This article discusses the need for security measures with cell phones nowadays. Not only businesses, but personal aspects of people’s lives are entwined in cell phones. In fact, they are so important, they are not even called cell phones anymore; they are known as smartphones. Either way, this article notes that even the simplest cell phone stores enough information that can potentially be dangerous if stolen or accessed by the wrong people. Several people go ahead and add an internet connection to their smartphones as well, thus mitigating the potential problems that can arise should that phone be lost or taken.
In order to avoid this type of a disaster, this article provides smartphone tips specific for different types of phones. In all cases, if you are getting rid of your cell phone, remove all information within it. For Blackberry owners, it is important to password-protect your start-up screen so that a password must be entered all the time. Locking your phone when not in use is also a good idea. Encrypting the data is also important, and regenerating that encryption every two weeks is a good practice to follow. Do not store usernames and passwords in your phone’s browser; instead, store it in the phone and encrypt it. Another tip is to lock down the Bluetooth. By default Bluetooth is on and this wastes battery life and leaves you open to Bluetooth-based attacks. Clearing the memory on your phone, particularly of unencrypted data, is also crucial.
For Smartphone users (Windows Mobile 6), similar steps should be taken. iPhone users should enable their passcode lock and autolock, use a third-party password manager, require their Bluetooth to have an eight-character PIN (even though Bluetooth is off by default), and clear the memory and cache (cookies and such). The article goes into detail on how to go about taking these steps.
This article relates to both our chapters this week in regards to cell phones and their internet connections, and the potential problems that can occur. I personally own a Blackberry and I must admit that I don’t take any of these precautions. They seem to be a bit much, but if there is important data stored in your phone, then these steps are necessary. The only precaution I have taken is to change all the names in my address book so they don’t read generic terms like “mom” or “home.” But that makes me wonder if when I happen to need assistance, how would the person who is trying to help me know who to call as an emergency contact?
Reference:
Sarrel, Matthew D. (2009). Smartphone Security Measures. Retrieved April 21, 2009,
from PC magazine.
Website: http://www.pcmag.com/article2/0,2817,2339121,00.asp
Tuesday, April 21, 2009
Stolen Laptop at the VA
1) The stolen laptop from the Department of Veterans Affairs reveals a number of security weaknesses in the agency’s system. Given that the VA is responsible for dispensing federal benefits like healthcare, pension, and disability to veterans, most of the information this agency deals with is personal, and thus inherently calls for high security. This is not the case, however. One of the major security problems that lead to a laptop that contains private data to be stolen includes poor supervision. The data analyst who took this laptop with him to his house to work from there had not told his supervisor about his actions. Furthermore, this employee had taken laptops home with him several times before, unbeknownst to his supervisor. This points to a significant problem, namely poor supervision. The analyst had reported the burglary incident to his supervisors, but those supervisors failed to tell the inspector general’s office. The inspector general became aware of the issue as a result of office gossip. Furthermore, the agency did not report the incident to law enforcement until two weeks after it found out about it. Even the FBI stated that if it had received the notice earlier, it would have been more efficient in identifying the culprit(s). Thus, there is a clear gap in communication within and among departments and agencies. Another problem deals with the lack of security on the laptop itself. The data is not encrypted and may be easily accessed by people who know what they are doing.
2) The management and organization problems deal with poor supervisors who are not aware of their employees’ actions, and who do not communicate well within their department. This is evident when it was later discovered that the data analyst who took the laptop home with him had actually done so multiple times before, without letting his supervisors know. It was decided that the data analyst did nothing illegal, but just the fact that the supervisors are not aware of what is going on around them shows that something is missing in their authority. Furthermore, after finding out from the employee about the burglary, they failed to notify the inspector general, thus elongating and worsening the process of protecting veterans’ private information. This lack of communication is a major contributor to the problem. Technology factors that contribute to the weakness revolve around the lack of encryption of the data on the laptop. It is potentially easily access to someone who knows what he is doing.
4) In order to prevent these problems, the laptops should not be allowed to be removed from work property. They should, in fact, be stored in a secure area that is not accessible to just anyone. Supervisors should assert their authority and ascertain that employees are not taking these laptops home or off work grounds. They should also make an effort to stay in the loop and remain cognizant of all occurrences around them. Another side to that is the necessity for them to be able to communicate with those above them and within other departments. Without communication, they will not be efficient. Monthly meetings would be a great start to keep the connections going. There should be a rule stating that incidents such as these should be reported immediately to higher authorities. Lastly, (rather firstly, for this is the most basic and important way to hinder any unwanted access in the data) the laptops should all be locked and encrypted so that even if they are stolen, it would be nearly impossible to make sense of what is discovered.
2) The management and organization problems deal with poor supervisors who are not aware of their employees’ actions, and who do not communicate well within their department. This is evident when it was later discovered that the data analyst who took the laptop home with him had actually done so multiple times before, without letting his supervisors know. It was decided that the data analyst did nothing illegal, but just the fact that the supervisors are not aware of what is going on around them shows that something is missing in their authority. Furthermore, after finding out from the employee about the burglary, they failed to notify the inspector general, thus elongating and worsening the process of protecting veterans’ private information. This lack of communication is a major contributor to the problem. Technology factors that contribute to the weakness revolve around the lack of encryption of the data on the laptop. It is potentially easily access to someone who knows what he is doing.
4) In order to prevent these problems, the laptops should not be allowed to be removed from work property. They should, in fact, be stored in a secure area that is not accessible to just anyone. Supervisors should assert their authority and ascertain that employees are not taking these laptops home or off work grounds. They should also make an effort to stay in the loop and remain cognizant of all occurrences around them. Another side to that is the necessity for them to be able to communicate with those above them and within other departments. Without communication, they will not be efficient. Monthly meetings would be a great start to keep the connections going. There should be a rule stating that incidents such as these should be reported immediately to higher authorities. Lastly, (rather firstly, for this is the most basic and important way to hinder any unwanted access in the data) the laptops should all be locked and encrypted so that even if they are stolen, it would be nearly impossible to make sense of what is discovered.
Friday, April 17, 2009
Merrill Lynch IT
1) One of the most crucial aspects to Merrill Lynch’s operational success is its information technology infrastructure. It is this business intelligence that has allowed for Merrill Lynch to become a worldwide leader in financial management and advisory services, consequently climbing to record net earnings of $5.1 billion. This IT infrastructure, however, required modernization in order to keep the firm competitive. Thus, Merrill Lynch had to make a decision about its legacy computers and applications. In order to remain competitive, it desired to maintain internet-based applications to provide its customers access to their portfolios, as well as access to tools to work with those portfolios. Its applications did not use mainframe-based software, so the challenge became to find an application that would leverage the processing power and wealth of data simultaneously in its mainframe. Therefore, it chose to follow different applications to provide its customers with what they require in a more competitive fashion in this ever-changing world of information technology. In essence, Merrill Lynch realized that its IT infrastructure needed to be updated to modern standards.
2) Information technology is one of the most important resources of success for Merrill Lynch. Its strategic asset is its IBM mainframe installation, which is one of the largest in the world. It runs about 23,000 programs to process daily online transactions in the order of 80 million for its customers. This IT infrastructure provides its customers with the data they require in an efficient manner. However, that method was becoming outdated, so the head of database infrastructure for Merrill Lynch decided to try service-oriented architecture. He felt it would be easier to purchase one rather than develop one, but that failed to do well since the programmers had little experience with the technology. After a few more obstacles, Merrill Lynch turned to creating its own set of in-house proprietary tools to allow its mainframe programs and functions to be exposed to web services. XML tags are used to describe the data for the applications. SOAP allows programs running under different operators to communicate. Together, it was made possible for online applications to communicate effectively with the mainframe, thus avoiding the middleware. This service was name X4ML and it established five criteria: 1) no new programming languages to learn, 2) no new software tools; tools are accessible via a web browser, 3) a central storage directory for web services that could easily be reused, 4) web services conforming to mainframe security standards, and 5) inclusion of new web service standards to ensure future viability. These five criteria and the abolishment of the middleware show how Merrill Lynch’s web services initiative satisfied its business strategy to modernize all the while holding on to its legacy mainframe and keeping the process simple and efficient for its customer-base.
4) I think it was a smart move on behalf of Merrill Lynch to sell off its successful business initiatives. Merrill Lynch has already established itself as a highly successful firm, so it already has the attention of a vast group of competitors. Therefore, there is a guarantee demand for its tools. Furthermore, the field of information technology is incessantly changing and evolving, so this new initiative will be obsolete given a few more years. That is why it was smart of Merrill Lynch to sell off its ideas while it is successful and desired by others. This way it can make a profit and direct some of those funds towards developing even more cutting edge information technologies.
2) Information technology is one of the most important resources of success for Merrill Lynch. Its strategic asset is its IBM mainframe installation, which is one of the largest in the world. It runs about 23,000 programs to process daily online transactions in the order of 80 million for its customers. This IT infrastructure provides its customers with the data they require in an efficient manner. However, that method was becoming outdated, so the head of database infrastructure for Merrill Lynch decided to try service-oriented architecture. He felt it would be easier to purchase one rather than develop one, but that failed to do well since the programmers had little experience with the technology. After a few more obstacles, Merrill Lynch turned to creating its own set of in-house proprietary tools to allow its mainframe programs and functions to be exposed to web services. XML tags are used to describe the data for the applications. SOAP allows programs running under different operators to communicate. Together, it was made possible for online applications to communicate effectively with the mainframe, thus avoiding the middleware. This service was name X4ML and it established five criteria: 1) no new programming languages to learn, 2) no new software tools; tools are accessible via a web browser, 3) a central storage directory for web services that could easily be reused, 4) web services conforming to mainframe security standards, and 5) inclusion of new web service standards to ensure future viability. These five criteria and the abolishment of the middleware show how Merrill Lynch’s web services initiative satisfied its business strategy to modernize all the while holding on to its legacy mainframe and keeping the process simple and efficient for its customer-base.
4) I think it was a smart move on behalf of Merrill Lynch to sell off its successful business initiatives. Merrill Lynch has already established itself as a highly successful firm, so it already has the attention of a vast group of competitors. Therefore, there is a guarantee demand for its tools. Furthermore, the field of information technology is incessantly changing and evolving, so this new initiative will be obsolete given a few more years. That is why it was smart of Merrill Lynch to sell off its ideas while it is successful and desired by others. This way it can make a profit and direct some of those funds towards developing even more cutting edge information technologies.
Data Mining: The Xbox Files
This article opens with an observation that most organizations have more data than they think they do, but the users do not know how to effectively connect the dots of that data to efficiently use it. One example includes when snipers had gone on a shooting spree and had driven off afterwards. The police were told by witnesses what the car was, and that car’s license plate had been run through their system multiple times before, yet the police failed to make that connection. If they had pieced together that information, they would have been more efficient in catching those criminals. Similarly, if all organizations make the proper connections among their data, they can prove to be much more efficient.
Government agencies would significantly benefit from such data technologies since they deal with a large amount of data, but it is retailers, such as Microsoft, that utilize them to the greatest extent. In particular, Microsoft’s Xbox uses digiMine to study web activity and to map that against marketing data in order to sell more product tailored to the customers’ tastes. Xbox’s online site manager stated himself that it is important for them to be able to segment the customers to understand their behaviors in order to give them what they want. Web logs of Xbox’s online site visitors are stored in a data warehouse hosted by digiMine, whereas customers’ personal information is stored at Microsoft. Site managers in 27 different countries can initiate a data query from a web browser. digiMine will extract the relevant data (like players of Halo who read the site’s article about Star Wars: The Clone Wars and clicked on one of Xbox’s online retail partners in search of it, thus expressing interest in it) and return that informaton to the inquirer. In this way, Xbox marketers can map the data against its internal database and create email targeted offers.
Some data-mining will offer friendly interfaces for customers who research independently. For example, iPhrase uses data-mining technology to power an online search tool so that when a customer asks a question, data files are mined and only relevant information is presented to the user. This process saves $125,000 a month by letting customers conduct advanced research into companies and investment options without calling a representative for help. In an increasingly data-driven society, data mining is extremely important for helping make sense of all the information that is available. Having all the data in front of you, but not being able to make sense of it is futile. That is why data mining, and business intelligence in general, are crucial for our world, just as we have seen in Chapter 6.
Reference:
Grimes, B. (2003). Data Mining: The Xbox Files. Retrieved April 17, 2009, from PC
Magazine.
Website: http://www.pcmag.com/article2/0,2817,1118791,00.asp
Government agencies would significantly benefit from such data technologies since they deal with a large amount of data, but it is retailers, such as Microsoft, that utilize them to the greatest extent. In particular, Microsoft’s Xbox uses digiMine to study web activity and to map that against marketing data in order to sell more product tailored to the customers’ tastes. Xbox’s online site manager stated himself that it is important for them to be able to segment the customers to understand their behaviors in order to give them what they want. Web logs of Xbox’s online site visitors are stored in a data warehouse hosted by digiMine, whereas customers’ personal information is stored at Microsoft. Site managers in 27 different countries can initiate a data query from a web browser. digiMine will extract the relevant data (like players of Halo who read the site’s article about Star Wars: The Clone Wars and clicked on one of Xbox’s online retail partners in search of it, thus expressing interest in it) and return that informaton to the inquirer. In this way, Xbox marketers can map the data against its internal database and create email targeted offers.
Some data-mining will offer friendly interfaces for customers who research independently. For example, iPhrase uses data-mining technology to power an online search tool so that when a customer asks a question, data files are mined and only relevant information is presented to the user. This process saves $125,000 a month by letting customers conduct advanced research into companies and investment options without calling a representative for help. In an increasingly data-driven society, data mining is extremely important for helping make sense of all the information that is available. Having all the data in front of you, but not being able to make sense of it is futile. That is why data mining, and business intelligence in general, are crucial for our world, just as we have seen in Chapter 6.
Reference:
Grimes, B. (2003). Data Mining: The Xbox Files. Retrieved April 17, 2009, from PC
Magazine.
Website: http://www.pcmag.com/article2/0,2817,1118791,00.asp
Friday, April 10, 2009
Facebook Ethics Article
One of the topics of focus from chapter 4 revolves around ethics in the Information Age. As technology expands over the years, negative aspects directly correlated with it grow as well. For example, the more time people spend online, the more they are subject to potential predators, less socializing, and increased aggravation and depression. Dyszel’s article discusses the nature of a very popular social networking site, namely Facebook, and offers safety tips for adults in creating their personal profiles.
After establishing the prevalent belief that people basically live and breathe via Facebook, Dyszel notes one of the most common side effects of the site: humiliation. A Facebook friend will typically post something embarrassing on your wall, which automatically reaches all your contacts, including business contacts you worked so hard to earn respect from. Granted, you have to be a Facebook member to view others’ profiles, and there do exist numerous other websites that could reveal equally embarrassing information (i.e. Google), but having a Facebook profile poses a risk for one’s professional reputation. Certain points to keep in mind about Facebook include 1) it is a website designed by adolescents for adolescents, 2) it is not designed to be an effective business tool, 3) awkward situations may arise in which your boss tries to “friend” you and you can either refuse and risk a potential social headache or you can accept and risk potential humiliation, and 4) new features arise suddenly and can broadcast details about you to the world. This happened once when Facebook collected information on the shopping transactions of its members and relayed that information to others openly. Several protests and lawsuits later, that feature was taken away, but the potential for this website to collect that information and divulge it openly is worrisome.
Scams on Facebook also exist, in which people can hi-jack one of your Facebook friend’s log-in and pretend to be your friend, and either ask for money or information. The safety tip offered for this type of scenario is to be smart and ask for personal contact, such as over the phone, to verify your friend’s identification, or to just avoid the situation completely. Other scenarios involve “friends” inviting other friends to view certain videos online that require downloading, and that turns out to be infected malware. Facebook creates a comfortable atmosphere in which a person feels he knows all his friends and can trust them, and so people tend to let their guard down. Therefore, precautions must be taken.
Dyszel offers certain safety tips for dealing with Facebook. First, it is imperative to make your profile private so that only select individuals may view it. A feature exists that allows for you to select among these individuals who can view which pictures or information. Secondly, if there is a risk of professional embarrassment, do not put your business contacts in the email address you supply Facebook with when registering. Next, you can choose who is allowed to see the pictures that your friends tag you with. Finally, if a business contact wants to be your friend on Facebook, suggest connecting through another website, such as LinkedIn, to save yourself that professional embarrassment.
I think these safety tips are good, but I think the best way to avoid any problems is to not have a facebook profile at all. I don’t quite understand the need for one since the telephone and email exist for contacting people you know. Also, graduate schools and workplaces are looking into myspace and facebook accounts to get a better feel for the individual. I was certainly asked if I have either account when interviewing for my job. Thus, in my opinion, it is just easier not to have an extra weight to worry about.
Reference:
Dyszel, B.(2009).Online Safety Tips for Facebook Fogeys. Retrieved April 10, 2009,
from PC Magazine.
Website: http://www.pcmag.com/article2/0,2817,2340357,00.asp
After establishing the prevalent belief that people basically live and breathe via Facebook, Dyszel notes one of the most common side effects of the site: humiliation. A Facebook friend will typically post something embarrassing on your wall, which automatically reaches all your contacts, including business contacts you worked so hard to earn respect from. Granted, you have to be a Facebook member to view others’ profiles, and there do exist numerous other websites that could reveal equally embarrassing information (i.e. Google), but having a Facebook profile poses a risk for one’s professional reputation. Certain points to keep in mind about Facebook include 1) it is a website designed by adolescents for adolescents, 2) it is not designed to be an effective business tool, 3) awkward situations may arise in which your boss tries to “friend” you and you can either refuse and risk a potential social headache or you can accept and risk potential humiliation, and 4) new features arise suddenly and can broadcast details about you to the world. This happened once when Facebook collected information on the shopping transactions of its members and relayed that information to others openly. Several protests and lawsuits later, that feature was taken away, but the potential for this website to collect that information and divulge it openly is worrisome.
Scams on Facebook also exist, in which people can hi-jack one of your Facebook friend’s log-in and pretend to be your friend, and either ask for money or information. The safety tip offered for this type of scenario is to be smart and ask for personal contact, such as over the phone, to verify your friend’s identification, or to just avoid the situation completely. Other scenarios involve “friends” inviting other friends to view certain videos online that require downloading, and that turns out to be infected malware. Facebook creates a comfortable atmosphere in which a person feels he knows all his friends and can trust them, and so people tend to let their guard down. Therefore, precautions must be taken.
Dyszel offers certain safety tips for dealing with Facebook. First, it is imperative to make your profile private so that only select individuals may view it. A feature exists that allows for you to select among these individuals who can view which pictures or information. Secondly, if there is a risk of professional embarrassment, do not put your business contacts in the email address you supply Facebook with when registering. Next, you can choose who is allowed to see the pictures that your friends tag you with. Finally, if a business contact wants to be your friend on Facebook, suggest connecting through another website, such as LinkedIn, to save yourself that professional embarrassment.
I think these safety tips are good, but I think the best way to avoid any problems is to not have a facebook profile at all. I don’t quite understand the need for one since the telephone and email exist for contacting people you know. Also, graduate schools and workplaces are looking into myspace and facebook accounts to get a better feel for the individual. I was certainly asked if I have either account when interviewing for my job. Thus, in my opinion, it is just easier not to have an extra weight to worry about.
Reference:
Dyszel, B.(2009).Online Safety Tips for Facebook Fogeys. Retrieved April 10, 2009,
from PC Magazine.
Website: http://www.pcmag.com/article2/0,2817,2340357,00.asp
Thursday, April 9, 2009
BB vs NF - Ch.3
1) Blockbuster entered its industry of rental videos at a time when its competitors consisted largely of small, independent stores with a customer range of a few blocks. Accordingly, its business boomed, leading to the use of a custom software system for each of its 9100 stores. This software was created to simplify the rental/sale transactions utilizing an automated point-of-sale system, in which a laser scanner reads the data off the items being purchased or rented, and from the customers’ Blockbuster ID cards. This data then reaches the Blockbuster corporate computer center, where it is used by management in monitoring sales and in analyzing demographics and rental/sales patterns in each store, which in turn aids in making crucial marketing decisions. Overall, Blockbuster’s business model is based upon an in-store experience in which the customer will physically go to one of the many stores to rent or purchase a video or DVD from a wide variety of genres. This model, which emphasizes product differentiation, has proven to be quite successful for Blockbuster historically. When it was first established, it gained an excellent market share, reaching 40% of the US’ video rental market by 2004 (about $7 billion to $9 billion for rentals, $16 billion for sales). However in the wake of a new business model in its industry, Blockbuster has been taking a hit.
3) Blockbuster’s solution to its fierce competition involves adopting a new business model. It offers an online rental service, Movie Pass (a monthly subscription service for in-store customers), Game Pass (a subscription service for video games), a trading service for movies and games, and it implements a “No More Late Fees” program. It essentially chose to integrate two concepts of adapting to the changing times and providing online service, all the while adhering to its traditional service of providing in-store products. Millions of dollars were poured into developing a new information technology department for its online services, and this department was kept separate from its existing corporate offices. It adopted a strategy of cutting prices and being able to distribute products much more rapidly due to the presence of thousands of stores that Netflix does not have. Online customers are also offered coupons for in-store rentals/purchases, to further emphasize Blockbuster’s desire of melding the online and in-store experiences together. This idea is excellent, however it did not work out so well due to the significant increase in expenditures. The costs of maintaining all the stores already erect, in addition to the costs of providing its online services, all the while offering lower prices than Netflix, has proven to be very heavy of a burden for Blockbuster. Rather than trying to offer the best of both worlds, Blockbuster should narrow its focus on a specific customer niche and offer its products either traditionally for those customers who appreciate it, or it should find an innovative way to make money. Offering similar services to its competitor will not help Blockbuster get very far. It should allocate a portion of its funds for offering the technology capable of supporting the variety of genres available directly online. Perhaps they can find a way to overcome bandwidth and surpass the numerous other competitors present in the industry.
4) In 1998, Netflix Inc. introduced a new business model to the video rental industry by offering online rental services catered to those customers whose main priority is convenience. There exist no physical store locations, so all interactions take place online and via postal service. For a monthly service fee, each customer can be mailed up to three movies at a time, which can be kept for as long as desired with no late fees. The customer can mail his movie back, once finished, in a pre-stamped packaging provided by Netflix. As soon as the company receives the returned movie, the next one is mailed out. Therefore, with this model, customers have access to the same variety of genres Blockbuster offers with the added bonuses of lower costs and never having to leave their homes. This business model has proven to be very successful, reaping revenues of $522 million in 2004, with projected increases to $3 billion in the following years, as well as gains in the market share from 2% to 7%. Its success has proven Netflix to be a significant competitor for Blockbuster.
3) Blockbuster’s solution to its fierce competition involves adopting a new business model. It offers an online rental service, Movie Pass (a monthly subscription service for in-store customers), Game Pass (a subscription service for video games), a trading service for movies and games, and it implements a “No More Late Fees” program. It essentially chose to integrate two concepts of adapting to the changing times and providing online service, all the while adhering to its traditional service of providing in-store products. Millions of dollars were poured into developing a new information technology department for its online services, and this department was kept separate from its existing corporate offices. It adopted a strategy of cutting prices and being able to distribute products much more rapidly due to the presence of thousands of stores that Netflix does not have. Online customers are also offered coupons for in-store rentals/purchases, to further emphasize Blockbuster’s desire of melding the online and in-store experiences together. This idea is excellent, however it did not work out so well due to the significant increase in expenditures. The costs of maintaining all the stores already erect, in addition to the costs of providing its online services, all the while offering lower prices than Netflix, has proven to be very heavy of a burden for Blockbuster. Rather than trying to offer the best of both worlds, Blockbuster should narrow its focus on a specific customer niche and offer its products either traditionally for those customers who appreciate it, or it should find an innovative way to make money. Offering similar services to its competitor will not help Blockbuster get very far. It should allocate a portion of its funds for offering the technology capable of supporting the variety of genres available directly online. Perhaps they can find a way to overcome bandwidth and surpass the numerous other competitors present in the industry.
4) In 1998, Netflix Inc. introduced a new business model to the video rental industry by offering online rental services catered to those customers whose main priority is convenience. There exist no physical store locations, so all interactions take place online and via postal service. For a monthly service fee, each customer can be mailed up to three movies at a time, which can be kept for as long as desired with no late fees. The customer can mail his movie back, once finished, in a pre-stamped packaging provided by Netflix. As soon as the company receives the returned movie, the next one is mailed out. Therefore, with this model, customers have access to the same variety of genres Blockbuster offers with the added bonuses of lower costs and never having to leave their homes. This business model has proven to be very successful, reaping revenues of $522 million in 2004, with projected increases to $3 billion in the following years, as well as gains in the market share from 2% to 7%. Its success has proven Netflix to be a significant competitor for Blockbuster.
Subscribe to:
Posts (Atom)