Free Essay

Mis Laudon

In: Business and Management

Submitted By mingooknah
Words 3151
Pages 13
ring Information Systems –Study Guide

Systems must be more secure when processing transactions and maintaining data. These two issues are the biggest issues facing those wanting to do business on or expand their operations to the Internet.
System Vulnerability and Abuse
Why Systems Are Vulnerable

Information systems are vulnerable to technical, organizational, and environmental threats from internal and external sources. The weakest link in the chain is poor system management. If managers at all levels don’t make security and reliability their number one priority, then the threats to an information system can easily become real. The figure below gives you an idea of some of the threats to each component of a typical network.

Contemporary Security Challenges and Vulnerabilities.

Businesses that partner with outside companies are more vulnerable because at least some data may be less controlled. Partnering companies may not protect information as stringently. Hardware and software safeguards may not be as important to outsiders. Employees of the partnering firm may not view security as diligently as the primary business.

Mobile computing devices like smartphones, cell phones, netbooks, and laptops, add to the vulnerability of information systems
Internet Vulnerabilities

Poor diligence Information broker ChoicePoint sold the personal information of 145,000 people to inadequately vetted bogus businesses. As a consequence, many people later became victims of identity theft. ChoicePoint paid $15 million to settle charges it failed to protect consumers’ information, the Federal Trade Commission announced in January 2006.

Failed processes A laptop containing sensitive personal information on 26.5 million U.S. veterans was stolen May 3 from the suburban Maryland residence of a Veteran’s Administration data analyst who wanted to work at home but did not have remote access to the VA’s system. News of the theft was kept under wraps for 19 days. A week later, Michael H. McLendon, VA deputy assistant secretary for policy, announced his resignation.

These incidents show how long the problem with poor security has existed and how vulnerable computing systems are. Every point of entry into the Internet network is a point of vulnerability.

If you connect to the Internet with a cable modem or DSL you are much more vulnerable to hackers on your home PC than if you connect with a dial-up modem. That’s because you are always connected, with a permanent IP address, which makes it easier for hackers to find you. The only smart thing to do is keep your security software and operating system software up-to-date and include firewall protection.

Because distributed computing is used extensively in network systems, you have more points of entry, which can make attacking the system easier. The more people you have using the system, the more potential for fraud and abuse of the information maintained in that system. That’s why you have to make it everybody’s business to protect the system. It’s easy for people to say that they are only one person and therefore they won’t make much difference. But it only takes one person to ignore necessary safeguards in order for one other person to disable a system or destroy data.
Wireless Security Challenges
Internet cafes, airports, hotels, and other hotspot access points need to make it easy for users to use the network systems with the 802.11 standard. Yet, because it is so easy, hackers and crackers can easily access unsuspecting users’ systems and steal data or use the entry point as a way to spread malicious programs. The hackers can use war driving techniques to gain access to wireless networks not only in hotels and airports, but private businesses and government centers.

Wireless networks are vulnerable in the following ways:

• Radio frequency bands are easy to scan.
• Signals are spread over a wide range of frequencies.
• Service set identifiers (SSID) are broadcast multiple times and are easily picked up.
• Rogue access points can be established on different radio channels and divert signals from authentic points.
• Wired equivalent privacy (WEP) isn’t very effective because it relies on user input.
Malicious Software (Malware): Viruses, Worms, Trojan Horses, and Spyware

Have you ever picked up a cold or the flu from another human? Probably. You then spread it to two or three other people through touch or association. Those people spread it to two or three more people each. Pretty soon it seems that everyone on campus or at work is sick. That is how computer viruses are spread. You copy a file from an infected source, use the file, and maybe send it to friends or associates. The virus is now on your computer and spreads to files other than the original. You then send the same or even a different file to a few friends and their computers are infected.

Web-enabled and e-mail-enabled cell phones are now being targeted as a way to spread viruses.

A different type of malware called worms can also destroy data on computers or clog network systems with software-generated electronic transmissions. Worms are similar to viruses in that they can create additional file copies on a computer and generate emails to other computers with the infected file attached. Worms differ from viruses because they don’t need human intervention to spread from one computer to another.

Trojan horses cause problems because they force a computer system to perform unexpected operations, often to the detriment of the system and the user. This type of malware is usually masked in email messages although it can be stored on Web sites.

Web sites are becoming a magnet for hackers to gain access to users’ computers. It’s imperative that Web site programmers and authors create underlying code that properly validates and filters data entered by site users. That will help prevent SQL injection attacks that target databases and unleash malicious code.

Not all spyware is damaging to a computer system. It is a popular method for some Web sites to monitor how users navigate through a site, providing critical information that the Web designers and developers can use to improve the site. Unfortunately, some spyware is becoming a preferred method for hackers to install malicious code on computers and allow them to infiltrate an unsuspecting computer. Key loggers are an example of how spyware programs are used to capture personal or business information from unsuspecting users.
Hackers and Computer Crime

Hackers constantly develop new ways to get around security software. Unfortunately they usually have the upper hand because they can create hacking methods faster than security software companies can create, update, and distribute software that blocks them. Users who fail to keep their software updated inadvertently help hackers continue to ply their trade. One security software company is trying a new approach and hope they get the help they need from you.

Symantec asks customers to opt in to a program that will collect data about attempted computer intrusions and then forward the information to authorities. Symantec will also begin posting the FBI‘s top 10 hackers and their schemes on its Web site, where customers go for software updates. Next year, the company will begin offering cash bounties for information leading to an arrest. (BusinessWeek, Hounding the Hackers, Edwards, Cliff, Sep 14, 2009)

Some hackers penetrate systems just to see if they can. They use special computer systems that continually check for password files that can be copied. Or they look for areas of the system that have been “left open,“ so to speak, where they can enter the system. Sometimes they don’t do any damage, but far too often they destroy files, erase data, or steal data for their own use through cybervandalism. Other hackers attack systems because they don’t like the company.
Even after last week‘s unveiling of privacy upgrades, a security lapse on the Facebook Inc. social network early this week still exposed restricted photos to anyone using the site, according to an Associated Press report later confirmed by the company to Computerworld.
A spokeswoman said that after learning of the problem, Facebook engineers on Monday “tested the scenario, found that it was a bug and fixed it immediately.“ In a statement, the company added that “We take security very seriously.“ (Computerworld, March 26, 2008)
Spoofing/pharming and Sniffing

These are two other methods hackers and criminals use to gain improper or illegal access to computer systems. Spoofing or pharming is becoming a common way to steal financial information through fake Web sites. The spoofed site is almost a mirror image of the real site and unless the unsuspecting user examines the spoof closely, he/she may inadvertently give out important personal and financial information.

Using a sniffer program is a popular way to “grab“ information as it passes over transmission lines regardless of whether they are hard-wired or wireless. It is almost impossible to detect and encryption is about the only way to safeguard against it.
Denial of Service Attacks

As companies and organizations expand their business to Web sites, they are opening another point of vulnerability through denial of service attacks. Using botnets to launch distributed denial of service attacks is becoming all too common. The hackers seem to enjoy attacking the most popular Web sites like Facebook and Twitter.

“On this otherwise happy Thursday morning, Twitter is the target of a denial of service attack,“ wrote Stone (Twitter co-found Biz Stone). “Attacks such as this are malicious efforts orchestrated to disrupt and make unavailable services such as online banks, credit card payment gateways, and in this case, Twitter for intended customers or users. We are defending against this attack now and will continue to update our status blog as we continue to defend and later investigate.“ In a denial-of-service attack, a malicious party barrages a server with so many requests that it can’t keep up, or causes it to reset. As a result, legitimate users can only access the server very slowly — or not at all, as appears to be the case here. (www.wired.com, Van Buskirk, Elliott, Denial-of-Service Attack Knocks Twitter Offline, Aug 6, 2009)

Computer Crime

Computer crime is a growing national and international threat to the continued development of e-business and e-commerce. When the Internet was first created in the late 1960s, the designers intentionally built it to be open and easily accessible. Little did they know 40 years later, that structure would be the very cause of so much crime and vandalism. This table lists the best known examples of computer crime.

Identity Theft

The fastest growing crime off or on the Internet is identity theft. Even though identity theft is most likely to occur in an offline environment, once your personal information has been stolen its easy to use it in an online environment.

There are many precautions people can take to help prevent identity theft. One way is to scrutinize emails or phone calls that ask for your personal information or financial account information. No legitimate financial institution will ever send an e-mail requesting you to supply your account information. That is the number one indicator that the e-mail is a phishing e-mail. You should ignore and delete the email immediately. You can also access www.annualcreditreport.com and receive free copies of your credit reports from the three major credit reporting bureaus to monitor the information about your credit card and financial activities.

Other ways your identity can be stolen is through evil twins based on wireless network intrusions and pharming, the use of bogus Web sites. All of these are classified as computer crimes for which our government is continually passing new laws.
Click Fraud
All those ads you see on Web sites cost the sponsor money. Every time someone clicks on an ad, the sponsor is charged a pay-per-click fee. The fee is based on the popularity of the search words that generated the ad. What if your company is paying for an ad with little or no resultant traffic to your Web site? That’s what happens in the case of click fraud. A person or a software program continually hits on the ad, driving up the advertising fees, without any intention of actually visiting the site.
Internal Threats: Employees

It is surprising to learn that much computer crime against companies is committed by current or former employees. They know the system best, are entrusted with huge amounts of data, and have the easiest access. Managers and executives need to be aware of potential internal threats to their systems and put special measures in place to safeguard systems and data. They also need to impress upon all employees how important security is throughout the system right down to the last person.
Internet behavior—surfing to unknown or even suspicious sites, for example—when they have an IT department behind them to clean up their mess, a recently released study claims.
According to the July study—which was released Tuesday by Tokyo-based Trend Micro and based on polls of 1,200 users, 400 each in the United States, Germany, and Japan—39 percent of enterprise workers believed that their company’s IT department would keep them safe from viruses, worms, spyware, spam, and phishing and pharming attacks.
That confidence, whether on the mark or misplaced, leads workers to do risky, even stupid, things at work, such as opening questionable e-mail messages or clicking on unknown Web site links.

Password theft is the easiest way for hackers to gain access to a system. No, they don’t come into your office at night and look at the piece of paper in your desk drawer that has your password written on it. They generally use specially written software programs that can build various passwords to see if any of them will work. That’s why you should use odd combinations of letters and numbers not easily associated with your name to create your password. The longer the password, the harder it is to replicate. The same password should not be used for more than one access point. Using multiple passwords limits the damage done if a hacker does manage to obtain a single password.

Safeguarding individual passwords from social engineering maliciousness is the responsibility of everyone in the organization. An effective way of limiting access to data is to establish computer-generated logs that show every employee who logged on, what they did, what part of the system they accessed, and whether any data were used or updated. Logs are easily created by system software programs and should be periodically reviewed by the information technology staff and department managers. If nothing else, it gives them an idea of what their employees are doing.
Software Vulnerability

With millions of lines of code, it’s impossible to have a completely error-free program. Most software manufacturers know their products contain bugs when they release them to the marketplace. They provide free updates, patches, and fixes on their Web sites. That’s why it’s a good idea not to buy the original version of a new software program but to wait until some of the major bugs have been found and corrected.

Because bugs are so easy to create, most unintentionally, you can reduce the number of them in your programs by using the tools discussed in other chapters to design good programs. Many bugs originate in poorly defined and designed programs and keep infiltrating all parts of the program.
Business Value of Security and Control

Transactions worth billions and trillions of dollars are carried out on networks every day. Think of the impact if the networks experience downtime for even a few minutes. And, the problem is far worse than companies may reveal:
In 2005 ChoicePoint, a data brokerage company, revealed that they had inadvertently sold personal and financial information to more than 50 companies that were fronts for identity thieves. This incident underscores the difficulties with protecting data and information on millions of unsuspecting consumers and legitimate businesses. The cost of settling several lawsuits went far beyond the potential profits Choicepoint probably made. Indeed, the problem has been very damaging to Choicepoint’s business reputation.

Consumer data broker ChoicePoint, Inc., which last year acknowledged that the personal financial records of more than 163,000 consumers in its database had been compromised, will pay $10 million in civil penalties and $5 million in consumer redress to settle Federal Trade Commission charges that its security and record-handling procedures violated consumers’ privacy rights and federal laws. The settlement requires ChoicePoint to implement new procedures to ensure that it provides consumer reports only to legitimate businesses for lawful purposes, to establish and maintain a comprehensive information security program, and to obtain audits by an independent third-party security professional every other year until 2026.
“The message to ChoicePoint and others should be clear: Consumers’ private data must be protected from thieves,“ said Deborah Platt Majoras, Chairman of the FTC. “Data security is critical to consumers, and protecting it is a priority for the FTC, as it should be to every business in America.“ (FTC.gov, Nov 2008)
Legal and Regulatory Requirements for Electronic Records Management

Because so much of our personal and financial information is now maintained electronically, the U.S. government is beginning to pass laws mandating how the data will be protected from unauthorized or illegal misuse. Congress has passed several measures outlining the requirements for electronic records management:
• HIPAA: protects medical and health care data
• Gramm-Leach-Bliley Act: requires financial institutions to ensure the security and confidentiality of customer data
• Sarbanes-Oxley Act: requires companies and their management to safeguard the accuracy and integrity of financial information that is used internally and released externally

All of these laws are in response to computer crimes and abuses that businesses or individuals have committed or experienced. It’s very difficult to pass the laws and costly for businesses who struggle to comply with them.
Electronic Evidence and Computer Forensics

Several things are happening in the corporate world that are changing the requirements for how companies handle their electronic documents: 1) Companies are communicating more and more with e-mail and other forms of electronic transmissions, and 2) Courts are allowing all forms of communication to be held as evidence. Therefore businesses must develop methods of capturing, storing, and presenting any and all electronic communications including e-mail, instant messaging, and e-commerce transactions.

Computer forensics is a growing field because of the increasing digitization of documents and communications. Many people believe that just because they delete a file from a computer file directory that it’s no longer available or recoverable. That’s a false belief. Ambient data remains on hard drives in magnetic form long after it’s apparently been deleted. People trained in computer forensics are able to uncover ambient data and other forms of electronic evidence that can be used in courts of law. Businesses and employees must increase their awareness of the necessity for keeping good records.

Similar Documents

Premium Essay

Mis Laudon & Laudon 9e Chapter 6

...Chapter 6 1) The device that acts as a connection point between computers and can filter and forward data to a specified destination is called a(n): A) hub. B) switch. C) router. D) NIC. 2) The Internet is based on which three key technologies? A) TCP/IP, HTML, and HTTP B) TCP/IP, HTTP, and packet switching C) Client/server computing, packet switching, and the development of communications standards for linking networks and computers D) Client/server computing, packet switching, and HTTP 3) The method of slicing digital messages into parcels, transmitting them along different communication paths, and reassembling them at their destinations is called: A) multiplexing. B) packet switching. C) packet routing. D) ATM. 4) The telephone system is an example of a ________ network. A) peer-to-peer B) wireless C) packet-switched D) circuit-switched 5) Which of the following is not a characteristic of packet switching? A) Packets travel independently of each other. B) Packets are routed through many different paths. C) Packet switching requires point-to-point circuits. D) Packets include data for checking transmission errors. 6) In TCP/IP, IP is responsible for: A) disassembling and reassembling of packets during transmission. B) establishing an Internet connection between two computers. C) moving packets over the network. D) sequencing the transfer of packets. 7) In a telecommunications network architecture, a protocol is: A) a device that...

Words: 4304 - Pages: 18

Free Essay

Army Aviation in Low Intensity Conflict

...ARMY AVIATION OPERATIONS IN LOW INTENSITY CONFLICT Introduction “Foot slogging” by infantrymen has been most important and fundamental to address an insurgency; however, there are limitations to their mobility. To increase their versatility, the Portuguese introduced two contrasting means, the helicopter and the horse. While there were other, more conventional solutions to the mobility problem, such as trucks, jeeps, and light armored cars, these vehicles required at least crude roads, had other terrain limitations, and were vulnerable to land mines. The advent of the helicopter and its application in counter-insurgency began with the British in Malaya on 1 April 1950, with the formation of the Far East Casualty Air Evacuation Flight at Seletar with strength of three Westland S-51 Dragonfly helicopters. During the Malayan Emergency the British used their helicopters primarily for casualty evacuation and later for airlifting troops. Question that looms ahead for the future, no matter what the outcome in Jammu and Kashmir, and North Eastern States, is how the army aviation succeeds against fierce insurgency in strategy and capabilities. The Taliban’s resurgence, tenacious resistance against NATO forces in Afghanistan, Al Qaeda’s ability to elude United States forces, and the trouble Israel has had in trying to subdue violence in tiny Southern Lebanon (Hezbollah) and tinier Gaza (Hamas) deepen concern that even world’s finest militaries have problems against any......

Words: 9536 - Pages: 39

Free Essay

Rizal: Hidden Beneath the Surface

...Nikki Vanessa V. Novales July 20, 2012 # 2012-42443 PI 10 E2-6R Rizal: Hidden Beneath The Surface A Reaction Paper On “Bayaning 3rd World” “Who is Rizal?” If you ask this question to any Filipino, they will most likely say, “He is our national hero” Or “He’s the person stamped on our 1-peso coin”. But is that all he really is? The movie “Bayaning 3rd World” is about two film makers trying to make a movie about Rizal. They found out, however, that this would not be an easy task, for their subject is a very complicated man. Rather than focusing on a single issue about Rizal, they decided to make a detective story about Rizal being the country’s national hero. They tackled several issues but focused mainly on Rizal’s retraction and Josephine Bracken. The movie was meant to be educational, but unlike most documentaries, “Bayaning 3rd World” is definitely not boring. The documentary was presented in a comical way, so that viewers of all ages would be able to understand it and grasp its meaning. I was confused at first because I didn’t know what the “Retraction Controversy” was and the two film makers started having these long conversations about it without explaining it to the viewers. But when I found out what it was all about, following the flow of the story became easy. Another controversy that arose was about Josephine Bracken, on whether she and Rizal were married or not. It was implied that if they were indeed married, then Rizal retracted...

Words: 993 - Pages: 4

Premium Essay

Management Information Technology

...the organization and make decisions which are to the best interest of the organization and which will add to its value. Problem solving and decision making have to be based on relevant information. The type of information gathered and way in which the information is stored, utilized and managed to assist an organization in achieving its goals determine how successful organizations are today, (Oz, 2009). Laudon and Laudon (2014) stated that the collection, processing, storage and distribution of information to assist in decision making and management of an organization constitute information systems. Furthermore, they described management information systems as an element of information systems literacy concerned with behavioural and technical issues relating to the development, utilization and effect of information systems. Information Technology (IT) Personnel play a significant role in Management Information Systems (MIS). However, since MIS is not limited to technical issues, it is imperative that other significant individuals be involved. Laudon and Laudon (2014) put forward the concept of the sociotechnical approach to information systems which involves issues and insights from technical and behavioural disciplines. The expertise of the IT personnel is required to deal with the technical aspects of the system, such as, computer science, management science and operations research. However, other important fields, such as sociology, psychology and economics......

Words: 436 - Pages: 2

Premium Essay

Management Leadership

...MANAGEMENT INFORMATION SYSTEMS (MIS) Term 1; ECTS: 10 (July 2-22, 2015) Prof. D P Goyal, Ph.D. Management Development Institute Gurgaon-122001, New Delhi, INDIA dpgoyal@mdi.ac.in;dpgoyal23@gmail.com 1 INFORMATION ABOUT THE PROFESSOR Dr. D P Goyal is Professor at Management Development Institute, Gurgaon, New Delhi, India (www.mdi.ac.in/faculty/detail/28-d-p-goyal/). • • • • • • • • Post Graduate in Business Management; Doctorate in MIS Over 29 years of experience in teaching, research, consulting & executive training Published more than hundred research papers in national / international journals of repute Published 18 books including three well acclaimed text books one each on MIS from Macmillan; ERP from McGraw-Hill; and IT project Management from Macmillan Have supervised 13 Ph.D. research scholars Completed many sponsored research projects On the Board of Governors; Advisory Board; Academic Council; Board of Studies of many business Schools/Universities Member of editorial board and review panel of several referred journals OBJECTIVES OF THE COURSE The main objectives of the course are to provide the management student a broad understanding of: • • • • • Information Systems (such as Transaction Processing Systems, Management Information Systems, Decision Support systems, etc) from a Business Perspective Information Systems Planning Key IT Technologies, and the implications of these technologies for......

Words: 2915 - Pages: 12

Premium Essay

Management Information Systems Module 1

...2/15/2013 MGMT 2006 Module 1 Introduction to MIS Objective • By the end of this module you will be able to: • answer the question "What is an MIS?“ • answer the question "Why MIS?“ • distinguish between data, information, knowledge and wisdom • differentiate between Information Technology and • Information Systems • describe systems in use in typical organizations • relate information systems to strategy and • competitive advantage. What is an MIS? • An Information Systems is a system that captures, stores and processes data, transforming it into useful information. • The Information Systems exist in the context of the organization, which in turn exists within the winder environment. • Data is captured from events in and out of the organization. Information is disseminated in and out of the organization 1 2/15/2013 What is an MIS? Data • Data refers to raw facts lacking in context. – Bar code – Student ID number – Price – Telephone number – Etc. • Often times, raw data is not very useful for decision making. Data • A listing of students registered for MIS this semester . • The list only provides me with raw data. 2 2/15/2013 Information • Information can be produced from data by summarizing, categorizing, sorting and by adding context. Input Process Output Information Female Male Information Global Oil Production 3 2/15/2013 Knowledge “Knowledge is a familiarity with someone or something, which can include information, facts, descriptions, and/or skills......

Words: 1056 - Pages: 5

Premium Essay

Mis 301

...MIS 301 Introduction to Information Technology Management FALL 2010 - Unique Numbers: 03905, 03910, 03915 Instructor tructorBin Gu – bin.gu@mccombs.utexas.edu Dr. Information, Risk, & Operations Management (IROM) Dept. Office CBA 5.228 Office Hours MW 4:00-5:00 pm or by appointment Qian Tang - qian.tang@phd.mccombs.utexas.edu Teaching Assistant CBA 1.308B Office TBD Office Hours Course Description Information technology (IT) has transformed all aspects of 21st century business and everyday life. New IT investments continue to be staggering. Worldwide, over $2.5 trillion is invested in IT. In the U.S., over 50% of capital expenditures are related to IT. Information systems influence business processes, organizational structures, and the ways people do business, work, and communicate. Emerging technologies have triggered new forms of organization and business process innovation; they have also impacted organizational structure, culture, politics, decision making, and society as a whole. IT is transforming how physical products are designed, how services are bundled with products, and how individuals interact with businesses and with other individuals. A silent transformation is occurring as more and more physical products use embedded IT to improve customer experience and product performance. The pervasiveness of IT is expanding global trade and changing how and where work is performed. It is vital that future managers—in every area of business—have a...

Words: 3229 - Pages: 13

Premium Essay

What Is Mis

...Management information systems (MIS) is the study of people, technology, organizations, and the relationships among them. This definition, given by Mays Business School, relates specifically to MIS as a course of study. In other words, MIS is commonly used in business schools to refer to the study of how individuals, groups, and organizations evaluate, design, implement, manage, and utilize systems to generate information to improve efficiency and effectiveness of decision making, including systems termed decision support systems, expert systems, and executive information systems.[1] Many business schools (or colleges of business administration within universities) have an MIS department, alongside departments of accounting, finance, management, marketing, and may award degrees (at undergraduate, master, and doctoral levels) in MIS. A good definition of MIS in practice has been given in a journal article: "Establishing and Managing Management Information Systems in Developing Countries" by Dr. Chris Prince Udochukwu Njoku. Dr. Njoku gave the comprehensive definition after a critical assessment of many definitions, some of which he cited, and described them as inadequate. MIS professionals help organizations--big, medium and small--realize maximum benefit from investments in personnel, equipment, and business processes. MIS is people-oriented, with an emphasis on service. Although it is today increasingly built on computer hardware, software and networks, it does not......

Words: 460 - Pages: 2

Free Essay

It/205 Week 5 Checkpoint

...TJX companies which occurred in July of 2005. According to the book Essentials of MIS, the thieves used a vulnerable wireless network from one of the department stores on the TJX network to gain access. (Laudon & Laudon, 2011, p. 243) After the thieves had access to the network the installed a sniffer program on one of the main computers of the network. They then were able to download any information that they needed to. The TJX Company was still using outdated weak wireless security encryption called WEP, (Wired Equivalent Privacy), instead of upgrading to a more secure version of wireless security, WPA, (Wi-Fi Protected Access). They also did not have any firewalls or data encryption in place. (Laudon & Laudon, 2011, p. 243). The tools that was needed to be in place to help stop this from happening was, the stronger wireless security of Wi-Fi Protected Access (WPA) standard with more complex encryption, they also needed to install strong firewalls, data encryption on computers, and to transmit credit card data to banks with encryption. This breach had some lasting effects on the TJX Company. One of the first effects was that the company had to strengthen the company’s information system security. They also had to agree to have a third-party auditor review their security measures every two years for the next twenty years. (Laudon & Laudon, 2011) According to Essentials of MIS, “TJX has already spent over $202 million to deal with its data theft, including......

Words: 388 - Pages: 2

Premium Essay

Essentials of Management Information Systems

...Information Systems LEARNING OBJECTIVES C H A P T E R 7 STUDENT LEARNING OBJECTIVES After completing this chapter, you will be able to answer the following questions: 1. Why are information systems vulnerable to destruction, error, and abuse? What is the business value of security and control? What are the components of an organizational framework for security and control? What are the most important tools and technologies for safeguarding information resources? 2. 3. 4. ISBN 1-256-42913-9 232 Essentials of MIS, Ninth Edition, by Kenneth C. Laudon and Jane P. Laudon. Published by Prentice Hall. Copyright © 2011 by Pearson Education, Inc. C HAPTER O UTLINE Chapter-Opening Case: Boston Celtics Score Big Points Against Spyware 7.1 System Vulnerability and Abuse 7.2 Business Value of Security and Control 7.3 Establishing a Framework for Security and Control 7.4 Technologies and Tools for Protecting Information Resources 7.5 Hands-on MIS Projects Business Problem-Solving Case: Are We Ready for Cyberwarfare? BOSTON CELTICS SCORE BIG POINTS AGAINST SPYWARE While the Boston Celtics were fighting for a spot in the playoffs several years ago, another fierce battle was being waged by its information systems. Jay Wessel, the team’s vice president of technology, was trying to score points against computer spyware. Wessel and his IT staff manage about 100 laptops issued to coaches and scouts, and sales, marketing, and finance employees, and these......

Words: 21009 - Pages: 85

Premium Essay

Understanding Mis

...Understanding MIS MIS involves issues relating to technical problems, organization and management. There must be a complete and thorough understanding of how these concepts work together. By using MIS a greater asset has been added to any company that wants to succeed. Smart grids differ from the current electricity infrastructure the United States uses by distributing electricity from its network to customers in the form of digital technology so that energy will be conserved, costs will be cut and the assurance level will be valued more as well as accurately (Laudon & Laudon, 2012). Whereas, the present way electricity is handled in the United States by electrical companies sending their workers out into the field to collect information that is needed to service customers. This is done by the workers reading the customer’s meters, searching for equipment that need repairing and measuring voltage. There is room for updating the devices that utility companies are using (Smart Grid, 2012). When developing a smart grid the issues that should be considered is the technology behind it. There are the network and switches that need to be managed, devices to keep an eye on as to how much energy are being used and distributed. Ways to keep communication lines between customers and providers open with the information of how much usage has been used (Laundon & Laundon, 2012). Challenges that could deter the development of smart grids would be how much......

Words: 1169 - Pages: 5

Premium Essay

Week 4 Assignment Internet Tools at Dirt Bikes

...and supplier intimacy; improved decision-making; competitive advantage; and survival” achievable. (Laudon & Laudon, 2011) “Information systems and technologies are some of the most important tools available to managers for achieving higher levels of efficiency and productivity in business operations.” (Laudon & Laudon, 2011) A firewall is important to have to make a security barrier that ensures that the information within the company’s information systems safe from hackers and access by outside sources. A system’s firewall is just one of many ways a company can ensure the safety of their private information. All employees need to be linked in a way that will make information sharing and communication more efficient. Creating an intranet is one way to do this. Intranets allow the company’s sales and marketing, human resources, and manufacturing and production departments to have a private and protected network where they can communicate with each other. In order for this to happen, Dirt Bikes will have to invest in information technology (IT) that may seem like an unnecessary expense but will help ensure Dirt Bikes’ success in the future. Linking all of the company’s computers together in, addition to linking them to a local area network (LAN) will maximize efficiency. Implementing this software along with an intranet will allow the company’s management information system (MIS) to store, organize, and report on all company’s important and vital...

Words: 1139 - Pages: 5

Free Essay

Phar-Mor

...EVIDENCE FORM I have read UB’s policy on cheating and plagiarism (see UB’s website for more information). I have done all work myself with no HELP from anybody or any source. Please put your name in the line below to certify the above statement. ____ Huang ___________Xinlu____ Last First MAX points 40 Start time__5:25__ End time__8:15____ Below ..TIME TAKEN to COMPLETE The EXAM(not including DFD time) ___150mins_________ GENERIC ANSWERS/ANALYSIS WILL NOT GET CREDIT * Use double space & 11 or 12 font * BE VERY SPECIFIC (Quality is important than quantity, but do not shortchange your answers) * TO GET CREDIT YOUR ANALYSIS MUST FOLLOW CONCEPTS IN THE BOOK & READINGS. * DO NOT GO OFF ON generic TANGENTS. * MAKE reasonable ASSUMPTIONS IF YOU NEED TO and list them READ CAREFULLY AND ALLOCATE YOUR TIME WISELY!!!!! TO BE SUBMITTED: Create a zip file and include the following: * This Exam with answers (including Evidence FORM) * Excel spreadsheet related to Q7 Q#1 Multiple Choice: (3 points) 1. A supervisor having to decide when to reorder supplies or how best to allocate personnel for the completion of the project is an example of a _________ decision. a. structured b. unstructured c. semi-structured d. none of the above 2. Each team has only one home stadium and each stadium can have many home teams. This is an example of what kind of relationship between TEAM and...

Words: 2938 - Pages: 12

Premium Essay

Social and Organizational Impacts of a Management Information System

...information system. A Management Information System (MIS) is an information system that provides corporate information to management of a company. It can also be defined as a computerized system that provides corporate information to aid the management of a company. The role of the MIS in an organization can be compared to the role of heart in the body. The Management Information System plays the role of information generation, communication, problem identification and helps in the process of decision making. The MIS, therefore, plays a vital role in the management, administration and operations of an organization. Since the MIS plays a very important role in the organization, it creates an impact of the organization .The manager’s attention is brought to a situation which is expected in nature, inducing him to take an action or a decision in the matter. It also creates another impact in the organization which relates to the understanding of the business itself. The MIS begins with the definition of data, entity and its attributes. It uses a dictionary of data, entity and attributes, respectively, designed for information generation in the organization. Since all the information systems use the dictionary, there is common understanding of terms and terminology in the organization bringing clarity in the communication and a similar understanding of an event in the organizations functions, performance and productivity. MIS supports the management of marketing,......

Words: 1248 - Pages: 5

Premium Essay

Information System at Riodan

...the organization uses an enterprise system, better known as ERP systems. This system permits other locations to integrate their business processes within other areas. Riordan home office in San Jose, California currently has an ERP system in place, so we plan to correlate all the other system to this one system. In addition, Riordan will have a TPS system in place to assist the Human Resource, and Accounting departments. The TPS system, known as Transactions processing system will assist operational managers by recording daily routine transactions necessary to conduct business, such as sales, receipts, cash deposits, payroll, and credit decision (Laudon, 2012). If for any reason this system goes down just for a short length of time it can harm the organization. Riordan can also link the TPS system to work along with the MIS system, or...

Words: 394 - Pages: 2