Chapter 8 Managing Operations. Key Points in Chapter 8 Outsourcing IS Functions Outsourcing IS Functions Security in the Internet Age Security in the.

Slides:

Advertisements

Similar presentations

Ethics, Privacy and Information Security

Advertisements

Computer and Network Security Mini Lecture by Milica Barjaktarovic.

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

Database Administration and Security Transparencies 1.

Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.

Security+ Guide to Network Security Fundamentals

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

Factors to be taken into account when designing ICT Security Policies

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Chapter 19 Security.

Lead Black Slide. © 2001 Business & Information Systems 2/e2 Chapter 14 Managing Information Systems and Technology.

Virtual Private Network

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

DATABASE SECURITY By Oscar Suciadi CS 157B Prof. Sin-Min Lee.

Chapter 19 Security Transparencies. 2 Chapter 19 - Objectives Scope of database security. Why database security is a serious concern for an organization.

Security Guide for Interconnecting Information Technology Systems

1 Chapter 8 Securing Information Systems. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) = * 5, = $ What happens to the.004? =

Protecting ICT Systems

Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

CHAPTER 3 Information Privacy and Security. CHAPTER OUTLINE  Ethical Issues in Information Systems  Threats to Information Security  Protecting Information.

CHAPTER 4 Information Security. CHAPTER OUTLINE 4.1 Introduction to Information Security 4.2 Unintentional Threats to Information Security 4.3 Deliberate.

Information Security OECD, April 2001 International Computing Centre Managing Information Security Ed Gelbstein, International Computing Centre, Geneva.

PART THREE E-commerce in Action Norton University E-commerce in Action.

MANAGING OPERATIONS Andreas Rio, M.Eng.. Managing Operation The three major operational issues discussed:  outsourcing information systems functions.

MANAGEMENT INFORMATION SYSTEMS Data Raw facts and figures. Information Knowledge gained from processing data. Management information system (MIS) Organized.

Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.

“Assuring Reliable and Secure IT Services”. IT Redundancy: Its Value How much reliability to buy? Customer Service impacted as a result of 15 minutes.

Lead Black Slide Powered by DeSiaMore1. 2 Chapter 14 Managing Information Systems and Technology.

1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.

BUSINESS B1 Information Security.

Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?

Anderson School of Management University of New Mexico.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Health Insurance Portability and Accountability Act of 1996 (HIPAA) Proposed Rule: Security and Electronic Signature Standards.

Chapter 12 by Lisa Reeves Bertin Securing Information in a Network.

Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.

Using Technology to Manage Information Chapter 14.

Managing Technology and Information Chapter 15. Distinguish between data and information and explain the role of management information systems in business.

Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 12 - Databases, Controls, and Security.

Sample Security Model. Security Model Secure: Identity management & Authentication Filtering and Stateful Inspection Encryption and VPN’s Monitor: Intrusion.

Using Technology to Manage Information

Chapter 01: Introduction to Network Security. Network  A Network is the inter-connection of communications media, connectivity equipment, and electronic.

IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It.

Managing Operations Chapter 8 Information Systems Management In Practice 5E McNurlin & Sprague.

Chapter 30 - Electronic Commerce and Business Introduction E-Commerce is Big Business –all commercial transactions conducted over the Internet shopping,

CPS ® and CAP ® Examination Review OFFICE SYTEMS AND TECHNOLOGY, Fifth Edition By Schroeder and Graf ©2005 Pearson Education, Inc. Pearson Prentice Hall.

Database Security Tampere University of Technology, Introduction to Databases. Oleg Esin.

McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved INFORMATION SECURITY SECTION 4.2.

Virtual Private Network. VPN In the most basic definition, VPN is a connection which allows 2 computers or networks to communicate with each other across.

Managing Operations Chapter 8 Information Systems Management In Practice 6E McNurlin & Sprague.

Security Policies. Threats to security and integrity  Threats to information systems include  Human error –keying errors, program errors, operator errors,

Chapter 16 Presented By: Stephen Lambert Disaster Recovery and Business Continuity.

Chap1: Is there a Security Problem in Computing?.

Security and Ethics Safeguards and Codes of Conduct.

CPT 123 Internet Skills Class Notes Internet Security Session B.

Using Technology to Manage Information Chapter 13.

Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.

Securing Interconnect Networks By: Bryan Roberts.

LESSON 12 Business Internet. Electronic business, or e-business, is the application of information and communication technologies (ICT) in support of.

السلوك التنظيمى المعاصر

INFORMATION SYSTEMS SECURITY and CONTROL

Information Systems Management In Practice 5E

IS4680 Security Auditing for Compliance

ONLINE SECURE DATA SERVICE

Presentation transcript:

Chapter 8 Managing Operations

Key Points in Chapter 8 Outsourcing IS Functions Outsourcing IS Functions Security in the Internet Age Security in the Internet Age Disaster Recovery Disaster Recovery

What are Operations? Operations vary for every company Operations vary for every company Hardware, communications lines and equipment, software, data center personnel, disaster recovery, etc. Hardware, communications lines and equipment, software, data center personnel, disaster recovery, etc. The Operations management perspective The Operations management perspective Moving from an inward to an outward approach Moving from an inward to an outward approach

Outsourcing IS Functions Focus and Value driven Focus and Value driven Expansion of Outsourcing Expansion of Outsourcing IT Outsourcing IT Outsourcing Transitional Outsourcing Transitional Outsourcing Best-of-Breed Outsourcing Best-of-Breed Outsourcing Shared Services Shared Services Business Process Outsourcing Business Process Outsourcing E-Business Outsourcing E-Business Outsourcing Application Service Providers (ASPs) Application Service Providers (ASPs)

Outsourcing IS Functions Cont… Managing Outsourcing Managing Outsourcing Organizational Structure Organizational Structure Joint committees should be utilized with an executive representing each party Joint committees should be utilized with an executive representing each party Governance Governance Service Level Agreements (SLAs) should be established Service Level Agreements (SLAs) should be established Day-to-Day Working Day-to-Day Working Manage expectations Manage expectations Communicate frequently Communicate frequently

Security in the Internet Age Threats Threats Most security breaches occur on the inside and through viruses Most security breaches occur on the inside and through viruses Mobile computing increases threat Mobile computing increases threat Security’s Five Pillars Security’s Five Pillars Authentication – verifying authenticity of users Authentication – verifying authenticity of users Identification – identifying users to grant them access Identification – identifying users to grant them access Privacy – protecting info from being seen Privacy – protecting info from being seen Integrity – keeping info in original form Integrity – keeping info in original form Nonrepudiation – preventing parties from denying Nonrepudiation – preventing parties from denying

Security in the Internet Age Cont… Countermeasures Countermeasures Firewalls Firewalls Hardware or software that controls access between networks Hardware or software that controls access between networks Public Key Encryption Public Key Encryption Uses two keys and requires significant administration - Uses two keys and requires significant administration - Virtual Privacy Networks Virtual Privacy Networks Private line that uses “tunneling” technology and constant encryption Private line that uses “tunneling” technology and constant encryption

Disaster Recovery for Distributed Systems Internal Resources Internal Resources Multiple Data Centers Multiple Data Centers Distributed Processing Distributed Processing Backup Telecom Facilities Backup Telecom Facilities LANs LANs External Resources Integrated Disaster Recovery Services Specialized Disaster Recovery Services Online and Offline Data Storage

What’s New? Y2K changed company mindset from “survival mode” to “planning mode” Y2K changed company mindset from “survival mode” to “planning mode” Third party data centers are becoming more popular Third party data centers are becoming more popular Companies that keep data centers in-house still outsource e-business operations Companies that keep data centers in-house still outsource e-business operations Simplification achieved through application centralization Simplification achieved through application centralization

CLJ How to Plan for the Inevitable by Sarah D. Scalet How to Plan for the Inevitable by Sarah D. Scalet Fleet Credit Card Example Fleet Credit Card Example Incident Response Planning Incident Response Planning “…knowing how to respond to a security incident— be it a computer worm, mistake, hacker or the mere suspicion of a problem—can save a company time, money and even its reputation.” Best measures are preventative Best measures are preventative Pull together an incident response team Pull together an incident response team

CTQs In regard to security threats, insider abuse and unauthorized access rank second and third highest in percentage of misuse. What can companies do to prevent this from occurring ? How might this affect employees who have never thought of doing such things? In regard to security threats, insider abuse and unauthorized access rank second and third highest in percentage of misuse. What can companies do to prevent this from occurring ? How might this affect employees who have never thought of doing such things? What can be learned about disaster recovery from the September 11 th incident? What precautions would you take for your company? What can be learned about disaster recovery from the September 11 th incident? What precautions would you take for your company?

The End