"Weblog technology is an alternative medium to deliver the case-based method of learning business concepts. The social nature of this technology can potentially promote active learning and enhance analytical ability of students."
- Excert from International Journal on E-Learning by Dr. Charlie Chen
Tuesday, December 9, 2008
Tuesday, December 2, 2008
IT Security
The following is a comprehensive guide to potential threats of IT Security as well as ways from protecting from these threats. This guide was obtained from ITSecuirty.com.
The Threats
Wireless-network security isn't a single issue. Businesses need to recognize that they are fighting attacks on several fronts. Many wireless-network threats are unique to the technology, including:
- Roaming Attackers: Attackers don't have to be physically located on a business's premises in order to access data on its wireless network. Criminals use network scanners, such as NetStumbler, with a laptop or other portable device to sniff out wireless networks from a moving vehicle — an activity called "wardriving." Performing the same task while walking down a street or through a business site is called "warwalking."
- Rogue Access Points: A rouge access point is one that exists without the permission or knowledge of the wireless network's owner. Employees often install rogue access points to create hidden wireless networks that circumvent the installed security measures. Such stealth networks, while fundamentally innocuous, can create an unprotected gateway that serves as an open door to intruders.
- The Evil Twin: Sometimes referred to as WiPhishing, an evil twin is a rogue access point that hides under a nearby network's name. The Evil Twin waits for an unsuspecting user to sign into the wrong access point and then steals the individual's network data or attacks the computer.
- Network Resource Theft: Cheapskates like to get free Internet access from nearby wireless networks. Even if these individuals intend no direct harm, they still hijack network bandwidth to surf the Web and perform other online activities, draining network performance. More nefarious freeloaders will exploit the connection to send email from a company's domain or to download pirated content — exposing the host business to legal action.
Protection Methods
With wireless providing so many opportunities for attackers to enter and harm networks and business systems, it's no surprise that a wide array of security tools and techniques have arrived to help businesses secure their networks. Here are the top protection methods:
- Firewalls: A strong network firewall can effectively block intruders trying to enter a business's network via a wireless device.
- Security Standards: The first wireless-network security standard — WEP (Wired Equivalent Privacy) — was highly insecure and easily compromised. Newer specifications, such as WPA (Wifi Protected Access), WPA2 and IEEE 802.11i are much stronger security tools. Businesses with wireless networks should take full advantage of a least one of these technologies.
- Encryption and Authentication: WPA, WPA2 and IEEE 802.11i supply built-in advanced encryption and authentication technologies. WPA2 and 802.11i both support AES (Advanced Encryption Standard), the specification used by many U.S. government agencies.
- Vulnerability Scanning: Many attackers use network scanners that actively send messages to probe nearby access points for information, such as SSID (service set identifier) and MAC (machine access code) names and numbers. Businesses can use this same approach to uncover attacker-exploitable weaknesses in their wireless network, such as unsecured access points.
- Lower the Power: Some wireless routers and access points allow users to lower the transmitter's power, reducing the device's coverage range. This is a useful way of limiting access to on-site users. Careful antenna positioning and placement can also help keep signals from "bleeding" into off-site locations.
- Education: All employees should be trained in the proper use of wireless devices and instructed to report any unusual or suspicious activities they detect.
The Threats
Wireless-network security isn't a single issue. Businesses need to recognize that they are fighting attacks on several fronts. Many wireless-network threats are unique to the technology, including:
- Roaming Attackers: Attackers don't have to be physically located on a business's premises in order to access data on its wireless network. Criminals use network scanners, such as NetStumbler, with a laptop or other portable device to sniff out wireless networks from a moving vehicle — an activity called "wardriving." Performing the same task while walking down a street or through a business site is called "warwalking."
- Rogue Access Points: A rouge access point is one that exists without the permission or knowledge of the wireless network's owner. Employees often install rogue access points to create hidden wireless networks that circumvent the installed security measures. Such stealth networks, while fundamentally innocuous, can create an unprotected gateway that serves as an open door to intruders.
- The Evil Twin: Sometimes referred to as WiPhishing, an evil twin is a rogue access point that hides under a nearby network's name. The Evil Twin waits for an unsuspecting user to sign into the wrong access point and then steals the individual's network data or attacks the computer.
- Network Resource Theft: Cheapskates like to get free Internet access from nearby wireless networks. Even if these individuals intend no direct harm, they still hijack network bandwidth to surf the Web and perform other online activities, draining network performance. More nefarious freeloaders will exploit the connection to send email from a company's domain or to download pirated content — exposing the host business to legal action.
Protection Methods
With wireless providing so many opportunities for attackers to enter and harm networks and business systems, it's no surprise that a wide array of security tools and techniques have arrived to help businesses secure their networks. Here are the top protection methods:
- Firewalls: A strong network firewall can effectively block intruders trying to enter a business's network via a wireless device.
- Security Standards: The first wireless-network security standard — WEP (Wired Equivalent Privacy) — was highly insecure and easily compromised. Newer specifications, such as WPA (Wifi Protected Access), WPA2 and IEEE 802.11i are much stronger security tools. Businesses with wireless networks should take full advantage of a least one of these technologies.
- Encryption and Authentication: WPA, WPA2 and IEEE 802.11i supply built-in advanced encryption and authentication technologies. WPA2 and 802.11i both support AES (Advanced Encryption Standard), the specification used by many U.S. government agencies.
- Vulnerability Scanning: Many attackers use network scanners that actively send messages to probe nearby access points for information, such as SSID (service set identifier) and MAC (machine access code) names and numbers. Businesses can use this same approach to uncover attacker-exploitable weaknesses in their wireless network, such as unsecured access points.
- Lower the Power: Some wireless routers and access points allow users to lower the transmitter's power, reducing the device's coverage range. This is a useful way of limiting access to on-site users. Careful antenna positioning and placement can also help keep signals from "bleeding" into off-site locations.
- Education: All employees should be trained in the proper use of wireless devices and instructed to report any unusual or suspicious activities they detect.
Monday, October 27, 2008
Overview of Chapter 11 Section 1
This sections discusses the concepts, benefits, and framework of Business Intelligence (BI).
Business Intelligence - is an umbrella term that combines architectures, tools, databases, applications, and methodologies.
- Major objective is to enable interactive acess to data, enable manipulation of these data, and
to provide business managers and anlaysts the ability to conduct appropriate analysis.
Major Components of Business Intelligence:
- Data Warehousing - Special database, or repository of data, that has been prepared to support decision-making applications, ranging from simple reporting and querying to complex optimization.
- Business Analytics - Software tools for users to create on-demand reports and queries and anlayze data
- Variety of of BI's Tools and Techniques:
- Reporting and Queries
- Advanced Analytics
- Data, Text, and Web Mining
- Business Performance Management -based on the balanced scorecard methodology, which is a framework for defining, implementing, and managing and enterprise's business startegy by linking objectives with factual measures.
- User Interface: Dashboards and Other Information Broadcasting Tools - organize and present information in a way that is easy to read. They present sorporate performance measures, trends, and expectations.
- Visualization Tools - Many visualization tools ranging from multidimensional cube
presentations to virtual reality are integral parts of BI systems.
- Figure 11.1
Montra for modern approaches to business intelligence "Managers need the right information at the right time and in the right place to work smart."
Teradata Advanced Analytics Methodology - BI applications are supported by advanced analytics techniques and tools. The methodology is a cycical process that circles the entreprise data warehousing. Figure 11.2
Business Intelligence - is an umbrella term that combines architectures, tools, databases, applications, and methodologies.
- Major objective is to enable interactive acess to data, enable manipulation of these data, and
to provide business managers and anlaysts the ability to conduct appropriate analysis.
Major Components of Business Intelligence:
- Data Warehousing - Special database, or repository of data, that has been prepared to support decision-making applications, ranging from simple reporting and querying to complex optimization.
- Business Analytics - Software tools for users to create on-demand reports and queries and anlayze data
- Variety of of BI's Tools and Techniques:
- Reporting and Queries
- Advanced Analytics
- Data, Text, and Web Mining
- Business Performance Management -based on the balanced scorecard methodology, which is a framework for defining, implementing, and managing and enterprise's business startegy by linking objectives with factual measures.
- User Interface: Dashboards and Other Information Broadcasting Tools - organize and present information in a way that is easy to read. They present sorporate performance measures, trends, and expectations.
- Visualization Tools - Many visualization tools ranging from multidimensional cube
presentations to virtual reality are integral parts of BI systems.
- Figure 11.1
Montra for modern approaches to business intelligence "Managers need the right information at the right time and in the right place to work smart."
Teradata Advanced Analytics Methodology - BI applications are supported by advanced analytics techniques and tools. The methodology is a cycical process that circles the entreprise data warehousing. Figure 11.2
Tuesday, October 21, 2008
Overview of Chapter 10 Section 2
This sections concentrates on Organizational Learning and Memory.
- When members of an organization collaborate and communicate ideas, teach and learn,
knowledge is transformed and transferred from individual to individual
The Learning Organization - refers to an organizations capability of learning from its past experience.
- To build a learning organization, three critical issues mist be tackled:
- Meaning - determining a vision of what the learning organization is to be
- Management - determining how the firm is to work
- Measurement - assessing the rate and level of learning
A learning organization is one that performs five main activities well: systematic problem solving, creative experimentation, learning from past experience, learning from the best practices of others, and transferring knowledge quickly and efficiently throughout the organization.
Organizational Memory - a means to save, represent, and share its knowledge.
- Generally believed that 10 to 20 percent of business data is actually used
Organizational Learning - is the development of new knowledge and insights that have the potential to influence an organization's behavior. Its occurs when associations, cognitive systems, and memories are shared by members of an organization.
- Learning skills include: Openness to new perspectives, Awareness of personal biases,
Exposure to unfilitered data, and a send of humility
Organizational Culture is the pattern of shared basic assumptions of the organization.
Pg. 396 Chart of Reasons why people do not like to share information.
- When members of an organization collaborate and communicate ideas, teach and learn,
knowledge is transformed and transferred from individual to individual
The Learning Organization - refers to an organizations capability of learning from its past experience.
- To build a learning organization, three critical issues mist be tackled:
- Meaning - determining a vision of what the learning organization is to be
- Management - determining how the firm is to work
- Measurement - assessing the rate and level of learning
A learning organization is one that performs five main activities well: systematic problem solving, creative experimentation, learning from past experience, learning from the best practices of others, and transferring knowledge quickly and efficiently throughout the organization.
Organizational Memory - a means to save, represent, and share its knowledge.
- Generally believed that 10 to 20 percent of business data is actually used
Organizational Learning - is the development of new knowledge and insights that have the potential to influence an organization's behavior. Its occurs when associations, cognitive systems, and memories are shared by members of an organization.
- Learning skills include: Openness to new perspectives, Awareness of personal biases,
Exposure to unfilitered data, and a send of humility
Organizational Culture is the pattern of shared basic assumptions of the organization.
Pg. 396 Chart of Reasons why people do not like to share information.
Tuesday, October 14, 2008
Overview of Chapter 9 Section 2
This section highlights Interorganizational Information Systems and Virtual Corporations.
Intergorganizational Information systems (IOS) – involves information flow among two or more organizations. Its Major objectives are efficient processing of transactions, such as transmitting orders, bills, and payments, and to support collaboration and communication.
- Can be Local or Global
- Can be Dedicated to only one activity or intended to support several activities
- Interorganizational systems have developed in direct response to two business pressures:
- the desire to reduce costs
- and the need to improve the effectiveness and timeliness of business partners.
- When IOS’s use telecommunications companies for communication, they may employ Value Added Networks (VANs)
- Value-Added Networks – are private, third-party networks that can be tailored to specific business needs.
Virtual Corporation (VC) – is an organization composed of two or more business partners, in different locations, sharing costs and resources for the purpose of producing a product or service.
- Can be temporary, with one time purpose, or permanent
- The modern VC can be viewed as a network of creative people, resources, and ideas connected via online services and/or the Internet.
Types of Interorganizational Information Systems:
- B2B Trading Systems – These systems are designed to facilitate trading between business partners. The partners can be in the same or different countries.
- B2B Support Systems – These are nontrading systems such as hubs, directories, and other services.
- Global Systems – Global information systems connect two or more companies in two or more countries. The airline reservations system SABRE is an example of a huge global system.
- Electronic funds transfer (EFT) – Telecommunications networks transfer money among financial institutions.
- Groupware – Groupware technologies facilitate communication and collaboration between and among organizations. These include transmission system that can be used to deliver electronic mail and fax documents between organizations.
- Shared databases – Trading partners sometimes share databases and other information in order to reduce time in communicating information between parties and to arrange cooperative activities.
Four Major IOS Infrastructure Technologies:
- Electronic data Interchange (EDI) – The electronic movement of business documents between business partners. EDI runs on VANs, but can be Internet-based, in which case it is known as EDI/Internet.
- Extranets – Extended intranets that link business partners.
- XML – An emerging B2B standard, promoted as a companion or even a replacement for EDI systems
- Web Services – The emerging technology for integrating B2B and intrabusiness applications.
Intergorganizational Information systems (IOS) – involves information flow among two or more organizations. Its Major objectives are efficient processing of transactions, such as transmitting orders, bills, and payments, and to support collaboration and communication.
- Can be Local or Global
- Can be Dedicated to only one activity or intended to support several activities
- Interorganizational systems have developed in direct response to two business pressures:
- the desire to reduce costs
- and the need to improve the effectiveness and timeliness of business partners.
- When IOS’s use telecommunications companies for communication, they may employ Value Added Networks (VANs)
- Value-Added Networks – are private, third-party networks that can be tailored to specific business needs.
Virtual Corporation (VC) – is an organization composed of two or more business partners, in different locations, sharing costs and resources for the purpose of producing a product or service.
- Can be temporary, with one time purpose, or permanent
- The modern VC can be viewed as a network of creative people, resources, and ideas connected via online services and/or the Internet.
Types of Interorganizational Information Systems:
- B2B Trading Systems – These systems are designed to facilitate trading between business partners. The partners can be in the same or different countries.
- B2B Support Systems – These are nontrading systems such as hubs, directories, and other services.
- Global Systems – Global information systems connect two or more companies in two or more countries. The airline reservations system SABRE is an example of a huge global system.
- Electronic funds transfer (EFT) – Telecommunications networks transfer money among financial institutions.
- Groupware – Groupware technologies facilitate communication and collaboration between and among organizations. These include transmission system that can be used to deliver electronic mail and fax documents between organizations.
- Shared databases – Trading partners sometimes share databases and other information in order to reduce time in communicating information between parties and to arrange cooperative activities.
Four Major IOS Infrastructure Technologies:
- Electronic data Interchange (EDI) – The electronic movement of business documents between business partners. EDI runs on VANs, but can be Internet-based, in which case it is known as EDI/Internet.
- Extranets – Extended intranets that link business partners.
- XML – An emerging B2B standard, promoted as a companion or even a replacement for EDI systems
- Web Services – The emerging technology for integrating B2B and intrabusiness applications.
Subscribe to:
Posts (Atom)
