Strategic information management

Strategic information management

Introduction

Information technology involves the employment of computers for the purpose of storing, retrieving manipulating and transferring data in the context institutions such as enterprises. Other data distribution technologies such as smartphones, recording equipment or televisions which are part of the user peripherals, software and devices are included. Information technology encompasses several stratums of management and virtualization tools, hardware (physical equipment), application (software) and operation systems all for the performance of crucial functions. In the academic perspective, information technology is useful up the delivery of information required for education purposes and therefore, improving the education environment. This technology though used to achieve the various specific academic objectives, it does come at a cost such as high data charges. Ample educational resources can be accessed via the technology where the material can be exchanged between students and teachers. Boundaries are broken in information access to students absent in class. It allows individuals have an opportunity to learn full time and with the speed of information transfer, there is instantaneous access to information. The technology allows group learning for instance through academic forums, text chatting and videos where issues are discussed and may include individuals from the same school or various schools all over the world. Long distance learning is also enabled by the information technology with entails provision of programs and courses online to students who may not be in a position for face- to- face contact with an instructor in a class. For information technology, its productive use does not mean entirely using it exclusively for assisting sluggish students to catch up or engage quick achievers. It is purposed for making classrooms as student- centered while the teachers become coaches and guides.

Case 1

Introduction

LMS can be used to measure and integrate coursework by using reporting and measurement tools of the LMS. LMS focus on appropriate training. Those providing LMS should ensure they create more user- friendly systems, relate other enterprise material management systems for learning experiences delivery and improvise personalized learning among others. Good results can be achieved after integrating the technological tools to individuals with little knowledge on how to handle the tools. With the information technology the teachers can easily record lectures and elaborate in class, it allows easy survey of students during class and enables embedment of diagrams and videos adding on the text lecture content.

1. Learning Management System (LMS) is comprehended to be a software application used for the purposes of administration, documentation, tracking, reporting as well as delivery of technological programs or courses of electronic educational state. The systems vary from those of overseeing educational and training courses to software aimed for the distribution of online courses across the internet alongside online collaboration features. In simpler terms it is a framework of handling all learning processes aspects. In the process of decision management there are strategies that should be exercised so as to motivate students and faculty members in using the newly implemented LMS(Jose, 2008). A key to success point is to look at them intended individuals as customers one needs to sell a solution to which includes approaches such as evaluating the habitual behavior of the learners and launching an initiative on communication campaign that concentrates on the venture. Evaluating their habitual behavior focuses on boosting their engagement and offering the elite possible experience through posing the appropriate questions such as the type of tools likely to initiate their interest or whether they use professional or public social networks among others. The communication campaign would be more of a promotional one for launching the event and convincing future users on the new platform’s benefits to everyone. The human resource staff would also be trained as they would participate in a prescriptive function to individuals with queries. In terms of efficacy, LMS has enabled the organization and regulation of administrative tasks, supporting of students and teachers in the course of learning and teaching and informing parents on the performances of their children in school.
2. Apart from technical issues and lack of proper training, there may be other reasons for the rejection of LMS on its initial launch such as wrong expectations, the choice of a complicated system, purchase of a wrong LMS, not having futuristic vision while selecting an LMS and reoccurring and hidden costs . Lack of proper training presents itself as the major reason in comparison to technical issues that resulted in the initial rejection of LMS when it was first launched. Cases of inefficiency and increased unnecessary costs are associated with lack of training to individuals in an institution. The training is assumed to be pushed to consumers in a consistent design with the subject being determined professionals and delivered to users formally (Payne, 2009). On the contrary, learning is assumed to be user- specific and comprises of obtaining and using information meeting the sole needs of the user. One of the problem related to poor training is the difficulty to use LMS that results to failure in adapting to a user’s learning needs. Its complexity presents challenges to an untrained user.

Conclusion

The inability of LMS to easily measure and integrate coursework residing in external content sources is also related to poor training in addition to limited reporting and measurement tools of the LMS. In implementing of an LMS in the future, one can focus on the raised issues related to poor training so as to ensure the training offered is appropriate. For instance, the LMS providers should ensure they create more user- friendly systems, relate other enterprise material management systems for more learning experiences delivery and improvise personalized learning among others. When comparing teaching and learning with information technology and that without, by far the academic processes that engages technology deepens the process for instance, by supporting the learning on instructional objectives. It might be challenging especially, in integrating the technological tools and to individuals with less knowledge on how to handle the tools. With the information technology the teachers can easily record lectures and elaborate in class, it allows easy survey of students during class and enables embedment of diagrams and videos adding on the text lecture content.

Case 2

Introduction

Any data should be protected from unauthorized access, use disruption or any kind of modification .The main goal of information security is to ensure that there is confidence, integrity of data. Information security is aimed to ensure that the computer system withstands any pressure such hacking, malicious logics. In other words is the direction taken by the people working at security audit and must assess the risks related to computer system.

The LMS software application is used to better education through its improvements on the administration, documentation and delivery of courses in educational institutional.

For data protection and system security issues, an institution should put up preventive measure to deal with the rising cases of data breach and identity theft. This may include installing anti- viruses and anti- spyware, firewalls, frequent updates on browsers and software and considering encryption among others. This would help the business avoid cases of law suits and loosing huge amounts of money in the process of compensating victims of data breach. It would also help an organization avoid cases of losing their confidentiality which would take long time to fix. Pod slurping which is a rising breach case should be dealt with appropriately. Limiting the access to information of confidential nature and carrying out a security audit to guarantee that a third party cannot duplicate passwords would be other measures to ensure data security. An organization should avoid corruption of data by faulty disks, data damage from a system’s crash and data loss by accidental deletion caused by virus among other causes of data loss.

1. Data security involves keeping data safe and trying to avoid key threats such as damage or loss in case a system crashes, corruption due to faulty disks or power failure, loss through accidental deletion by viruses in the computer, hacking by unauthorized individuals, deletion or alteration by employees for selfish gains or being destroyed by terrorism acts and natural disasters. Some of the most recently breached data examples in organization are comprised in sectors such as the health, military, banking and educational sector among others. Data masking is a data security technology where structured data is obscured in database tables or cells to ensure no exposure of sensitive information to unauthorized individuals (Wayleith, 2008). Data erasure does also ensure security where software overwrites completely destroying electronic data that resides on digital media hence ensuring no leakage of sensitive data occurs in the course of reusing an asset. Most of the stolen data which also includes financial information and personal records is sold within days in the black market. The high- end information breach criminals are viewed to step up their game bringing a challenge to counterbalancing their effects. With stolen identities, identity thieves can purchase using stolen credit cards or prowl for social security, medical identification and driver’s license numbers among others.

Some of the effects of data and identity theft on an organization are intense. There is an act that exposes a business that has lost consumer or employee information resulting to lawsuits and fines on the business in addition to the responsibility for actual financial loss by the victim.  The breach also results to lack of confidentiality on the business affecting its long- term expectations, where for instance, some customers end their relationship with the business and the affected ones plans to no longer be a partner. The business also uses huge amounts of money in cleaning up after a data breach.

2. Pod slurping is perceived to be the deed where a portable information storage mechanism for instance , an iPod digital audio player is illicitly used to download considerable amounts of data that is confidential. This is done by plugging the portable device directly into a computer that holds the data which is likely to be in firewall. Pod slurping is one of the recent mostly used in breaching data. The users illegally use programs such as slurp.exe that makes it simpler to look for the significant directories for distinctive business documents on a computer system in Excel or Word format. This program has the capability of copying data ranging to 100 MB within minutes with the downloaded information ready for analyzing and possibly purchasing. For example, an employee can retaliate may be for lack of salary increase by accessing the server of the human resource department, copy the spreadsheet in Excel and to an extent email the copies to all company employees. To mitigate effects that may be brought as a result of pod slurping, the organization can put up preventive measures. They include, implementing firewalls, Intrusion Prevention Systems (IPSes) and antivirus. In case of a crash due to disgruntled employees, the organization might consider the restriction of access to a computer’s system USB port(s) and implementation and enforcement of polices relate to USB port usage. Large organizations might consider encryption in dealing with identity theft, install anti- spyware in computers and keep updating browsers and software and educating employees on scams used by individuals breaching data and identity thieves.

Conclusion

For data protection and system security issues, an institution should put up preventive measure to deal with the rising cases of data breach and identity theft. This may include installing anti- viruses and anti- spyware, firewalls, frequent updates on browsers and software and considering encryption among others. This would help the business avoid cases of law suits and loosing huge amounts of money in the process of compensating victims of data breach. It would also help an organization avoid cases of losing their confidentiality which would take long time to fix. Pod slurping which is a rising breach case should be dealt with appropriately. Limiting the access to information of confidential nature and carrying out a security audit to guarantee that a third party cannot duplicate passwords would be other measures to ensure data security. An organization should avoid corruption of data by faulty disks, data damage from a system’s crash and data loss by accidental deletion caused by virus among other causes of data loss. It should ensure its data security is of high standards to avoid data breach especially in sensitive sectors such as the financial sector. In addition to data masking and data erasure as data security technologies backing up is another way that warrants data retrieval from another source in case it is lost. Security solutions that are software- based encrypt information so as to shield it from being stolen though it is prone to hacking. Hardware- based ones have a capability of preventing write and read access to information and therefore proves to provide strong defense against unauthorized access. Disk encryption has been seen to offer security to information technology that entails encryption of data on drives of hard disks in software or hardware form. The LMS software application has been viewed to better education through its improvements on the administration, documentation and delivery of courses in educational institutional. However, inadequate knowledge on how to operate the software accompanied by technical difficulties could lead to its inefficiency in times of added costs and time consumption. Training to users as well as coming up with more user- friendly systems improves on the system’s delivery of the intended functions.

SECTION B:  INDIVIDUAL WORK.

An ethical issue is a situation or setback that necessitates an individual or institution to decide between alternatives which must be appraised as wrong also termed as unethical or right which are ethical. An ethical issue unlike a moral issue requires planning and a great deal of thought in figuring a solution out and it initiates systems of principles and morality into conflict. In this case, the ethical issues tend to be more open and subjective to interpretation and opinions unlike most conflicts which can be argued by objective truth and facts. The common goal is to facilitate individuals to live good lives. As amply as this information technology is of importance to people’s lives, it faces ethical problems which stimulates the delinquents exploit information technology consumers by use of lope holes in the technologies. Some of them include, plagiarism, hacking, computer crime, viruses, ethical dilemmas, ergonomics, digital divide and vendor- client issues among others. Plagiarism is an issue where other people’s work is copied but the designer claims it to be his or hers. Hacking is a process that involves breaking into a system without authorization. Computer crimes are of various varieties such as embezzlement and fraud. Spreading of viruses to computers issues and ergonomics related to information technology such as not having frequent breaks from using the computer. Digital divide is a situation where we have individuals who can access a computer while others cannot. Vendor- client related issues highlights on the link between the supplier of the information technology tools and the consumer for instance in cases such as system specifications.

Case 3

Introduction

To curb the issue off data insecurity efforts must be made by those working as technicians in the information technology sector so as    to minimize and the ethical issues in the information technology. One of the major issues they should focus on is that of addressing ethical dilemmas related to information technology. They should agree on what should and should not be aspects of information technology ethical issues. For instance, will there be an improvement or deterioration of individual’s lives with genetic engineering. In issues such as hacking, the technicians should use reformed hackers to help them determine if their systems and programs can withstand high hacking levels. For instance, a hacker whose aim is to damage a system cannot be able to accomplish the mission with no understanding of how it works. Piracy which is a copyright infringement should be dealt with by using codes to protect the work. The challenge of viruses being transferred to the information technology tools such as computer can be handled by use of anti- viruses and therefore preventing cases of system crash.

1. Desktop publishing in copying an official document should be dealt with by upgrading the system’s security. The level of computer speed can in themselves initiate ethical challenges. It can permit individuals to engage in unethical matters for example, browsing through unauthorized files. In relation to vendor- client issue, for instance where there a purchase of a program, contracts should be involved. Technicians themselves as individuals should make it a point to be up to date with new ways of hacking a system so as to try and reduce the effects that would be brought about by hacking if not detected early.

2.A copyright infringement policy is as form of legal fortification of intellectual property that is provided in the laws of a state and pertains to all kinds of media including print and digital media. For the case of digital copyright, in case of a copyright violation the accessing institution is blocked from accessing the material being infringed (Fishman, 2007). To detect an infringement, the copyright owner’s representatives for instance, the recording industry representatives perform a scan. They frequently scan locations such as in file sharing in the internet and when an infringement is discovered, a violation warning is sent to the network owner with the breach. The content of the warning comprises of information which can be utilized for the identification of the offending computer’s network location. The network found to violate the rights is expected to disable their computer from accessing the infringing content to avoid network disconnection. A software license is a legal contract that governs the redistribution or handling of software and is copyright protected. A software owner has explicit rights in the usage of the software even when it necessitates creating incidental copies. A software licensed user however, who is not the owner is limited on the rights of the software for instance on the distribution terms or the extent of installations permitted. In the case presented therefore, the technician is right in refusing to install the computer program without the right licensing as it is an illegal act. In case the company is charged for infringing the software licensing agreement, the boss being superior who also has knowledge about the violation has a legal responsibility.

3. The software license agreement is a contract between a purchaser and a licensor and indeed does authorize a software programs’ conditions of terms usage as outlined by the publisher of the software or the copyright owner. It is also true that the licensor of the software may possess all the software rights or may possibly have approval from the owner to go into license contracts with others. When an individual purchases a software it does not mean ownership of the software but rather, acquisition of the right to software usage under particular restrictions that are imposed by the software publisher (Yang & Levy, 2007). Detailed rules are outlined in the license of the software and they necessitate adherence. For example, most software licenses state that the software purchaser is only allowed to install the software in one computer and create a single backup copy. Any further distribution to other individuals such as duplicating to co- workers would be a violation of the contract. Most contracts are in the digital form where they are offered to the in form of a click- through that must be accepted. The agreement is then viewed by the user after purchase has taken place. Evidence of the purchase such as purchase orders, receipt or identical documentation should be maintained by the purchaser as it may be mandated in the course of an audit.

Conclusion

For the smooth running of a business, the ethical issues should be clearly outline and differentiated from non- ethical issues. Through such a process, the parties involved are at a position to engage in their activities without fear of messing up or violating laws. Issues such as plagiarism, hacking, vendor related issues among others should be handled by the technicians to warrant that the loop holes in the information technology sector are done with and mitigates the negative impact that accompanies it. There are various kinds of license contracts and licenses as well as different terms of describing licenses by the vendors. Individuals should ensure they understand the kind of software licenses since the rules are contained in the contracts so as to avoid violations that would result in disconnection from the internet. The contract detail and their terms are described by the vendor.

Case 4

Introduction

Trust just like in face- to- face interactions is necessary in e- commerce activities where purchases occur between the vendors and clients. One of the many considerations customers consider when considering on the company to work with is trust which touches on their privacy. For the company, their website is the absolute location to create an impression to customers where they need to assure the customers that the company can be trusted with their information (Altshuler, 2013). When the customers visit your site they should be able to be convinced that practices of privacy management are of high standards that measure up to those of TRUSTed websites.

1. This websites go by proven and comprehensive multi- step procedures to warrant the privacy practices do meet the applicable industry and regulatory standards (Thatcher, 2006). They include, data discovery and collection, scanning tools for digital property, gap analysis and report on privacy findings, validation of privacy statement, certification of the privacy seal, letter of attestation provision, resolution service of privacy dispute and privacy monitoring and guidance. It is ethical for the company to devote a separate website such as the TRUSTed in order to protect their consumer’s privacy. The website improves compliance by reducing legal risks related to meeting intricate requirements of information privacy management. It also protects the brand from undesirable media coverage and build trusts with clients through a demonstration of the company’s commitment in data protection. Additionally, it enables the maximization to resources through saving expenses and time accompanied by hiring additional operations and legal resources in the management of privacy practices. The trustmark however, has received critics asserting that they have attested in practice virtually worthless in a situation where privacy breaches are still taking place. Websites of all kinds are at risk of being compromised with majority security breaches not necessarily aimed at stealing data but instead includes attempts of using the server merely as the email relay for purposes of spam. It may also entail attempts to serve illegal files or use the server to create a web server temporarily.
2. There are various ways through which Smart Toys Company can secure its website. Frequently updating the software is a vital security technique that ensures no loop holes are left that hackers might use (Vaidya, Zhu & Clifton, 2006). Using a typical Transact SQL enables an individual to inject codes into their query that may be employed for various functions and secures the site. Ensure that both the server and browser sides are validated since failure to do so could result in insertion of malicious code in the database. Passwords especially those of complex nature should be used for websites to protect accounts’ security. The passwords should be reserved in form of encrypted values which helps in limiting the damage o hacking. Use web servers that are default to prevent users from having the capability of executing any file they upload that may alter the website security. The company can use an SSL protocol that offers internet for instance in cases where personal information is passed between servers. Limiting the access of FTP to particular IP addresses as well as using bug fixes on the website would provide security. The company should be thorough in the process of filtering scripts being installed and shared within their software to avoid cases such as a hacker gaining access on a running subpage which serves as an opening for the shopping cart. Putting the TRUSTed trademark on the company would ensure the customer’s personal information is secure as it ensures a secure flow of information and toughens up the access to data.
3. E-commerce is a process of selling and buying of commodities over the electronic systems for instance, the internet and regarded generally as commercial purpose of eBusiness and sales. Some of the commerce activities include, management of supply chain, internet marketing and electronic transfer of funds among others. Some of the technical tools addressing the issue of on e- commerce include privacy, integrity and authentication as well as technical and non- technical attacks. With the increasing cases of identity theft and hacking, privacy has developed to a main concern for users which diminishes a consumer’s loyalty and willingness to give truthful information (Scott, 2005). Client non-repudiation and authentication as well as data integrity are critical aspects in the triumph of e- commerce. Data integrity encompasses the assurance of correct and consistent data. Authentication requires that both parties in the transaction be confident in whom they claim to be while non-repudiation on the other hand idealizes that no party argues that an authentic incident online occurred. Most of the technical attacks are viewed to target services on web servers of high- profile such as online retailers and banks among others. Attacks of non- technical form may include pishing attacks which by impersonating a trusted entity and social engineering which entail manipulation of individuals into revealing confidential information. In branding a website several aspects should be standardized including the logos with variations and minimal sizes, spacing reference such as in the logo, color palettes, fonts, templates for grids and layouts, copy and write guide and imagery among others.

Conclusion

A company should strive in ensuring it gains their customers’ trust in protecting their documents privacy. The websites of a company should be secured with the latest standards of security to avoid security breach cases. This may include frequently updating the software, using complex passwords and ensuring both server and browser sides are validated among others. it also entails installing a firewall for web application, hiding admin pages by using a file that discourages search engines to index them, limiting file uploads, removing the website from auto- fill to avoid exposing it to hacking and backing up frequently. Issues such as authentication and integrity, privacy and technical attacks should be looked to ensure the e- commerce business is not affected. While branding a website, a company should ensure it follows the set standards such as ensuring logos are included with various variations and small sizes and including templates for grids and layouts. It would be ethical for a business to devote a separate website for the purposes of ensuring further security to a customer’s privacy. It should engage ecommerce tools to assure purchases over electronic systems are safe.

References.

1. Vaidya, J., Zhu, M., & Clifton, C.W. (2006). Privacy preserving data mining. New York: Springer.
2. Altshuler, Y. (2013). Security and privacy in social networks. New York: Springer.
3. Thatcher, J. (2006). Web accessibility: standards and regulatory compliance. Berkeley, Calif.? : FriendsofED.
4. Payne, C. R. (2009). Information technology and constructivism in higher education: Progressive learning frameworks. Hershey, PA: Information Science Reference.
5. Rustad, M. (2010). Software licensing: Principles and practical strategies. Oxford: Oxford University Press.
6. Understanding user state and preferences for robust spoken dialog systems and location-aware assistive technology. (2012). Massachusetts Institute of Technology.
7. Jose, G. P. (2008). Advances in e- learning: Experiences and methodologies. Hershey, PA: Information Science Reference.
8. Wayleith, P. R. (2008). Data security: Laws and safeguards. New York: Nova Science.
9. Yang, J., & Levy, I. J. (2007). Advanced licensing agreements, 2007. New York, NY: Practising Law Institute.
10. Scott, D. M. (2005). Cashing in with content: How innovative marketers use digital information to turn browsers into buyers. Medford, NJ: Information Today/CyberAge Books.
11. Fishman, S. (2007). Legal guide to Web & software development. Berkeley, CA: Nol