Embed Size (px)
Citation preview
Managing Operations
Chapter 8
Information Systems Management In Practice 5EMcNurlin & Sprague
Copyright 2002 by Prentice Hall, Inc.
8-2
A Typical MIS Department Budget
33% Systems and Programming 70% Maintenance 30% New Development
10% Administration and Training 57% Operations - Involve more $
than any other part of the MIS department
Copyright 2002 by Prentice Hall, Inc.
8-3
What are three solutions to operations problems?
Buy more equipment Continuously fight fires and rearrange
priorities, getting people to solve the problems at hand
Continually document and measure what you are doing, to find out the real problems, not just the apparent ones. Then set standards - the preferred solution
Copyright 2002 by Prentice Hall, Inc.
8-4
Operational Measures
External: What the customer sees: system uptime, response time, turnaround time equal customer satisfaction
Internal: Of interest to systems people: computer usage as % of capacity, disk storage used
Problems reported by external measures can be explained by deviations in internal measures.
Copyright 2002 by Prentice Hall, Inc.
8-5
What’s New in Operations
Companies have “cleaned their operational house.”
Operations managers are beginning to manage outward.
Operations are being simplified. Certain operations are being offloaded.
Copyright 2002 by Prentice Hall, Inc.
8-6
Outsourcing Information Systems Functions
Outsourcing means turning over a firm’s computer operations, network operations, or other IT function to a vendor for a specified time.
Copyright 2002 by Prentice Hall, Inc.
8-7
Focus on core businesses: In the 1980s, this led to huge amount of merger and acquisition activity.
Shareholder value: Companies were “priced” based on their shareholder value, that is, their discounted cash flow, as a result of high-yield bonds that allowed a few people to buy a company and leverage it with debt. Management must stress value, they must
consider outsourcing in all their nonstrategic functions.
Outsourcing Information Systems Functions: Driving Forces
Copyright 2002 by Prentice Hall, Inc.
8-8
Buying their professional services: planning, consulting, building, or maintaining application, network and training
Buying their products:- with or without training Buying their transactions: e.g., payroll checks,
credit rating Systems integrator: to handle planning,
development, maintenance, and training for IS project
Outsourcing: time-based contract for IS activities
Outsourcing Information Systems Functions: Customer-Vendor
Copyright 2002 by Prentice Hall, Inc.
8-9
Figure 8-2 Shows how IT has moved from the more traditional professional services category to outsourcing. Changes: IS Management loses an increasing
amount of control Vendors take more risk Vendors’ margins improve Choosing the right vendor becomes
more important
Outsourcing Information Systems Functions: Customer-Vendor
Copyright 2002 by Prentice Hall, Inc.
8-10
IT outsourcing Transitional outsourcing Best-of-breed outsourcing Shared services Business process outsourcing E-business outsourcing Application service providers (ASPs)
Outsourcing’s History
Copyright 2002 by Prentice Hall, Inc.
8-11
Typically, parties establish layers of joint teams. Top-level team: final word in conflict
resolution Operational team: oversees day-to-day
functioning Joint special purpose teams: created
from time to time to solve pressing issues
Committees: oversee the use of formal change management procedures
Managing Outsourcing: Organizational Structure
Copyright 2002 by Prentice Hall, Inc.
8-12
The foundations of governing an outsourcing relationship are laid in the contract.Service Level Agreement (SLA)
Responsibilities, performance requirements, penalties, bonuses
Managing Outsourcing: Governance
Copyright 2002 by Prentice Hall, Inc.
8-13
Recommendations to manage day-to-day interactions: Manage expectations, not staff Realize that informal ways of working may disappear Loss of informal ways of working may add rigor Integration of the two staffs requires explicit actions The best way to manage day-to-day is communicate frequently
Managing Outsourcing: Day-to-Day Working
Copyright 2002 by Prentice Hall, Inc.
8-14
Buying parts and services that go into one’s own products and services
Assisting one’s suppliers to improve their product and services by generally improving their processes
Managing Outsourcing: Supplier Development
Copyright 2002 by Prentice Hall, Inc.
8-15
Threats (see 2000 Survey – Figure 8-5) Organizations are under attack from
inside and outside their electronic perimeter
Attacks are being detected Attacks can result in significant losses Defending from attacks requires more
than the use of information security technology
Security in the Internet Age
Copyright 2002 by Prentice Hall, Inc.
8-16
Approaches hackers use: Cracking the password Tricking someone Network sniffing Misusing administrative tools Playing middleman Denial of service Trojan horse Viruses Spoofing
Security in the Internet Age: Hacking
Copyright 2002 by Prentice Hall, Inc.
8-17
1. Authentication: verifying the authenticity of users
2. Identification: identifying users to grant them appropriate access
3. Privacy: protecting information from being seen
4. Integrity: keeping information in its original form
5. Nonrepudiation: preventing parties from denying actions they have taken
Security in the Internet Age: Security’s Five Pillars
Copyright 2002 by Prentice Hall, Inc.
8-18
Three techniques used by companies to protect themselves Firewalls: Control access between networks Used to create intranets and extranets, which only employees and authorized business partners can access Implementation
Packet filtering to block “illegal” traffic, which is defined by the security policy… or
By using a proxy server, which acts as an intermediary
Security in the Internet Age: Countermeasures
Copyright 2002 by Prentice Hall, Inc.
8-19
2. Public key encryption: A third party issues two keys for a person and then manages the keys.1. Private key: is meant to be kept secret
and is used by the person to send and receive encrypted messages.
2. Public key: it is made public and can be used by anyone to send an encrypted message to the person with the private key, or to read messages from that person.
Security in the Internet Age: Countermeasures
Copyright 2002 by Prentice Hall, Inc.
8-20
3. Virtual Private Networks (VPN): maintains data security as it is transmitted by using: Tunneling: creates a temporary
connection between a remote computer and the CLEC’s or ISP’s local data center. Blocks access to anyone trying to intercept messages sent over that link.
Encryption: scrambles the message before it is sent and decodes it at the receiving end.
Security in the Internet Age: Countermeasures
Copyright 2002 by Prentice Hall, Inc.
8-21
1. Three ways to use VPNs:2. Remote Access VPNs: give remote
employees a way to access an enterprise intranet by dialing a specific ISP.
3. Remote Office VPNs: give enterprises a way to create a secure private network with remote offices. The ISP’s VPN equipment encrypts all transactions.
4. Extranet VPNs: give enterprises a way to conduct e-business with trading partners.
Security in the Internet Age: Countermeasures
Copyright 2002 by Prentice Hall, Inc.
8-22
Disaster Recovery Alternatives Used By Companies:
Multiple data centers Distributed processing Backup telecommunication facilities Local area networks
Copyright 2002 by Prentice Hall, Inc.
8-23
External Disaster Recovery Available for Companies
Integrated disaster recovery services Specialized disaster recovery services Online and off-line data storage
facilities
Copyright 2002 by Prentice Hall, Inc.
8-24
Lessons Learned in Disaster Recovery
Consider the risks of a natural disaster in selecting a data center location.
Create a plan to return to the primary site after a disaster.
Do not expect damaged equipment, disks, and tapes to always be replaced, monitor equipment.
Plan for alternate telecommunications. Test site under full workload conditions. Maintain critical data at the alternate site.
