IT — The Organization and the Individual

IT - The Organization and the Individual

Learning Objectives n n n Recognize the difficulties in managing information resources. Recognize information systems’ vulnerability and manage risk. Discuss the security issues of the Web and electronic commerce. Identify the major aspects of the economics of information technology. Demonstrate how to define and measure tangible information technology benefits. Show to evaluate intangible information technology benefits.

God is on the Small Stuff and it all matters “Leadership is an Art” Bruce Bickel & Stan Jantz

…. In the Small Stuff n n n Empowering is more than delegating Have the courage to hold people accountable Associate with leaders as often as you can n n Being a good example is better than giving good advice There are born leaders and there are leaders who are made. And then there arte those who become leaders out of necessity

Small Stuff (cont. ) n n n An exceptional leader is one who gets average people to do superior work If you want to lead, read Use your influence sparingly. It will last longer n n When you find a leader, follow When you identify a follower, lead Be available to take someone’s place in an emergency Power begins to corrupt the moment you begin to seek it

Small Stuff (cont. ) n n A signpost like a peer, only warns you about the road ahead. But a map, like a mentor can show you hoe to get where you want to go Find a mentor Managing people begins with caring for them One of the sobering characteristics of leadership is that leaders are judged to a greater than followers.

Evaluating Trends

Technology & Organizations n Impact of new technologies on organizations: • First, most organizations will perform existing functions at decreasing costs over time and thus become more efficient. • Second, creative organizations will find new uses for information technology—based on the improving priceto-performance ratio—and thus become more effective. • New and enhanced products and services will provide competitive advantage to organizations that have the creativity to exploit the increasing power of information technology.

Trend -Information -> Collaboration n Today’s Internet focuses on access to and delivery of information Tomorrow’s Internet will support human collaboration in an information-rich environment The Internet is global, and is creating a global capability to build knowledge-based communities

Examples of reading

Technological & Financial Trends n Moore’s Law • Moore suggested in 1965 that the number of transistors, and thus the power, of an integrated circuit (computer chip) would double every year while the cost remained the same. • He later revised this estimate to a slightly less rapid pace: doubling every 18 months. n Price-to-performance ratio • Organizations will have the opportunity to buy, for the same price, twice the processing power in 1½ years, four times the power in 3 years, eight times the power in 4½ years, etc.

Moore’s Law

Nolan’s Stages Theory of IT Adoption and Org. Learning (Pg 528 -530) n n n Initiation Expansion Control Integration Data administration Maturity

Commercialization 21 st Century Networking Privatization Sprint. Link Internet. MCI ARPAnet Active Nets wireless WDM gigabit testbeds Research and Development US Govt Networks ANS Interoperable High Performance Research &Education Networks NSFNET Quality of Service (Qo. S) Internet 2, Abilene, v. BNS Advanced US Govt Networks Partnerships

The Productivity Paradox n Over the last 50 years, organizations have invested trillions of dollars in information technology. • Total worldwide annual spending on IT in 2000 was two trillion dollars, and is expected to be over three trillion dollars by 2004. n n Yet it is very hard to demonstrate that IT investments really have increased outputs or wages. The discrepancy between measures of investment in information technology and measures of output at the national level is described as the Productivity Paradox.

Productivity n Economists define productivity as outputs divided by inputs. • Outputs are calculated by multiplying units produced, for example, number of automobiles, by their average value. n If inputs are measured simply as hours of work, the resulting ratio of outputs to inputs is labor productivity. n If other inputs—investments and materials—are included, the ratio is known as multifactor productivity.

Risk Management

Value of Information to Decision Making n The value of information to decision making is the difference between the net benefits—benefits adjusted for costs—of decisions made using the information and decisions without the information. Value of Information = Net benefits with information – Net benefits without information

Total Cost of Ownership n An interesting approach for evaluating the value of IT is the total cost of ownership (TCO). • TCO is a formula for calculating the cost of owning and operating a PC. • The cost includes hardware, technical support, maintenance, software upgrades, and help-desk and peer support. • By identifying such costs, organizations get more accurate cost-benefit analyses and also reduce the TCO. • It is possible to reduce TCO of workstations in networked environments by as much as 26 percent by adopting best practices in workstation management (Kirwin et al. , 1997).

Assessing Intangible Benefits There are 4 main methodologies of assessing intangible benefits: n n Value analysis allows users to evaluate intangible benefits on a low-cost, trial basis before deciding whether to commit to a larger investment. Information economics focuses on the application of IT in areas where its intangible benefits contribute to performance on key aspects of organizational strategies and activities. Management by maxim provides a means of rationalizing IT infrastructure investments. Option valuation takes into account potential future benefits that current IT investments could produce.

Disaster Recovery Plan Ø Ø A disaster recovery plan is essential to any security system. Here are some key thoughts about disaster recovery by Knoll (1986): • The purpose of a recovery plan is to keep the business running after a disaster occurs. • Recovery planning is part of asset protection. • Planning should focus first on recovery from a total loss of all capabilities. • Proof of capability usually involves some kind of what -if analysis that shows that the recovery plan is current. • All critical applications must be identified and their recovery procedures addressed in the plan.

Ethics Where does work end and private life begin?

Change n n n Portfolio Career – Handy Telecommuting Smart Work – 80% cerebral/20%manual Virtual Corporations Intellectual Capital

Video

Ethics n n Privacy Intellectual Property • Copyright • Trade Secrets • Patent n n Quality of Life Social Responsibility

Case: Cyber Crime n On Feb. 6, 2000 - the biggest EC sites were hit by cyber crime. • Yahoo!, e. Bay, Amazon. com, E*Trade n The attacker(s) used a method called denial of service (DOS). • Clog a system by hammering a Web site’s equipment with too many requests for information n The total damage worldwide was estimated at $5 -10 billion (U. S. ). • The alleged attacker, from the Philippines, was not prosecuted because he did not break any law in the Philippines.

Lessons Learned from the Case n Information resources that include computers, networks, programs, and data are vulnerable to unforeseen attacks. n Many countries do not have sufficient laws to deal with computer criminals. n Protection of networked systems can be a complex issue. n Attackers can zero on a single company, or can attack many companies, without discrimination. n Attackers use different attack methods. n Although variations of the attack methods are known, the defence against them is difficult and/or expensive.

U. S. Federal Statutes n n According to the FBI, an average white-collar crime involves $23, 000; but an average computer crime involves about $600, 000. The following U. S. federal statutes deal with computer crime; • Counterfeit Access Device and Computer Fraud Act of 1984 • Computer Fraud and Abuse Act of 1986 • Computer Abuse Amendment Act of 1994 (prohibits transmission of viruses) • Computer Security Act of 1987 • Electronic Communications Privacy Act of 1986 • Electronic Funds Transfer Act of 1980 • Video privacy protection act of 1988

IT Security in the 21 st Century n n n Increasing the Reliability of Systems. The objective relating to reliability is to use fault tolerance to keep the information systems working, even if some parts fail. Intelligent Systems for Early Detection. Detecting intrusion in its beginning is extremely important, especially for classified information and financial data. Intelligent Systems in Auditing. Intelligent systems are used to enhance the task of IS auditing.

IT Security in the 21 st Century (cont. ) n n Artificial Intelligence in Biometrics. Expert systems, neural computing, voice recognition, and fuzzy logic can be used to enhance the capabilities of several biometric systems. Expert Systems for Diagnosis, Prognosis, and Disaster Planning. Expert systems can be used to diagnose troubles in computer systems and to suggest solutions. Smart Cards. Smart card technology can be used to protect PCs on LANs. Fighting Hackers. Several new products are available for fighting hackers.

National Security n n Loss of individual privacy Wiretaps Library Example Right’s at Work

Merry Christmas!! See you January 6 th, 2003