it - the organization and the individual. learning objectives recognize the difficulties in managing...
TRANSCRIPT
Learning ObjectivesLearning Objectives
Recognize the difficulties in managing Recognize the difficulties in managing information resources.information resources.
Recognize information systems’ vulnerability and Recognize information systems’ vulnerability and manage risk.manage risk.
Discuss the security issues of the Web and Discuss the security issues of the Web and electronic commerce.electronic commerce.
Identify the major aspects of the economics of Identify the major aspects of the economics of information technology.information technology.
Demonstrate how to define and measure tangible Demonstrate how to define and measure tangible information technology benefits.information technology benefits.
Show how to evaluate intangible information Show how to evaluate intangible information technology benefitstechnology benefits..
God is on the Small StuffGod is on the Small Stuffand it all mattersand it all matters
““Leadership is an Art”Leadership is an Art”
Bruce Bickel & Stan JantzBruce Bickel & Stan Jantz
…….In the Small Stuff.In the Small Stuff
Empowering is Empowering is more than more than delegatingdelegating
Have the courage Have the courage to hold people to hold people accountableaccountable
Associate with Associate with leaders as often as leaders as often as you canyou can
Being a good Being a good example is better example is better than giving good than giving good adviceadvice
There are born There are born leaders and there leaders and there are leaders who are leaders who are made. And are made. And then there arte then there arte those who become those who become leaders out of leaders out of necessitynecessity
Small Stuff (cont.)Small Stuff (cont.)
An exceptional leader An exceptional leader is one who gets is one who gets average people to do average people to do superior worksuperior work
If you want to lead, If you want to lead, readread
Use your influence Use your influence sparingly. It will last sparingly. It will last longerlonger
When you find a When you find a leader, followleader, follow
When you identify a When you identify a follower, leadfollower, lead
Be available to take Be available to take someone’s place in an someone’s place in an emergencyemergency
Power begins to Power begins to corrupt the moment corrupt the moment you begin to seek ityou begin to seek it
Small Stuff (cont.)Small Stuff (cont.)
A signpost like a peer, only warns you A signpost like a peer, only warns you about the road ahead. But a map, like a about the road ahead. But a map, like a mentor can show you hoe to get where mentor can show you hoe to get where you want to goyou want to go
Find a mentorFind a mentor Managing people begins with caring for Managing people begins with caring for
themthem One of the sobering characteristics of One of the sobering characteristics of
leadership is that leaders are judged to a leadership is that leaders are judged to a greater than followers.greater than followers.
Technology & OrganizationsTechnology & Organizations
Impact of new technologies on organizations:Impact of new technologies on organizations:• First, most organizations will perform existing First, most organizations will perform existing
functions at decreasing costs over time and thus functions at decreasing costs over time and thus become more efficient.become more efficient.
• Second, creative organizations will find new uses for Second, creative organizations will find new uses for information technology—based on the improving price-information technology—based on the improving price-to-performance ratio—and thus become more to-performance ratio—and thus become more effective. effective.
• New and enhanced products and services will provide New and enhanced products and services will provide competitive advantage to organizations that have the competitive advantage to organizations that have the creativity to exploit the increasing power of creativity to exploit the increasing power of information technology. information technology.
Trend --Trend --Information -> CollaborationInformation -> Collaboration
Today’s Internet focuses on access to and Today’s Internet focuses on access to and delivery of informationdelivery of information
Tomorrow’s Internet will support human Tomorrow’s Internet will support human collaboration in an information-rich collaboration in an information-rich environmentenvironment
The Internet is global, and is creating a The Internet is global, and is creating a global capability to build knowledge-based global capability to build knowledge-based communitiescommunities
Technological & Financial TrendsTechnological & Financial Trends
Moore’s LawMoore’s Law• Moore suggested in 1965 that the number of Moore suggested in 1965 that the number of
transistors, and thus the power, of an integrated transistors, and thus the power, of an integrated circuit (computer chip) would double every year circuit (computer chip) would double every year while the cost remained the same.while the cost remained the same.
• He later revised this estimate to a slightly less He later revised this estimate to a slightly less
rapid pace: doubling every 18 months.rapid pace: doubling every 18 months. Price-to-performance ratioPrice-to-performance ratio
• Organizations will have the opportunity to buy, Organizations will have the opportunity to buy, for the same price, twice the processing power for the same price, twice the processing power in 1½ years, four times the power in 3 years, in 1½ years, four times the power in 3 years, eight times the power in 4½ years, etc. eight times the power in 4½ years, etc.
Nolan’s StagesNolan’s Stages Theory of IT Adoption and Org. Learning Theory of IT Adoption and Org. Learning
(Pg 528-530)(Pg 528-530)
InitiationInitiation ExpansionExpansion ControlControl IntegrationIntegration Data administrationData administration MaturityMaturity
Research andDevelopment
Commercialization
Partnerships
Privatization
NSFNET
Internet2, Abilene, vBNSAdvanced US Govt Networks
ARPAnet
gigabittestbeds
ActiveNets
wirelessWDM
SprintLinkInternetMCI US Govt
NetworksANS
InteroperableHigh PerformanceResearch &EducationNetworks
21st CenturyNetworking
Quality of Service(QoS)
The Productivity ParadoxThe Productivity Paradox Over the last 50 years, organizations have Over the last 50 years, organizations have
invested trillions of dollars in information invested trillions of dollars in information
technology.technology. • Total worldwide annual spending on IT in 2000 was two Total worldwide annual spending on IT in 2000 was two
trillion dollars, and is expected to be over three trillion trillion dollars, and is expected to be over three trillion dollars by 2004. dollars by 2004.
Yet it is very hard to demonstrate that IT Yet it is very hard to demonstrate that IT investments really have increased outputs or investments really have increased outputs or wages.wages.
The discrepancy between measures of The discrepancy between measures of investment in information technology and investment in information technology and measures of output at the national level is measures of output at the national level is described as the described as the PProductivity roductivity PParadoxaradox..
ProductivityProductivity
Economists define Economists define productivityproductivity as outputs as outputs
divided by inputs.divided by inputs. • Outputs are calculated by multiplying units produced, Outputs are calculated by multiplying units produced,
for example, number of automobiles, by their average for example, number of automobiles, by their average value.value.
If inputs are measured simply as hours of work, If inputs are measured simply as hours of work,
the resulting ratio of outputs to inputs is the resulting ratio of outputs to inputs is labor labor
productivityproductivity..
If other inputs—investments and materials—are If other inputs—investments and materials—are
included, the ratio is known as included, the ratio is known as multifactor multifactor
productivity.productivity.
Value of Information to Decision MakingValue of Information to Decision Making
The value of information to decision The value of information to decision making is the difference between the net making is the difference between the net benefits—benefits adjusted for costs—of benefits—benefits adjusted for costs—of decisions made using the information and decisions made using the information and decisions without the information.decisions without the information.
Value of Information =
Net benefits with information – Net benefits without information
Total Cost of OwnershipTotal Cost of Ownership
An interesting approach for evaluating the An interesting approach for evaluating the value of IT is the value of IT is the total cost of ownership (TCO).total cost of ownership (TCO). • TCO is a formula for calculating the cost of owning TCO is a formula for calculating the cost of owning
and operating a PC. and operating a PC. • The cost includes hardware, technical support, The cost includes hardware, technical support,
maintenance, software upgrades, and help-desk and maintenance, software upgrades, and help-desk and peer support. peer support.
• By identifying such costs, organizations get more By identifying such costs, organizations get more accurate cost-benefit analyses and also reduce the accurate cost-benefit analyses and also reduce the TCO.TCO.
• It is possible to reduce TCO of workstations in It is possible to reduce TCO of workstations in networked environments by as much as 26 percent networked environments by as much as 26 percent by adopting best practices in workstation by adopting best practices in workstation management (Kirwin et al., 1997). management (Kirwin et al., 1997).
Assessing Intangible BenefitsAssessing Intangible Benefits
There are 4 main methodologies of assessing There are 4 main methodologies of assessing intangible benefits: intangible benefits:
Value analysisValue analysis allows users to evaluate intangible allows users to evaluate intangible benefits on a low-cost, trial basis before deciding benefits on a low-cost, trial basis before deciding whether to commit to a larger investment.whether to commit to a larger investment.
Information economicsInformation economics focuses on the application of focuses on the application of IT in areas where its intangible benefits contribute to IT in areas where its intangible benefits contribute to performance on key aspects of organizational strategies performance on key aspects of organizational strategies and activities.and activities.
Management by maximManagement by maxim provides a means of provides a means of rationalizing IT infrastructure investments.rationalizing IT infrastructure investments.
Option valuationOption valuation takes into account potential future takes into account potential future benefits that current IT investments could produce.benefits that current IT investments could produce.
Disaster Recovery PlanDisaster Recovery Plan A disaster recovery plan A disaster recovery plan is essential to any security is essential to any security
system.system. HereHere are are some some key thoughts about disaster key thoughts about disaster
recovery by Knoll (1986):recovery by Knoll (1986):
• The purpose of a recovery plan is to keep the The purpose of a recovery plan is to keep the business running after a disaster occurs. business running after a disaster occurs.
• Recovery planning is part of Recovery planning is part of asset protection.asset protection. • Planning should focus first on recovery from a total Planning should focus first on recovery from a total
loss of all capabilities.loss of all capabilities.• Proof of capability usually involves some kind of Proof of capability usually involves some kind of
what-if analysis that shows that the recovery plan is what-if analysis that shows that the recovery plan is current.current.
• All critical applications must be identified and their All critical applications must be identified and their recovery procedures addressed in the plan.recovery procedures addressed in the plan.
ChangeChange
Portfolio Career – HandyPortfolio Career – Handy TelecommutingTelecommuting Smart Work – 80% Smart Work – 80%
cerebral/20%manualcerebral/20%manual Virtual CorporationsVirtual Corporations Intellectual CapitalIntellectual Capital
EthicsEthics
PrivacyPrivacy Intellectual PropertyIntellectual Property
• CopyrightCopyright• Trade SecretsTrade Secrets• PatentPatent
Quality of LifeQuality of Life Social ResponsibilitySocial Responsibility
Case: Cyber Crime Case: Cyber Crime On On FebFeb. 6, . 6, 2000 2000 - - the biggest the biggest ECEC sites were sites were hit by hit by
cyber crimecyber crime.. • Yahoo!, eBay, Amazon.com, E*TradeYahoo!, eBay, Amazon.com, E*Trade
The attacker(s) used a method called denial of The attacker(s) used a method called denial of service (DOS). service (DOS). • Clog a system by hammering a Web site’s equipment Clog a system by hammering a Web site’s equipment
with too many requests for informationwith too many requests for information The total damage worldwide was estimated at $5-10 The total damage worldwide was estimated at $5-10
billion (U.S.).billion (U.S.).• TThe alleged attacker, from the Philippines, was not he alleged attacker, from the Philippines, was not
prosecuted because he did not break any law in the prosecuted because he did not break any law in the Philippines.Philippines.
Lessons Learned from the CaseLessons Learned from the Case
Information resources that include computers, networks, Information resources that include computers, networks, programs, and data are vulnerable to unforeseen attacks.programs, and data are vulnerable to unforeseen attacks.
Many countries do not have sufficient laws to deal with Many countries do not have sufficient laws to deal with computer criminals.computer criminals.
Protection of networked systems can be a complex issue.Protection of networked systems can be a complex issue.
Attackers can zero on a single company, or can attack Attackers can zero on a single company, or can attack many companies, without discrimination.many companies, without discrimination.
Attackers use different attack methods.Attackers use different attack methods.
Although variations of the attack methods are known, the Although variations of the attack methods are known, the defence against them is difficult and/or expensive.defence against them is difficult and/or expensive.
U.S. Federal StatutesU.S. Federal Statutes
According to the FBI, an average white-collar According to the FBI, an average white-collar crime involves $23,000; but an average crime involves $23,000; but an average computer crime involves about $600,000. computer crime involves about $600,000.
The following U.S. federal statutes dealThe following U.S. federal statutes deal wit with h computer crimecomputer crime;;
• Counterfeit Access Device and Computer Fraud Act Counterfeit Access Device and Computer Fraud Act of of 19841984
• Computer Fraud and Abuse Act Computer Fraud and Abuse Act of of 19861986• Computer Abuse Amendment Act of 1994 (prohibits Computer Abuse Amendment Act of 1994 (prohibits
transmission of viruses)transmission of viruses)• Computer Security Act of 1987Computer Security Act of 1987• Electronic Communications Privacy Act of 1986Electronic Communications Privacy Act of 1986• Electronic Funds Transfer Act of 1980Electronic Funds Transfer Act of 1980• Video privacy protection act of 1988Video privacy protection act of 1988
IT Security in the 21IT Security in the 21stst Century Century
Increasing the Reliability of Systems. Increasing the Reliability of Systems.
The objective relating to reliability is to use The objective relating to reliability is to use fault fault tolerancetolerance to keep the information systems working, to keep the information systems working, even if some parts fail. even if some parts fail.
Intelligent Systems for Early Detection. Intelligent Systems for Early Detection.
Detecting intrusion in its beginning is extremely Detecting intrusion in its beginning is extremely important, especially for classified information and important, especially for classified information and financial data.financial data.
Intelligent Systems in Auditing. Intelligent Systems in Auditing.
Intelligent systems are used to enhance the task of Intelligent systems are used to enhance the task of IS auditing.IS auditing.
IT Security in the 21IT Security in the 21stst Century Century (cont.)(cont.)
Artificial Intelligence in Biometrics. Artificial Intelligence in Biometrics.
Expert systems, neural computing, voice recognition, and Expert systems, neural computing, voice recognition, and fuzzy logic can be used to enhance the capabilities of fuzzy logic can be used to enhance the capabilities of several biometric systems.several biometric systems.
Expert Systems for Diagnosis, Prognosis, and Disaster Expert Systems for Diagnosis, Prognosis, and Disaster Planning.Planning. Expert systems can be used to diagnose Expert systems can be used to diagnose troubles in computer systems and to suggest solutions. troubles in computer systems and to suggest solutions.
Smart Cards.Smart Cards. Smart card technology can be used to Smart card technology can be used to protect PCs on LANs. protect PCs on LANs.
Fighting Hackers.Fighting Hackers. Several new products are available for Several new products are available for fighting hackers.fighting hackers.
National SecurityNational Security
Loss of individual privacyLoss of individual privacy WiretapsWiretaps Library ExampleLibrary Example Right’s at WorkRight’s at Work