are required to sustain the business successfully. The information systems department generally consists of specialists, such as programmers, systems analysts, project leaders, and information systems managers. Programmers are highly trained technical specialists who write software instructions for computers. Systems analysts constitute the principal liaisons between the information systems groups and the rest of the organization. It is the systems analyst's job to translate business problems and requirements into information requirements and systems. Information systems managers are leaders of teams of programmers and analysts, project managers, physical facility managers, telecommunications managers, or database specialists.
tacit knowledge
the knowledge that is difficult to articulate, package, and transfer to others. These are usually intuitive skillsets that are challenging to teach—such as body language, aesthetic sense, or innovative thinking.
Internet protocol version 4 (IPv4)
the most widely deployed Internet protocol used to connect devices to the Internet today.
Knowledge management (KM)
the process or processes used to handle and oversee all the knowledge that exists within a company. The goal of knowledge management is to codify knowledge, retrieve knowledge, improve collaboration, and stimulate overall organizational learning. Knowledge management relies on an understanding of knowledge, which consists of discrete or intangible skills that a person possesses. Knowledge management enables organizational learning, a concept where companies are invested not only in the reliable, expert production of a product or service but in the knowledge that underlies these production processes. Companies devoted to organizational learning are interested in maintaining and building upon internal knowledge at an organizational level, not just helping individuals accrue special skills, but ensuring that this knowledge is available to and dispersed throughout the workforce.
Data
the raw material necessary for the creation of information Raw data is rarely meaningful or as useful as information without dissemination; data is used to build information. In order for data to become information, data must be compiled, manipulated, analyzed, or utilized in such a way in which it leads to an improved understanding of a situation.
operating system (OS)
the software that allows a user to run other applications on a computing device. An operating system manages a computer's memory, processes, software, and hardware. An example of an operating system is the Microsoft Windows operating system (Windows OS). Windows is designed for desktop PCs, and at its height, Windows dominated the personal computer world, running by some estimates on more than 90 percent of all personal computers. (Statista, 2018)
Cracker
the term that is typically used to denote a hacker with criminal intent, although the terms are often used interchangeably.
"Big data"
the term used to describe these data sets with volumes so huge that they are beyond the ability of a typical database management system to capture, store, and analyze. Big data does not refer to a quantity of data but usually refers to data in the petabyte and exabyte range. In other words, billions to trillions of records, all from different sources constitute big data. Big data are produced in much larger quantities and much more rapidly than traditional data. While "tweets" are limited to 280 characters each, Twitter alone generates over eight terabytes of data daily Consequently, businesses are interested in big data because it can reveal more patterns and anomalies than smaller data sets. This amount of data has the potential to provide new insights into customer behavior, weather patterns, financial market activity, or other phenomena.
TCP/IP (Transmission Control Protocol/Internet Protocol)
the underlying communication language or protocol of the Internet. TCP/IP can also be used as a communications protocol within a private network. When a computer is connected to the Internet, it is provided with a copy of the TCP/IP program which enables the computer to communicate with every other computer. TCP/IP is the protocol that drives the Internet today.
Internet Corporation for Assigned Names and Numbers (ICANN)
this is responsible for assigning IP addresses.
software as a service (SaaS)
this service is provided on demand and is usually subscription-based. With SaaS, the cloud provider hosts and manages the software application as well as the underlying infrastructure. The cloud provider also handles any maintenance, like software upgrades and security patching. The application is accessed via the Internet, usually with a web browser on a phone, tablet, or PC. No technical knowledge is required as the provider manages everything.
Adware
unwanted software designed to display advertisements, most often within a web browser. Typically, adware uses a deceptive method to disguise itself as legitimate or is secretly added onto another application to trick the user into installing it.
Enterprise application software (EAS)
used to describe software that a business uses to facilitate cooperation and coordination of work across the enterprise environment, especially within core business processes. These core business processes include sales, accounting, finance, human resources, inventory, and manufacturing. An ideal enterprise system controls all major business processes in real time through a single client/server platform. The scope of enterprise software in recent years has expanded to connect the enterprise with suppliers, business partners, and customers.
distributed denial-of-service (DDoS) attack
uses numerous computers to inundate and overwhelm the network from multiple launch points. Although DoS attacks do not destroy information or access restricted areas of a company's information systems, they cause a website to shut down, making it impossible for legitimate users to access the site. For busy e-commerce sites, these attacks are costly; while the site is shut down, customers cannot make purchases.
wireless local area network (WLAN)
utilizes wireless network technology, such as WiFi. These types of networks do not require that devices are physically connected to the network. Using routers and switches, LANs can connect to wide area networks to rapidly and safely transfer data. A wide area network (WAN) is a geographically distributed private telecommunications network that interconnects multiple local area networks (LANs). The Internet itself is an example of a wide area network, connecting all computers around the world.