Company Info
Company Name: The Hangover
What Company Does: Events management, social planning
Departments: Accounting / IT / HR / Marketing
Company Mission: The aim of our company is to provide quality service to clients through the provision of ‘gnarly’ social events.
Further Information: The Company is to be run solely as an e-business, operating through the social networks of myspace and facebook. Through the use of these websites, we intent to create a network of teenagers (between the ages of 18-25) in order to organise and promote various parties. The company will first organise a venue and entertainment for a night, with the event having a prescribed entrance fee. In a separate arrangement with the owners of the venue, we will negotiate a percentage of the door takings.
Business Functional Areas and IT Architecture
Within the group we have the majors of Marketing, Accounting, Management and Law.
Within the field of Marketing, IT would be used in order to create advertising campaigns, gain information about customers (CRM) and store and provide relevant internal and external information about the business through the use of databases.
Within the field of Accounting, IT would be used primarily to store the financial information of the business and prepare various accounts as required. It is also possible that IT would be used for the various calculations and mathematical processes required by accountants.
Within the field of Management, IT would be essential for the provision of information about the business as well as being used as a primary source of communication. Through the use of databases containing pertinent information about the business, managers would be able to make the required decisions to ensure the operation of the business. IT would also be essential for managers to communicate to people both internal and external to the business.
Within the field of Law, IT has become incredibly useful as the majority of legal information (cases, court documents and legislation) are now available digitally through websites such as CaseBase and Austlii.
IT Infrastructure and Hardware
In order to map out the IT infrastructure of the business, it is essential to evaluate the Hardware needs of each department.
Accounting: This department would require the use of several accounting programs and possible the transferral of information to other departments. The required computers would be desktop PC’s with accounting software. This department would also require a combined Printer/Fax machine.
IT: The IT department of the business would be required to maintain the internet links which are essential to the operation of the business. Because of this, the employees of this department would require computers (either Mac or PC) with high speed modems. Also due to the requirement of this department to oversee the IT of all other departments, employees would require mobility and should b provided with ultramobile PCs.
HR: Human Resources requires the ability to be in constant contact with employees and will b required to give staff training through presentations. It is recommended that in addition to Desk-top PCs, this department should be given mobile phones in order to have constant communication with employees. It is also recommended that this department be provided with a data projector for training presentations.
Marketing: Marketing is the creative soul of the business, and the primary source of consumer information. Because of this, it is essential that this department is provided with Mac computers in order to develop more creative files such as video streams. As Marketing employees would b required to gather information about customers and collate this info it is essential tat they have adequate and portable storage units, therefore they should be provided with USB storage devices.
Security and Ethics
Essential Points of Code of Ethics;
1) Employees shall act in a manner consistent with social ideals.
2) Employees shall not at any time use information about clients which they have obtained in any unauthorised manner.
3) Employees shall seek to ensure that the company’s activities are not inconsistent with social values.
4) Employees shall adhere to professional standards of conduct.
5) Employees shall act with honesty and integrity in all dealings related to business activities.
Security threats to The Hangover
Possible security threats and the adequate responses for our business include;
Data Loss: It is possible that our main data storage facilities may be compromised, the proper response to this is to have procedural back-ups of data and an alternative data storage plan.
SPAM: SPAM e-mails are a likely security threat considering the virtual nature of our business. To combat this, the business will require an adequate SPAM filter for our e-mail utilities.
Denial of Services: Considering the virtual nature of the business, any denial of internet access would be catastrophic. In order to prevent this, the business should have multiple network access points to ensure that we are able to access the internet whenever it is required.
Disaster Recovery Plan;
Due to the nature of our business and the virtual storage of essential information such as client contacts, it is essential that we allow for the proper back-up of all data in several locations around the country.
In the event of a natural disaster, the proper protocol is for the business to move from its base of operations in Sydney to another capital city. In order to do this, all staff would b required to shift to the new capital city and a new network of customers would have to be established via social networking sites. Also it would be necessary to begin negotiations with venues within the new city in order to continue operations.
E-Commerce
Our company will operate as a pure e-business with the only physical interaction with customers being at the events held.
On our website we will have;
Business Contact Details
Pictures of previous events held (for social marketing purposes)
A Feed-back Forum
An ‘Upcoming Events’ Blog
The form of marketing e will use is B2C.
Our Website Applications will be;
Portals
Blogs
Social Networks
Thursday, September 25, 2008
Monday, September 22, 2008
Chapter 6: E-Business and E-commerce
Section 6.1
1. Define e-commerce and distinguish it from e-business.
Electronic Commerce: describes the process of buying, selling, transferring or exchanging products, services or information via computer networks through the internet.
B-Business: includes the buying and selling of goods and services, as well as collaborating with business partners, conducting e-learning and conducting electronic transactions with the public sector.
2. Distinguish among B2C, B2B, C2C and B2E electronic commerce.
Business 2 Consumer: the sellers are the organisation and the buyers are the consumers
Business 2 Business: both the seller and the buyer are the business organisation
Consumer 2 Consumer: an individual sells products or services to other individuals
Business 2 Employee: the business uses electronic commerce internally to provide information and services to its employees.
3. List some benefits and limitations of e-commerce.
The benefits of e-commerce include:
- National and international markets are easily penetrated and more accessible
- Lowers the costs of marketing, processing and distributing information among networks worldwide.
- Increased customer access to the products and services through the internet. They can compare prices, and the availability of the product
- Ability to easily and conveniently deliver information, services and products to people in cities, rural areas and in developing nations.
The limitations of e-commerce include:
- Slowed the growth and acceptance of products and services
- Lack of universally accepted standards of security telecommunications and is expensive.
- Insecure, and lacks an amount of critical sellers and buyers.
Section 6.2
1. List the major issues relating to e-tailing.
E-Tailing is the direct sale of products and services through electronic shop fronts or electronic malls, usually designed around an electronic catalogue format and/or auctions.
The issues of e-tailing include:
- Channel conflict: they sell directly to customers on line and have the potential to alienate the distributors and other intermediaries of the organisation.
- Price and resource allocation: the greater influence of logistics services provided by the online services. This can contribute to the fact that the companies multichannel and therefore increase expenditure.
- Order fulfilment: when a company takes orders from customers it must perform the actitivites in a quick amount of time. The expectations of customers wanting these products in fast time can make it difficult for the organisation to carry these effectively and efficiently
2. What are spamming, permission marketing and viral marketing?
Spamming is the indiscriminate distribution of electronic advertisements without the permission of the receiver.
Permission marketing asks consumers to give their permission to voluntarily accept online advertising and emails.
Viral marketing online word of mouth marketing. The effect of this marketing is the fact that people forward messages on to people suggesting that they should “check it out”.
Section 6.4
1. List the various electronic payment mechanisms.
Electronic payments systems enable the consumer to pay for goods and services electronically, rather than writing a cheque or using other payment methods.
The types of electronic payment mechanisms include:
- E-checks
- E-credit
- Virtual, single-use credit card number
- Purchasing cards
- Electronic cash
- Loyalty cards
2. What are micropayments?
Micropayments are small payments for a few dollars or less
Section 6.5
1. List some ethical issues in EC.
Some of the ethical issues of the E-commerce include:
- Threats to privacy
- Issue of tracking which take the forms of cookies that raise privacy consernc.
- Compromising employees privacy which may eliminate the need for some of the firms employees
2. List the major legal issues of EC.
Some of the legal issues of E-commerce include:
- Greater chance of dishonesty and fraudulent undertakings
- Creation of virtual banks that take persons information, money and other crimes like embezzlement
- Cyber squatting
- Intellectual property- trademarks, patents, brand
1. Define e-commerce and distinguish it from e-business.
Electronic Commerce: describes the process of buying, selling, transferring or exchanging products, services or information via computer networks through the internet.
B-Business: includes the buying and selling of goods and services, as well as collaborating with business partners, conducting e-learning and conducting electronic transactions with the public sector.
2. Distinguish among B2C, B2B, C2C and B2E electronic commerce.
Business 2 Consumer: the sellers are the organisation and the buyers are the consumers
Business 2 Business: both the seller and the buyer are the business organisation
Consumer 2 Consumer: an individual sells products or services to other individuals
Business 2 Employee: the business uses electronic commerce internally to provide information and services to its employees.
3. List some benefits and limitations of e-commerce.
The benefits of e-commerce include:
- National and international markets are easily penetrated and more accessible
- Lowers the costs of marketing, processing and distributing information among networks worldwide.
- Increased customer access to the products and services through the internet. They can compare prices, and the availability of the product
- Ability to easily and conveniently deliver information, services and products to people in cities, rural areas and in developing nations.
The limitations of e-commerce include:
- Slowed the growth and acceptance of products and services
- Lack of universally accepted standards of security telecommunications and is expensive.
- Insecure, and lacks an amount of critical sellers and buyers.
Section 6.2
1. List the major issues relating to e-tailing.
E-Tailing is the direct sale of products and services through electronic shop fronts or electronic malls, usually designed around an electronic catalogue format and/or auctions.
The issues of e-tailing include:
- Channel conflict: they sell directly to customers on line and have the potential to alienate the distributors and other intermediaries of the organisation.
- Price and resource allocation: the greater influence of logistics services provided by the online services. This can contribute to the fact that the companies multichannel and therefore increase expenditure.
- Order fulfilment: when a company takes orders from customers it must perform the actitivites in a quick amount of time. The expectations of customers wanting these products in fast time can make it difficult for the organisation to carry these effectively and efficiently
2. What are spamming, permission marketing and viral marketing?
Spamming is the indiscriminate distribution of electronic advertisements without the permission of the receiver.
Permission marketing asks consumers to give their permission to voluntarily accept online advertising and emails.
Viral marketing online word of mouth marketing. The effect of this marketing is the fact that people forward messages on to people suggesting that they should “check it out”.
Section 6.4
1. List the various electronic payment mechanisms.
Electronic payments systems enable the consumer to pay for goods and services electronically, rather than writing a cheque or using other payment methods.
The types of electronic payment mechanisms include:
- E-checks
- E-credit
- Virtual, single-use credit card number
- Purchasing cards
- Electronic cash
- Loyalty cards
2. What are micropayments?
Micropayments are small payments for a few dollars or less
Section 6.5
1. List some ethical issues in EC.
Some of the ethical issues of the E-commerce include:
- Threats to privacy
- Issue of tracking which take the forms of cookies that raise privacy consernc.
- Compromising employees privacy which may eliminate the need for some of the firms employees
2. List the major legal issues of EC.
Some of the legal issues of E-commerce include:
- Greater chance of dishonesty and fraudulent undertakings
- Creation of virtual banks that take persons information, money and other crimes like embezzlement
- Cyber squatting
- Intellectual property- trademarks, patents, brand
Chapter 5: Network Applications
1. Describe the three network applications that we discussed in this section and the tools and technologies that support each one.
Enterprise Networks incorporate the backbone of the firms information systems. It enables the firm access to high-speed central networks to which smaller networks (LAN and WAN) are connected to one another. This allows the firm to have increased access to information for business decision making and other functions of the business.
WAN are networks that cover a large area, increasing the information that is available to the organisation
LAN networks are those over a small geographical area, restricting the access of the business to other resources of other firms . It keeps the documents created by the firm secure to no one else has access to them.
2. What are the business conditions that are leading to the increased importance of videoconferencing?
The conditions that leading to the increased importance of videoconferencing are:
- Globalisation and international business operations: more personnel are operating overseas and meetings can be conducted over the internet with ease. This allows face-to-face communications
- Participants can see one person in numerous locations
- enables a telepresence of the persons to be involved in the business meeting or conferences
- It is a real time application that allows companies to bridge time and space to make business decisions and include other persons in the decision making process.
Section 5.2
1. Describe the underlying technologies, applications and types of Web sites that comprise Web 2.0.
The Web2.0 is a loose collection of information technologies and applications and the websites that use them. It is a global, Web-based platform that uses many applications to publish information on the Web. This type of Web encourages the use of social and interactive applications that affirms collaboration and experiential approaches. The underlying concept of this is the fact that the internet has become more personally reflective and subjective to the information and data that is produced by persons.
2. Describe the function of Web services.
Some of the technologies, applications and websites that comprise Web2.0 include:
- AJAX: allows a proportion of the Web pages to reload with fresh, up to date information. This speeds up the response process and increases user satisfaction.
- Tagging: is a word associated with a piece of information. This tagging process allows information to be interconnected in multiple networks.
- Blogs: are an interactive method that allows personal experiences and thoughts to be posted on the internet. This is a source of information that is open to the public. In marketing sense, it has been used to display satisfaction or dissatisfaction of a particular product or service.
- Wiki: is a personal post of changes or additions to other materials on the internet. This has allowed for the source of information to be formulated by a number of additional values, increasing the accuracy of the information.
- Podcasts: is a digital audio file that can be distributed over the internet that is playable on the computer.
- Videocasts: Has the same capabilities of a podcast but instead of an audio file, it displays a digital video file
- Social networking sites: allows users to upload and publish personal information about themselves in the form of text, audio, pictures, videos. Example of these websites include, MySpace, Facebook
- Mashups: are applications that mix and match content from other information sources over the internet, creating a new form of information or content.
3. Describe the function of service-oriented architectures.
Service orientated architectures is an IT architecture that makes it possible to construct business applications using Web services.
Tech Guide 4: Basics of Telecommunications and Networks
1. Compare and contrast the main wired communications channels ? (Ethernet & Fibre Optic)
The main telecommunications channels used to produce telecommunication and networked between people include Ethernet and fibre optic channels.
An Ethernet is a common local area network protocol. This connects two or more devices together within a local geographical region. An example of this is connecting the telecommunications system within an office building. Most firms use Ethernet which provides high data transmission speeds.
A fibre optic channel is a cable filled with glass filaments that transmit information by light pulses. They have an extremely high bandwidth, allowing the transference of information to be quick with little cost to the business. It has the capabilities of connecting many wide area networks together.
2. Describe the two technologies that enable users to send high-volume data over any network. (ISDN & ADSL)
The two technologies that enable users to send vast amount of information over a network include the following:
a. ISDN (integrated services digital network) is an international telephone standard for network access that allows users to transfer the voice, video, image and other related data simultaneously. This allows the user to transfer high-volume data quickly, inexpensively and accurately over a network, worldwide or within local networks.
b. ADSL (Digital subscriber lines) provides high-speed, digital data transmission over telephone lines.
1. What are the main business reasons for using networks?
The main reasons businesses use networks are:
- Networked computer systems enable organisations to be more flexible and they can be proactive in changing or establishing contingency plans for the changing nature of the business environment.
- Allows the business to share hardware, computer applications and data across the entirety of the firm
- Enables all employees to work for the company across the vast geographic regions of the country.
- Ability of the business to share documents, ideas and innovative plans of the organisation
- Networks are imperative in the value chain connecting the business to the consumer
2. What is the difference between LANs and WANs?
A LAN is a Local Area Network which connects two or more limited geographical regions together. For example it can be a building, so as to allow the organisation to communicate with one another sharing documents and other business information. It has file server which contain powerful microprocessors with large amounts of hard drives to allow easy access by the firm.
A WAN is a Wide Area Network is a network area that covers large geographical areas, and connects multiple LAN. WAN’s are usually provided by phone companies which are afforded large capacities of processing units and have multiple channels to transmit information’s across a worldwide network.
1. What is a network protocol?
A network protocol is computing devices that are connected to various network accesses and to share data. A network protocol is a common set of rules that enable users to communicate with one another. These rules establish how information and other transmissions will be used across a network.
2. Describe TCP/IP protocol.
The Transmission Control Protocol/Internet Protocol is a file transfer that sends large amounts of information ensuring that it is not corrupted due to the differences in computer compatibility. This is the overall internet protocol, allowing information to be connected from various websites to be presented into locations.
1. Describe the various ways that you can connect to the Internet?
The various ways you can connect to the internet include:
- Accessing the internet from a LAN
- Opening an account with an internet service provider that allows your computer to be connected to the internet with a fee.
- Telephone providers allow internet access
- Network access points
- Wireless internet connections available anywhere, anytime
- Internet kiosks have been established in public places like libraries so users can access the internet
- Mobile phone connects of the internet through FTTH
2. Describe the parts of an Internet address.
An internet address is assigned an internet protocol that identifies the address with the website. It consists of numbers in four parts, separated by dots.
A domain name system allows the name of the site to be easily remembered by those using them. They are formulated from a mixture of names, dots which are read from right to left.
The top level domain is the right most part of the internet name that indicates what type of website it is. For example, education signified by .edu
1. What are the roles of browsers?
Browsers are software applications through which users access the web. Browsers provide a graphical front end that enable users to point and click their way across the internet, ‘surfing’ for information and other resources to collect information. An example of a browser is Google.
2. Describe the difference between the Internet and the World Wide Web?
The internet is a global network of computers that use a common communications protocol. The IP establishes rules that allow information to be sent and received from one machine to another, one network to another. The World Wide Web is an application system that stores, retrieves, formats and displays information posted by a variety of sources through a web browser.
The main telecommunications channels used to produce telecommunication and networked between people include Ethernet and fibre optic channels.
An Ethernet is a common local area network protocol. This connects two or more devices together within a local geographical region. An example of this is connecting the telecommunications system within an office building. Most firms use Ethernet which provides high data transmission speeds.
A fibre optic channel is a cable filled with glass filaments that transmit information by light pulses. They have an extremely high bandwidth, allowing the transference of information to be quick with little cost to the business. It has the capabilities of connecting many wide area networks together.
2. Describe the two technologies that enable users to send high-volume data over any network. (ISDN & ADSL)
The two technologies that enable users to send vast amount of information over a network include the following:
a. ISDN (integrated services digital network) is an international telephone standard for network access that allows users to transfer the voice, video, image and other related data simultaneously. This allows the user to transfer high-volume data quickly, inexpensively and accurately over a network, worldwide or within local networks.
b. ADSL (Digital subscriber lines) provides high-speed, digital data transmission over telephone lines.
1. What are the main business reasons for using networks?
The main reasons businesses use networks are:
- Networked computer systems enable organisations to be more flexible and they can be proactive in changing or establishing contingency plans for the changing nature of the business environment.
- Allows the business to share hardware, computer applications and data across the entirety of the firm
- Enables all employees to work for the company across the vast geographic regions of the country.
- Ability of the business to share documents, ideas and innovative plans of the organisation
- Networks are imperative in the value chain connecting the business to the consumer
2. What is the difference between LANs and WANs?
A LAN is a Local Area Network which connects two or more limited geographical regions together. For example it can be a building, so as to allow the organisation to communicate with one another sharing documents and other business information. It has file server which contain powerful microprocessors with large amounts of hard drives to allow easy access by the firm.
A WAN is a Wide Area Network is a network area that covers large geographical areas, and connects multiple LAN. WAN’s are usually provided by phone companies which are afforded large capacities of processing units and have multiple channels to transmit information’s across a worldwide network.
1. What is a network protocol?
A network protocol is computing devices that are connected to various network accesses and to share data. A network protocol is a common set of rules that enable users to communicate with one another. These rules establish how information and other transmissions will be used across a network.
2. Describe TCP/IP protocol.
The Transmission Control Protocol/Internet Protocol is a file transfer that sends large amounts of information ensuring that it is not corrupted due to the differences in computer compatibility. This is the overall internet protocol, allowing information to be connected from various websites to be presented into locations.
1. Describe the various ways that you can connect to the Internet?
The various ways you can connect to the internet include:
- Accessing the internet from a LAN
- Opening an account with an internet service provider that allows your computer to be connected to the internet with a fee.
- Telephone providers allow internet access
- Network access points
- Wireless internet connections available anywhere, anytime
- Internet kiosks have been established in public places like libraries so users can access the internet
- Mobile phone connects of the internet through FTTH
2. Describe the parts of an Internet address.
An internet address is assigned an internet protocol that identifies the address with the website. It consists of numbers in four parts, separated by dots.
A domain name system allows the name of the site to be easily remembered by those using them. They are formulated from a mixture of names, dots which are read from right to left.
The top level domain is the right most part of the internet name that indicates what type of website it is. For example, education signified by .edu
1. What are the roles of browsers?
Browsers are software applications through which users access the web. Browsers provide a graphical front end that enable users to point and click their way across the internet, ‘surfing’ for information and other resources to collect information. An example of a browser is Google.
2. Describe the difference between the Internet and the World Wide Web?
The internet is a global network of computers that use a common communications protocol. The IP establishes rules that allow information to be sent and received from one machine to another, one network to another. The World Wide Web is an application system that stores, retrieves, formats and displays information posted by a variety of sources through a web browser.
Tuesday, September 9, 2008
Chapter 4: Data and Knowledge Managment
1. What are some of the difficulties in managing data?
Some of the difficulties with managing data include:
* the sheer amount of data available, on different things, at different times, from a variety of sources.
* different people collect data contributing to duplication of data and information in a business
* Data collection methods are different and vary, contributing to the replication of data.
* different sources of data-overseas, internal, external and personal.
* New sources of data as technology advances. This has created information available on blogsites and other interactive means eg: podcasts.
* Data decays over time
* data integrity, redundancy, validity and quality can be under or overestimated which creates error and bias.
2. What are the various sources for data?
Some of the sources where data comes from include:
* internal- corporate directors, corporate studies
* personal- data developed from thoughts, feelings, experiences, opinions, knowledge
* External- government databases like Census, other corporation databases
3. What is a primary key and a secondary key?
A primary key is the identifier field or attribute that uniquely identifies a record.
Secondary key are identifier fields or attributes that have some identifying information, but typically does not identify the file with complete accuracy.
4. What is an entity and a relationship?
An entity is a person, place, thing, or event about which information is maintained in a record.
5. What are the advantages and disadvantages of relational databases?
Relational databases are a collection of tables which allows the accessibility of data to be gained from a variety of sources without having to reorganise the database.
Some of the advantages of a relational database include:
* sorts data into a concept into commonalities recording records and attributes
* Joins data that is related and shows the relationships among them
* Provides great flexibility of the data to be used by the user
* end users can access needed data quickly and easily via Web browsers
Some of the disadvantages of a relational database include:
* Larger size databases can confuse and muddle information gathered by the user
* depending upon the size of the data, it can slow down the processing time of retrieving data.
* People in one department might be reluctant to share data with other departments as they have been the ones who have contributed to the collaboration of the data.
6. What is knowledge management?
Knowledge management involves a process that helps organisations identify, select, organise, disseminate, transfer and apply information that is in the organisations memory and that exists in the organisation in an unstructured way.
7. What is the difference between tacit knowledge and explicit knowledge?
Tacit knowledge is the subjective and experiential learning of a person or a group of persons that can be applied to management and decision making. Some examples of this type of knowledge include: intellectual property, know-how, expertise.
Explicit knowledge is a more objective, rational and technical type of knowledge. This knowledge is applied to business decision making in respect to ensuring that the strategies and objectives of the business are adequate reflections of valid data.
Chapter 3: Ethics, Privacy and Information Security
1. Provide an IT example that relates to the ethical issues for the ideas of privacy, accuracy, property, and accessibility.
An issue that deals with all of the above mentioned areas is the copying of software. With the capabilities of the internet it allows many people to download free programs that have been copied by sources. Replication of software without paying the owner is a violation of many copyright laws. This has severe ramification for software vendors as it can lead to losses in profitability and competitiveness.
2. What are the 5 general types of IT threats? Provide an example for each one
The 5 general types if IT threats include:
*Unintentional acts (such as human error) are those act that have no intent to change the data but lead to the most invalidity of security.
*Natural disasters (such as floods, earthquakes, hurricanes etc) that cause major destruction to data and information systems of the organisations.
*technical failure (such as problems with hard ware or soft ware) that can disrupt the organisation as the Information System can be disrupted for periods which means that the organisation is unproductive until the computers are restored.
*management failures (such as funding or lack of leadership) affect the security of the information.
*deliberate acts (such as theft of information) are deliberate acts that consist of stealing property, extortion, stealing of clientele or a employers identity.
3. Describe/discuss three types of software attack and a problem that may result from them
Three types of software attacks and the problems resulting from them:
1. Spyware: collects personal information from its users without their consent or them even knowing about the theft of identity. This can result in many of the users setting being changed so they can’t access it, the loss of personal and company information that can be used for fraudulent means.
2. Virus: is a program that affects the computers operating capacity by infecting it with programs that destroy information and other information technology assets, belonging to the business. This leads to the destruction of computer files, information, data and other assets that have the potential to spread to other computers by emails or by other communicative means.
3. Phishing: is the fraudulent means of obtaining personal details and other sensitive materials which are collected by false emails sent to the user. The user then in turn sends them back the information that they requested. They masquerade as a legitimate company for example a bank, acquiring the user’s details and accessing there financial details, identity and so forth. The issues that this has for businesses are the fact that personal and confidential business information can be stolen.
4. Describe the four major types of security controls in relation to protecting information systems.
The four major types of security controls include:
1. Physical controls: prevent unauthorized individuals from getting access to a company’s facilities. They are the physical objects in place that prevent break in’s and theft. Some examples of these modes of controls include fences, surveillance cameras, alarm systems etc.
2. Access controls: restrict unauthorised individuals from using information resources through two forms: authentication and authorisation. These enable a code or some other form of technical recognition of the persons details that correspond with a particular biometric characteristic. Some examples of this form include, voice recognition, retina scans etc.
3. Communications controls: controls secure the movement of data across networks that protect the movement of confidential information through the mediums of firewalls, vulnerability management and encryptions.
4. Application controls: are security countermeasures that protect specific applications protecting the three mains areas of input, processing and output controls.
5. What is information system auditing?
Information auditing is the process of analysing and ensuring that the current methods implemented which aims to protect the business from intrusion and security are effective. It gives methods for improvements and contingency plans that can be used if something does penetrate the security of the organisationAuditing is executed through:
Auditing through the computer
Auditing around the computer
Auditing with the computer
6. What is the difference between authentication and authorization and why are they important to e-Commerce/give an example of their relevance to e-Commerce
Authentication and authorisation is an access control that restricts certain people from accessing information resources. Authentication involves a process that determines the identity of the person requiring access. Authorisation involves a process that determines which actions, rights, or privileges the person has, based on verified identity. The difference between the two is that one identifies and the other verifies the information given by a user/person of the organisation.
Authentication and authorisation is important to ecommerce as technology is an integral part of business. As the technology has developed so too does the protection mechanisms to ensure that the information and other assets of the business are protected. They restrict information to only the people that were intended to actually gain access to it. An example of this is passwords for people who are members of the organisation and they can therefore access amounts of information that they are allowed.
An issue that deals with all of the above mentioned areas is the copying of software. With the capabilities of the internet it allows many people to download free programs that have been copied by sources. Replication of software without paying the owner is a violation of many copyright laws. This has severe ramification for software vendors as it can lead to losses in profitability and competitiveness.
2. What are the 5 general types of IT threats? Provide an example for each one
The 5 general types if IT threats include:
*Unintentional acts (such as human error) are those act that have no intent to change the data but lead to the most invalidity of security.
*Natural disasters (such as floods, earthquakes, hurricanes etc) that cause major destruction to data and information systems of the organisations.
*technical failure (such as problems with hard ware or soft ware) that can disrupt the organisation as the Information System can be disrupted for periods which means that the organisation is unproductive until the computers are restored.
*management failures (such as funding or lack of leadership) affect the security of the information.
*deliberate acts (such as theft of information) are deliberate acts that consist of stealing property, extortion, stealing of clientele or a employers identity.
3. Describe/discuss three types of software attack and a problem that may result from them
Three types of software attacks and the problems resulting from them:
1. Spyware: collects personal information from its users without their consent or them even knowing about the theft of identity. This can result in many of the users setting being changed so they can’t access it, the loss of personal and company information that can be used for fraudulent means.
2. Virus: is a program that affects the computers operating capacity by infecting it with programs that destroy information and other information technology assets, belonging to the business. This leads to the destruction of computer files, information, data and other assets that have the potential to spread to other computers by emails or by other communicative means.
3. Phishing: is the fraudulent means of obtaining personal details and other sensitive materials which are collected by false emails sent to the user. The user then in turn sends them back the information that they requested. They masquerade as a legitimate company for example a bank, acquiring the user’s details and accessing there financial details, identity and so forth. The issues that this has for businesses are the fact that personal and confidential business information can be stolen.
4. Describe the four major types of security controls in relation to protecting information systems.
The four major types of security controls include:
1. Physical controls: prevent unauthorized individuals from getting access to a company’s facilities. They are the physical objects in place that prevent break in’s and theft. Some examples of these modes of controls include fences, surveillance cameras, alarm systems etc.
2. Access controls: restrict unauthorised individuals from using information resources through two forms: authentication and authorisation. These enable a code or some other form of technical recognition of the persons details that correspond with a particular biometric characteristic. Some examples of this form include, voice recognition, retina scans etc.
3. Communications controls: controls secure the movement of data across networks that protect the movement of confidential information through the mediums of firewalls, vulnerability management and encryptions.
4. Application controls: are security countermeasures that protect specific applications protecting the three mains areas of input, processing and output controls.
5. What is information system auditing?
Information auditing is the process of analysing and ensuring that the current methods implemented which aims to protect the business from intrusion and security are effective. It gives methods for improvements and contingency plans that can be used if something does penetrate the security of the organisationAuditing is executed through:
Auditing through the computer
Auditing around the computer
Auditing with the computer
6. What is the difference between authentication and authorization and why are they important to e-Commerce/give an example of their relevance to e-Commerce
Authentication and authorisation is an access control that restricts certain people from accessing information resources. Authentication involves a process that determines the identity of the person requiring access. Authorisation involves a process that determines which actions, rights, or privileges the person has, based on verified identity. The difference between the two is that one identifies and the other verifies the information given by a user/person of the organisation.
Authentication and authorisation is important to ecommerce as technology is an integral part of business. As the technology has developed so too does the protection mechanisms to ensure that the information and other assets of the business are protected. They restrict information to only the people that were intended to actually gain access to it. An example of this is passwords for people who are members of the organisation and they can therefore access amounts of information that they are allowed.
Subscribe to:
Posts (Atom)
