MIS 201 Exam 2

Ace your homework & exams now with Quizwiz!

How Should Organizations Respond to Security Threats & loss of data/infrastructure?

Take security seriously Create a strong password Use multiple passwords Send no valuable data via email or IM Use https at trusted, reputable vendors Remove high-value assets from computers Clear browsing history, temporary files, and cookies (Cleaner or equivalent) Regularly update antivirus software Demonstrate security concern to your fellow workers Follow organizational security directives and guidelines Consider security for all businesses

The words "Business Intelligence" are the summarization of everything we've put into this class this term. Let's review:

1.We know that there's data collected from all various devices and sources 2.The data is stored on the Cloud, in hardware 3.The hardware contains software. Data is stored in a.Databases/Spreadsheets/CRMs/ERPs/other customized software b.Code is used to run algorithms, of the data, to learn more about what the data contains 4.Some of this software is of the enterprise nature. ERP and CRM software platforms, that run on Cloud systems because they allow for faster processing of the data, provide incredible feedback in helping a business make a decision, so they impact the overall business in a positive manner 5.A tremendous amount of data comes from social media, in what people click on, share; a.When they click on it, share it b.Where they click on it, share it c.What medium they use to click on it, share it

Malware Safeguards

1.Install antivirus and antispyware programs 2.Set up antimalware programs to scan frequently 3.Update malware definitions 4.Open email attachments only from known sources 5.Promptly install software updates from legitimate sources 6.Browse only in reputable Internet neighborhoods

Data broker

Acquires and purchases consumer and other data from public records, retailers, Internet cookie vendors, social media trackers, and other sources Uses data to create business intelligence to sell to companies and the government Cheap cloud processing makes processing consumer data easier and less expensive Processing happening in secret, behind closed doors Data brokers enable you to view data stored about you ◦But, difficult to learn how to request your data, torturous process to get data, usefulness limited

Revenue Models for Social Media

Advertising •Pay-per-click •Use increases value: As more people use a site, the more value it has, and the more people will visit Freemium revenue model ◦Offers users a basic service for free, and charges a premium for upgrades or advanced features ◦Gaming apps, Pandora, YouTube - Try for free or pay for upgrade

How do SMIS Increase Social Capital

Capital ◦Investment of resources for future profit Types of business capital ◦Physical capital - produce goods and services (factories, machines, manufacturing equipment) ◦Human capital - human knowledge and skills investments ◦Social capital - social relations with expectation of marketplace returns

Where Is Social Media Taking Us?

Chief Digital Officers (CDOs) responsible for developing and managing innovative social media programs Harness power of employee social behavior and partners to advance company strategy Loss of management control of employees ◦Employees craft own relationships with employer

Social Media and Manufacturing and Operations

Designing products, developing supplier relationships, and improving operational efficiencies Crowdsourcing ◦Process of employing users to participate in product design or product redesign; can also include contributing financially ◦People funding via the Internet ◦Widely used in businesses-to-consumer (B2C) relationships to market products to end users YouTube channel and post videos of product reviews and testing, factory walk-throughs

Intel's Rules of Social Media Engagement

Disclose - Be transparent: Use your real name and employer Be truthful: Point out if you have a vested interest Be yourself: Stick to your expertise and write what you know Protect - Don't tell secrets, don't slam the competition, and don't overshare Use Common Sense - Add value: make your contribution worthwhile Keep it cool: don't inflame or respond to every criticism Use Common Sense: Add value - make your contribution worthwhile Keep it cool - don't inflame or respond to every criticism Admit mistakes - be upfront and quick with corrections

How do (Some) Companies Earn Revenue from Social Media

Hyper-social organization aka Instagram Influencer ◦Uses social media to transform interactions with customers, employees, and partners into mutually satisfying relationships with them and their communities Renting your (the Users) eyeballs to an advertiser ◦People are willing to put themselves online in order to make money for themselves and sell a company's product

What Are Typical Uses for BI?

Identifying changes in purchasing patterns ◦Important life events cause customers to change what they buy ◦Accessing the Data sources to these different major life changes can be done just with simple scanning of social media accounts, searching through the publicly available information about deaths, marriages, divorces, birth. Many of these pieces of Data can come from the daily newspaper BI for entertainment ◦Netflix uses data to determine what people actually want, not what they say they want Predictive policing ◦Analyze data on past crimes (location, date, time, day of week, type of crime, etc.) to predict where crimes likely to occur ◦See Wall Street Journal Video in Lessons for Chapter 9

Business Intelligence

Information systems that process operational and other data, to analyze past performance and to make predictions Look for patterns, relationships, and trends identified by business intelligence systems They have the 5 standard components of: hardware, software, data, procedures, and people Software component is called a business intelligence application

How Can Organizations Address SMIS Security Concerns

Need a social media policy Develop and publicize a social media policy ◦Statement delineates employees' rights and responsibilities ◦Intel's Three Pillars of SM Policies (Next slide) Consider risks from non-employee user-generated content Look at risks from employee use of social media

Hadoop & MapReduce

Parallel Processing ◦BigData is broken into smaller segments (servers), and hundreds or thousands of independent processors search these servers for something of interest ◦instead of bringing data to CPU, CPU's are now being brought to the data, scalability larger; can process more amounts of data at once Hadoop ◦Organizes the parallel processing MapReduce ◦As CPU's finish, their results are combined ◦Acts as a table of contents, know where the data in question is stored to access it faster. See graph on slide 17, shows portion of keywords that begin with letter H ◦Result can be a list of all the terms searched for on a given day and the count of each

How do Social Networks Add Value to Businesses?

Progressive organizations: ◦Maintain presence on Facebook, LinkedIn, Twitter, other Social Media sites ◦Encourage customers and interested parties to leave comments ◦Risk? ◦Excessively critical feedback

What Are Three Techniques for Processing Business Intelligence Data?

Reporting - Create information about past performance - Process structured data by sorting, grouping, summing filtering, and formatting Data Mining - Classify and predict - Use sophisticated statistical techniques to find patterns and relationships BigData - Find patterns and relationships in BigData - Volume, velocity, and variety force use of MapReduce techniques. Some applications use reporting and data mining as well

Social Media

Social Media ◦The use of IT to support the sharing of content among networks of users ◦Enables people to form communities of practice

How do SMIS Advance Organizational Strategy

Strategy determines value chains, which determine business processes, which determine information systems Value chains determine structured business processes ◦Value is perceived by either the business, or the customer ◦Value is adding something to a raw material, a process, or a finished good, that differentiates the product from a substitute Constantly changing nature of SM means process flows cannot be designed or diagrammed ◦This means, because SM changes at the "speed of impulse" (Servé term), charting perceived value can indirectly hurt a company

Using Social Networks to Increase the Strength of Relationships

Strength of a relationship ◦Likelihood other person or other organization will do something that benefits your organization Write positive reviews, post pictures of you using organization's products or services, tweet about upcoming product releases, and so on Organizations strengthen relationships with you by asking you to do them a favor Resources must be relevant ◦These may be either financial, or physical. Sometimes a name can carry a lot of weight.

So What? Data Storytelling

Technique for presenting results of business intelligence Story: an ordered sequence of steps with a pre-defined path Steps consist of interactive dashboard displays of business intelligence results Purpose of a data story is to explain that why ◦Provide context and direction, opinions, arguments about what data reveals Data story authors are business professionals, not technologists

Internal Risks from Social Media

Threats to information security, increased organizational liability, and decreased employee productivity ◦Directly affect ability of an organization to secure information and resources ◦Seemingly innocuous comments can inadvertently leak information used to secure access to organizational resources ◦Don't tell everyone it's your birthday because your date of birth (DOB) can be used to steal your identity.

The Data Broker can be anyone, or anything

Typically, the data broker is someone, or something, that collects the data that's out there. After the data collection, the data broker can then 1.Sell the raw unorganized data 2.Organize the data and then sell it 3.Hold onto the data in either its raw, unorganized form, or organize the data through a series of algorithms. The data broker can then allow, via a VPN, a customer access to this data and allow the customer to move the data around to get the answer they're looking for. But in this last case, the data stays within the data broker. It cannot be removed. Everyone, including competitors, can have access to this same data via the Cloud. a.UD Arena and AT&T with First Four

Types of Data Mining

Unsupervised Data Mining Does not start with a Priori hypothesis or model Meaning, the hypothesized model that is created afterwards, is based on analytical results to explain any patterns found Statistical analysis is performed on the data collected, in order to find out what answers are possible from it Supervised Data Mining Priori model (aka prediction, such as regression analysis) Used to compute outcome of a model based on sampling of data Due to the potential processing power available now, and in the future, sampling may become a thing of the past, but will still be necessary when narrowing the scope of the search down, due to the sheer amount of data collected

Social Media and Sales and Marketing Activity

•Dynamic, Social Media-based CRM processes a Social CRM •Each customer crafts relationship •Wikis, blogs, discussion lists, frequently asked questions, sites for user reviews and commentary, other dynamic content •Customers search content, contribute reviews and commentary, ask questions, create user groups, etc. •Artificial Intelligence (AI) now replies to common questions posted by end users to businesses. Humans reply to more specific questions

Information Systems: Where Do These Hackers Come From?

•A lot of times these hackers come from Russia and Eastern European republics/countries •Organized Crime in these areas have realized it's much cheaper and easier to steal money from businesses using information technology than to break into places or steal from brick-and-mortar places of business •So how do they find these hackers? A lot of the time, these hackers are just kids in their late teens/early 20's who are extremely smart, well educated, and have the ability to write code to steal data and information without getting caught. For instance, if a hacker gets 30,000,000 credit card numbers, do they charge each card with $1,000? No. Too big of a number. But if they add something onto the credit card called "Service Fee" and it's only $0.02. Not too many people will argue with that charge. In one month of $0.02 charges on 30,000,000 credit card accounts, that's $600,000. Get away with that "Service Fee" for 6 months or a year, you're doing well for doing nothing.

Requirements Gaps

•Always gaps between requirements and capabilities of specific functions, features and inherent procedures of licensed application •First challenge - Identifying Gaps •Must know what is needed and what new product does •Features and functions of complex products like CRM or ERP not easy to identify •Second challenge - Deciding what to do with identified gaps •This can require customization of the information system, which can be more expensive and take more time •Building a new information system is not as easy as buying software off a shelf at a store, or downloading something online, and you're up and running. •Designing the new system takes time, in some cases between 5-10 years, depending on the size and complexity of the company. •With a business potentially having so many "moving parts", it is possible to miss a few things. These few things that are missed are called Requirements Gaps. These gaps appear when the new system is being tested and will mean the system will have to undergo updates to it to reflect these missing parts.

Solution to SILOS Information Systems - Enterprise Resource Planning (ERP)

•An ERP is a single, organizational wide, information system - Oracle ERP Cloud •Incorporates all the various silos together to share and disseminate information between the silos •In order for a business to implement an ERP, Business Process Reengineering (BPR) must take place •BPR - the activity of altering existing, and designing, new business processes. This allows the organization to take advantage of the new ERP •BPR can be difficult, slow, and exceedingly expensive •Must go through a process called the Systems Development Life Cycle (SDLC) •This process can take months, or years, for full implementation to take place •The SDLC will be covered, in full, in a handout

Information within SILOS

•As data is accumulated, throughout a business, it's disseminated (sent to, allocated into) the department(s) that it is going to affect. •From that point, the data is then put through series of mathematical functions and run through numerous computer algorithms, until it is compiled into information. It's this information that allows an employee to make a decision on what to do in various situations and scenarios. •In the past, basically up to the 1980's and 1990's, various departments kept their data separate from each other. In order for someone higher up to make a decision, based on data from various departments, paper memos had to be sent out to those departments, requesting the data required to help make a decision. So the problem became the following: 1.The amount of time it took for the request to be put through, in other words how long it took that paper memo to make its way to the departments in question 2.The accumulation of the requested data had to be pulled and typed out, or printed 3.Then the paper had to be sent back to the person requesting the data from the departments 4.The time required to fully compile and analyze the data into information from which decisions could be made varied •The amount of time for this paper request could take a couple days, to a week, or even longer. •Depended on how much data needed to be put together from various locations •This separation of data/information was holding back businesses from making an informed decision that could make a positive financial impact on their business and give a competitive advantage from one business entity to the next.

Social Media and Human Resources

•Employee communications using internal personnel sites or out onto Facebook and other social media platforms •Finding employee prospects, recruiting candidates, candidate evaluation •Place for employees to post their expertise •Risks: ◦Forming erroneous conclusions about employees ◦A potential employee posts information on their application that their own social media profile proves is false

Transition Problems

•Change from isolated departmental systems to new enterprise system, while doing business •Requires careful planning and substantial training of employees who will utilize the new system •Going to allow the people that helped in the transition, from within the organization, to become a more integrated part of the information system department •Senior management must explain need for change to employees and stand behind new system as kinks are worked out •A new information system is only as good as the manager who fully supports it •Management MUST believe, and be behind, the new changes. This also means the management "should" learn as much about the new system as possible •Problems can occur when a new system is put into place in a company is the upper management is making decisions for the employees who utilize the system on a daily basis •Upper-level management won't listen to the wants, needs, and opinions of employees who use the current and new system. This can lead to severe problems in the future •To avoid this problem, upper-level management should continuously know how to do the daily tasks that keep the current business in full operation

What are the Challenges of Implementing and Upgrading Enterprise Information Systems

•Collaborative management •Requirements gaps •Transition problems •Employee resistance

Data Lakes

•Data Lakes contain the original data as it's collected. Nothing is cleaned, nothing is changed. It's just held as it's been entered by the person or program that's entering the data •From there, the data can then be accessed and then it can be changed to a more recognized form to help make a decision

Encryption

•Encryption: process of transforming clear text into coded, unintelligible text for secure storage or communication •Encryption algorithms •Commonly used methods: DES, 3DES, and AES •Symmetric encryption •Same key (a number) used to encode and decode •Fast and preferred •Asymmetric encryption (two keys) •One key encodes message, other key decodes message

Social Media Application Providers

•Facebook, Twitter, LinkedIn, Instagram •When Microsoft bought LinkedIn and how it worked - watch this •Sponsors might pay a fee, depending on application and what they use the site for ◦Creating a company page free on Facebook, but ◦Charges fee to advertise to communities that "Like" page •Custom developed Social Media (SM) for company using SharePoint for wikis, discussion board, photo sharing •This means you create and control the social media interface within your business yourself. You're not reliant on another company

Goal of Information Systems Security

•Find appropriate trade-off between risk of loss and cost of implementing safeguards •Use antivirus software - ESET, Norton, McAfee •Deleting browser cookies? •Get in front of security problem by making appropriate trade-offs for your life and your business •Need to be aware of •Incorrect Data Modification •Loss of Infrastructure

Five Components of SMIS

•Hardware - SM application providers host SM presence using elastic servers in the cloud •Develop and operate custom, proprietary, social networking application software •Software - Content data - data and responses to data contributed by users and SM sponsors •What people write on a post, Likes •Data - Connection data - data about relationships •How many Likes and Shares are you clicking? To what are you Liking and Sharing? It's this data that helps social media sciences learn more about who you are as a person and help generate more advertisements, and posts that are in the same general category as your Likes and Shares, in the hopes that you'll continue to Like and Share more of those areas. Why? Revenue generation. •Procedures - Organizations must have procedures for creating content, managing user responses, removing obsolete or objectionable content, and extracting value from content •Why put something up if you're not going to use the data from it? •People - Social media creates new job titles, new responsibilities, and need for new types of training •The new way to link into, and talk to, people who you normally wouldn't know about •Generate new ideas, direction, open new areas to entry with low barriers to entry

Loss of Infrastructure

•Human accidents •Theft and terrorist events •Disgruntled or terminated employee •Natural disasters

Responding to Social Networking Problems

•If someone posts something that's either mean, vindictive, false, completely wrong, there's a few options you can take 1.Leave it 2.Respond to it 3.Delete it

Enterprise Application Solutions

•Organizations can license software that contain prebuilt procedures. -Predesigned procedures for using software products. -Example SAP - Industry Best Practices Software •Enterprise resource planning (ERP) •Customer relationship management (CRM)

What is the Value of Social Capital

•Value of Social Capital -Number and strength of relationships, resources controlled •Adds value in four ways: 1. Information ◦People telling someone to do or take something 2. Influence decision maker at an employer 3. Social credentials ◦You can be connected to someone who knows someone important (6 Degrees of Kevin Bacon) 4. Personal reinforcement - professional image or status

Faulty Service

•Incorrect data modification •Systems working incorrectly •Procedural mistakes •Programming errors •IT installation errors •Denial of service (unintentional) •Usurpation •Occurs when computer criminals invade a computer system & replace legitimate systems with their own •Try to spy, steal, & manipulate data, or achieve their own purpose

When Purchasing an Information System, Size DOES Matter

•Information systems (IS) are based on what is known as Scope. Meaning, how big is the organization that'll be using this system? •Global to Mid-Sized to Single Store Front •Brick & Mortar or Digital? •Main questions/problems with purchasing a new information system: •How large of an organization will be accessing it? •How many people work in the organization that's going to be purchasing this new system? •P&G •Sole proprietor Massage Therapist •Ashley's Pastries in Oakwood Main questions/problems with purchasing a new information system: •From where will the employees be accessing the IS? •Will they all come to a central location, or will they access it mobile? •COVID-19 Pandemic has changed this problem and has forced companies to make their information systems more accessible via Cloud and VPNs •Will suppliers or customers have access into certain parts of this system? •This is important for security reasons. You don't want customers being able to probe around a supplier's site, only to realize they can purchase cheaper from the supplier, and thereby, not give you the business. Likewise, you don't want your supplier looking at your customer list, and they sell directly to the customer, cutting you out of the equation

Collaborative Management

•No single manager to resolve disputes •Need committees and steering groups to provide enterprise process management •Slow and expensive •These take a while because "everybody's idea matters" and nobody wants to disrupt, or hurt, anyone's feelings In this stage, everyone gets to have an opinion. The problem with Collaborative Management is too many opinions. When installing a new information system, you only want the people who are using the system on a daily basis and you only want the best end users of the current system. It's these employees who have the best knowledge and background of how everything should work within it. These employees are going to become part of the project team, that will be the transition from the current system to the new system. You'll be working through an SDLC homework assignment which will explain this in more detail

Employee Resistance

•People resist change because change requires effort and engenders fear •Senior-level management must communicate need for change throughout transition process •Employees fear change because it threatens their self-efficacies •A person's belief that he or she can be successful at his or her job (see chart below) •To enhance confidence, employees need to be trained and coached on successful use of new system •Word-of-mouth a very powerful factor •Key users trained first to create positive buzz about new system •Video demonstrations of employees successfully using new system effective •Employees given extra inducement to change to new system "Nothing succeeds like praise or cash, especially cash"

Incorrect Data Modification

•Procedures incorrectly designed or not followed •Increasing customer's discount or incorrectly modifying employee's salary •Placing incorrect data on company Web site •Improper internal controls on systems •System errors •Faulty recovery actions after a disaster

Social Media and Customer Service

•Relationships emerge from joint activity where customers can have as much control as companies •Product users freely help each other solve problems •People posting thoughts, ideas, and potential solutions to issues company can face •This can be a money saver because can get input from multiple peoples with various levels of experience •This experience from posters can lead to the creation of an advisory board of these posters •Risk of peer-to-peer support can lead to a loss of control by the company •If you're too reliant on only customer posts, you'll potentially lose money for repairs. See John Deere and Right to Repair video

Three Social Media Information Systems (SMIS) Roles

•Social Media Providers ◦Facebook, LinkedIn, Twitter, Instagram, and Pinterest provide platforms ◦Attracting and targeting certain demographic groups ◦70% users of Pinterest are female, 80% of users of LinkedIn are 35 and older •Users ◦Both individuals and organizations ◦Companies that are active now on social media have an advantage of being in touch with their customers when it comes to new releases, updates, recalls •Communities ◦Mutual interests and transcend familiar, geographic, and organizational boundaries

Data Warehouses

•Software program that contains all of the data (sales transactions, returns, phone calls, etc) within a business, for the life of the business •The purpose of holding and containing all this data is the hope that the business will be able to predict, with almost near certainty, exactly what a customer wants and how to interact with the customer in the hopes of keeping the customer coming back and shopping at that location from that point on •Extract data from operational, internal and external databases •Cleanse data •Organize, relate data warehouse •Catalog data using metadata

Customer Relationship Management (CRM)

•Suite of applications, a database, and set of inherent processes •Manage all interactions with customer through four phases of customer life cycle: -Marketing, customer acquisition, relationship management, loss/churn (see slide 15) •Intended to support customer-centric organization •Typically implemented in heavy sales and lots of face-to-face with customers •Keeps track of all communications, transactions, returns, compliments, and complaints for each customer •Allows an organization to know, precisely, where a customer was/is/should be within their life cycle of the business

Ransomware

•This is an intrusive software program that is downloaded as what appears to be a normal file, and then when attempted to be opened, it launches a program that locks a personal computer, to an entire network, out of accessing anything. When it comes to lost work and increased expenses, Ransomware has become the leading cause. How bad is Ransomware? It's taken down hospitals and entire cities. •In May 2021, the Colonial Pipeline was taken down by Ransomware

What Types of Security Loss Exists?

•Unauthorized Data Disclosure •Pretexting •Someone pretends to be someone who they really aren't •Phishing •Someone pretending to be someone they aren't with intention to gain information •Spoofing •IP spoofing •Email spoofing •Skimmers •Devices installed onto machines in an effort to steal credit/debit card •Drive-by sniffers •Monitor and intercept wireless Internet traffic •Hacking •This is how easy it is to get hacked - Vice HBO •Natural disasters •Backing up data when storm, earthquake, tsunami, is eminent

Managing the Risk of Inappropriate Content

•User-generated content (UGC) •Problems From External Sources ◦Junk and crackpot contributions ◦Inappropriate content ◦Unfavorable reviews ◦Mutinous movements

Malware Types and Spyware and Adware Symptoms

•Viruses - Trojan horses - Worms - Conficker Worm - Stuxnet - Nitro Zeus - Zero Days Slow system startup Sluggish system performance Many pop-up advertisements Suspicious browser homepage changes Suspicious changes to the taskbar and other system interfaces Unusual hard-disk activity

Problems with Information Systems within SILOS

•What are the problems of each silo having their own information system? •Data is easily duplicated •Data inconsistency; what might be entered one way may be entered as another •Example: How do you enter today's date into an online form? •Data isolated; employees from other silos cannot access vital information to help them make a decision •Inefficiencies in a business come from decisions made with data that is isolated •Business processes become disjointed; if you can't access the data, you can't make the correct decision •Lack of integrated enterprise information •Increased cost for the organization •You have more systems you need to manage, that means either more local hardware/software, or increased cloud, costs. •A business needs an IS solution that will allow for data, and information, to be shared, between the silos of a business in order for decisions to be made quickly, and efficiently •Data Integrity is essential! •Meaning the data cannot be changed, or adjusted, in any way •Data cannot be •"Massaged" - adjusted to what the people who collect, or who review the data when it comes in, determine what it "should be" and not what it is. When data is massaged, it's manipulated to what people in charge want it to be. The sales figures for May 2021 might be $12,000,000, but this number can be "adjusted" to meet certain goals that can affect the bottom line, or a bonus for an employee, of a company. •Data that falls into those categories, above, is called disjointed •What do these different areas of business do? And how will the correct information system help in processing the data collected?


Related study sets

MRU19.4: THE TRAGEDY OF THE COMMONS

View Set

Chapter 2-Introduction to Scanners

View Set

Vocabulary Rows of ア・カ・サ・タ・ガ・ザ・ダ

View Set

SOS Math 800: Unit 6- Classifying Triangles and the Triangle Inequality Theorem

View Set

Project Management - Cengage Mindtap Assignment Chapters 1 - 15 100% Tested for Correction

View Set

Ch. 3 & 14- Peritoneum & Retroperitoneum

View Set