files.transtutors.com€¦ · Web viewRequirements. Theme: Social Media . Organization 1: IBM Pakistan . Organization 2: Syniti Australia. 5000 words. Abstract. Introduction. Organisation1

Requirements

Theme: Social Media

Organization 1: IBM Pakistan Organization 2: Syniti Australia

5000 words

Abstract

Introduction

Organisation1 description

Website (screenshot)/mission/vision/ size of the company/ activity/ location/ product or service

Organisation2 description

As above

IS Planning/strategy for Organization 1 and 2 and the comparison

Organisation 1 Interview Analyse

Organisation 2 Interview Analyse

Comparison of Literature and the Case Studies output

Gap are presented clearly and with evidence Reference: In Text CitationReferences update

Minimum 15 references are required in which 10 references should be above 2014 and they should be from Library Database PAPER Layout:Length (words) Used templatePresentation/LayoutGrammar/Spelling

Questionnaire

Social media as competitive advantage

Open-ended Interview questions

1. How your organization is using social media as medium of information for its stakeholders?

2. How much social media is contributing into your business growth?

3. Which mechanism your company is using for social media competitive edge?

4. Which mechanism you found most the successful among these mechanisms?

5. What do you think how productive social media is for gaining competitive advantage?

6. Do your company has highly trained employees in IT department?

7. How often you train your employees to meet the market demand in the competitive environment?

8. What would be the future of social media for organizations as a tool of competitive advantage over other companies?

Template

Case Analysis forplace business names hereA study of issues in:List the topic areas here such as (order matching ‘submitted by’ list):IT Human Resource ManagementBusiness Continuity ManagementSubmitted by:Place your student numbers and names here; these match the topic order abovePlace date here

IT Manager Interviews for place names of businesses hereList your names here followed by a comma and your email address:Jane Smith, [email protected]

AbstractThe abstract summarises the contents of the paper in around 200 words. A good abstract contains asmuch information about the case study analysis as possible, reflecting the reasoning behind anyrecommendations or conclusions. The abstract should contain answers to the following questions: (1)what is the case study company and what is its purpose? (2) what is the main problem, issue,opportunity identified? (3)What has literature said on the problem, issue or opportunity? (4) What isthe main recommendation posed in the paper and how can this recommendation solve the problem?

IntroductionThe introduction should be a brief description of what this document is about and how it is structured.In mentioning the literature analysis, give a brief summary about the literature you have looked at andhow you found it useful in this case analysis. It is sufficient to have a short paragraph or two for thissection.

Organisation backgroundPut the name of Organisation #1 hereThis section contains a brief description of the two organizations and its situation. Only includeinformation that you feel is necessary and useful for other parts of the paper. Also include informationthat you think a reader must know about so that they understand the issues or problems oropportunities facing the organization. The introduction should approximately one page for eachorganization.You MUST include:The NAME of the business. Even if the business remains anonymous for your presentation, you must include the name of the business here.The LOCATION of the Head Office of the business and the location of the person in the

business that you interviewed.The size of their IT departmentThe URL (web address) of the business and the name and title of the person you interviewed.A SCREEN DUMP of the home page of the business for the section you are interviewing. For instance, if the main office of the business is in India, but you are interviewing someone in the Australian branch of the business, include a screen dump of the home page of the Australian branch. If this is not available explain why and then provide the general screen dump.

Put the name of Organisation #2 hereProvide a brief description for Organisation #1

IS PlanningHere you should show how each organisation responded to your questions on IS Planning. This willprovide a good idea of each business’ attitudes towards IT and will provide a good foundation for therest of the report.

IS Planning Literature AnalysisThe literature analysis should be the length as set in the assignment sheet.Again, remember what a literature analysis is. Do not list each article or discuss the article one afterthe other. That would be more of a summary or articles rather than a literature analysis. Instead, lookat the themes that are common to the articles, and create a synthesized summary based on thosethemes. You may also compare and contrast the articles if they have a different view towards the issue/problem/opportunity.Only briefly introduce the topic in the literature analysis – get straight to the literature thatrelates directly to the questions you are posing.DO NOT mention any of your results here.Remember that literature often will not pose a solution to the problem in the case, but rather provide a

conceptual framework through which you may identify a set of possible solutions. You will need toassess each article you read in terms of how much insight it sheds on the particularproblem/issue/opportunity that you are studying.If at any point in your literature analysis you need to include any tables, figures, illustrations etc, theseshould be placed as close as possible to the first reference made to it. They should be numbered andidentified by a brief description. For example, see Figure 1. Make sure that you put the source of anydiagrams or figures you use.Figure 1: Two circles and a rectangle (Style: Figure caption)Citing referencesCitations should be in Harvard style. This involves references to Smith (1979) or to a publication(Smith 1979). Multiple authors (three or more) are referred to as Anderson et al. (1982). Multiplepublications by the same author within the same year are differentiated as Jones (1983a, 1983b). Wherethe author is unknown, or is an organisation, an appropriate surname or organisation name or acronymis used, e.g. (OECD 1985, ACS 1980). Make sure that if you use text verbatim, you should place thesein quotes (“ ”), and reference appropriately, with the page number included. For example, “This is adirect quotation from a particular source,” (Smith 1979, p. 22).

Organisation #1Put organisation #1 responses here. Note - do not copy them word for word – put their responses inyour own words so that it reads as a narrative.Organisation #2Put organisation #2 responses here.Comparative analysisThis is an important section where you draw together the literature and the results of yourinterviews.Relate (compare, contrast) your literature to your discussion of Organization 1 solutions andOrganization 2 solutions. At least half a page in length. This means that there are two types of

comparisons you have to make here. Compare the businesses to each other AND compare theresults back to specific literature.

Issues studiedThis is an introduction to the topics being analysed. Briefly describe the topic areas (eg, IT forcompetitive advantage, etc) and why you have selected them. Per topic, organise it as follows:

Topic 1 – Put topic name hereIntroduction to Topic 1. What is it all about? What are the important issues for this topic? Whichissues have you decided to focus on?Then for each topic, discuss the following sections:Literature AnalysisThe literature analysis should be the length as set in the assignment sheet.Organisation 1A discussion of the solutions that organisation 1 may have selected or implemented in relation to yourtopic area. At least half a page in length (minimum). If you do not get detailed enough answersthen try asking a follow up question. For instance, if someone answers ‘yes’ to having aparticular solution, try to find out some detail.DO NOT mention the literature in this section of the report. DO NOT JUST LIST THE ITMANAGER RESPONSES HERE – summarise what they are saying in their answers.Organisation 2As for Organisation #1.Comparative analysisThis is an important section where you draw together the literature and the results of yourinterviews.Relate (compare, contrast) your literature to your discussion of Organisation 1 solutions andOrganisation 2 solutions. At least half a page in length. This means that there are two types of

comparisons you have to make here. Compare the businesses to each other AND compare theresults back to specific literature.

Topic 2 - ....repeat the above for each topic in your paper

ConclusionSummarise the main findings of the whole paper here.

ReferencesSufficient descriptions should be given to enable the reader to locate all publications referred to in thetext. They should be arranged in alphabetical order by surname of first-named author, then date.Unpublished works or private communications are to be mentioned within the text, but omitted fromthe reference list. References to electronic documents should include an appropriate UniversalResource Locator (URL) and date of access.Mudrick, M., Miller, M., Atkin, D., 2016. The influence of social media on fan reactionary behaviors. Telematics Inform. 33 (2016), 896–903.

Oliveira, M.J.d., Huertas, M.K.Z., Zhibin, L., 2016. Factors driving young users' engagement with Facebook: evidence from Brazil. Computer in Human Behaviour 54 (2016), 54–61.Oliver, R.L., 2010. Satisfaction: A behavioral perspective on the consumer. Taylor & Francis, New York.Park, S.-H., Ha, J.-P., Mahony, D.F., 2014. Development and validation of a measure of sport fans’ specific curiosity. Journal of Sport Management 28 (6), 621–632.Phonthanukitithaworn, C., Sellitto, C., 2016. A reflection on intercept survey use in Thailand: some cultural considerations for transnational studies.

Electronic Journal of Business Research Methods 14 (1), 60–70.Popp, B., Woratschek, H., 2016. Introducing branded communities in sport for building stronger brand relationships in social media. Sport Management Review 19 (2), 183–197.Ruggiero, T.E., 2000. Uses and gratifications theory in the 21st century. Mass Communication Society 3 (1), 3–37.Sellitto, C., Hawking, P., 2015. Enterprise systems and data analytics: a fantasy football case study. International Journal of Enterprise Information Systems 11 (3), 1–12.Sellitto C., Hawking P., 2019. A Study of Business Intelligence Strategy Development by Large Organizations in Applying Business Intelligence Initiatives in Healthcare and Organizational Settings. Hershey, IGI. 326-339Zanker, A.G. (1995) A proposal for a revised Internet service [Online] http://www.is.southern.edu.au/Papers/TR-9506 [Accessed 1 June 2018]

EXAMPLE

Case Analysis for

UNITED HEALTH GROUP (OPTUM GLOBAL SOLUTIONS) and COMPUTER SCIENCES CORPORATION (CSC) - DXC

TECHNOLOGY

A study of issues in:

IS Planning and IT Control & Security

Submitted by:

Submitted date:

IT Manager Interviews for UNITED HEALTH GROUP (OPTUM GLOBAL SOLUTIONS) and

COMPUTER SCIENCES CORPORATION (CSC) - DXC TECHNOLOGY

AbstractThis document is shedding light on the issues faced in the field of IT control by management of IT. It analyses the problems and solutions of security issue in two organisations named UNITED HEALTH GROUP and COMPUTER SCIENCES CORPORATION (CSC). UnitedHealth Group is an unmistakably differentiated wellbeing and prosperity organization headquartered in the Unified States, and a pioneer worldwide in helping individuals live more advantageous lives and helping improve the wellbeing framework work for everybody. On the other hand, DXC Innovation (DXC: NYSE) is the world's driving autonomous, end-to-end IT administrations organization, serving almost 6,000 private and open area customers from a different exhibit of businesses crosswise over 70 nations. The organization's innovation freedom, worldwide ability and broad accomplice arrange enable customers to outfit the intensity of development to blossom with change and guide their computerized change ventures. To know more about these security issues and their solution, two interviews are conducted to IT managers of above two organisations. There are three main issues of cyber security identified in this report. We have asked questions about how their organisations are tackling these problems and what type of tools and solutions, they are using in their IT system. For every problem regarding IT security, these organisations are using different ways to protect their networks from outside cyber attacks. To prevent from those cyber attacks, organisation can use strong firewalls to restrict outsiders to jump into their network. Moreover, companies can give access to their important information to trustworthy employees. So, there could be no loss of any vital date in future.

IntroductionInformation technology management (IT management) is the process whereby all resources related to information technology manage according to an organisation's priorities and needs. These needs include substantial resources like networking hardware, computers and people, as well as intangible resources like software and data. The central aim of IT management is to generate value using technology. To achieve this, business strategies and technology must be aligned. In this report, we have analysed how important IS planning and cyber security are in information technology management. Furthermore, there is brief description about the strategies those are used to improve IT control and security.

Organisation backgroundUNITED HEALTH GROUP (OPTUM GLOBAL SOLUTIONS

COMPUTER SCIENCES CORPORATION(CSC) - DXC TECHNOLOGY

IS Planning

In organizations, planning is a management process, concerned with defining goals for company's future direction and determining on the missions and resources to achieve those targets. To meet the goals, managers may develop plans such as a business plan or a marketing plan. Planning always has a purpose. Planning is the process of thinking about the activities required to achieve a desired goal. It involves the creation and maintenance of a plan, such as psychological aspects that require conceptual skills. There are even a couple of tests to measure someone’s capability of planning well. As such, planning is a fundamental property of intelligent behavior. An important further meaning, often just called "planning" is the legal context of permitted building developments.

The topic of planning is discussed with two different companies UNITED HEALTH GROUP (OPTUM GLOBAL SOLUTIONS) and COMPUTER SCIENCES CORPORATION (CSC) - DXC TECHNOLOGY which have different environment and norms within the organization which reflected in their answers. Both companies deals differently with IS planning. The company managers were asked about the planning strategies and their impacts on their business and outcomes. Strategic planning must be changes between long term and short term which is discussed with both the managers of both companies. The implification of any new model within the organization comes up with challenges which are related to people, process and tools. With the application of new planning the norms of the companies should also be shifted from old positions to new sites. By which the mindset and behavior of employees within the company are affected. New models bring challenges to the capabilities of current employees which are also discussed with the managers. Managers should behave as the team leaders and motivate the employees to accept the change in organizations and the way of doing business.

IS Planning Literature Analysis

The interests of IS planning and strategic planning intersect not only from a belief that planning positively affects the performance of the firm, but also from the similarities in the research questions and the methodological issues pursued. IS planning emphasizes the need to systematically decompose a complex system into smaller and more concrete representations. In other words, it can be described as a sequence of transformations that moves the designer from an abstract statement of need to a concrete reality of a system that affects the behaviour of an individual within the firm. This planning activity must also be linked to a pre-design or planning process.

Out of all the levels, the most basic levels that must be addressed are- external validity and internal consistency.

EXTERNAL VALIDITYExternal validity refers to the plausibility of the resulting planning. The planner faced with an ill-structured environment must find good solutions to the wrong problems. He or she must be bothered

about the validity of the planning process as well as its consistency. It may involve developing a global business model for serving as the planning context for a strategic IS plan. The planner must define boundaries so as to cope with the complexities of the problems. However this may limit the scope of the planning efforts. Thus some of the important co-producers of performance may get neglected. Efforts to ensure the correctness of the planning process may be thought of as attempts to achieve external validity.

INTERNAL CONSTITUENCYInternal constituency caters to the need that the actions envisioned at one level are correctly operational at the lower levels. The planners always strive to attain high internal consistency across multiple levels of planning. The planning process can be viewed as outlining a series of chains that move from abstract concepts of the firm’s behaviour to realization of systems and products that affect the behaviour of individuals in predictable ways.Figure 1 depicts the proposed planning methodology which attempts to create an internally consistence and externally valid IS plan. It consists of three phases: business strategy formulation, strategic IS formulation and action plan and resource allocation.

Citing references

Planning - Wikipedia. 2018. Planning - Wikipedia. [ONLINE] Available at: https://en.wikipedia.org/wiki/Planning#/media/File:Planning_proces.gif. [Accessed 07 June 2018].

The value of strategic IS planning: understanding consistency, validity, and IS markets. 2018. The value of strategic IS planning: understanding consistency, validity, and IS markets. [ONLINE] Available at: https://dl.acm.org/citation.cfm?id=58312. [Accessed 07 June 2018].

Response from Organisation #1Q) How does the strategic planning differ between long-term projects and short-term projects?

A) Strategic Planning involves identification and visualization of the future of the organization along with determination of the goals and objectives to be achieved by the organization. This planning

process also employs the listing of goals in chronological order so that the organization can reach the predetermined objective. The corporate strategy is responsible for identifying the goals and defining the strategies and methods so as to achieve those goals. The cost, schedule and resources allocation to each goal is done using Project Management.

Q) What will be the process of integrating the organization’s business strategy with its information technology and Communication (ICT) strategy, in accordance to support the strategic management and decision-making process?

A) The IT department and Communication (ICT) strategy shall work to its complete potential so that the business needs are catered efficiently and effectively. Both shall go hand in hand in synchronization in order to derive the business needs.

Q) What are the challenges that an organization faces for the implementation of alignment models between business and IT?

A) The challenges faced by an organization for the implementation of alignment models between business and IT can be categorized as those related to the People, related to the Process and those related to the Tools. The people in an organization may belong to a diverse culture and thus the organization may contain multi-linguistic and multi-cultural people which may pose a challenge to the proper implementation process. If various processes are considered, there alignment is must so as to maximize the level of implementation and degree of efficiency. The new tools must also be perfectly learnt and perfected and integrated with the old tools.

Q) What are the steps to be taken after strategy selection to maintain or adjust the organization to the requirements of the new strategy?

A) The areas where the steps are needed to be taken are the Mindset, Behaviour and Capability of the people. The steps should include the identification and outlining of the required outcomes. They should be broken down by work streams for each phase. The individuals who have had the responsibility of driving these work streams in the past should be introduced. The steps must contain a step by step guide for achievement of the deliverables for each work stream. The list of the supporting analysis and the output templates should be organized across the defined work stream.

Q) How much impact does the Strategic Information Systems Planning (SISP) create to develop the Information systems (IS) Infrastructure of the organization?

A)

Response from Organisation #2

Q) How does the strategic planning differ between long-term projects and short-term projects?

A) According to the organization the short-term projects concentrate more on the quality of the result. Less attention is payed to the profit, thus they are focused on minimum profitability and cheap cost. On the other hand long term projects concentrate more on profitability. More focus is laid on the sustainability and maintainability.


A) The ICT strategies are controlled by the vendor who ensures that the end users are provided with the latest and reliable technology which stands up to the expectation of the user. On the other hand the business strategies are controlled by the end costumers as their main aim is the satisfaction of end costumers.


A) The major challenge is caused by the difference in the expertise of the people. One may have the expertise in the requirement or understanding of the problem detailed by the end user. The other may have the expertise in using the technology to maximize the degree of efficiency and the degree of effectiveness. They both may be unable to reach on a common solution due to conflict of views which form a challenge for implementation of alignment of models between business and IT.


A) After the strategy has been selected it must be well informed to all the stakeholders and the employees. The benefits and the objectives of the outlined strategy must be informed in detail to them. The planners should remain versatile and take constant feedback so as to monitor whether the results of the strategy matches with the predetermined result or not. This cycle must go on until the defined objectives are met.


A) A yawning impact is created by the SISP to develop the Information System (IS) Infrastructure as the different infrastructures like banking, finance, security etc have to be created well in advance so that the needs of the costumers are well catered and the products and services serve the purpose they are meant to serve efficiently and effectively.

Comparative analysisQ) How does the strategic planning differ between long-term projects and short-term projects?

Comparison-The first organization distinguishes between the long-term and the short-term goals without any compromise on the quality, sustainability, maintainability and profitability of the products and services provided by the organization. Each type of project – long term and short term projects differ only in the time taken to achieve the predetermined goal. Whereas the later organization believed that the short term goals concentrate more on the quality of the result and minimize the profit made by the result. On the other hand it believed that the long term goals focus more towards the profitability, sustainability and maintainability of the result.


Comparison-The former organization believed that both- IT department and Communication (ICT) strategy should work together and dependently so that the business needs can be catered to the fullest. Whereas the second organization believed that both the strategies differ in the driver that controls them. ICT strategies are driven by the vendor whereas the business strategy is driven by the end costumers. Both have their own roles to play and collectively cater the business needs.


Comparison-The first organization had a wider view of the challenges. According to it the challenges were related to the people’s diverse culture, alignment of various processes and integration of new tools with the old tools. Whereas the other organization narrowed its view on the challenges that only the differing expertise of the people pose a challenge to the implementation of alignment models between business and IT. The varying expertise may cause a conflict of ideas thus making it unable to reach on a common solution.


Comparison-

The first organization stressed on a psychologically focused need targeted on the mindset, behavior and capability of the people. According to it the steps to be taken should involve the identification and outlining of the required outcomes. The other organization believed that the steps taken should result in informing the benefits and objectives of the outlined strategies to the stakeholders and the employees.


Comparison-

Issues studied - IT Control & Security

Security controls are measurement to avoid, detect, counteract, or minimize the security risks to physical property, confidential information, computer systems, or other assets of any organization. This can be classified further as information technology – Auditing, Computer security, ICT, electronic data processing management, computer networks, computer network-security measures, business and many more. We particularly chose three topics (cyber attack, restrictions to server access and daily monitoring) which we discussed with both the companies to understand their ways to tackles with this problem of control and security. In present scenario, all organizations throughout the world are facing the big threat of security to their confidential things. Many threats are introduced into our world which works in the field of destruction of any institution by stealing and harming the private information. So it’s very important to have a command in security measures for goodwill of company and globe.

Robert Moeller has published a book named IT Audit, Control, and Security in which he described some ways to tackle with online threat. He stated that whenever it comes to computer security, the role of auditors today has never been more crucial. Auditors must ensure that all computers, in particular those dealing with e-business, are secure. The only source for information on the combined areas of computer audit, control, and security, the IT Audit, Control, and Security describes the types of internal controls, security, and integrity procedures that management must build into its automated systems. The three topics are discussed below:

Topic 1 – Cyber-attackA cyber attack is any type of illegal activity which targets computer information systems, infrastructures, computer networks, or personal computer devices. A cyber attack can be performed by nation-states, individuals, groups, society or organizations. A cyber attack may initiate from an unknown source. It may steal, alters, or destroy a specified target by hacking into a susceptible system. It is an attempt to any organization which can expose, alter, disable, destroy, steal or gain unauthorized access to any company. The result of these attacks may show the drastic results to any authorization. These activities can cause major issues for every single person who is connected to Victim Company. An organization is build up with the efforts of many hands and brains. These activities put every employee under threat because whenever an organization shattered down, it affects the employees much.

Literature AnalysisCyber attacks are introduced in late 1980’s. By that time, it evolved numerous times to use innovations in information technology systems as vectors for performing cybercrimes. In current years, the scale of cyber crimes has enlarged rapidly. According to 2018 reports of World Economic Forum "Offensive cyber capabilities are developing more rapidly than our ability to deal with hostile incidents." Cyber attacks are described in terms of five "generations by the experts of industry." first three generations are noticed from 1980 through the early 2000s which consists of simple computer viruses and network intrusion, due to which such safety measures are introduced called antivirus software and firewalls. Then fourth generation was introduced in about 2010 where experts noticed in targeted attacks, polymorphic code are used to target many businesses. An example is the Stuxnet computer worm, used to attack Iran's nuclear facilities in 2010. These attacks later results in the development of anti-bot and sandbox products. In 2017, the WannaCry and NotPetya ransomware attacks initiate the beginning of fifth generation. These attacks took advantage of leaked National Security Agency tools to rapidly spread around the world, impacting global businesses and communities.

Cyber-attacks can be performed with number of techniques and a variety of ways to administer them to individuals or establishments on a broader scale by the use of different sources which includes viruses, worms, and Trojan horses. A virus is a self-replicating program. It attaches itself to another program or file in order to reproduce. On the other hand, A worm does not need another file or program to copy itself; it is a self-sustaining running program. But the third one, Trojan horse is designed to perform legitimate tasks but it also performs unknown and unwanted activity. All three of these are projected to attack an individual and establishment through emails, web browsers, chat clients, remote software, and updates.

Response from Organisation 1Q) How can the servers be protected from the cyber-attacks?

A) The organization emphasized on setting up firewall to protect the private networks from malicious mischief. The same can be achieved by installing patches provided by the relevant members. The firewalls can be programmed to prevent access to certain websites, prevent outside computers from accessing computers inside the network. There are a variety of configurations that are possible when using firewalls.

Response from Organisation 2Q) How can the servers be protected from the cyber-attacks?

A) According to the second organization, WWW is an inevitable part required in protection against the cyber-attacks. It helps in identifying, assessing and managing risks to deter or mitigate cyber attacks. The organization asserted on following certain standards and improving daily in order to make the system less prone to these cyber attacks. Some of the daily improvements include storing passwords in hash values, authenticating using hash key with inbuilt algorithm etc. The authenticated users are provided with RSA tokens to login which adds a positive step in protection against cyber crimes. For example- Data stored in hadoops Wr. Maprlogin to hadoop are given with RSA pass code as password.

Comparative analysisThe first organization stressed on using a firewall which acts as a guard to the computer. Having installed powerful firewalls on the computer systems gives a tough competition to cyber criminals while hacking. A firewall secures the system by controlling the web traffic coming into and streaming out of the business. The firewall is a standard way of protection. The other organization on the other hand concentrated more on smaller but vital actions. A collection of small improvements like daily improvement including using a strong password, storing it in hash values and authenticating hash key with inbuilt algorithms help in protection against cyber attacks effectively and efficiently. The use of RSA tokens is a novel and a positive step forward in protection against cyber attacks.

Topic 2 – Restrictions to server access

Big organizations that emphasize security move to cloud services like Office 365 and their users only can access approved resources. In the previous times, institutions restrict domain names or IP addresses whenever they manage access to the servers. This kind of approach did not work in world where SAAS apps are hosted in public cloud, running on shared domain names like outlook.office.com and login.microsoftonline.com. Blocking these addresses would keep users from accessing Outlook on the web entirely, instead of merely restricting them to approved identities and resources. Tenant Restrictions gives organizations the ability to specify the list of tenants that their users are permitted to access.

Literature AnalysisAccording to Guedalia, I.D. and Hashkes, J the method and system for monitoring the movement of an image server which contains multiplicity of descriptions, out of which some contains plural image portion, the method counting the steps of monitoring which of the diversity of images stored on the image server are accessed, monitoring accessing of entity ones of the plural image portions of each of the multiplicity of descriptions stored on the image server which are accessed, and providing an output suggestion of the number of times that each image portion of the multiplicity of images stored on the image server is accessed.

Guedalia, I.D. and Hashkes, J., MGI Software Corp, 2000. Method and system for server access control and tracking. U.S. Patent 6,148,333.

This invention relates to methods for controlling and monitoring access to network servers. In particular, the process described in the invention includes client-server sessions over the Internet involving hypertext files. In the hypertext environment, a client views a document transmitted by a content server with a standard program known as the browser. Each hypertext document or page contains links to other hypertext pages which the user may select to traverse. When the user selects a link that is directed to an access-controlled file, the server subjects the request to a secondary server which determines whether the client has an authorization or valid account. Upon such verification, the user is provided with a session identification which allows the user to access to the requested file as well as any other files within the present protection domain.

Levergood, T.M., Stewart, L.C., Morris, S.J., Payne, A.C. and Treese, G.W., Open Market Inc, 1998. Internet server access control and monitoring systems. U.S. Patent 5,708,780.

Response from Organisation 1Q) What are the restrictions to access the servers?

A) The restrictions to access the server include the allowance to a selective audience who manages the server. The restrictions may also include restricted application access etc

Response from Organisation 2Q) What are the restrictions to access the servers?

A) The RSA tokens are required for server logins. The token (e.g. a key fob or a soft token)- is assigned to a computer user. These tokens are generally changed within 60-90 seconds. The user is required to login using their user ID and added token at the same time. It is advised that the users change their passwords at least every 3 months. If consecutive unsuccessful login attempts are made, this would deactivate the account. The token hardware is made tamper-resistance thus deterring any chances of reverse engineering.

Comparative analysisThe first organization relied more on restrictions which create a selective allowance for a particular audience who manages the server. The restrictions for a selective audience are one of the basic restrictions to access the servers. The other organizations on the other hand relied on the use of RSA tokens for the restrictions to access the server as well. The restrictions used by the second organization are more effective and efficient in controlling cyber attacks as they employ the use of tokens which are generally changed within 90 seconds thus giving minimum possibility to the person committing the cyber crime. The later one also stressed on manual change of passwords on a regular basis thus leaving no stone unturned in restricting the access to the servers. The use of tokens not only restricts the access to server but also helps in identifying the suspicious login attempts and thus making them visible so that action can be taken on them.

Topic 3 – Operation Monitoring

Day-to-day business operations are the activities that are performed by an industry and its employees which connect in both to a regular basis for the purpose of making an earnings and growing the inherent value of the business as a going concern.

The basic principle of a business is to make sufficient income from its activities to pay its expenses, provide a profit to its owners and increase the intrinsic value of the business as an income-generating quality. Employees achieve this objective by performing arts specific functions.

Literature AnalysisIt is commonly noticed that the solution to the problem of inadequate postoperative pain relief lies not so much in development of new techniques but in development of a formal organization for better use of existing techniques. Acute Pain Services (APS) are being increasingly established to provide good quality postoperative analgesia. In the United States such 24-h services usually consist of anesthesiologists, residents, specially trained nurses and pharmacists. However, less than 30% of US surgical population has access to APS. Furthermore, only patients selected by surgeons receive the benefits of these services. Additionally, the economic costs of such services are high (≥ $200/ patient). Less expensive alternatives have to be developed if the aim is to improve the quality of postoperative analgesia for every patient after any type of surgery. Sophisticated analgesia techniques such as epidural and patient-controlled analgesia (PCA) are neither necessary nor realistic for the majority of patients.

Rawal, N. and Berggren, L., 1994. Organization of acute pain services: a low-cost model. Pain, 57(1), pp.117-123.

Response from Organisation 1Q) How are these all operations monitored in day to day life?

A) The organization stressed on the use of certain monitoring tools available such as Nimsoft Monitoring tool which is widely used in most of the organizations. The monitoring tools may need more monitoring rules and configuration to get it up and running. Some monitoring tools come with downloadable management packs which require fewer efforts to start monitoring the servers.

Response from Organisation 2Q) How are these all operations monitored in day to day life?

A) Cyber attack’s monitoring can prove to be a bit tricky and precarious. The identification of a cyber attack is also very tricky in itself. Consecutive and doubtful unsuccessful authentications are reported to the admin. Such suspicious activities will raise a flag and report it to the administrator to lock the authentication from the system.

Comparative analysisThe former organization reckoned the use of monitoring tools such as Nimsoft Monitoring Tool so as to monitor operations in day to day life. The use of monitoring tools gives a flexible way of monitoring which can be configured according to the needs of the organization. The later organization again relied on the tokens for monitoring purpose. This can be achieved by tracking the consecutive unsuccessful login attempts and flagging them so that action can be taken by the administrator.

ConclusionThe part of IT security in an association is fundamental for the insurance of its information and for guaranteeing that its administrations and activities will continue running without impediments or delays. Present day associations depend only on PC frameworks for putting away information, reaching clients and performing different undertakings, for example, research, promoting and vital arranging. The three IT security issues discussed in the report are interrelated to each other. Like if there would be proper monitoring of all the operations running in the organisation then there would be no access to server by outsiders. Because every process is monitored by the experts so there would be very less chances of cyber attacks. From section level representatives to senior administration in an organisation, when individuals consider anchoring their system, they consider ventures to shield from outside assault and disregard or ignore dangers from inside the association itself. This hazard is conceived of the way that organisations genuinely don't comprehend what their workers do and don't approach, and what precisely they might do on the system. Added to the way that numerous security dangers begin inside, this should give firms enough motivation to put a portion of their security dollars toward interior protections.

References

World Economic Forum (2018). "The Global Risks Report 2018 13th Edition". World Economic Forum. Archived from the original (PDF) on May 23, 2018.)

Cooper, Bradley (May 9, 2018). "Prepare for 5th Generation or Gen V Cyber Attacks : Cyber Security 2018 Tips". Systools.

Janczewski, Lech, and Andrew Colarik. Cyber Warfare and Cyber Terrorism. Hershey, New York: Information Science Reference, 2008. Web.

Moeller, R.R., 2010. IT audit, control, and security (Vol. 13). John Wiley & Sons.Levergood, T.M., Stewart, L.C., Morris, S.J., Payne, A.C. and Treese, G.W., Open Market Inc, 1998. Internet server access control and monitoring systems. U.S. Patent 5,708,7

Documents

files.transtutors.com€¦ · Web viewRequirements. Theme: Social Media . Organization 1: IBM Pakistan . Organization 2: Syniti Australia. 5000 words. Abstract. Introduction. Organisation1