Home Work Assignment 2.
Ijaz Qureshi
--
Dr. Ijaz A. Qureshi
Assistant Professor
Institute of Information Technology
National University of Sciences and Technology
Rawalpindi, Pakistan
Off: +92 51 928 0658 Ext 141
Cell: +92 344 525 3727
http://www.niit.edu.pk
IjazQ...@Cal.Berkeley.Edu
Ijaza....@gmail.com
Furqan Ali
Customers of Union Century Bank faced problem by having the bill of products they haven’t bought from Flayton Electronics on their credit cards. Union Century Bank doubts Flayton Electronics that there was some security breach in the system of Flayton Electronics that caused all this trouble. Bank contacts the Vice President (Laurie) of Flayton Electronics. Laurie tries her level best to find the culprit but she fails. Laurie informs the CEO (Brett) of Flayton Electronics. Brett called Sergie and asked to solve the problem. Brett held the top level meeting to look in all the aspects of the issue. Later Sergie declares that the problem was caused by the disabling of firewall. This was a critical issue and there were chances of Flayton Electronics to be sued.
Comments:
-The company should have good unbreakable security system.
-The company should act calmly and positively in crises.
-Company need to have good staff to handle crises situation.
-Company should not take rumors seriously and handle them positively.
-They need to maintain the record of all the access to the data.
-They have to check the working of security system regular.
(Furqan Ali Manzoor)
Discover the new Windows Vista Learn more!
farhan ur rehman
ASSIGNMENT # 2
SUBMITTED TO:
SIR.EJAZ QURESHI
SUBMITTED BY:
FARHAN UR REHMAN …………….REG#235
BIT-7
Boss, I Think Someone Stole Our Customer Data
By
Eric mcnulty
Comments:
1. After reading the case study I think Flayton Electronics lack risk
management and they have poor data security.
2. They have no backup in case of any problem. They believed in
speculations which would be very costly in times. Their CEO was not
ready for unusual condition.
3. Their customer's data was not secure and in modern era the data
security is very important because every thing relies on data. If the
data of company is not secure then any one can stole the precious
information of any company. There was same situation in the case
study.
4. Staff of Flayton Electronics was lacking digital expertise to match
with the cyber crimes.
5. Customer satisfaction should be very important for any company but
before their satisfaction the security of customer's personal data
comes.
6. One important thing that was mention in the case study is not
alerting customers right away is not the same as doing nothing. This
thinking is not right, before we disclose any thing to public we
should be sure about the integrity of the news rather then believing
on rumors.
7. Implementing policy after security breach is like closing the barn
door after the cow has escaped. Although it might seem too late but
there may be cows in the barn that u want to save. They should never
think that because it happened once it cannot happen again, because it
happened once it will likely to be happened again
References:
Books:
1) Challenges of Information Technology Management in the 21st
Century: 2000 By Mehdi Khosrowpour. ISBN 1878289845
2)Writing Information Security Policies By Scott Barman. Published 2001
Sams Publishing. ISBN 157870264X
Omer cheema
M. Omer Shoaib Cheema
Harvard Business Review:
This business review covers a very vital problem that is faced by almost all the strong organizations today i.e. Security (data) breach. This particular review is about the Flayton Electronics, which is in a crisis situation as they fear that the security of their customer database has been breached. The CEO of the company has fear of only one thing i.e. the strong relationship of the company and its customers. He fears that if the customers come to know about this situation, the trust that had been established in so many years would be destroyed. Various heads of departments have shared their opinions with the CEO and now it is up to him to decide how to proceed further? In my opinion there are two possible ways,
1. Mr. Flayton should remain quiet and let the security and law enforcement agencies do their work. But day by day the situation would worsen and might get out of control.
2. Mr. Flayton should disclose everything to the customers, this might shatter the trust of some customers but loyal customers are always loyal. But the problem is that media hype might worsen the situation and they might never establish their reputation again.
Four experts have shared their opinion regarding the matter. All of them have given contradictory opinions to the CEO. The opinions of Mr. John Philip and Mr. Jay Foley are totally opposite. The latter has advised the company to remain silent and has brought a point that 'remaining silent and doing nothing are not the same things'. This is a very valid point, as time might bring something good for the company but unfortunately such crisis situations require timely situations.
In my opinion,
1. The company should share as much information as they can with the customers because the customers are important stakeholders.
2. The company should have effective risk management mechanisms so that they should handle the crisis situations effectively and the CEO should not go running to each employee and asking for advice.
3. The company should update the customers about all the new policies, and procedures
4. The company should have effective and advanced SECURITY SYSTEMS as we have seen that security failures have strong ECONOMIC IMPACT on any organization.
5. The company should encourage employees like the 'Laurie', 'Sergie', and 'Darell' who can guide the company out of such situations and provide valuable suggestions that might be fruitful for the company , in longer run.
6. In case a security breach is detected, immediate actions should be taken to improve the system and to cover the loop wholes in the system.
Reading Assignment
Computer devices today consist of hardware and software, which are now further divided into input, output, processing and storage. A person should now take care of all these things when opting for a new system. The ever growing technological advancements and developments have offered a wide range of these hardware and software accessories. With advancement in field of IT, one is now able to perform the work of days in minutes and seconds. The hectic and heft calculations are now done in split seconds and all thanks to the growing IT sector. We have miniaturized our computers and at this stage we can proudly say that all issues like speed cost and functionality have been resolved, which seemed impossible a few years back. But here a question arises that do we really require a high-tech machine with superb specifications OR do we need some system that is able to solve our problems in time and should be able to meet all the associated constraints ? Likewise, an other point that is worth considering is that whenever we plan to bring some new computers or introduce some new technology in say our offices, we should know that what kind of systems are required in this office and what are the needs of people. For this purpose, we will have to meet with users of those systems to know that what kind of applications they want to run on those machines. If we are going to use application that involve complex calculations and some kind of simulations, then we should surely look for systems with fast processor, large storage capacities so that our targets are met easily. Operating system and other software issues are also very important when buying new systems. Cost of all software's and their up gradation is a point worth considering. And at this stage, it wouldn't be wrong to say that cost issues sometimes become the most important and critical issues.
CASE STUDY 1: CDW, Inc:
This case study is about a company that deals with selling of hardware. It is a business to business organization. This case describes how the company had to adapt to new technological changes, in order to remain somewhere in the market. Initially, VAR's were enough to support their hardware needs but later on they had to switch towards the Agent programme because of the changing technological trends.
CASE STUDY 2: Visual display for the US Army:
This case is about the US army and how they switched from the old and traditional computer systems to the latest high-tech systems. The case tells us that previously they used old 'pin' systems and computers to track down data, but as technology advanced US army built a display system that could show multiple images from a variety of inputs. The main point was that how technological advancements have helped humans no matter which field they are in.
M. Omer Shoaib Cheema
BIT-7
Faisal Zahid
1. Complete reanalysis of the security setup of the organization, generation of regular security updates and recruitment of technical expertise for the specific job that could meet and manage high risk conditions with professionalism.
2. Core positions of the organization like security and protection unit should be in the care of specialized professionals that can lead the team in streamlined way accompanied by checks and balances on each of the member of organization including the team.
3. Communication is fundamental part, which makes an organization cohesive. The important aspects must be regulated among the individuals so that everyone can understand the risks and threats to the organization. In cases of any security breach of risky case, regular meetings should be organized aiming for alternative solutions.
4. There should be a special response task force, specially assigned the job to be a problem solver in case of any vulnerability or hazard. This department could be based on the employees from different departments or separate employees could be recruited all depending on the size of organization.
5. Strong ties with different dependable banks should be maintained so that there are regular checks made on the ongoing transactions.
6. In my opinion CEO must not break the trust of the customers by not disclosing the information. Customers are the most important entity for this organization and the company was built on the foundation of trust and customer satisfaction, so it must be preserved. More over in future utmost effort should be put to provide data fortification to the customers to regain the identity that the organization had.
Reading Assignment
Computer devices are taking a strong leap towards miniaturizing and speeding the current hardware. Software on the other hand is also following the lead and more and more hardware resources are needed to run these software. But actually the most of us buy computer systems that are more than our requirement. The crux of the study is that we should have the basic know how about our application and requirement before buying a pc. E.g. Recently I did a test for rendering a 3d image; it took almost an hour to render a frame using 99% of the CPU power. In short running these simulations requires a lot of processing power but on the other hand the regular use of a word processor uses almost 10% of same systems resources.
Ijaz Ahmad Qureshi
Hello Faisal,
Good point, CEO must inform the company about the incident and the backup plan to ensure it would not happen in the future.
Ijaz
Ijaz Ahmad Qureshi
Thanks for visiting our office. I have checked your assignment. Please
ensure to add the references as discussed in the talk. You may check my
research papers published at www.IjazConsulting.com or any other source you
may feel comfortable with.
Respectfully,
Ijaz
-----Original Message-----
From: mis_niit_...@googlegroups.com
[mailto:mis_niit_...@googlegroups.com] On Behalf Of farhan ur rehman
Sent: Thursday, October 04, 2007 4:53 PM
To: mis_niit_...@googlegroups.com
Subject: NIIT_MIS_FALL_2007 Re: Home Work Assignment 2.
MIS
ASSIGNMENT # 2
SUBMITTED TO:
SIR.EJAZ QURESHI
SUBMITTED BY:
FARHAN UR REHMAN ................REG#235