IS130 Exam 3

IOT- (internet of things)

A computing concept that describes a future where everyday physical objects will be connected to the Internet and be able to identify themselves to other devices.

Descriptive analytics that describe different level of change

In general, there are three specific analytics targets that represent different levels of change. These targets differ in regard to their focus; scope; level of sponsorship, commitment, and required resources; technical architecture; impact on personnel and business processes; and benefits. These targets differ in regard to their focus; scope; level of sponsorship, commitment, and required resources; technical architecture; impact on personnel and business processes; and benefits. -The development of one or a few related analytics applications. This target is often a point solution for a departmental need, such as campaign management in marketing. Sponsorship, approval, funding, impacts, and benefits typically occur at the departmental level. For this target, organizations usually create a data mart to store the necessary data. Organizations must be careful that the data mart—an "independent" application—does not become a "data silo" that stores data that are inconsistent with, and cannot be integrated with, data used elsewhere in the organization. -The development of infrastructure to support enterprise-wide analytics. This target supports both current and future analytics needs. A crucial component of analytics at this level is an enterprise data warehouse. Because it is an enterprise-wide initiative, senior management often provides sponsorship, approval, and funding. The impacts and benefits are also felt throughout the organization. A button icon reads, M K T. A button icon reads, M I S. An example of this target is the 3M Corporation (www.3m.com). Historically, 3M's various divisions had operated independently, using separate decision-support platforms. Not only was this arrangement costly, it prevented 3M from integrating the data and presenting a "single face" to its customers. For example, sales representatives did not know whether or how business customers were interacting with other 3M divisions. The solution was to develop an enterprise data warehouse that enabled 3M to operate as an integrated company. As an added benefit, the costs of implementing this system were offset by savings resulting from the consolidation of the various platforms. -Support for organizational transformation. With this target, a company uses business analytics to fundamentally transform the ways it competes in the marketplace. Business analytics supports a new business model, and it enables the business strategy. Because of the scope and importance of these changes, critical elements such as sponsorship, approval, and funding originate at the highest organizational levels. The impact on personnel and processes can be significant, and the benefits accrue across the organization. A button icon reads, M K T. Harrah's Entertainment (a brand of Caesars Entertainment; www.caesars.com) provides a good example of this analytics target. Harrah's developed a customer loyalty program known as Total Rewards. To implement the program, Harrah's created a data warehouse that integrated data from casino, hotel, and special event systems—for example, wine-tasting weekends—across all of the various customer touchpoints, such as slot machines, table games, and the Internet. Harrah's used these data to reward loyal customers and to reach out to them in personal and appealing ways, such as through promotional offers. These efforts helped the company to become a leader in the gaming industry.

What business analytics (BA)?

is the process of developing actionable decisions or recommendations for actions based on insights generated from historical data. Business analytics examines data with a variety of tools; formulates descriptive, predictive, and prescriptive analytics models; and communicates these results to organizational decision makers. This definition distinguishes between business analytics and statistics. Essentially, the business analytics process uses statistical procedures to accomplish its goals.

Experts believe the greatest cybersecurity dangers over the next few years will involve persistent threats, mobile computing, and the use of social media for what?

social engineering

Natural person

-Associated with the GDPR (General Data Protection Regulation). -According to the GDPR, a Natural Person is a living person.

Exposure

The exposure of an information resource is the harm, loss, or damage that can result if a threat compromises that resource.

Data silo

is a collection of data held by one group that is not easily accessible by other groups. Data silos hinder the process of gaining actionable insights from organizational data, create barriers to an overall view of the enterprise and its data, and delay digital transformation efforts (see Chapter 1). One major method to remove data silos is through cloud data management (see Chapter 4 for a complete discussion of cloud computing).

Data Warehouse

is a repository of historical data that are organized by subject to support decision makers within the organization

Multi dimensional analysis

is another name for online analytical processing, "slicing and dicing" the data that are stored in a dimensional format, "drilling down" in the data to greater detail, and "rolling up" the data to greater summarization (less detail).

Photo tagging

is the process of assigning names to images of people.

Security

Can be defined as the degree of protection against criminal activity, danger, damage, or loss.

App used to solve murder theft child exploitation and identity theft?

Clearview

What is an example of an expert decision?

Credit card approval analysis

Fandango's data management

Fandango captures data about customers, movie theaters, ticket sales, and show times. For each customer, Fandango collects data on the movies they see, how often they go to movie theaters, their favorite movie genre, the day of the week they go to theaters, and many other variables. Fandango collects Big Data from its website (clickstream data), social media sites (social data), promotions, and other sources.

Electronic surveillance

The use of electronic equipment by law enforcement agents to record private conversations or observe conduct that is meant to be private. the use of any electronic device to overhear or record communications between two or more people

Hard to predict key characteristics of an asset from security breaches

True

What is business intelligence (BI)?

has been defined as a broad category of applications, technologies, and processes for gathering, storing, accessing, and analyzing data to help business users make better decisions. Many experts argue that the terms should be used interchangeably. We agree and, for simplicity, we use the term business analytics (BA) throughout this chapter.

Who do privacy rights apply to?

individuals, groups, and institutions Privacy rights apply to both natural persons and data subjects. Privacy can be interpreted quite broadly. However, court decisions in many countries have followed two rules fairly closely: 1. The right of privacy is not absolute. Privacy must be balanced against the needs of society. 2. The public's right to know supersedes the individual's right of privacy.

Domaine tasting

is a Software Testing process in which the application is tested by giving a minimum number of inputs and evaluating its appropriate outputs. The primary goal of Domain testing is to check whether the software application accepts inputs within the acceptable range and delivers required output.

What is hacking?

is broadly defined as intentionally accessing a computer without authorization or exceeding authorized access. Various state and federal laws govern computer hacking.

Prescriptive analytics

-Goes beyond descriptive and predictive models by recommending one or more courses of action and by identifying the likely outcome of each decision. Predictive analytics does not predict one possible future; rather, it suggests multiple future outcomes based on the decision maker's actions. Prescriptive analytics attempts to quantify the effect of future decisions in order to advise on possible outcomes before the decisions are actually made

Data management

-Information technologies and systems support organizations in managing—that is, acquiring, organizing, storing, accessing, analyzing, and interpreting—data. -When these data are managed properly, they become information and then knowledge. Information and knowledge are invaluable organizational resources that can provide any organization with a competitive advantage. -Etsy has migrated its data management to Google Cloud -Data Management: To investigate this business problem, you collect data on service calls for the past year from the AAA locations within your district. You first "clean" the data by adjusting for outliers and missing values, resulting in a final sample of 3,219 service calls. -You are now ready to build a regression model using temperature as the independent variable to predict the number of customer service calls received in any given day; this is the dependent variable. You will use the results to predict how many employees should be available to receive and dispatch customer service calls.

Digital divide

A worldwide gap giving advantage to those with access to technology

What does data mart support as far as development of data analytics?

The development of one or a few related analytics applications. This target is often a point solution for a departmental need, such as campaign management in marketing. Sponsorship, approval, funding, impacts, and benefits typically occur at the departmental level. For this target, organizations usually create a data mart to store the necessary data. Organizations must be careful that the data mart—an "independent" application—does not become a "data silo" that stores data that are inconsistent with, and cannot be integrated with, data used elsewhere in the organization.

An example of an incident is:

Unwanted disruption or denial of service

General Data Protection Regulation

Went into effect on May 25, 2018 in the E.U. Updates laws that protect personal data (e.g Name, Address, IP Address) and sensitive data (e.g Genetic Data, Sexual Orientation, Racial Info, and Religious and Political Views.) Data governance requirements, such as the European Union's General Data Protection Regulation, will often require customer data to be held in particular locations. Unless organizations are willing to deploy and operate their own on-premise data centers, these firms will have to take a multicloud approach.

Online transaction processing (OLTP)

Where business transactions are processed online as soon as they occur. The objectives are speed and efficiency, which are critical to a successful Internet-based business operation

Data mining

refers to the process of searching for valuable business information in a large database, data warehouse, or data mart. Data mining can perform two basic operations: (1) identifying previously unknown patterns and (2) predicting trends and behaviors. The first operation is a descriptive analytics application, and the second is a predictive analytics application.

Cybersquatting

registering, selling, or using a domain name to profit from someone else's trademark -is the act of registering, trafficking in, or using a domain name in bad faith. The domain names that Grubhub purchased resemble the landing pages of the actual restaurants, complete with menus, online ordering forms, and phone numbers, despite the fact that these domains are not actually associated with the restaurants themselves.

Data aggregator

services or vendors that organize and package information on focused topics an organization that collects data from one or more sources, provides some value-added processing, and repackages the result in a usable form.

Risk vulnerability threat and exposure:

????

Industrial spy

An individual who captures trade secrets and attempts to gain an unfair competitive advantage

Vulnerability

An information resource's vulnerability is the possibility that a threat will harm that resource.

RFID (radio frequency identification)

uses electronic tags and labels to identify objects wirelessly over short distances The sensors communicate with product RFID tags to report misplaced items that do not belong on certain shelves. RFID tags provide more information on products than bar codes, and they enable cashierless checkout. With the map on the Car2Go app, customers could find cars on the streets and in designated lots around a city. They waved their RFID-enabled membership card over the windshield, and the doors unlocked.

What is an example of decision support system?

"What-if" analysis of changes in budget

What are dashboards function?

Present structured, summarized information about aspects of business important to executives

What is the function of a decision support system?

Provides access to data and analysis tools

Information security

Refers to all of the processes and policies designed to protect an organization's information and information systems (IS) from unauthorized access, use, disclosure, disruption, modification, or destruction.

What is an example of a dashboard?

Status of sales by product

What is an example of the functional area IS?

System for processing payroll

CHAPTER 6

CHAPTER 6

Consequences of lax cyber security:

Damaged reputations, financial penalties

Integrity

data, documents, messages,and other files have not been altered in any unauthorized way

Confidentiality

no unauthorized data disclosure

CHAPTER 8

CHAPTER 8

Chapter 9

Chapter 9

Digital dossier

an electronic profile of you and your habits. The process of forming a digital dossier is called profiling.

What tool is commonly used by business analyst?

Microsoft office EXCEL

What is the function of the function area IS?

Supports the activities within a specific functional area

Business case that deals with supreme people's court of china/China's social credit system

-In China, cash has long dominated transactions. As recently as 2011, only one-third of Chinese citizens had a bank account. As a result, the country did not have the chance to develop credit histories. The use of cash and the lack of credit histories meant that people could default on loans or sell poor or counterfeit goods with few repercussions. The question became: Whom could you trust? -Extending its 2015 initiative, the Chinese government is developing a national reputation system, called the Social Credit System (SCS), which is designed to regulate both citizen and corporate behavior based on a point system. By the end of 2020, the government intends to standardize the assessment of citizens' and businesses' economic and social reputations, or their "social credit." -Some observers contend that the Chinese government does not see its role in the SCS as an assigner of scores, but rather as a record keeper and data sharer. Its job essentially is to consolidate government files into a central database of social credit records. It then provides state agencies, city governments, banks, industry associations, and the general public with data on individuals and companies so that they can make their own social credit evaluations. -For financial data, the SCS resembles credit scoring systems employed in other countries, such as FICO (www.fico.com) scores in the United States. However, China's SCS not only analyzes financial information but also includes broader aspects of a person's life, such as their purchase history, political activities, and interactions with others. -Facial-recognition technology is increasingly widespread across China, with few restraints on how it can be used to track and monitor citizens. Under a 2019 law, Chinese citizens who buy new mobile phones or register new mobile phone services must have their faces scanned. -The judicial system. In 2013, the Supreme People's Court (SPC) of China started a blacklist of people who the government alleged did not comply with court judgments; for example, by not paying fines or by failing to formally apologize to someone they are found to have wronged. -Local governments. In December 2017 the National Development and Reform Commission and the People's Bank of China selected "model cities" to pilot the SCS. The Chinese government found that these pilots were successful in their handling of blacklists and redlists, the primary mechanism of the SCS. -People on the blacklist have exhibited negative behaviors, while people on the redlist have demonstrated positive ones. As of 2019, local governments in many Chinese provinces had initiated more than 40 Social Credit System experiments. -The financial system. The Chinese government has authorized some private Chinese companies to conduct pilots of the SCS. Citizens can opt out of these systems at any time upon request. The commercial-credit rating system. For businesses, the SCS serves as a market regulation mechanism. The goal is to establish a self-enforcing regulatory system fueled by Big Data (see Chapter 5) in which businesses exercise "self-restraint." The basic idea is that with a functional credit system in place, companies will comply with government policies and regulations to avoid having their scores lowered by disgruntled employees, customers, or clients. -Examples of punishments. One municipal court released an app that displayed a "map of deadbeat debtors" within 500 meters of a user's location. The app also encouraged users to report debtors who they believed could repay their debts. The central government appears to be sharing blacklists with technology platforms. This action prevents blacklisted citizens from booking flights or purchasing train tickets online. By July 2019, according to the National Development and Reform Commission of China, nearly 30 million air tickets as well as 6 million high-speed rail tickets had been denied to people on the blacklist. Local governments are asking social media companies to help in public shaming initiatives. In one city, the social media app TikTok partnered with the local court to broadcast photos of blacklisted people between videos, like a digital mugshot. In another city, blacklisted people and entities are displayed on a map within the messaging app WeChat. Other cities display mugshots of blacklisted individuals on large LED screens on buildings, or they show the images before the movie in movie theaters. Some cities have banned children of blacklisted citizens from attending private schools and even universities. In some locales, if you call a blacklisted person on the phone, you will hear a siren and a recorded message saying: "Warning, this person is on the blacklist. Be careful, and urge them to repay their debts." When a blacklisted person crosses certain intersections in Beijing, facial-recognition technology projects their face and ID number on massive electronic billboards. Still other punishments include slow Internet connections, exclusion from high-prestige work, and exclusion from five-star hotels. In general, it takes two to five years to be removed from the blacklist. However, early removal is possible if the blacklisted person has demonstrated enough positive behaviors. -Examples of rewards. In contrast to blacklisted individuals, people with high social credit scores may receive rewards such as preferential treatment and less waiting time at hospitals and government agencies, discounts at hotels, greater likelihood of receiving employment offers, easier access to loans and lower interest rates on those loans, discounts for car- and bike-sharing services, discounts on utilities, fast-tracked visa applications, and free health checkups. In addition, some cities reward individuals for helping authorities enforce restrictions of religious practices. Examples are forcing practitioners of Falun Gong (a religious movement) to renounce their beliefs and reporting on Uyghurs who publicly pray, fast during Ramadan, or perform other Islamic practices. Uyghurs are a minority ethnic group native to the Xinjiang Autonomous Region in northwest China. Personal credit scores can also be used on social and couples' platforms. For example, China's biggest matchmaking service, Baihe (http://baihe.com), allows its users to publish their own social credit score. As expected, users with higher social credit scores are in higher demand than those with lower scores. Companies with good social credit scores enjoy benefits such as good credit conditions, lower tax rates, and more investment opportunities. Companies with low social credit scores face unfavorable conditions for new loans, high tax rates, investment restrictions, and fewer chances to participate in publicly funded projects. -To say the least, the SCS is extremely controversial. Supporters of the SCS claim that the system helps to regulate social behavior, improve personal and corporate "trustworthiness," and promote traditional moral values. Opponents contend that it oversteps the rule of law and infringes on the legal rights of individuals and organizations, particularly the right to privacy as well as personal dignity. Further, opponents assert that the SCS may become a tool for comprehensive government surveillance and for suppression of dissent against the Chinese government.

Threat

A threat to an information resource is any danger to which a system may be exposed

GPS (global positioning system)

-Global positioning system. -Spotter EDU claims it does not use GPS. The app can only identify if students are within their respective classrooms. -Off sign up sign out -Opt out/in

GIS geographical information systems

-A geographic information system (GIS) is a computer-based system for capturing, integrating, manipulating, and displaying data using digitized maps. -Its most distinguishing characteristic is that every record or digital object has an identified geographical location. This process, called geocoding, enables users to generate information for planning, problem solving, and decision making. -As one example, Children's National Health System offers injury prevention advice to the community. Clinicians have found that using geospatial data helps them accomplish this mission. The health care center integrated its existing electronic health records system with GIS software from ESRI (www.esri.com) to display health data with geospatial coordinates. One of the integrated system's first projects focused on pediatric burn cases. -GIS mapping enabled the clinic to identify on a map the hotspots where injuries were occurring. That map allowed staff members to develop prevention programs tailored to the demographics of areas with high rates of injuries. For example, if the system identifies a cluster of children with burns in a particular neighborhood, then the staff will work with community groups to provide parents with Spanish translations of information about safety. -The new system has produced results. The clinic is seeing fewer burn patients overall and fewer patients requiring high-level burn care. Children's National Health System is now using its system to map concentrations of other medical conditions such as obesity and asthma.

Dashboard

-Are a special form of IS that support all managers of the organization. They provide rapid access to timely information and direct access to structured information in the form of reports. Dashboards that are tailored to the information needs of executives are called executive dashboards. Chapter 6 provides a thorough discussion of dashboards. -Dashboards are the most common BA presentation tool -Provides easy access to timely information and direct access to management reports. It is user friendly, it is supported by graphics, and, most important, it enables managers to examine exception reports and drill down into detailed data -The application's dashboards displayed all of the key performance indicators for research-related activities and their associated costs, such as tests for product certification.

Business case: car to go

-Car2Go: car-sharing service available in 6 North American cities; did not charge recurring membership fees or gas. $35 joining fee and rental fixed fee of 41 cents perminute or $14.99 per hour -With the map on Car2Go app, customers could find cars on the streets and in designated lots around city. They waved their RFID-enabled memberhsip card over windshield, and doors would unlock. Keys and credit card for refueling kept in glove compartment -April 2019 company stopped requiring background checks for customers. Within a week, company reported 20 people had made 80 bogus accounts using fake or stolen credit cards as payment. Hackers with list of emails and passwords had written computer programs to locate car-sharing accounts using fake credentials. -Thieves would also take Mercedes CLA sedans and GLA sport utility vehicles, lasted longer than average 90 min rental. -Car2Go was able to remotely disable vehicles but had a hard time knowing which cars to disable -Increase in rentals occurred, more facebook ads that featured short-term mercedes rentals in Chicago. 2 days later Car2go suspended operations in Chicago, could not tell customers to thieves apart. Police stated all stolen cars had functioning GPS trackers and license plates starteing with letters AX. -More than 100 cars were compromised. All were eventually recovered. Car2go reinstated its original policy of manually reviewing new accounts. -Spring 2019, Car2go and DriveNow merged into Share Now; discontinued services in North America due to NA not having infrastructure for electric vehicles

DSS, decision support system

-Combine models and data to analyze semistructured problems and some unstructured problems that involve extensive user involvement. Models are simplified representations, or abstractions, of reality. Decision-support systems enable business managers and analysts to access data interactively, to manipulate these data, and to conduct appropriate analyses. -DSSs can enhance learning, and they can contribute to all levels of decision making. They also employ mathematical models. Finally, they have the related capabilities of sensitivity analysis, what-if analysis, and goal-seeking analysis, which you will learn about next. Keep in mind that these three types of analysis are useful for any type of decision-support application. Excel, for example, supports all three. -To learn about DSSs and the three types of analysis, let's look at an example. Blue Nile (www.bluenile.com) is an online retailer of certified diamonds. The firm's website has a built-in decision-support system to help customers find the diamond that best meets their needs. Blue Nile's DSS provides an excellent example of sensitivity analysis, what-if analysis, and goal-seeking analysis. -Decision-support systems (DSSs) combine models and data to analyze semi structured problems and some unstructured problems that involve extensive user involvement. -Models are simplified representations, or abstractions, of reality. Decision-support systems enable business managers and analysts to access data interactively, to manipulate these data, and to conduct appropriate analyses.

Data Mining

-Data mining refers to the process of searching for valuable business information in a large database, data warehouse, or data mart. Data mining can perform two basic operations: (1) identifying previously unknown patterns and (2) predicting trends and behaviors. The first operation is a descriptive analytics application, and the second is a predictive analytics application. In descriptive analytics, data mining can identify previously hidden patterns in an organization's data. -For example, a descriptive analytics application can analyze retail sales data to discover seemingly unrelated products that people often purchase together. A classic example is beer and diapers (even though it is an urban legend). Data mining found that young men tend to buy beer and diapers at the same time when shopping at convenience stores. This type of analysis is called affinity analysis or market basket analysis. -A button icon reads, P O M. A button icon reads, M K T. Affinity analysis is a data mining application that discovers co-occurrence relationships among activities performed by specific individuals or groups. In retail, affinity analysis is used to perform market basket analysis, in which retailers seek to understand the purchase behavior of customers. Retailers use this information for the purposes of cross-selling, up-selling, sales promotions, loyalty programs, store design (physical location of products), and discount offers. An example of cross-selling with market basket analysis is Amazon's use of "customers who bought book A might also like to buy book B." In another example, market basket analysis could inform a retailer that customers often purchase shampoo and conditioner together. Therefore, putting both items on promotion at the same time would not create an increase in revenue, whereas a promotion involving just one of the items would likely drive sales of the other.

Transatlantic data

-Data that is regulated under the EU-US Privacy Shield. -Data of European Citizens.

Descriptive analytics

-Descriptive analytics summarizes what has happened in the past and enables decision makers to learn from past behaviors. Organizations employ descriptive analytics to generate information such as total stock in inventory, average dollars spent per customer, and year-over-year change in sales. -Common examples of descriptive analytics are reports that provide historical insights regarding an organization's production, financials, operations, sales, finance, inventory, and customers. -Descriptive Analytics: For this example, the correlation between daily low temperature and the number of service calls was found to be -0.84, with an average of 48 service calls per day. The correlation is negative because as the temperature decreases, the data indicate that the number of service calls increases. -The square of this correlation, R2 = .71, is the predictive power of the model. That is, the model, using low daily temperature, explains approximately 71 percent of the variation in the number of calls received each day. Therefore, 1 minus R2 means that 29 percent of the variance in the dependent variable is due to extraneous or unexplained variables.

Expert Systems (ES)

-Expert systems (ESs) attempt to duplicate the work of human experts by applying reasoning capabilities, knowledge, and expertise within a specific domain. -They have become valuable in many application areas, primarily but not exclusively areas involving decision making. For example, navigation systems use rules to select routes, but we do not typically think of these systems as expert systems. Significantly, expert systems can operate as stand-alone systems or be embedded in other applications. -Expert systems now help doctors diagnose diseases, and machine vision is enhancing the work of radiologists. Surgeons use virtual reality to plan complex surgeries. They also employ surgical robots to perform long-distance surgery. Finally, doctors discuss complex medical cases via videoconferencing. New computer simulations re-create the sense of touch, allowing doctors-in-training to perform virtual procedures without risking harm to an actual patient.

Facial recognition

-Facial recognition is a system that can identify a face and match it with a face image in a database. -Although it is beneficial to identify individuals; facial recognition faces backlash because of its potiential use of infrinding people's right to privacy and consent. -Recognition software then indexes facial features. Once an individual in a photo is tagged, the software searches for similar facial features in untagged photos. This process allows the user to quickly group photos in which the tagged person appears. Significantly, the individual is not aware of this process. -Clearview AI (http://clearview.ai) has developed a new facial recognition app. Users can take a picture of a person, upload it, and see public photos of that person, along with links to where those photos appeared. The app uses a database of more than 3 billion images that Clearview claims to have scraped from Facebook, YouTube, Venmo, Instagram, Twitter, employment websites, news websites, educational websites, and millions of other sites. The practice of extracting images from a website is known as image scraping. -For example, Facebook built an internal facial recognition app that allowed employees to identify their colleagues and friends just by pointing their phone cameras at them. Facebook did not release the app publicly, and the company claims to have discontinued the app. Google also developed facial recognition technology and withheld it. In June 2020, IBM announced that it would no longer offer or develop facial recognition technology because the firm opposes the technology's potential use for "mass surveillance, racial profiling, and violations of basic human rights and freedom." That same month Amazon banned police from using its facial recognition product, called Rekognition (http://aws.amazon.com/rekognition), for one year.

Business Analytics (BA)

-Is the process of developing actionable decisions or recommendations for actions based on insights generated from historical data. Business analytics examines data with a variety of tools; formulates descriptive, predictive, and prescriptive analytics models; and communicates these results to organizational decision makers. This definition distinguishes between business analytics and statistics. Essentially, the business analytics process uses statistical procedures to accomplish its goals. -Business analytics (BA) systems (also known as business intelligence (BI) systems) provide computer-based support for complex, nonroutine decisions, primarily for middle managers and knowledge workers. -Example is "Excel" & multidimensional analysis (also called online analytical processing, or OLAP), -BA helps to solve business problems

Neural networking

-Neural networking utilizes virtual neurons to compile similar characteristics found in images into distinct subcategories for rapid retrieval of images. -Neural networks convert all images into mathematical formulas based on many measures of facial geometry -Group of virtual neurons placed in layers, which work in parallel to simulate the way the human brain works, although in a greatly simplified form. For example, one measure is how far apart a person's eyes are, and another is the distance from a person's forehead to his or her chin. Clearview clusters all photos with similar formulas into "neighborhoods." When a user uploads a photo of a face into Clearview's system, the company converts the face into a formula and then displays all of the scraped photos stored in that formula's neighborhood, along with the links to the sites from which those images came.

Data controller

-Organizations who have a connection with data subjects and data processors. -Data processors process personal data on Data Controllers. -The data controller determines the purposes for which and the means by which personal data is processed. So, if your company/organization decides 'why' and 'how' the personal data should be processed it is the data controller.

Data Management Streams:

-Point-of-sale (POS) data. Organizations capture data from each customer purchase with their POS systems. -Clickstream data. Clickstream data are those data that visitors and customers produce when they visit a website and click on hyperlinks -Social media data. Social media data (also called social data) are the data collected from individuals' activity on social media websites. These data include shares, likes and dislikes, ratings, reviews, recommendations, comments, and many other examples. -Sensor data. The Internet of Things (IoT; see Chapter 3) is a system in which any object, natural or manmade, contains internal or external wireless sensor(s) which communicate with each other without human interaction. Each sensor monitors and reports data on physical and environmental conditions around it, such as temperature, sound, pressure, vibration, and movement.

Predictive analytics

-Predictive analytics examines recent and historical data to detect patterns and predict future outcomes and trends. Predictive analytics provides estimates about the likelihood of a future outcome. -The purpose of predictive analytics is not to tell decision makers what will happen in the future. Predictive analytics can only forecast what might happen in the future, based on probabilities. Predictive analytics applications forecast customer behavior and purchasing patterns, identify trends in sales activities, and forecast demand for inputs from suppliers. -The tools include data mining, and the statistical procedures include linear regression, multiple regression, and logistic regression. -Recall that data mining can perform two basic operations: (1) identifying previously unknown patterns and (2) predicting trends and behaviors.

Online Analytical Processing

-Some BA applications include online analytical processing (OLAP), also referred to as multidimensional analysis capabilities. OLAP involves "slicing and dicing" the data that are stored in a dimensional format, "drilling down" in the data to greater detail, and "rolling up" the data to greater summarization (less detail). -Consider our example from Chapter 5. Recall Figure 6.6, which illustrates the data cube. The product is on the x-axis, geography is on the y-axis, and time is on the z-axis. Now, suppose you want to know how many nuts the company sold in the West region in 2017. You would slice and dice the cube, using nuts as the specific measure for product, West as the measure for geography, and 2017 as the measure for time. The value or values that remain in the cell(s) after our slicing and dicing is (are) the answer to our question. As an example of drilling down, you might also want to know how many nuts were sold in January 2017. Alternatively, you might want to know how many nuts were sold from 2017 through 2019, which is an example of aggregation, also called "roll up."

Functional Area Information System (FAIS)

-The collection of application programs in a single department is usually referred to as a departmental information system (also known as a functional area information system (FAIS)). -For example, the collection of application programs in the human resources area is called the human resources information system (HRIS). There are collections of application programs—that is, departmental information systems—in the other functional areas as well, such as accounting, finance, marketing, and production/operations. -Helps decision-makers -Another architecture is "independent data marts". These marts store data for a single application or a few applications, such as marketing and finance. Organizations that employ this architecture give only limited thought to how the data might be used for other applications or by other functional areas in the organization.

Three specific analytic targets:

-The development of one or a few related analytics applications. -The development of infrastructure to support enterprise-wide analytics. -Support for organizational transformation.

Data subject

-The next categorization to Natural Person. -A natural person is considered a data subject when an organization processes or possesses data for a natural person.

Image scraping

-The practice of extracting images from a website is called Image Scraping. -Clearview AI has an app that utilizes Image scraping from Facebook, Youtube, Venmo, Instagram, Twitter and other widely accessible websites.

Trusted and untrusted Network:

-Trusted network: any network within your organization -Untrusted network: any network external to your organization Note: wireless technology is an inherently unsecure broadcast communications medium as it enables employees to compute, communicate, and access the internet anywhere at any time

The three types of hackers:

-White hat Computer security specialist who breaks into protected systems and networks to test and assess their security. Use their skills to improve security by exposing vulnerabilities before malicious hackers (black hats) can detect and exploit them. -Black hat Person who attempts to find computer security vulnerabilities and exploit them for personal financial gain or other malicious reasons. Can inflict major damage on both individual computer users and large organizations by stealing personal financial information, compromising security of major systems, or shutting down or alerting the function of websites and networks. -Gray hat Person who may violate ethical standards or principles, but without the malicious intent ascribed to black hat hackers. May engage in practices that are less than ethical, but are often operating for the common good, e.g., exploits a security vulnerability to spread public awareness that the vulnerability exists.

Microsite

-a supplement to a web site that is typically singular in focus and delivers on the current advertising message -As a service to our restaurants, we have created microsites for them as another source of orders and to increase their online brand presence. -For example, the second item in the terms of service signed by restaurant owners states that Grubhub "may create, maintain and operate a microsite ('MS') and obtain the URL for such MS on restaurant's behalf."

Machine learning system

-artificial intelligence systems that learn from data -an application of AI that enables systems to learn and improve from experience without being explicitly programmed. Machine learning focuses on developing computer programs that can access data and use it to learn for themselves.

Expert system

-computer program that imitates human thinking through complicated sets of if-then rules -Specialized artificial intelligence software capable of replicating the decision-making process of an actual human expert -Information is usually retrieved from a database.

Mini site

-smaller websites that exist on a marketing partner's site permitting viewers to click on the minisite for additional information without leaving the original website

In 2016 the total number of data breaches reported by Identify Theft Resource Center was:

1,093

ETL (extraction, transformation, and loading)

1. Extracting needed data from its sources 2. Transforming the data into a standardized format 3. Loading the transformed data into a data warehouse In addition to storing data in their source systems, organizations need to extract the data, transform them, and then load them into a data mart or warehouse. This process is often called ETL, although the term data integration is increasingly being used to reflect the growing number of ways that source system data can be handled. For example, in some cases, data are extracted, loaded into a mart or warehouse, and then transformed (i.e., ELT rather than ETL

5 key factors contributing to increasing vulnerabilty or organizational info resources:

1. Today's interconnected, interdependent, wirelessly networked business environment -Trusted and untrusted network 2. Smaller, faster, cheaper computers and storage devices -These characteristics make it much easier to steal or lose a computer or a storage device that contains huge amounts of sensitive information 3. Decreasing (computing) skills necessary to be a computer hacker -The internet contains information and computer programs called scripts that users with limited skills can download and use to attack any informatuion system that is connected to the internet 4. International organized crime taking over cybercrime 5. Lack of management support -Lower level managers may be more important than senior managers as they are in close contact with employees every day and are thus in a better position to determine whether employees are following security procedures (note: senior managers are supposed to set the tone in regards to security policies and procedures)

Group decision support systems

?????

Reliability

?????

Axon

??????

Historical data

??????

The business sector that reported the highest number of cyberattacks in 2016 was:

Business

availability

Data is accessible when needed by those authorized to do so

The Capabilities of Dashboards:

Drill down-The ability to go to details, at several levels; it can be done by a series of menus or by clicking on a drillable portion of the screen. Critical success factors (CSFs)-The factors most critical for the success of business. These can be organizational, industry, departmental, or for individual workers. Key performance indicators (KPIs)-The specific measures of CSFs. Status access-The latest data available on a KPI or some other metric, often in real time. Trend analysis-Short-, medium-, and long-term trends of KPIs or metrics, which are projected using forecasting methods. Exception reporting-Reports highlight deviations larger than defined thresholds. Reports may include only deviations.

Spyware

tracking software that is not designed to intentionally damage or disable a system. For example, an employer may install spyware on corporate laptops to monitor employee browsing activities, or an advertiser might use cookies to track what Web pages a user visit in order to target advertising in a marketing campaign.

Who leads the food delivery industry?

Grubhub, Doordash, Ubereats

In 2016, the greatest number of reported data breaches were reported to be the result of:

Hacking

Data Mart

Is a low-cost, scaled-down version of a data warehouse that is designed for the end-user needs in a strategic business unit (SBU) or an individual department. Data marts can be implemented more quickly than data warehouses, often in less than 90 days. Furthermore, they support local rather than central control by conferring power on the user group.

Business application process

Is the process of developing actionable decisions or recommendations for actions based on insights generated from historical data. Business analytics encompasses not only applications, but also technologies and processes. It includes both "getting data in" (to a data mart or warehouse) and "getting data out" (through BA applications). The entire BA process begins with a business problem, often called pain points by practicing managers. When organizations face business problems, they often turn to business analytics, through the process illustrated in Figure 6.3, to help solve those problems. Before we begin our discussion of the BA process, let's emphasize the importance of the technologies that underlie the entire process (see Figure 6.3). These technologies are all improving very rapidly.

What is the function of an expert system?

Mimics human expert in a particular area and makes decisions

The basic characteristics of data warehouses and data marts include the following:

Organized by business dimension or subject. Data are organized by subject—for example, by customer, vendor, product, price level, and region. This arrangement differs from transactional systems, where data are organized by business process such as order entry, inventory control, and accounts receivable. Use online analytical processing. Typically, organizational databases are oriented toward handling transactions. That is, databases use online transaction processing (OLTP), where business transactions are processed online as soon as they occur. The objectives are speed and efficiency, which are critical to a successful Internet-based business operation. In contrast, data warehouses and data marts, which are designed to support decision makers but not OLTP, use online analytical processing (OLAP), which involves the analysis of accumulated data by end users. We consider OLAP in greater detail in Chapter 6. Integrated. Data are collected from multiple systems and are then integrated around subjects. For example, customer data may be extracted from internal (and external) systems and then integrated around a customer identifier, thereby creating a comprehensive view of the customer. Time variant. Data warehouses and data marts maintain historical data; that is, data that include time as a variable. Unlike transactional systems, which maintain only recent data (such as for the last day, week, or month), a warehouse or mart may store years of data. Organizations use historical data to detect deviations, trends, and long-term relationships. Nonvolatile. Data warehouses and data marts are nonvolatile—that is, users cannot change or update the data. Therefore, the warehouse or mart reflects history, which, as we just saw, is critical for identifying and analyzing trends. Warehouses and marts are updated, but through IT-controlled load processes rather than by users. Multidimensional. Typically, the data warehouse or mart uses a multidimensional data structure. Recall that relational databases store data in two-dimensional tables. In contrast, data warehouses and marts store data in more than two dimensions. For this reason, the data are said to be stored in a multidimensional structure. A common representation for this multidimensional structure is the data cube.

online analytical processing (OLAP)

also referred to as multidimensional analysis capabilities. OLAP involves "slicing and dicing" the data that are stored in a dimensional format, "drilling down" in the data to greater detail, and "rolling up" the data to greater summarization (less detail).

Three objectives of data and information systems security:

confidentiality, integrity, and availability

Hactavist (hacker-activist)

is short for hacker-activist or someone who performs hacking to promote awareness for or otherwise support a social, political, economic, or other cause. Hacking an application, system, or network without authorization, regardless of motive, is a crime.

Data warehouses and data marts, which are designed to support decision makers but not OLTP, use.....

online analytical processing (OLAP)

The entire BA process begins with a business problem, often called ____________ by practicing managers. When organizations face business problems, they often turn to business analytics, through the process illustrated in Figure 6.3, to help solve those problems.

pain points

Social engineer

targeting human behavior rather than computer technology From an IT security perspective, social engineering is a hacker's clever use of deception or manipulation of people's tendency to trust, be helpful, or simply follow their curiosity. Powerful IT security systems cannot defend against what appears to be authorized access. Notorious hacker Kevin Mitnick, who served time in jail for hacking, used social engineering as his primary method to gain access to computer networks. In most cases, the criminal never comes face-to-face with the victim, but communicates via the phone or e-mail. Humans are easily hacked, making them and their social media posts high-risk attack vectors. For instance, it is often easy to get users to infect their corporate network or mobile devices by tricking them into downloading and installing malicious applications or backdoors.