How to become millionaire with MIS

Read more »

Benefits of Management Information System for Business Development

Benefits of Management Information System for Business Development

Current business era is an era where information flow is very vital role than the flow of goods. As great as any of a businessman and monopolize the flow of goods, it does not mean anything if he does not have accurate, current, easily accessible and controllable in the mastering its distribution.Therefore it is one of the company assets of modern business is highly valuable information system that has a high response rate and focus on its users from all aspects.

Exactly how much importance and benefit of management information system for a business? Information systems are built well and correctly, among others, can increase productivity, reduce the stock of material production, eliminating activities that do not have the benefit (value added), improve service and customer satisfaction, coordinating every part in the enterprise and improve the quality of management policies.

While in general the benefits of management information systems can be categorized as tangible benefits and intangible benefits.

Tangible benefits

An information system is built and maintained properly will provide tangible benefits could be seen that in fact achieved its movement through the income and expenses incurred by the company.

Indicators of success / benefits that have an impact on revenue enhancement is the increased sales in existing markets and expansion into new markets.

A good information system can be used not only for the storage of electronic data alone but must be able to support the analysis required by management.

So with the support of good information system can be obtained then the information is accurate, reliable, current and easily accessible on the condition of the company's sales.

With the report presented by the rapid and can be accessed at any time that the decisions taken can be faster and precise on the existing market dynamics.

In terms of cost reduction can be done on reducing the amount of factual analysis of the human resources involved in the business, reducing operational costs such as supplies and overhead, the reduction of goods / material in warehouse stock, reduction of maintenance costs and providing equipment that is not too expensive

Examples of reduction of the number of human resources is in the process of recording financial transactions. If previously in the accounting process should be managed by five person with the implementation of the good accounting information system is done by one person enough.

This is due to the Accounting Information System which is integrated so any bookkeeping process can be processed directly from each of the relevant sections without having to go through the process of refilling the data.

Stacking material supply problems during the production is often burden of the company assets, with the implementation of supply chain management module in information systems developed greatly help solve the problem.

With the support of supply chain management then the Stacking stocks of material production can be reduced to a minimum. Where the company simply ordered to suppliers only when the inventory reaches the minimum limit.

 

Intangible Benefits

Often the intangible benefits of sistem information management is the critical point in the course of business of a company's wheel. Because it is intangible, the following aspects are often overlooked or not detected.
1. Increased customer satisfaction
Good management information system will speed up the process so that, the time required to serve a customer can be faster.

2. Improved quantity and quality of information
Information is an important component of business today. Who controls the information would act more responsive to changes and trends in the future.

Application of good information system will certainly generate reports compilation of data that is managed by qualified and comprehensive database. This can be achieved for each of the reporting process is executed automatically by computer machines.

3. Improved quality and quantity management decisions
It is inevitable that any decision-making relies heavily on information that supports the policy to be taken. It can only be realized if information systems can provide information that is relevant, accurate, current and can be retrieved at any time

4. Improved quality and responsiveness number of the competitors' condition
Aspects of business intelligence is very important since a long time with a variety of formats and needs. To reach the point of rapid and appropriate response on the dynamics of the competition will require information systems that can collect, analyze and compile the information needed by decision makers in the company.

5. Improved operational efficiency and flexibility
All business owners would want these. The more efficient and flexibly an operational then this indicates the low cost to run it. This can be achieved due to cut the bureaucracy in the company after the implementation of good information systems.

6. Improved quality of internal and external communications
A good information system must be supported by electronic data communication network systems that are reliable as well. With the application of good information systems, each party both inside and outside the company can exchange information more effectively and efficiently.

7. Improved quality of planning
Planning is an essential process for businesses. However, any plan that will be made then of course needed the support of adequate information into practice. If not then the plan may be disoriented and did not reach its target because of mistake information into its base.

8. Improved quality control and supervision.
With the information system is built and maintained properly then any activity within the business environment can be constantly monitored. Monitoring is certainly an impact on improving control over every procedure and activities occurring within the company.

conclusion
management information system is essential for business development. There are many benefits that can be obtained from the business owner application of information systems. To be able to keep compete with competitors will require a good and reliable management information systems. Information system importance in business.

Read more »

How will the Information System help an organization in achieving its goals?

How will the Information System help an organization in achieving its goals?

An information system (IS) is any combination of information technology and people's activities using that technology to support operations, management, and decision-making

In any business organization, data is the most important thing. Different type of information is produced from data. When the amount of data is large, it becomes more difficult to process this data manually. In order to get quick results and timely information, an Information System is used in almost all organizations.

As businesses grow, the amount of data also increases. As a result, it becomes more difficult to process this data manually. With the use of Information System, data can be processed with rapid speed and information is generated quickly. To run a business successfully, effective and timely decision-making is very important. This decision-making is based on the information we get from the stored data.

An Information System provides the required information in a complete and comprehensive way. It helps in taking effective decisions about the business. In such a system, the information can be sent to many people is less time.

The following are benefits of information systems:
1. central access
2. easy backup
3. central distribution of information
4. easy record-keeping
5. easy tax preparation
6. easy customer trait identification

An Example : Take for example a bottling line that has the capability of filling 10,000 bottles a day, but like the majority of packaging lines actually achieves about 50% of its potential on average. The production manager wants to see the throughput data and the reasons why the machine is falling short. The operators on the other hand need to see alert messages as why the machine has just stopped and what action to take to fix it. The cause may be a specific mechanical failure such as a jam up, lack of product or one of many things. The production manager will be interested to discover that the mechanical failures only amounted to 8% stoppage time and another 5% due to lack of product. He will also notice that the main reason the line did not perform is because nobody pressed the start button when the machine was ready to run!

This example shows that Information systems can be powerful tools for business. The key is having current data converted to useful information and having that delivered to people who can act upon it before it’s too late. If the information is delivered too slowly then it is only a lesson learned rather than profitable opportunity. 

Read more »

Understanding Management Information System

Read more »

What is an Information System?

Read more »

MIS NEWS: Microsoft Adds Office Dropbox Support for Android Devices

Microsoft Adds Office Dropbox Support for Android Devices

By David Roe  |  Nov 20, 2014 

Microsoft is rounding off a busy month on the Office front with the release of Dropbox support for Android users.

According to an Office blog post, the updates will enable easier editing, access and sharing of Office files from an Android phone. It is also offers the ability to generate and share links to documents in One Drive and OneDrive for Business directly from inside the app itself.

The Dropbox integration for Android is a lot like the integration it announced earlier this month. With it, users can store and share documents in Dropbox, as well as edit Dropbox files and save them back into Dropbox. From there users will also be able to share the files from their Android device.

The upgrades round out Office for mobile devices with Office editing, storage and collaboration capacities available for both Android and iOS operating systems.

Dropbox CEO Drew Houston noted that Dropbox is home to more than 35 billion Office documents, spreadsheets and presentations. These enhancements will give Dropbox access to 300 million Office users.

Read more »

CASE STUDY

FACULTY OF TECHNOLOGY MANAGEMENT AND TECHOPRENEURSHIP

BACHELOR OF TECHNOLOGY MANAGEMENT (INNOVATION)

2BTMI

SEMESTER II SESSION 2014/2015

BTMP 2083:  INFORMATION SYSTEM MANAGEMENT

TITLE OF GROUP ASSIGNMENT: CASE STUDY

PREPARED FOR: DR. YURSRI ARSHAD

PREPARED BY: GROUP 4 FANTASTIC 7

NO.	NAME	MATRIC NO.
1.	YOW INN ANN	B061310144
2.	NG HENG LOONG	B061310258
3.	TAN HUI HUI	B061310008
4.	CAROLYN LAI PEH NEE	B061310111
5.	CHAN JI YAN	B061310126
6.	LAW PUAY FONG	B061310151
7.	TAM YEE KEN	B061310057

                                                                          

TABLE OF CONTENT

NO.	CONTENT	PAGES
1	CHAPTER 2: GLOBAL E-BUSINESS AND COLLABORATION            CASE STUDY 1           Interactive Session: Organization           Ski Resorts Goes High-Tech for Touch	3-10
2	CHAPTER 5: INFORMATION TECHNOLOGY INFRASTRUCTURE           CASE STUDY 2           Interaction Session:  People           The Pleasure and Pitfalls of BYOD	11-17
3	CHAPTER 8: SECURING INFORMATION SYSTEMS           CASE STUDY 3           Business Problem-Solving Case           The Looming Threat of Cyberwarfare	18-25

CASE STUDY 1: CHAPTER 2

Interactive Session: Organizations

Vail Ski Resorts Goes High Tech for High Touch

            Vail Ski Resort is the largest single mountain ski resort in the United States, with 5.289 acres of the most diverse and expansive skiing in the world. To match its world-class skiing, Vail is also trying to offer the world-class customer care --- fine dining; spas and ski valets ready to haul, stow, and retrieve your equipment; heated boots; and hand-warming packets. Vail’s season pass is a top value industry-wide, and its free PEAKS Rewards membership program further inculcates customer loyalty. Members an purchase the most economical lift tickets online , link the PEAKS card to a credit card, and accumulate points that can be redeemed for free lift tickets, ski school lessons, and various discounts.

            In 2012, Vail Ski Resorts installed the fastest, highest capacity gondola in the United States. Seating ten people per cabin, and with an uphill speed of 1,200 feet per minute, the state-of-the-art gondola carries 3,600 skiers per hour while decreasing ride time from 9 to 7.5 minutes. Heated seats and Wi-Fi access make it one of the world’s most customer-friendly ski lift as well.

            Long lift lines have always created a big headache for skiers. In the past, the only way to gauge the flow of the crowd was to ask lift operators or check postings on bulletin boards at the bottom of the lifts. Now Vail skiers are able to obtain accurate up-to-the minute lift line information by using social networking, streaming alerts, and the resort’s own Twitter account. Slope congestion can be alleviated by offering special pins or prizes to coax guests to move to a different slope. Guests can be directed to on-mountain dining locations at lunch time.

            Vail now uses radio frequency identification (RFID) lift tickets and ski passes. Part of the EpicMix social media program, the tickets and passes are scanned at the base of each lift so that skiers and snowboarders can track how many lifts they ride and the vertical feet ascended each day. The scanned data are automatically transferred to an EpicMix application which can be accessed from either a smartphone or a computer. The basic program is a free and confers various pins and virtual awards based on user statistics. For example, you earn the “Connoisseur” pin after 75 lifts and the “Over the Moon” pin when you surpass 350,000 vertical feet skied. After you create your EpicMix account, you can view and share stats by linking to your Facebook and Twitter accounts.

            The EpicMix Racing program provides additional fun. At one of six race courses, you can compete against friends and family, all skiers, and even 2010 Olympic women’s downhill gold medalist Lindsey Vonn. At the beginning of each season, the four-time for race courses at Vail, Beaver Creek, Breckenridge, Keystone, Heavenly and Northstar.  Race pros then ski the courses to establish their “seconds behind Lindsey.” To factor in changing course conditions, every day one of the race pros skis each course and uses his or her “seconds behind Lindsey” to determine a course time for Vonn on that particular day. When you ski a course, your actual time is automatically recorded and then adjusted for gender, age, and discipline. Snowboarders, telemark skiers, and adaptive skiers with disabilities and special needs can also participate. Scores are computed based on each skier;s “seconds behind Lindsey,” and gold, silver, and bronze medals are awarded to the top three daily. Race results and leaderboards are accessed on EpicMix.com or the EpicMix mobile app, available for Apple and Android smartphones. Your dashboard tallies your Lindsey Vonn Race Series points, EpicMix Racing medals, total number of resort check-ins, total days on a mountain, vertical feet, pins earned, and number of EpicMix photo taken.

The six race course mountains are staffed by 140 professional photographers. Photos are automatically identified and uploaded by scanning the intelligent chip embedded in the skier’s lift ticket. Photos can be captioned and shared for free on Facebook and Twitter, or you can purchase prints at a number of locations, including, of course, the Children’s Ski Schools. You can also purchase a $30 season package for unlimited downloads of all images taken at all locations and print them out later. All of these amenities turn a ski vacation into an “experience” that can be shared with family and friends, increasing emotional attachment and promoting customer retention.

Still, to ensure that it is fully leveraging the wealth of customer data it collects, Vail Ski Resorts’ parent company Vail Resorts implemented SAS Customer Intelligence software. Customer data were previously collected and stored in a number of unrelated systems. Now, the data are compiled in a single database that includes all customer points of contact, allowing a complete picture of customer habits and preferences to emerge. Rather than one or two versions of a marketing campaign, Vail Resorts now runs 30 to 50, targeted to specific groups. In the future, the company expects to expand to hundreds or even thousands of personalized, individual communications. SAS predictive analytics will help Vail Resorts to identify guest motivations and anticipate customer desires, while customer segmentation models identify profitable segments to which they might be steered. Vail Resorts plans to further personalize its engagement with its guests and enrich their mountain experiences before they have even begun.

Sources: “EpicMix,” snow.com (http://www.snow.com/epic-pass/pass-benefits/epicmix.aspx), accessed May 30, 2013: Bill Pennington, “Getting Comfortable With the New Vail,” New York Times. March 1, 2013; “EpicMix FAQ,” epicmix.com (http://www.epicmix.com/faq.aspx), accessed May 30, 2013; Spencer Reiss, “Vail Resorts  Creates Epic Experiences with Customer Intelligence,” SAS Case Study, March 20, 2013; Lauren Glendenning. “Vail’s New Gondola Lifts Off,” Vail Daily, November 16, 2012; and Nicole Perlroth, “Nine Ski Apps to Make the Most of the Mountain,” New York Times, December 26, 2012.

CASE STUDY QUESTIONS

1.      List and describe the types of systems described in this case study.

        i.            Executive Support Systems (ESS):

a)      Provide generalized computing capacity that can be applied to changing array of problems.

b)      Typically use portal with Web interface, or digital dashboard, to present content.

c)      In this case study, this systems help manager to create the marketing campaigns that will make a largest return of customers.

d)     Others than this, ESS systems also help the Vail Ski Resort to determine which lifts should be elevation and upgrading and which is the one that always used by customers.

e)      With this advantage, the resort can increase their lift speed so that more customers can enjoy more in the resort.

f)       To upgrade the lifts also provides other advantage to the resort. For example, the organization will be more systematic and their administrative will be improved. Lastly, investment.

g)      The systems help the manager analyse that where to invest can get the major return.

      ii.            Transaction Processing Systems (TPS):

a)      It is an informational scheme for the collection, storage, retrieval and modification of transactions made by an organization.

b)       Vail Ski Resort used this systems to collect the basic data of the customers. For example, the customers experience on skiing and also their visited times to Vail Ski Resorts. Besides that, the number of skiers that using each lift, the number of the rental ski equipment, the number of customers who bought meals and meals sold in the food outlet and the race time of each skiers in the EpicMix Racing program.

    iii.            Management Information Systems (MIS):

a)      This systems help to provide middle managers with reports on firm’s performance, to help the monitor firm and predict future performance.

b)      It is typically not very flexible systems with little analytic capability. In Vail Ski Resorts, MIS help to offer skiers the rewards for switching to a different lift. This is because the resort hope that this way will help to reduce the people all queue in the same lift.

c)      They hope that the lines of each lift can keep shorter so that these will reduce the waiting time for customers.

d)     The others advantage that MIS brought to Vail Ski Resort is to help them determine which the place that most popular and most skiers like to visit.

e)      They will maintain the environment and services that provided. Other than that, they also trying to improve those places that not always visited by the skiers.

    iv.            Decision Support Systems (DSS):

a)      A decision support system (DSS) is a computer-based application that collects, organizes and analyses business data to facilitate quality business decision-making for management, operations and planning.

b)      DSS help Vail Ski Resorts to adjust the maintenance schedules of the ski lifts. By using this system, the manager can understand which ski lifts are used the most frequently by customers.

c)      The reward and promotions of the resorts always attract the most customers. The customers that should receive for special promotions also can be analyse by using DSS.

d)     This help a lot in the decision making of the manager. Some customers are also targeted for the return visits by using DSS.

2.      How do these systems improve the operation of the business?

The managers of Vail Ski Resort who in charge to collect the database to make a better and right decision based on the accurate data to be collected in the information system. By this way, the Vail Ski Resort can enhance the quality and standard of the Vail Ski Resort to attract the customer to choose the Vail Ski Resort and increase the growth of the business.

These systems can help the Vail Ski Resort to determine which type of customer is the target customer in their marketing campaigns. This is because the resort can ensure to focus on the target customer who spend more money to give them more major return and stimulate the growth of the business in Vail Ski Resort by using the information systems.

Vail Ski Resort can provide more standard and quality of service to convenient the customer when they are in the Vail Ski Resort. Based on this attractiveness point, , Vail Ski Resort will focus on satisfaction of customer demands to attract customer to choose this resort compared with other competitors because the resort will consider the customer needs and demands first and take the action to satisfy them.

3.      How do these systems support decision-making? Identify three different decisions that can be supported by these systems.

Marketing campaigns, improve the quality of equipment or service and enhance the profitability are the three different decisions that can be supported by these systems.

First of all, the Vail Ski Resort should focus on the marketing campaigns. This is because the resort should find out an orientation or goal in the marketing campaign to be the target. As an example, the Vail Ski Resort can determine which type of customer is the target customer who spend the more money to provide a highest return to the Vail Ski Resort. Other than that, the Vail Ski Resort should identify which customer should receive more offer such as discount, attractiveness, quality of the service and the others.

Second, the Vail Ski Resort should improve the quality of equipment or the service. This is because the higher quality of the service will attract and retain the customer base to choose the resort based on the satisfaction of customer demands. As an example, the Vail Ski Resort should provide the customers are able to obtain accurate up-to-the minute lift line information by using social networking, streaming alerts and the resort’s own Twitter account.

Third, the Vail Ski Resort should improve the profitability. This is because the Vail Ski Resort enable to earn the higher profit to return the investment of the business. As an example, the Vail Ski Resort should increase the attractiveness of the resort among the customer and provide better quality of service to satisfy the customer demands. Based on this, the Vail Ski Resort will become the first choice of the customer compared with others competitor to stimulate the growth of the business and gain the higher profit.

4.      Why is improving the guest experience so important at Vail Mountain Resort?

It is important to create guest experience so important at Vail Mountain Resorts because it will help to increase the image of the resorts. In providing those high quality services and improve the systems in the resorts, the customers gained the best experience when they enjoy their holidays in the resorts. Taking relax and enjoyable experience will always let them share their good experience to their friends and family. The power of word of mouth can be shown in this. The image of the resorts will be increased through their customers’ experience.

Second, the increase of competitive advantage. Due to the facilities that provided by Vail Mountain Resorts improve their system for their organizations and customers, this will increase their position in the market. All those system that provide by Vail Ski Resorts are still haven been used in other ski resorts. For example they uses radio frequency identification (RFID) lift tickets and ski passes. Part of the EpicMix social media program, the tickets and passes are scanned at the base of each lift.

Next, improve the customers’ retention. For example, long lift lines always created a big problem for skiers. They spent lots of time to wait for their turn. To solve this problem, Vail Ski Resorts create a systems that able to obtain accurate up-to-the minute lift line information by using social networking, streaming alerts, and the resort’s own Twitter account. With this improvement, skiers will decrease their time on waiting for the life ride. They will feel that they spent more time on skiing and not waiting for the lift. This will let them feel want to visit again to Vail Ski Resort.

Lastly, increase the profit and revenue. With the best services provided and more customers retention will help Vail Ski Resort gain more profit and revenue. The more customers satisfied to their services and facilities, the more the profit will be gained.

CASE STUDY 2: CHAPTER 5

INTERACTIVE SESSION: PEOPLE

The Pleasures and Pitfalls of BYOD

Just about everyone who has a smartphone wants to be able to bring it to work and use it on the job. And why not? Employees using their own smartphones would allow companies to enjoy all of the same benefits of a mobile workforce without spending their own money to purchase these devices. Smaller companies are able to go mobile without making large investments in devices and mobile services. According to Gartner Consultants, BYOD will be embraced by 38 percent of companies by 2016 and half of all companies will mandate BYOD by 2017. BYOD is becoming the “new normal.”

But…wait a minute. Nearly three out of five enterprises believe that BYOD represents a growing problem for their organizations, according to a survey of 162 enterprises conducted by Osterman Research on behalf of Dell Inc. Although BYOD can improve employee job satisfaction and productivity, it also can cause a number of problems if not managed properly: Support for personally owned devices is more difficult than it is for company-supplied devices, the cost of managing mobile devices, the cost of managing mobile devices can increase, and protecting corporate data and networks becomes more difficult. Research conducted by the Aberden Group found that on average, an enterprise with 1,000 mobile devices spends on extra $170,000 per year when it allows BYOD. So it’s not that simple.

IBM’s CIO Jeanette Horan believes that BYOD may cause as many problems as it solves. BYOD is not saving IBM any money and is actually creating new challenges for the IT department because employees’ devices are full of software that IBM doesn’t control. IBM provides secure BlackBerrys for about 40,000 of its 400,000 workers while allowing 80.000 more employees to use their own smartphones or tablets to access IBM networks.

The IBM IT department found it had no grasp of which apps and services employees were using on their personal devices, and employees themselves were “blissfully unaware” of the security risks posed by popular apps. IBM decided to ban the use of such popular services as the Dropbox cloud-based cyberlocker, fearing that employees would put IBM-sensitive information in their personal Dropbox accounts, forward internal e-mail to public Web mail services, or use their smartphones as mobile Wi-Fi hotspots.

IBM will not allow an employee to access its corporate networks with his or her personal device unless it secures the device. The IT department configures the device so that its memory can be erased remotely if it is lost or stolen. The IT group also disables public file-transfer programs like Apple’s iCloud; instead, employees use an IBM-hosted version called MyMobileHub. IBM even turns off Siri, the voice-activated personal assistant, on employees’ iPhones because the spoken queries are uploaded to Apple serves.

Each employee’s device is treated differently, depending on the model and the job responsibilities of the person using it. Some people are only allowed to receive IBM e-mail, calendars, and contacts on their portable devices, while others can access internal IBM applications and files (see Chapter8). IBM equips the mobile devices of the latter category of employees with additional software, such as programs that encrypt information as it travels to and from corporate networks.

One company that has successfully implemented BYOD is Intel Corporation, the giant semiconductor company. About 70 percent of the 39,000 devices registered on its network are personal devices. Intel approached BYOD in a positive manner, trying to find ways to make it work rather than to defeat it. Diane Bryant, then Intel’s CIO, didn’t want to be dependent on a single mobile vendor or device.

Intel hammered out a BYOD strategy and created an end-user service-level agreement that clarified that end users were voluntarily using BYOD rather than being mandated by Intel. The company developed different policies, rules, and access limits for each type of device-smartphones, tablet, or laptop-with multiple levels of controls in place. Intel maintains a list of approved devices. If a device does not meet its requirements, it is blocked from the network. Intel’s BYOD program today offers 40 proprietary applications, including travel tools to help schedule a flight and conference room finders. The company has an internal “app store” and uses a variety of software and security tools, including mobile device management (MDM) software and mobile app management (MAM) software.

Intel’s goal for BYOD is not to save money but to make employees happier and more productive. Employees like being able to use their own device and apps alongside specialized Intel apps. On average, Intel workers report that bringing their own devices saves them about 57 minutes per day, which amounts to 5 million hours annually company-wide.

Canadian Tire decided not to allow BYOD at all and issued new BlackBerry Q10 and Z10 smartphones to its 3000 corporate employees. (Canadian Tires is one of Canada’s largest companies, with an online e-commerce store and 1200 retail outlets selling automotive, sports, leisure, home products, and apparel; petroleum outlets; and financial services.) The company felt that for its purposes, the bring-your-own-device model was not sufficiently secure. Canadian Tire’s chief technology officer (CTO) Eugene Roman worries that an e-mail could send a virus into the company’s core infrastructure. At present, Canadian Tire’s management thinks BYOD is interesting but is not yet ready for the company’s mainstream business applications.

In order to successfully deploy mobile devices, companies need to carefully examine their business processes and determine whether or not mobility makes sense for them. Not every firm will benefit from mobility to the same degree. Without a clear idea of exactly how mobile devices fit into the long-term plans for the firm, companies will end up wasting their money on unnecessary devices and programs. One of the biggest worries that managers have about mobility is the difficulty of measuring return on investment. Many workers swear by their mobile devices, and the benefits are too significant to ignore, but quantifying how much money is earned or saved by going mobile can be difficult.

CASE STUDY QUESTIONS

1. What are the advantages and disadvantages of the following employees to use their personal smartphones for work?

1. Advantages

a)      All companies will receive benefits of a mobile workforce, even though they not spend their money for it

b)      Avoid companies from wasting money for unnecessary devices and mobile initiatives.

c)      Every employees will be feel comfortable because they using their own device.

d)     Employees will feel easier because they don’t have burden to carry and manage multiple devices.

2. Disadvantages

a)      The data of a company which is private and confidential will be leak out to public. This is legal and liability risk for that company.

b)      Companies lose their consistency and efficiency when they have their own hardware, and control their data and scale their own It infrastructure.

c)      Employees have to spend their own pocket money for buy the devices needed by their company

d)     In a company every employees using different kind of devices. So the operating systems available, providing adequate technical support for every employees will be difficult.

2. What people, organization and technology factors should be addressed when deciding whether to allow employees to use their personal smartphones for work?

1. People

a)      Many companies are integrating these “mobility experts” into core IT functions and software development. Mobility experts can help a company leverage mobility more effectively.

b)      Identify or analyse that employees have ability to own their devices.

c)      Make sure that employees agree to safe the company’s confidential information

2. Organization

a)      Limit business smartphone use to a single platform.

b)      This made it easier to keep track to each mobile device and to roll out software upgrades or fixes, because all employees were using the same devices, or at the very least, the same operating system. For example, BlackBerry mobile devices access corporate e-mail and data using a proprietary software and networking platform that is company–controlled and protected from outsiders.

c)      More than one type of mobile device and operating system

d)     Firm need an efficient inventory management system that keeps track of which devices employees are using, where the device is located, whether it is being used, and what software it is equipped with.

3. Technology

a)      A number of software products such as Sybase Afaria, Trellia, Microsoft System Center Device Manager and Odyssey Software Athena have emerged to help companies manage diverse mobile platforms.

b)      Virtualization is an approach to mobile device management. Companies can install software such as Citrix Systems XenDesktop that runs Windows desktops and individual applications on any device, regardless of operating system.

3. Compare the BYOD experiences of IBM and Intel. Why did BYOD at Intel work so well?

1. Comparison between BYOD experiences of IBM and Intel

a)      According to the IBM policy, employees who want to use their own devices first must become “certified,” which they do by passing a mobile security awareness training course. Only then are they eligible to use their own devices.

b)      Likewise, Intel hammered out a BYOD strategy and created an end-user service-level agreement that clarified that end users were voluntarily using BYOD rather than being mandated by Intel.

2. BYOD at Intel works so well because

a)      Intel approached BYOD in a positive manner, trying to find ways to make it work rather than to defeat it.

b)      The company developed different policies, rules, and access limits for each type of device.

c)      Intel’s BYOD program 40 proprietary application, including travels travels tools to help schedule a flight and conference room finders.

d)      Intel’s goal for BYOD is not to save money but to make employees happier and more productive. Employees like being able to use their own device and apps alongside specialized Intel apps.

4. Allowing employees to use their own smartphones for work will save the company money. Do you agree? Why or why not?

Yes, I agree.

a)      The company does not have to prepare administer devices like laptop, Pc and mobile phones.

b)      Avoid significant hardware, software IP supports costs.

c)      Save cost of paper and printer ink.

d)     Employees to do their business or communicate with customer in a convenience way.

e)      Employees will feel more happier if they using their own devices. Because of the heavy responsibility towards company asset like laptop is no more. They will use their devices freely and without any feeling of afraid to top management. It will help to increase company productivity.

f)       Companies does not have to pay for computers that break or go out of date every several years.

g)      Company does not have to pay for maintenance and insurance plans or antivirus software or deal with drive

CASE STUDY 3: CHAPTER 3
THE LOOMING THREAT OF CYBER

“Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, and our air traffic control systems. We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy”

With these words in his 2013 State if the union address, Barrack Obama officially became the first US cyberwar fare president. Obama was about to sign the improving Critical Infrastructure Cybersecurity executive order, which allows companies associated with the supervision of the electrical grids, dams and financial institutions to voluntarily join a program to receive classified and other cyber security threat information previously available only to government contractors. The main drawback is that only legislation can enforce minimum security requirements for private sector companies, which operate most U.S Critical infrastructure. Unfortunately, Congress in 2012 had failed to pass two cyber security bills that were much stronger, bowing to pressures from business worried about stepped-up security costs and concerns raised by privacy advocates.

Cyberwarfare is more complex than conventional warfare. Although many potential targets are military a country’s power grids, financial systems, and a communication network can also be crippled. Non-state actors such as terrorist ore criminal groups can mount attacks, and it is often difficult to tell who is responsible. Nations must constantly to be on the alert for new malware and other technologies that could be used against them, and some of these technologies develop by skilled hacker groups are openly for sale to interested governments.

    The scale and speed of cyber-attacks has escalated in the United States and other parts if the world. From September 2012 through March 2013, at least twelve U.S financial institutions-Bank of America, Citigroup, Wells Fargo, U.S. Bancorp, PNC, Capital One, Fifth Third Bank, BB&T, HSBC, J.P. Morgan Chase, and American Express-were targeted in attacks that slowed their server to crawl and then shut down. The severity of the attacks dwarfed previous distributed denial of service (DDoS) attacks. The data centers of these organization and had been infected with a long available malware agent name Itsoknoproblembro, which creates botnets of salve servers, dubbed bRobbots because they are so difficult to trace back to a command and control (C&C) servers. The bRobbots inundated the bank Web sites with encrypted data. A flood of encryption requests immensely intensities attack effectiveness, enabling the attackers to take down a site with fewer requests.

 The goal of the attacker was to inflict an unprecedented level of strain on as many financial institutions as possible. No account information was stolen and no financial gain sought, leading experts to think it was a state-sponsored attack. The hacker group Izzad-Din Al-Qassam Cyber Fighters claimed responsibility, stating that it was retaliating for an for an anti-Islam video. U.S government officials believe the perpetrator is actually Iran, retaliating for economic sanctions imposed to halt its nuclear program and for what it believes were U.S cyber-attacks.

In August 2012, the Shamoon virus infected 30,000 machines at Saudi Arabian oil company, Aramco. It destroys workstations by overwriting the master boot record (MBR), which stores key information about a hard disk drive to help a computer system start up. Shamoon also deleted data on servers, and overwrote certain files with an image if a burning American flag. U.S. officials attributed the attack to Iran.

Less than two weeks later, Qatari natural gas company, Rasgas, was forced to shut down its website and e-email systems in an attack initially also attributed to Shammon. An investigative team concluded it was likely a copycat attack trying to look like the same perpetrator. U.S. government officials blamed Iranian hacker. Israeli officials attributed both attacks to Iran’s Cyber Corps, formed after Stuxnet.

    Believe to have been developed by a secret joint United Stated-Israel operation, The Stuxnet worm was discovered in June 2010. It was designed to disable the software that controls Seimen centrifuges to enrich, uranium, and it reportedly delayed Iran’s ability to make nuclear arms by as much as five years. Iran has also been the target if the malware. The Duqu worm, discovered in September 2011, steals digital certificates used authentication for help future viruses appear as secure software. In April 2012, other espionage malware closely related to Stuxnet and Duqu called Flame was discovered when hard drives at the Iranian Oil Ministry and National Iranian Oil Company were wiped clean. Four months later investigators found that the deletion agent they had been looking for when they discovered Flame was a separate malware agent they named Wiper. Investigator believes that Wiper’s first objective is to eradicate the malware created by this group.  

Cyber offensives come with a considerable downside. Previously released malware is recoverable and can be adapted and reused by both nation-state foes and unaffiliated cyber criminals. Stuxnet code has been adapted for use in financial cybercrime. Another drawback is uncontrollability. About 60 percent of known Stuxnet infections were in Iran, but 18 percent were in Indonesia, 8 percent in India, and the remaining 15 percent scattered around the world. In November 2012, Chevron admitted that its network had been infected with Stuxnet shortly after spread beyond Iran.

To U.S. officials, the financial sector, Saudi Aracmco, and Rasgas attacks signaled a shirt in Iranian policy from cyber defense to cyber offense. After investing approximately $1 billion in its Cyber Corps in 2012 (still just a third of United States expenditures), Iran may have arrived as a first-tier cyber power.

    China has been a first-tier cyber power fir years. U.S targets of suspected Chinese cyber-attacks include federal departments (Homeland security, State, Energy, Commerce); senior officials (Hillary Clinton, Adm. Mike Mullen); nuclear-weapons labs (Los Alamos, Oak Ridge); defense contractors (Northrup Grumman, Lockheed Martin); news organization ( the wall street Journal, the New York Times, Blomberg), technology firms (Google, Adobe, Yahoo), multinationals ( Coca-cola, Dow Chemical) and just about every other node of American commerce, infrastructure or authority. Hackers have obtained information strategies of major corporations; designs of more than two dozen major U.S weapons systems, including the advanced Patriot missile system, the Navy’s Aegis ballistic missile defense systems, the F/A-18 fighter jet, the V-22 Osprey, the Black Hawk helicopter and the F-35 Joint Strike Fighter; and the workings of America’s power grid, possibly laying groundwork for acts of sabotage, Cyber-attacks from China and other nations have persisted because U.S. has difficultly defending its information systems, cyberspace is not yet subject to international norms, and years of intrusions have provoked little American response.

Investigators believe that in September 2012, one of the elite hacking groups from China’s People’s Liberation Army (P.L.A) attacked Telvent, a company that monitors utility companies, water treatment plants, and over half the oil and gas pipelines in North America. Six months later, Telvent and government investigators still didn’t know if the motive was espionage or sabotage. U.S intelligence experts believe that China’s U.S investment, particularly new, substantial investments in oil and gas, deter China from infrastructure attacks. China’s economy could not escape the negative consequences from a significant shutdown of U.S transportation systems or financial markets. Iran, with no U.S. investment, is a much greater threat. Moreover, diplomatic channels are open with China.

  Less than a week after Obama’s State of the Union address, security firm Mandiant released details oon a group it dubbed “APT1.” Mandiant traced APT1 to a building in Shanghai that documents from China Telecom indicate was built at the same time as the General Staff Department’s 3rd Department, 2^nd Bureau- The military hacking unit, P.L.A. Unit 61398. Outfitted with a high-tech fiber optic infrastructure, this 12-story white office tower was said to be the origin of a six year offensive that infiltrated 141 companies across 20 industries.

The Obama administration’s mounting concern with the economic and national security risks posed by cyber-intrusions has repeatedly been expressed to top Chines officials. In May 2013, the Pentagon’s annual report to congress for the first time directly accused the Chinese Government and P.L.A of attacking U.S. government and defense contractor networks. Direct confrontation had been skirted because the United States wants China’s help in dealing with the nuclear and military threat from North Korea and with sanctions against Iran. Obama again raised the issue during his informal summit with Chinese premier Xi Jinping in June 2013.

Two months earlier, however, North Korea, another budding cyberwarfare adversary, was accused of launching its most damaging attack to date. Despite obstacles limiting its ability to develop expertise, including sanctions, which restrict its access to technology, and a limited talent pool due to meager Internet penetration and tesrictive access policies, North Korea is believed to have perpetrated attacks on both Korea is believed to have perpetrated attacks on both South Korean and American commercial, educational, governmental, military institution. In March 2013, 32,000 computers at 3 major South Korean banks and the two largest television broadcasters were affected. Internet banking sites were temporarily blocked, computer screens went blank, ATM machines failed, and commerce was disrupted.

     The attackers used the Chinese-written Gondad exploit kit to infect PCs with a Trojan that provide an entryway for an attacker to take control of the machine, creating a bot or zombie computer. Once the digital backdoor is created, the controller can deposit a malware payload, in this case, a wiper agent named Dark Seoul, like Shamoon, Dark Seoul overwrites the master boot record (MBR). There is no conclusive evidence implicating North Korea, but tensions had been escalating between the two countries. The Kim Jong-un administration had expressed fury in the days leading up to the attacke over ongoing, routine joint Korea/ United states military training exercises, exacerbated by South Korea ‘s participation in U.S spearheaded United Nations sanctions against North Korea for its nuclear test the month  before. Seoul contents that Pyongyang has committed 6 previous cyber-attacks since 2009. Security experts at South Korea ‘s newly formed cyber security center believe it has been assembling and training an cyberwarrior  team of thousands, and the United States agrees. For North Korea, the threat of cyber retaliation is negligible. Internet access is only now extending beyond a privileged few, business are just beginning to adopt online banking, and worthwhile targets are virtually nonexistent.

The Obama administration has begun helping Asian and Middle Eastern allies build up their computer network defenses against Iran and North Korea, including supplying advanced hardware and software and training programs. Fture joint war games would include simulated cyber-attacks. But deterring cyber-attacks is a far more complex problem than conventional warfare, and US officials concede that this effore is an experiment.

      While increased diplomatic pressure and the intertwined nature of the worlds’ two largest economies may yield a practicable agreement between China and the United States, how to deal with the so-called “irrational actors,” Iran and North Korea, is thornier. Since China is North Korea‘s biggest trading partner and most important ally, hammering out an agreement with China may be the first step towards managing North Korea. While Iran is diplomatically isolated, China depends on it meet its energy needs, China walks a tightrope between exploiting the sanctioned Iranian economy and following the U.N. sanctions for which it voted. It just may be that the road to agreements with both Pyongyang and Tehran runs through Beijing. Meanwhile, the military command responsible for most U.S. cyber war efforts, U.S. Cyber Command (CYBERCOM), is slated for a 500 percent manpower increase between 2014 and 2016.

1. Is cyberwarfare a serious problem? Why or why not?

•      Cyberwarfare is a serious problem because it poses a unique and daunting set of challenges for security experts, not only in detecting and preventing intrusions but also in tracking down perpetrators and bringing them to justice.

The most prominent threats so far include:

Ø  Successful attacks on the FAA airline system, including one in 2006 that partially shut down air traffic data systems in Alaska

Ø  Intruders successfully penetrated the Pentagon’s $300 billion Joint Strike Fighter project and stole several terabytes of data related to design and electronics systems.

Ø  Cyberspies infiltrated the U.S. electrical grid in April 2009 and left behind software programs whose purpose is unclear.

Ø  In Iraq, insurgents intercepted Predator drone feeds using software downloaded from the Internet.

2. Assess the people, organization, and technology factors responsible for this problem.

ž  People

Ø  For cybercriminals, the benefit of cyberwarfare is that they can compete with traditional superpowers for a fraction of the cost of other types of warfare.

Ø  Because more and more modern technological infrastructure will rely on the Internet to function, cyberwarriors will have no shortage of targets at which to take aim.

Ø  Users of targeted systems are still too careless about security and don’t do enough to help protect sensitive systems.

ž  Organization:

Ø  The U.S. has no clear policy about how the country would respond to a catastrophic level of a cyberattack.

Ø  Even though the U.S. Congress is considering legislation to toughen cybersecurity standards, the standards will likely be insufficient to defend against attacks.

Ø  The organization of U.S. cybersecurity is messy, with no clear leader among intelligence agencies.

ž  Technology:

Ø  While the U.S. is currently at the forefront of cyberwarfare technologies, it’s unlikely to maintain technological dominance because of the relatively low cost of the technologies needed to mount these types of attacks.

Ø  Secret surveillance software can be installed on unprotected systems and can access files and e-mail thus spreading itself to other systems.

Ø  Tracing identities of specific attackers through cyberspace is next to impossible, making deniability of suspected intruders simple.

3. What solutions are available for this problem? Do you think they will be effective? Why or why not?

a)      Congress is considering legislation that would require all critical infrastructure companies to meet newer, tougher cyber security standards.

Ø  As cyberwarfare technologies develop and become more advanced, the standards imposed by this legislation will likely be insufficient to defend against attacks.

b)   Secretary of Defense Gates ordered the creation of Cybercom, the first headquarters designed to coordinate government cybersecurity efforts.

Ø  It will coordinate the operation and protection of military and Pentagon computer networks.

Ø  It will coordinate efforts to restrict access to government computers and protect systems that run the stock exchanges, clear global banking transactions, and manage the air traffic control system.

Ø  ultimate goal will be to prevent catastrophic cyberattacks against the U.S.

Ø  Because spy agencies like the CIA are prohibited by law from acting on American soil, some people are proposing to entrust some of the cyberwarfare work to private defense contractors.

Ø  There is no effective way for a domestic agency to conduct computer operations without entering prohibited networks within the U.S. or even conduct investigations in countries that are American allies.

Preventing terrorist or cyberwar attacks may require examining some email messages from other countries or giving intelligence agencies more access to networks or Internet service providers.

Read more »