ITM 100 Ethical and Social Issues in Information Systems PDF
Document Details
Uploaded by AgileBeryllium
Harvard Business School
Kenneth C. Laudon, Jane P. Laudon
Tags
Related
- Introduction to Information Systems Ethics PDF
- Cyber Security and Information Systems Ethics (BT22103) PDF
- Lesson-2.-Professional-Ethics-in-Information-Systems_-A-Personal-Perspectiv.pdf
- Lecture 4: Ethical Organizational Communication in Information Systems PDF
- Introduction to Computer Information Systems: Chapter 9 - PDF
- Information Systems and Computer Ethics PDF
Summary
This document covers ethical and social issues in information systems, focusing on the dark side of big data, privacy concerns, and other ethical dilemmas. The relationship between ethical & social issues, and political issues are also included. It looks at potential solutions and different types of ethical issues.
Full Transcript
ITM 100 Class 12 Ethical and Social Issues in Information Systems adapted from Kenneth C. Laudon, Jane P. Laudon, Management Information Systems: Managing the Digital Firm, 17th Edition The Dark S...
ITM 100 Class 12 Ethical and Social Issues in Information Systems adapted from Kenneth C. Laudon, Jane P. Laudon, Management Information Systems: Managing the Digital Firm, 17th Edition The Dark Side of Big Data ▪ A double edge sword ▪ Stories Predictive policing ▪ Using big data and algorithms to forecast where crimes are likely to occur or who might commit them. ▪ It can perpetuate biases in the data, leading to unfair targeting of certain communities. Insurance Rate ▪ Insurance companies often use big data to determine premiums based on various factors, including driving history, location, and even unrelated personal information like credit scores. ▪ This practice can lead to discriminatory pricing, where individuals with lower socioeconomic status are charged higher premiums. ▪ Lack of transparency in how rates are calculated leaves consumers at a disadvantage. Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 2 The Dark Side of Big Data ▪ Problem Opportunities from new technology Undeveloped legal environment ▪ Solutions Develop big data strategy Develop privacy policies Develop big data predictive models Develop big data mining technology Develop big data analytics tools and predictive modeling systems Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 3 Understanding Ethical and Social Issues Related to Systems Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 4 More recently ▪ Volkswagen cheats emissions tests. ▪ Could cost the company as much as $87 billion Diesel-engine VW models sold in the United States had software installed allowing the cars to falsely pass emissions tests ▪ http://www.forbes.com/sites/davidschrieberg1/2016/09/16/how-does-corporate- culture-fuel-fraud-start-with-volkswagen-and-wells-fargo/#73faecda52d6 Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 5 Ethics and Information Systems ▪ Ethics Principles of right and wrong that individuals, acting as free moral agents, use to make choices to guide their behaviors ▪ Information systems raise new ethical questions because they create opportunities for: Intense social change, threatening existing distributions of power, money, rights, and obligations New kinds of crime Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 6 The Relationship Between Ethical, Social, and Political Issues in an Information Society Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 7 Layers of Issues Ethical Issues: Concern individual and collective behavior regarding what is right or wrong when using information systems. Examples: Privacy concerns (how personal data is collected, stored, and used). Transparency in algorithmic decision-making. Social Issues: Focus on the broader societal impacts of IT, such as changes in communication, economic structures, and relationships. Examples: Digital divide: unequal access to technology. Social media's role in influencing public opinion. Political Issues: Involve governance, laws, and regulations to manage the ethical and social impacts of IT. Examples: Intellectual property rights. Cybersecurity and national defense. Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 8 Key Topics Information Rights and Obligations: Who has the right to access, own, and control information? Example: Data ownership and privacy rights. Property Rights and Obligations: How intellectual property is protected in a digital age. Example: Software piracy and copyright enforcement. Accountability and Control: Determining who is responsible for the consequences of using IT systems. Example: Liability in case of data breaches or AI failures. System Quality: Ensuring IT systems meet standards of accuracy, reliability, and security. Example: Avoiding critical errors in financial or medical systems. Quality of Life: Examining how IT affects individuals’ well-being and societal standards of living. Example: Impact of excessive screen time or loss of jobs due to automation. Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 9 Technology Trends that Raise Ethical Issues ▪ Computing power doubles every 18 months Critical operations are done using computer systems ▪ Data storage costs rapidly decline Detailed databases on individuals are easily maintained ▪ Data analysis advances Develop detailed profiles of individual behavior ▪ Networking advances Access personal data remotely ▪ Mobile device growth impact Tracking individual cell phones without user consent Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 10 Internet Challenges to Privacy ▪ Cookies Identify browser and track visits to site Super cookies (Flash cookies) ▪ Web beacons (web bugs) Tiny graphics embedded in e-mails and web pages Monitor who is reading e-mail message or visiting site ▪ Spyware Surreptitiously installed on user’s computer May transmit user’s keystrokes or display unwanted ads ▪ Google services and behavioral targeting (DoubleClick) Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 11 How Cookies Identify Web Visitors Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 12 Internet Challenges to Privacy (Cont.) ▪ The United States allows businesses to gather transaction information and use this for other marketing purposes. ▪ Opt-out vs. opt-in model Opt-out: allows collection of personal information unless the consumer requests otherwise Opt-in: the consumer must take action to approve collection and use of personal information Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 13 Technical Solutions ▪ Solutions include E-mail encryption Anonymity tools Anti-spyware tools ▪ Overall, technical solutions have failed to protect users from being tracked from one site to another Browser features ▪ “Private” browsing ▪ “Do not track” options Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 14 Other Real-World Ethical Dilemmas ▪ Using technology to reduce workforce Computerized questions ▪ Selling subscriber information to advertisers Facebook monitors users and sells information to advertisers and app developers ▪ Employees using corporate IT for personal use ▪ Using IT to monitor employees Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 15 Advances in Data Analysis Techniques ▪ Profiling Combining data from multiple sources to create dossiers of detailed information on individuals ▪ Nonobvious relationship awareness (NORA) Combining data from multiple sources to find obscure hidden connections that might help identify criminals or terrorists Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 16 Nonobvious Relationship Awareness (NORA) ▪ Example: https://www.youtube.co m/watch?v=F7pYHN9iC9 I#t=17 Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 17 Ethics in an Information Society: Basic Concepts ▪ Responsibility Accepting the potential costs, duties, and obligations for decisions ▪ Accountability Mechanisms for identifying responsible parties ▪ Liability Permits individuals (and firms) to recover damages done to them ▪ Due process Laws are well-known and understood, with an ability to appeal to higher authorities Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 18 Ethical Analysis ▪ Five-step process for ethical analysis: 1. Identify and clearly describe the facts. 2. Define the conflict or dilemma and identify the higher-order values involved. 3. Identify the stakeholders. 4. Identify the options that you can reasonably take. 5. Identify the potential consequences of your options. Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 19 Candidate Ethical Principles ▪ Golden Rule Do unto others as you would have them do unto you Application: For example, when handling customer data, a company should consider how it would feel if its own personal information were mishandled. ▪ Immanuel Kant’s Categorical Imperative If an action is not right for everyone to take, it is not right for anyone Application: A business should avoid deceptive practices (e.g., false advertising) because if everyone did so, trust in markets would erode. ▪ Descartes’ Rule of Change If an action cannot be taken repeatedly, it is not right to take at all Application: A company considering short-term environmental exploitation (e.g., excessive pollution) should refrain, as repeated actions would lead to unsustainable outcomes. Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 20 Candidate Ethical Principles (Cont.) ▪ Utilitarian Principle Take the action that achieves the higher or greater value Application: For example, when deciding on deploying a new AI tool, a company would assess its overall benefits to society (e.g., efficiency and productivity) versus potential drawbacks (e.g., job displacement). ▪ Risk Aversion Principle Take the action that produces the least harm or potential cost Application: In cybersecurity, a firm might choose a highly secure, albeit costlier, solution to avoid the risk of data breaches. ▪ Ethical “No Free Lunch” Rule Assume that virtually all tangible and intangible objects are owned by someone unless there is a specific declaration otherwise Application: When using software or digital content, businesses should ensure they have the appropriate licenses or permissions rather than assuming free usage. Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 21 Examples Applying Ethical Principles ▪ “I’m against high level officials being able to park in no-parking zones. Why can’t I do it and they can.” Kant’s Categorical Imperative: (not right for me, not right for them). ▪ “I am careful when extending the deadlines of assignments. Someone can rightfully ask ‘you did it for this assignment, why not do it for that. The problem is that I can’t extend the last assignment; the final exam” Descartes’ rule-of-change. ▪ “Allowing one group to present for more than 10 minutes even if something goes wrong is tricky. If you do it for one group, you have to do it for all.” Kant’s Categorical Imperative. ▪ “To get the same grade as your group for group assignments, you must contribute to group work” No-free lunch. Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 22 Information Rights: Privacy and Freedom in the Internet Age ▪ Privacy Claim of individuals to be left alone, free from surveillance or interference from other individuals, organizations, or state; Claim to be able to control information about yourself Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 23 Information Rights: Privacy and Freedom in the Internet Age ▪ Fair Information Practices Set of principles governing the collection and use of information ▪ Basis of most U.S. and European privacy laws Used to drive changes in privacy legislation ▪ COPPA –Parental permission before collecting children information ▪ Do-Not-Track Online Act of 2011 –To have an opt-in capability Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 24 Information Rights: Privacy and Freedom in the Internet Age ▪ FTC FIP principles Notice/awareness (core principle): Web sites must disclose practices before collecting data Choice/consent (core principle): Consumers must be able to choose how information is used for secondary purposes Access/participation: Consumers must be able to review, contest accuracy of personal data Security: Data collectors must take steps to ensure accuracy, security of personal data Enforcement: Must be mechanism to enforce FIP principles Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 25 European Directive on Data Protection ▪ Use of data requires informed consent of customer Informed consent: consent given with knowledge of all the facts needed to make a rational decision. ▪ EU member nations cannot transfer personal data to countries without similar privacy protection ▪ Stricter enforcements under consideration: Right of access Right to be forgotten ▪ Safe harbor framework ▪ Edward Snowden Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 26 Safe Harbour ▪ A private, self-regulating policy and enforcement mechanism that meets the objectives of government regulators and legislation but does not involve government regulation or enforcement. ▪ Businesses would be allowed to use personal data from EU countries if they develop privacy protection policies that meet EU standards. Enforcement would occur in the United States (or Canada) using self- policing, regulation, and government enforcement of fair trade statutes. ▪ Not anymore! http://www.cbc.ca/news/business/safe-harbour-data-deal-thrown-out- by-european-court-1.3258334 Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 27 Property Rights: Intellectual Property ▪ Intellectual property Intangible/tangible property of any kind created by individuals or corporations ▪ Three main ways that intellectual property is protected: Trade secret: intellectual work or product belonging to business, not in the public domain Copyright ▪ Statutory grant protecting intellectual property from being copied for the life of the author, plus 70 years Patents Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 28 Patents ▪ Grants creator of invention an exclusive monopoly on ideas behind invention for 20 years ▪ Patent law grants a monopoly on underlying concepts and ideas of software ▪ Originality, novelty, and invention are key concepts Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 29 Challenges to Intellectual Property Rights ▪ Digital media different from physical media Ease of replication Ease of transmission (networks, Internet) Ease of alteration Difficulties in establishing uniqueness ▪ Digital Millennium Copyright Act (DMCA) Makes it illegal to circumvent technology-based protections of copyrighted materials Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 30 Computer-Related Liability Problems ▪ If software fails, who is responsible? If seen as part of a machine that injures or harms, software producer and operator may be liable. If seen as similar to book, difficult to hold author/publisher responsible. If seen as a service? Would this be similar to telephone systems not being liable for transmitted messages? Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 31 System Quality: Data Quality and System Errors ▪ What is an acceptable, technologically feasible level of system quality? Flawless software is economically unfeasible ▪ Three principal sources of poor system performance Software bugs, errors Hardware or facility failures Poor input data quality (most common source of business system failure) Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 32 Quality of Life: Equity, Access, Boundaries ▪ Negative social consequences of systems ▪ Balancing power: center versus periphery ▪ Rapidity of change: reduced response time to competition ▪ Maintaining boundaries: family, work, and leisure ▪ Dependence and vulnerability ▪ Computer crime and abuse Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 33 Quality of Life: Equity, Access, Boundaries (Cont.) ▪ Computer crime and abuse Computer crime Computer abuse Spam ▪ CAN-SPAM Act of 2003 ▪ Employment Trickle-down technology Reengineering job loss Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 34 Quality of Life: Equity, Access, Boundaries (Cont.) ▪ Health risks Repetitive stress injury (RSI) Carpal tunnel syndrome (CTS) Computer vision syndrome (CVS) Technostress Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 35 ITM 100 Class 11 Information Systems, Organizations, and Strategy adapted from Kenneth C. Laudon, Jane P. Laudon, Management Information Systems: Managing the Digital Firm, 17th Edition Copyright © 2017, 2014, 2011 Pearson Education, Inc. All Rights Reserved. Learning Objectives ▪ 3.3 How do Porter’s competitive forces model, the value chain model, synergies, core competencies, and network economics help companies develop competitive strategies using information systems? ▪ 3.4 What are the challenges posed by strategic information systems, and how should they be addressed? Porter’s Competitive Forces Model (1 of 3) ▪ Why do some firms become leaders in their industry? ▪ Michael Porter’s competitive forces model Provides general view of firm, its competitors, and environment ▪ Five competitive forces shape fate of firm: Traditional competitors New market entrants Substitute products and services Customers Suppliers Porter’s Competitive Forces Model (2 of 3) ▪ Traditional competitors All firms share market space with competitors who are continuously devising new products, services, efficiencies, and switching costs ▪ New market entrants Some industries have high barriers to entry, for example, computer chip business New companies have new equipment, younger workers, but little brand recognition Porter’s Competitive Forces Model (3 of 3) ▪ Substitute products and services Substitutes products customers might use if your prices become too high, for example, iTunes substitutes for CD s ▪ Customers Can customers easily switch to competitor's products? Can they force businesses to compete on price alone in transparent marketplace? ▪ Suppliers Market power of suppliers when firm cannot raise prices as fast as suppliers Figure 3.8 Porter’s Competitive Forces Model 7iley & Sons, Inc. Application of five competitive forces model. Competitive Force IT Influence on Competitive Force Threat of New Entrants Can be lowered if there are barriers to entry. Sometimes IS can be used to create barriers to entry Bargaining Power of Buyers Can be high if it’s easy to switch. Switching costs are increased by giving buyers things they value in exchange such as lower costs, effort, or time; or useful information Bargaining Power of Suppliers Strongest when there are few firms to choose from, quality of inputs is crucial, or the volume of purchases is insignificant to the supplier Threat of Substitute Products Depends on buyers’ willingness to substitute and the level of switching costs buyer’s face Industrial Competitors Rivalry is high when it is expensive to leave an industry, the industry’s growth rate is declining, or products have lost differentiation Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 Copyright © 2022, – Foundations 2020, 2018 of Management Pearson Education, Information Systems Inc. All Rights Reserved 8iley & Sons, Inc. Five competitive forces with potential strategic use of information resources Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 Copyright © 2022, – Foundations 2020, 2018 of Management Pearson Education, Information Systems Inc. All Rights Reserved Information System Strategies for Dealing with Competitive Forces (1 of 3) ▪ Four generic strategies for dealing with competitive forces, enabled by using I T: Low-cost leadership Product differentiation Focus on market niche Strengthen customer and supplier intimacy Information System Strategies for Dealing with Competitive Forces (2 of 3) ▪ Low-cost leadership Offering products and services at a lower price than competitors Example: Walmart’s efficient customer response system ▪ Product differentiation Enable new products or services, greatly change customer convenience and experience Example: Google Nike Mass customization; customer experience management Information System Strategies for Dealing with Competitive Forces (3 of 3) ▪ Focus on market niche Use information systems to enable a focused strategy on a single market niche; specialize Example: Hilton Hotels’ O n Q system ▪ Strengthen customer and supplier intimacy Use information systems to develop strong ties and loyalty with customers and suppliers Increase switching costs Examples: Toyota, Amazon The Internet’s Impact on Competitive Advantage ▪ Transformation or threat to some industries Examples: travel agency, printed encyclopedia, media ▪ Competitive forces still at work, but rivalry more intense ▪ Universal standards allow new rivals, entrants to market ▪ New opportunities for building brands and loyal customer bases Smart Products and the Internet of Things ▪ Internet of Things (I o T) Growing use of Internet-connected sensors in products ▪ Smart products Fitness equipment, health trackers ▪ Expand product differentiation opportunities Increasing rivalry between competitors ▪ Raise switching costs ▪ Inhibit new entrants ▪ May decrease power of suppliers The Business Value Chain Model ▪ Firm as series of activities that add value to products or services ▪ Highlights activities where competitive strategies can be applied Primary activities – relate directly to the value created in a product or service. Support activities – make it possible for the primary activities to exist and remain coordinated. ▪ At each stage, determine how information systems can improve operational efficiency and improve customer and supplier intimacy ▪ Utilize benchmarking, industry best practices Figure 3.9 The Value Chain Model Extending the Value Chain: The Value Web ▪ Firm’s value chain is linked to value chains of suppliers, distributors, customers ▪ Industry value chain ▪ Value web Collection of independent firms using highly synchronized I T to coordinate value chains to produce product or service collectively More customer driven, less linear operation than traditional value chain Figure 3.10 The Value Web Synergies ▪ When output of some units are used as inputs to others, or organizations pool markets and expertise ▪ Example: Merger of Bank of NY and JP Morgan Chase ▪ Purchase of YouTube by Google Core Competencies ▪ Activity for which firm is world-class leader ▪ Relies on knowledge, experience, and sharing this across business units ▪ Example: Procter & Gamble’s intranet and directory of subject matter experts Network-Based Strategies ▪ Take advantage of firm’s abilities to network with one another ▪ Include use of: Network economics Virtual company model Business ecosystems Network Economics ▪ Marginal cost of adding new participant almost zero, with much greater marginal gain ▪ Value of community grows with size ▪ Value of software grows as installed customer base grows ▪ Compare to traditional economics and law of diminishing returns Virtual Company Model ▪ Virtual company Uses networks to ally with other companies Creates and distributes products without being limited by traditional organizational boundaries or physical locations ▪ Example: Li & Fung Manages production, shipment of garments for major fashion companies Outsources all work to thousands of suppliers Business Ecosystems and Platforms ▪ Industry sets of firms providing related services and products ▪ Platforms Microsoft, Facebook ▪ Keystone firms ▪ Niche firms ▪ Individual firms can consider how IT will help them become profitable in larger ecosystems Figure 3.11 An Ecosystem Strategic Model The digital firm era requires a more dynamic view of the boundaries among industries, firms, customers, and suppliers, with competition occurring among industry sets in a business ecosystem. In the ecosystem model, multiple industries work together to deliver value to the customer. IT plays an important role in enabling a dense network of interactions among the participating firms. Challenges Posed by Strategic Information Systems ▪ Sustaining competitive advantage Competitors can retaliate and copy strategic systems Systems may become tools for survival ▪ Aligning IT with business objectives Performing strategic systems analysis ▪ Structure of industry ▪ Firm value chains ITM 100 Class 10 Emerging Technologies & AI adapted from Kenneth C. Laudon, Jane P. Laudon, Management Information Systems: Managing the Digital Firm, 17th Edition Hardware Platform Trends ▪The mobile digital platform ▪Consumerization of IT and BYOD ▪Virtualization ▪Cloud computing ▪Green computing ▪Quantum computing Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 2 The Mobile Digital Platform ▪ The mobile digital platform Smartphones Netbooks Tablet computers Digital e-book readers (Kindle) Wearable devices Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 3 Wearable devices ▪ Transform the way we live! Fitness, wellness & Healthcare Infotainment (Information and Entertainment): smart glasses Fashion and Military ▪Montreal-based fashion designer (https://vimeo.com/yinggao/cant_wont) Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 4 Consumerization of IT and BYOD ▪ Consumerization Technology emerges in the consumer market and then spreads into business organizations ▪ BYOD: Bring Your Own Device Forces businesses and IT departments to rethink how IT equipment and services are acquired and managed Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 5 Virtualization ▪ Presents computing resources so that they can be accessed in ways that are not restricted by configuration ▪ Allows single physical resource to act as multiple resources (i.e., run multiple instances of OS) ▪ Reduces hardware and power expenditures ▪ Facilitates hardware centralization ▪ Software-defined storage (SDS) Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 6 VMware Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 7 Cloud Computing ▪ Off-load peak demand for computing power to remote, large-scale data processing centers ▪ Pay only for the computing power they use, as with an electrical utility ▪ Excellent for firms with spiked demand curves caused by seasonal variations in consumer demand, e.g. holiday shopping ▪ Saves firms from purchasing excessive levels of infrastructure ▪ Data permanently stored in remote servers, accessed and updated over the Internet by users Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 8 Cloud Computing Services ▪ Infrastructure as a service (Iaas) Customers use processing, storage, networking resources to run their information systems They pay for only the computing capacity they use ▪ Platform as a service (PaaS) Customers use infrastructure and programming tools to develop their own applications; Bluemix ▪ Software as a service (SaaS) Customers use software hosted on a vendor’s cloud Google Apps Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 9 Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 10 Cloud Computing ▪ A cloud can be private or public A public cloud is owned and maintained by a service provider ▪ Amazon Web Service (AWS) A private cloud is operated only for an organization ▪ Concerns include Security Availability Users become dependent on the cloud provider Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 11 Green Computing ▪ Practices and technologies for manufacturing, using, disposing of computing and networking hardware ▪ Reducing power consumption a high priority ▪ Data centers use as much energy as the output of 30 nuclear power plants Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 12 Quantum computing ▪ Uses quantum physics to represent and operate on data ▪ Dramatic increases in computing speed ▪ While conventional computers handle bits of data either as 0 or 1 but not both, quantum computing can process bits as 0,1, or both simultaneously It allows to solve business and scientific problems millions of times faster Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 13 Software Platform Trends ▪ Open-source software ▪ Software for the web: Java, HTML, and HTML5 ▪ Web services and service-oriented architecture ▪ Software outsourcing and cloud services Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 14 Open-source software Open-source software is free and can be modified by users Developed and maintained by a worldwide network of programmers and designers under the management of user communities ▪ Examples Apache web server, Mozilla Firefox browser, OpenOffice Linux is the most widely used open-source software program. Linux is an operating system derived from Unix Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 15 Software for the web: building web applications ▪ Java: One of the most prominent OO languages, both for PC and mobile environments Java Virtual Machine ▪ Used to convert Java code to the native language of a computer ▪ Python Used for building cloud computing applications ▪ Objective-C Predecessor to Swift ▪ Swift One of the most popular mobile app languages for iOS Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 16 Software for the Web Hypertext Markup Language (HTML) The language used to create or build a web page Markup language A language that uses tags to annotate the information in a document Tag The syntactic element in a markup language that annotate the information in a document Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 17 HTML Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 18 Apps and Mashups ▪ Apps Small pieces of software that run on the Internet, on your computer, or on your smart phone Generally delivered over the Internet ▪ Mashups Combinations of two or more online applications, such as combining mapping software (Google Maps) with local content Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 19 Web services and service-oriented architecture ▪ Service-Oriented Architecture (SOA) Set of self-contained services that communicate with each other to create a working software application Software developers reuse these services in other combinations to assemble other applications as needed ▪ Web Services: software components that exchange information using Web standards and languages XML: Extensible Markup Language ▪ More powerful and flexible than HTML ▪ Tagging allows computers to process data automatically Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 20 XML Extensible Markup Language (XML) A language that allows the user to describe the content of a document HTML describes how a document should look XML describes a document's meaning Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 21 How Dollar Rent A Car uses web services Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 22 Software outsourcing and cloud services ▪ Three external sources for software 1. Software packages and enterprise software ▪ Prewritten commercially available set of software 2. Software outsourcing 3. Cloud-based software services and tools ▪ Salesforce.com ▪ Service Level Agreements (SLAs): formal agreement with service providers Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 23 Changing Sources of Firm Software Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 24 ARTIFICIAL INTELLIGENCE Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 25 What Is Artificial Intelligence? (1 of 3) ▪ Grand vision Computer hardware and software systems that are as “smart” as humans So far, this vision has eluded computer programmers and scientists ▪ Realistic vision Systems that take data inputs, process them, and produce outputs (like all software programs) and that can perform many complex tasks that would be difficult or impossible for humans to perform. Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems What Is Artificial Intelligence? (2 of 3) ▪ Examples: Recognize millions of faces in seconds Interpret millions of CT scans in minutes Analyze millions of financial records Detect patterns in very large Big Data databases Improve their performance over time (“learn”) Navigate a car in certain limited conditions Respond to questions from humans (natural language); speech activated assistants like Siri, Alexa, and Cortana Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems What Is Artificial Intelligence? (3 of 3) ▪ Major Types of AI Expert systems Machine learning Neural networks and deep learning networks Natural language Processing Computer vision Robotics Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems Intelligent Systems ▪ Expert systems An intelligent technique for capturing tacit knowledge in a very specific and limited domain of human expertise. ▪ Capture the knowledge of skilled employees in the form of a set of rules in a software system that can be used by others in the organization. Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 29 Expert Systems Knowledge-based system Software that uses a specific set of information, from which it extracts and processes particular pieces Expert system A software system based on the knowledge of human experts; it is a Rule-based system A software system based on a set of if-then rules Inference engine The software that processes rules to draw conclusions Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 30 Rules in an Expert System Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 31 Inference Engines in Expert Systems Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 32 Machine Learning ▪ How computer programs improve performance without explicit programming Recognizing patterns Experience Prior learnings (database) Supervised vs. unsupervised learning ▪ Contemporary examples Google searches Recommender systems on Amazon, Netflix Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems Neural Networks ▪ Find patterns and relationships in massive amounts of data too complicated for humans to analyze ▪ “Learn” patterns by searching for relationships, building models, and correcting over and over again ▪ Humans “train” network by feeding it data inputs for which outputs are known, to help neural network learn solution by example from human experts. ▪ Used in medicine, science, and business for problems in pattern classification, prediction, financial analysis, and control and optimization Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems Artificial Neural Networks Each processing element in an artificial neural net is analogous to a biological neuron An element accepts a certain number of input values (dendrites) and produces a single output value (axon) of either 0 or 1 Associated with each input value is a numeric weight (synapse) Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 35 How a Neural Network Works Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 36 Artificial Neural Networks The effective weight of the element is the sum of the weights multiplied by their respective input values v1 * w1 + v2 * w2 + v3 * w3 Each element has a numeric threshold value If the effective weight exceeds the threshold, the unit produces an output value of 1 If it does not exceed the threshold, it produces an output value of 0 Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 37 Artificial Neural Networks Training The process of adjusting the weights and threshold values in a neural net How does this all work? Train a neural net to recognize a cat in a picture Given one output value per pixel, train network to produce an output value of 1 for every pixel that contributes to the cat and 0 for every one that doesn't Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 38 Natural Language Processing ▪ Understand, and speak in natural language. Read natural language and translate ▪ Typically today based on machine learning, aided by very large databases of common phrases and sentences in a given language ▪ Example: Google Translate ▪ Spam filtering systems ▪ Customer call center interactions: What is the customer’s problem? What solutions worked in the past? ▪ Digital assistances: Sire, Alexa, Cortana, Google Assistant ▪ Not useful for an ordinary common sense human conversation but can be very useful in limited domains, e.g. interacting with your car’s heating system. Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems Computer Vision Systems ▪ Digital image systems that create a digital map of an image (like a face, or a street sign), and recognize this image in large data bases of images in near real time ▪ Every image has a unique pattern of pixels ▪ Facebook’s DeepFace can identify friends in photos across their system, and the entire web ▪ Autonomous vehicles can recognize signs, road markers, people, animals, and other vehicles with good reliability ▪ Industrial machine (robot) vision ▪ Passport control at airports ▪ Identifying people in crowds Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems Robotics ▪ Design, construction, and operation of machines that can substitute for humans in many factory, office, and home applications (home vacuums). ▪ Generally programmed to perform specific and detailed actions in limited domains, e.g. robots spray paint autos, and assemble certain parts, welding, heavy assembly movement. ▪ Used in dangerous situations like bomb disposal ▪ Surgical robots are expanding their capabilities Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems Intelligent Agents ▪ Work without direct human intervention to carry out repetitive, predictable tasks Deleting junk e-mail Finding cheapest airfare ▪ Use limited built-in or learned knowledge base Some are capable of self-adjustment, for example: Siri ▪ Chatbots ▪ Agent-based modelling applications: Model behaviour of consumers, stock markets, and supply chains; used to predict spread of epidemics Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems ITM 100 Class 9 Securing Information Systems adapted from Kenneth C. Laudon, Jane P. Laudon, Management Information Systems: Managing the Digital Firm, 17th Edition Real World Example - TJX ▪ In 2006, TJX Co. experienced a computer system security breach. As many as 94 million customers were affected. ▪ In 2010 Albert Gonzalez was sentenced for 20 years in prison for this incident. ▪ If the government calculated the potential loss at $500 per card (per federal guidelines) the impact of the intrusion would exceed $400 million. ▪ The string of hacks began in 2005 when Gonzalez and accomplices conducted war- driving expeditions in search of poorly protected wireless networks. ▪ Once inside a local TJX outlet’s network, the hackers forged their way upstream to its corporate network in Massachusetts. Gonzalez installed a packet sniffer on the TJX network to siphon transaction data in real time. ▪ Authorities found 16.3 million stolen card numbers on Gonzalez’s leased Latvian server, and another 27.5 million stolen numbers were found on the server in Ukraine. Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 2 Real World Example - Heartland Payment Systems ▪ Date: March 2008 ▪ Impact: 134 million credit cards exposed ▪ A federal grand jury indicted Albert Gonzalez and two unnamed Russian accomplices in 2009. Gonzalez was alleged to have masterminded the international operation that stole the credit and debit cards. In 2010 he was sentenced to 20 years in prison. ▪ The vulnerability to SQL injection was well understood and security analysts had warned retailers about it for several years. Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 3 Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 4 System Security ▪ Information systems are mission critical for many organizations Failed computer systems can lead to significant or total loss of business function ▪ Information and systems are very vulnerable: Confidential personal and financial data, trade secrets, new products, strategies ▪ Without proper security measures, these systems would be next to impossible to use and benefit from A security breach may cut into a firm’s market value almost immediately Inadequate security also brings forth issues of liability Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 5 Why Systems Are Vulnerable ▪ Hardware problems Breakdowns, configuration errors, damage from improper use or crime ▪ Software problems Programming errors, installation errors, unauthorized changes ▪ Physical damage to infrastructure ▪ Use of networks/computers outside of firm’s control Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 6 Software Vulnerability ▪ Commercial software contains flaws that create security vulnerabilities Bugs (program code defects) Zero defects cannot be achieved because complete testing is not possible with large programs Flaws can open networks to intruders, e.g. buffer overflow defect that could cause a system to crash and leave the user with heightened privileges Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 7 Computer Crime ▪ Violation of criminal law that involves a knowledge of technology for perpetration, investigation, or prosecution ▪ Computer as a target of crime Breaching confidentiality of protected computerized data Accessing a computer system without authority ▪ Computer as an instrument of crime Theft of trade secrets Using e-mail for threats or harassment Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 8 Internet Vulnerabilities ▪ Network open to anyone: Network communication is intercepted in an attempt to obtain key data, i.e. person-in-the-middle ▪ Size of Internet means abuses can have wide impact ▪ Use of fixed Internet addresses with cable / DSL modems creates fixed targets for hackers ▪ Unencrypted VOIP ▪ E-mail, P2P, IM Interception Attachments with malicious software Transmitting trade secrets Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 9 Wireless Security Challenges ▪ Radio frequency bands easy to scan ▪ SSIDs (service set identifiers) Identify access points, broadcast multiple times, can be identified by sniffer programs ▪ War driving Eavesdroppers drive by buildings and try to detect SSID and gain access to network and resources Once access point is breached, intruder can gain access to networked drives and files Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 10 Malicious Software ▪ Commonly known as malware Brings harm to a computer ▪ Computer Viruses ▪ Worms ▪ Trojan Horses ▪ SQL Injection, Spyware Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 11 Computer Viruses ▪ Rogue software programs Attempts to bypass appropriate authorization and/or perform unauthorized functions Attach to other programs in order to be executed Usually without user knowledge or permission ▪ Deliver a “payload” Copy themselves from one computer to another sometimes through email attachments May steal data or files Permit eavesdropping access Destroy data Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 12 Worms ▪ Programs that copy themselves from one computer to another over networks ▪ Virus vs Worms? Viruses require an active host program An already-infected and active operating system Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 13 Trojan Horses ▪ A software program that appears to be benign, but then does something unexpected ▪ Often “transports” a virus into a computer system ▪ Name is based on Greek ruse during Trojan war Troy Movie ▪ https://www.youtube.com/watch?v=Td1uPq9K--E Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 14 SQL Injection, Spyware ▪ SQL injection attacks Hackers submit data to Web forms that sends rogue SQL query to database to perform malicious acts (e.g. delete segments of the database) ▪ Spyware Key loggers Other types ▪ Reset browser home page ▪ Redirect search requests ▪ Slow computer performance by taking up memory Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 15 Hackers and Computer Crime ▪ Hackers Individuals who attempt to gain unauthorized access to a computer system ▪ Cracker A hacker with criminal intent Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 16 Computer Crime (Cont.) ▪ Identity theft: A crime in which the imposter obtains key pieces of personal information ▪ Password guessing: Obvious ▪ Phishing: setting up fake Web sites or sending email messages that look legitimate, and using them to ask for confidential data ▪ Pharming: redirecting users to a bogus web site ▪ Back door: Unauthorized access to anyone who knows it exists ▪ Cyberterrorism and Cyberwarfare: exploitation of systems by terrorists Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 17 Spoofing and Sniffing ▪ Spoofing Masquerading as someone else, or redirecting a Web link to an unintended address ▪ Sniffing An eavesdropping program that monitors information travelling over a network Enables hackers to steal proprietary information such as e-mail, company files, and so on Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 18 Denial of Service (DoS) Attacks ▪ DoS Hackers flood a server with false communications in order to crash the system ▪ Distributed DoS Uses numerous computers to launch a DoS ▪ Often use Botnets Deliver 90% of world spam, 80% of world malware ▪ Pushdo spamming botnet infected computers sent as many as 7.7 billion spam messages per day Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 19 What DDOS attack looks like Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 20 Internal Threats: Employees ▪ Security threats often originate inside an organization ▪ Inside knowledge ▪ Sloppy security procedures User lack of knowledge ▪ Social engineering Tricking employees into revealing their passwords by pretending to be legitimate members of the company in need of information ▪ Both end users and information systems specialists are sources of risk Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 21 Contemporary Security Challenges and Vulnerabilities Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 22 Security and Controls ▪ What is Security? Policies, procedures, and technical measures used to prevent unauthorized access, alteration, theft, or physical damage to information systems ▪ Security measures are a special case of organizational controls Methods, policies, and organizational procedures that ensure safety of organization’s assets; accuracy and reliability of its accounting records; and operational adherence to management standards Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 23 Information Systems Controls ▪ General controls Govern design, security, and use of computer programs and security of data files in general throughout organization Software controls, hardware controls, computer operations controls, data security controls, system development controls, administrative controls, ▪ Application controls Controls unique to each computerized application Input controls, processing controls, output controls Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 24 CIA Triad of Information Security Ensuring that data can be modified only by appropriate Ensuring that data is mechanisms protected from unauthorized access The degree to which authorized users can access information for legitimate purposes Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 25 Tools and Technologies for Safeguarding Information Systems ▪ Software Patches Small pieces of software to repair flaws Exploits often created faster than patches can be released and implemented ▪ Identity management software Automates keeping track of all users and privileges Authenticates users, protecting identities, controlling access Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 26 Tools and Technologies for Safeguarding Information Systems ▪ Authentication Password systems Tokens Smart cards: A card with an embedded memory chip used for identification Biometric authentication: Human characteristics such as fingerprints, retina or voice patterns Two-factor authentication Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 27 Preventing Unauthorized Access Guidelines for passwords Easy to remember, hard to guess Don’t use family or pet names Don’t make it accessible Use combination uppercase/lowercase letters, digits and special characters Don’t leave computer when logged in Don’t ever tell anyone Don’t include in an email Don’t use the same password in lots of places Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 28 Preventing Unauthorized Access Fingerprint analysis – a stronger level of verification than username and password iPhone Touch ID What if somebody steals your digitized fingerprint? Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 29 Tools and Technologies for Safeguarding Information Systems ▪ Firewall Combination of hardware and software that prevents unauthorized users from accessing private networks Technologies include Packet Filtering Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 30 A Corporate Firewall Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 31 Tools and Technologies for Safeguarding Information Systems ▪ Intrusion detection system Monitors hot spots on corporate networks to detect and deter intruders ▪ Antivirus and antispyware software Checks computers for presence of malware and can often eliminate it as well Requires continual updating Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 32 Cryptography Cryptography The field of study related to encoded information (comes from Greek word for "secret writing") Encryption The process of converting plaintext into ciphertext Decryption The process of converting ciphertext into plaintext Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 33 Cryptography Encryption plaintext ciphertext message message Decryption Encrypted(Information) cannot be read Decrypted(Encrypted(Information)) can be Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 34 Cryptography Cipher An algorithm used to encrypt and decrypt text Key The set of parameters that guide a cipher Neither is any good without the other Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 35 Cryptography Substitution cipher A cipher that substitutes one character with another A B C D E F G H I J K L M N O P Q R S T U V W X Y Z D E F G H I J K L M N O P Q R S T U V W X Y Z A B C Substitute the letters in the second row for the letters in the top row to encrypt a message Encrypt(COMPUTER) gives FRPSXWHU Substitute the letters in the first row for the letters in the second row to decrypt a message Decrypt(Encrypt(COMPUTER)) gives COMPUTER Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 36 Public/Private Keys Public-key cryptography An approach in which each user has two related keys, one public and one private One’s public key is distributed freely A person encrypts an outgoing message, using the receiver’s public key. Only the receiver’s private key can decrypt the message Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 37 Protecting Online Information Be smart about information you make available!!!!! ▪ 25% of Facebook users don’t make use of its privacy controls or don’t know they exist ▪ 40% of social media users post their full birthday, opening themselves up to identity theft ▪ 9% of social media users become victims of information abuse Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 38 Securing Wireless Networks ▪ WEP security Static encryption keys are relatively easy to crack Improved if used in conjunction with VPN ▪ WPA2 specification Replaces WEP with stronger standards Continually changing, longer encryption keys Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 39 Security in the Cloud ▪ Responsibility for security resides with company owning the data ▪ Firms must ensure providers provide adequate protection: Where data are stored Meeting corporate requirements, legal privacy laws Segregation of data from other clients Audits and security certifications ▪ Service level agreements (SLAs) Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 40 Risk Assessment ▪ Determines level of risk to firm if specific activity or process is not properly controlled ▪ Types of threat ▪ Probability of occurrence during year ▪ Potential losses, value of threat ▪ Expected annual loss ▪ Goal is to minimize vulnerability to threats that put a system at the most risk Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 41 Online Order Processing Risk Assessment EXPOSURE PROBABILITY OF LOSS RANGE EXPECTED OCCURRENCE (AVERAGE) ($) ANNUAL LOSS ($) Power failure 30% $5,000 - $200,000 $30,750 ($102,500) Embezzlement 5% $1,000 - $50,000 $1275 ($25,500) User error 98% $200 - $40,000 ($20,100) $19,698 Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 42 Security Policy ▪ Ranks information risks, identifies acceptable security goals, and identifies mechanisms for achieving these goals ▪ Drives other policies Acceptable use policy (AUP) ▪ Defines acceptable uses of firm’s information resources and computing equipment ▪ Identity management Identifying valid users Controlling access Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 43 Disaster Recovery Planning and Business Continuity Planning ▪ Disaster recovery planning Devises plans for restoration of disrupted services ▪ Business continuity planning Focuses on restoring business operations after disaster ▪ Both types of plans needed to identify firm’s most critical systems Business impact analysis to determine impact of an outage Management must determine which systems restored first Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 44 The Role of Auditing ▪ Information systems audit Examines firm’s overall security environment as well as controls governing individual information systems ▪ Security audits Review technologies, procedures, documentation, training, and personnel May even simulate disaster to test responses ▪ List and rank control weaknesses and the probability of occurrence ▪ Assess financial and organizational impact of each threat Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 45 Sample Auditor’s List of Control Weaknesses Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 46 ITM 100 Class 8 E-commerce, Digital Markets and Digital Goods adapted from Kenneth C. Laudon, Jane P. Laudon, Management Information Systems: Managing the Digital Firm, 17th Edition Learning Objectives ▪ What are the unique features of e-commerce, digital markets, and digital goods? ▪ What are the principal e-commerce business and revenue models? ▪ How has e-commerce transformed marketing? ▪ How has e-commerce affected business-to-business transactions? ▪ What is the role of m-commerce in business, and what are the most important m-commerce applications? ▪ What issues must be addressed when building an e-commerce presence? Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems E-commerce Today ▪ E-commerce Use of the Internet and web to transact business ▪ Began in 1995 and grew exponentially Still stable even in a recession ▪ The new e-commerce Social, mobile, local Desktop to smartphone Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems E-commerce Today (Cont.) Online consumer sales were more than $700 billion in 2018 Number of individuals of all ages online in the United States was more than 270 million in 2018 96 million households have broadband access to the internet in 2017 223 million Americans access the Internet by using a smartphone B2B e-commerce expanded to more than $7 trillion Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 4 The Growth of E-commerce E-commerce revenues grew 15 percent to 25 percent a year until the recession of 2008–2009, when they slowed measurably to around 3 percent in 2009. This was much better than traditional retail commerce which actually shrank in this recession. E-commerce began growing again after 2009 at more than 10 percent. In 2016, e-commerce revenues grew at an estimated 15 percent annually. Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems The Growth of E-commerce: Technology Foundations ▪ Wireless Internet connections Wi-Fi, 4G smartphones ▪ Powerful smartphones and tablet Web surfing, streaming, … ▪ Wearable computers Fitbit, Apple Watch ▪ Social networking apps 1.65 billion users ▪ Cloud Computing, SaaS Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 6 The Growth of E-commerce: New Business Models ▪ Traditional advertising industry is disrupted Google, Yahoo, and Facebook display nearly 1 trillion ads a year ▪ Traditional newspaper vs digital news media ▪ Uber and Airbnb (sharing economy) ▪ Online entertainment business models YouTube, Netflix, … Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 7 The 2022 Tech Crash Supplement to Chapter 10 During the global pandemic eCommerce grew substantially and is expected to continue growing, but more slowly E-commerce as share of total retail sales worldwide 2015-2021, with forecasts to 2026 30% After the Pandemic 24% 25% 23% 21.9% Pandemic 20.8% 19.7% 20% 18.8% 17.8% Share of retail sales 15% 13.8% 12.2% 10.4% 10% 8.6% 7.4% 5% Approx. double in 6 years from 2017 to 2022 0% 2015 2016 2017 2018 2019 2020 2021 2022* 2023 2024 2025 2026 Note(s): Worldwide; 2015 to 2022 Further information regarding this statistic can be found on page 8. 2 2017, Copyright © 2018, Source(s): eMarketer; 2016 Pearson ID 534123 Education, Inc. ITM 100 – Foundations of Management Information Systems eCommerce companies are showing the strain of slower growth – in 2022, share prices tumble Sharprice decrease % Nov 1 2021 to Oct 31 2022 Snap, -81% Snap Door Dash, -78% Door Dash Spotify, -73% Spotify Meta (facebook), -70% Meta (facebook) Netflix, -58% Netflix Uber, -10% Uber -90% -80% -70% -60% -50% -40% -30% -20% -10% 0% Sharprice decrease % Nov 1 2021 to Oct 31 2022 Source: The Economist, October 31, 2022, “What went wrong with Snap, Netflix and Uber? ITM 100 – Foundations of Management Information Systems Copyright © 2018, 2017, 2016 Pearson Education, Inc. In Canada… Shopify to lay off 10% of workforce after pandemic growth bet ‘didn’t pay off’: CEO.. the Canadian e-commerce giant that was once the country’s most valuable company, is laying off roughly 1,000 employees as its explosive pandemic growth stalls. Shares of Shopify sank roughly 16 per cent on the Toronto Stock Exchange on Tuesday in reaction to the news it will cut 10 per cent of its staff. By market close the company’s stock price had recovered slightly to $40.69, a decline of 13.6 per cent on the day. CEO Tobi Lütke said in a letter to employees made public Tuesday that the company made a bet that the global retail transition to e-commerce, which picked up during the COVID-19 pandemic, would continue to accelerate. …the company effectively doubled its headcount over the course of the pandemic Source: Craig Lloyd, Global News, July 26, 2022. https://globalnews.ca/news/9015970/shopify-layoffs-july-2022-pandemic/ Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems Three challenges for the eCommerce business model 1. Diminishing returns of the “network effects” model 2. Low barriers to entry 3. Dependence on some else’s platform (such as Apple, or Android, apps) Source: The Economist, October 31, 2022, “What went wrong with Snap, Netflix and Uber? ITM 100 – Foundations of Management Information Systems Copyright © 2018, 2017, 2016 Pearson Education, Inc. WHAT ARE SOME OF THE UNIQUE FEATURES OF E-COMMERCE? Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems 13 Unique Features of E-commerce ▪ Ubiquity Internet/Web technology available everywhere: work, home, etc., and anytime ▪ Global reach Transactions cross cultural and national boundaries ▪ Universal standards One set of technology standards: Internet standards ▪ Richness Supports video, audio, and text messages ▪ Interactivity Using a chat window to interact with technical support at Bell Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems Unique Features of E-commerce(Cont.) ▪ Information density Vast increases in information density - the total amount and quality of information available to all participants Greater price and cost transparency ▪ Personalization/customization Technology permits modification of messages, goods ▪ Social technology Promotes user content generation and social networking ▪ E.g., Uploading videos to YouTube Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems Key Concepts in E-commerce Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems Key Concepts in E-commerce ▪ Information asymmetry reduced One party possesses greater knowledge than the other ▪ Costs reduced Menu costs: Merchants’ costs of changing prices Search costs: The effort to find suitable products Transaction costs: The cost of participating in a market ▪ Switching cost reduced ▪ Dynamic pricing enabled ▪ Disintermediation enabled Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM 100 – Foundations of Management Information Systems The Benefits of Disintermediation to the Consumer Copyright © 2018, 2017, 2016 Pearson Education, Inc. ITM