Sign in or 
Share this
Key Questions and Challenges
Guided Questions: Answer the key questions listed below as they apply to the case study:
Social issues--The analysis of social issues can be guided by answering the following key questions.
Wifi via hotspots allows Hector to maintain contact with colleagues and clients at all times.
Allows Hector to instantly access client records, make sales, purchases or transfer funds on behalf of his client.
5. What are the underlying problems with the IT systems in this case study?
7. What are the consequences of these solutions? (Paul and Stephanie)
8. What are the ethical issues associated with the IT development? (Ryan and Lisa)
9. Who is responsible and/or accountable? (Ryan and Lisa)
10. What policies, rules, or laws apply to the case study? (international laws regarding internet access, language barriers, cultural/globalization issues, level of access, etc.) (Nick and Mary)
Challenges facing Hector and Betty
Analyze the challenges below and come up with an appropriate solution:
1)Security issues with network connections (consider other emerging technologies and wireless network standards. see page 332 in CC): Nick Wireless networks offer constant and mobile access to the Internet and other nodes on the network. However, wirless networks open the possibility for unknown hackers to access the network and tamper with files and settings. Most of the time, a wireless network hacker will wardrive, or literally drive and search for unprotected wireless networks to connect to. Also, hackers can pick up wireless signals with WiFi sniffers. Hackers rely on the 802.11 standard LAN code to operate within a network. The earlier 802.11 a,b,c and g models had little encryption capability, and their network speed was rather lacking. However, as the 802.11 n and e versions were made available, the bandwidth almost tripled and made wireless networks even more popular. However, with such fast network connections, better security measures should be installed because hackers can access the network from a greater distance at a faster rate. The 802.11 i standard remedies this, and even makes business transactions more reliable. Yet, more encryption, firewalls, and network timeouts are needed to keep up with the speed of the new network standards. Other types of networks such as WiMax, Ultrawideband, mesh networks, and adaptive radios provide full Internet service to a broader range of people. This means more anonymous people are connected to the same network and accessing the Internet at once. This makes finding a hacker thousands of times more difficult. Thus, the need for a newer security is needed. Also, since mesh networks rely on every computer connection to maintain Internet connectivity instead of using a centralized server, a virus or worm could easily spread to every connected computer in a heartbeat. Each computer would need serious protocols and security tools to prevent such a devistating attack.
2) Their need to always be accessible: Stephanie
With N&Q Investments becoming an international company, it is important for Hector and Betty to participate and assist with the growth of the company. The most efficient way for them to communicate with each other and also with other employees is through the Internet. For this reason, Hector and Betty should always have access to the Internet. This way they would always have the ability to access databases or websites at a moment's notice through their home PC's, laptops, PDAs, cell phones, etc. Instead of being connected to just any wireless network, Hector and Betty could be connected to the company's VPN that would allow them to access the company's databases with an added level of security. This decreases the chances of hackers stealing any information. However since Hector and Betty would be constantly on the company's network, even if they were on vacations with their family, they would not be able to take a break from work. This would reduce their personal time with their families and would not let them live a life away from work.
N&Q Investments is an investment company in which the stock market plays a crucial part in their company. The stock market has the ability to change dramatically in mere minutes, which supports the need for Hector and Betty to always be accessible to watch the status of their investments.
The need to always be accessible is very important for Hector and Betty, but they should not have to sacrifice their personal lives and their time with their families for it.
3) Social Networking-Privacy Issues when consolidating data: Paul The issue is referring to how user information may be compromised due to the collectivization of data on social networking sites. That is to say, that not only is information on a user’s page available for others to see, but most networking sites claim all content that may be put onto the pages as well. In the case of N&Q investments, it is in the best interest of Hector and Betty (as well as any other employee) to carefully monitor what content they put on their pages. Questionable photos or other types of inappropriate material may not only harm the reputation of the employee, but that of N&Q Investments as well. One simple and relatively easy solution would be to inform current and prospective employees about this concern and perhaps check-in with any of these pages. It is to my knowledge that several colleges and employers are doing this as well, what is there to stop N&Q investments from doing the same? There are relatively few drawbacks besides perhaps the “restriction of freedom of speech/expression”, but I believe what you put on your page is comparable to the clothes you wear or the way you present yourself. If you would not want customers to see you in a bikini, there’s not really a good reason to put that bikini picture up on your website either (especially if you’re a guy). Although each employee is entitled to their private lives, the fact they put it on the web makes it public.
4) Loss of Data: Ryan
This is definitely an important problem that has to be taken care of by N&Q Investments. As shown by the link from teachit.com (shown below), there have been instances where a company has lost private client information. The video in the link is about a HSBC bank whose Southampton offices have lost the personal details of over 370,000 of thier clients. Now whether the details were lost or stolen is still under a pending investigation, but that doesn't matter at the moment because the details didn't have information that could potentially harm their clients' security. However, N&Q Investments should realize that this could be a huge problem if this ever happens to them. They need to start taking precaucions to make sure that their personal client information is never lost or stolen.
When talking about the loss of private information, either one of two things could have happened: it was lost or stolen. Unfortunately, N&Q Investments has to prepare for both of them if they want their data to be completely safe. Several things can be done to make sure that private information is not lost. First of all, all client information should only be held on company-owned technology. This way, the information stays within company hands. This is also a good way to regulate the equipment and make sure that it is never lost. By requiring companies to check-in company technology, the management can feel safe knowing that their clients' information has not been lost as of recently. This may be a stretch, but companies may even want to consider putting a long-range RFID chip into all of the technology. That way, once an employee admits that he has lost the technology, the company can track it down and recover the missing information. But in case worst comes to worse and the technology is ever damaged or manipulated, N&Q has to make sure that they have a backup of all information stored on external hard drives.
The next problem is if the information is stolen. In this scenario, it would also be a good idea to have an RFID chip in the technology so that they might be able to track it down. But if this is unavailable, the company needs to make sure that thier information is protected as best as it can. This means anything from using passwords, biometrics, or encryption before being able to access the information. This way, stolen information is still very hard to access if not impossible. If using a website, management needs to also make sure that this website is very secure under a https. The clients are the first priority of N&Q, and this means that they have to keep a constant care of the clients' information. If the information is ever lost or stolen, N&Q could risk losing clients and getting sued. Even though security of private information can turn into a real hassle, it is always better to be safe than sorry.
5) Wireless Network Crime: Mary
The term “wireless network crime” refers to crimes that take place using or over wireless networks that are available. For example, a passerby who happens to use the LAN available in a location relatively near to N&Q Investments would be considered a network crime (wireless hijacking) because he is using a network he does not necessarily have permission to access. The gravity of a wireless network crime, though, is usually more serious in that it can involve hackers using access to wireless networks to steal information that is being transferred to and from a person or people that access the specific wireless network. This could result in identity theft, loss of a large amount of money, and an overall collapse of N&Q Investments.
As a result, wireless network crime is something that should be taken very seriously and into consideration when N&Q Investments looks at the security options that are available for the networks that are used within company sites and locations (hotspots) used by their employees to ensure that the client’s sensitive information is not stolen or spread. The easiest solution available to N&Q is the use of encryption for the wireless networks – WEP WPA WPA2. WPA2 would be recommended because it is the most advanced type of encryption, enabling pass phrases to be used, and secure type of encryption for the data that is transferred.
A solution to the possibility of a wireless network crime could also be the surveillance of areas where N&Q’s networks are specifically available as the Dallas Police monitors the City Hall. This would enable authorities to ensure that the wireless network is not accessed by anyone out of the company in the case that the security measures already available (WEP WPA WPA2) are broken.
Sources:
http://www.networkcomputing.com/channels/collaboration/showArticle.jhtml?articleID=198100318
http://technology.timesonline.co.uk/tol/news/tech_and_web/the_web/article2872726.ece
6) Compatibility of hardware and software: Lisa
Hector and Betty have a challenge in how to make all their equipment compatible. They use a PDA, laptop, and cellphone. These devices must be able to access the company's WAN whenever needed. For example, Hector's PDA should be able to access the company's WAN and all wireless networks that may be used.
They must also be able to access any other networks, wireless or wired, as needed. Any software on their computer must be compatible with other employees. For example, the software and hardware Hector uses should be the same, or at a minimum compatible with, the software Betty is using. This is important because Hector and Betty may have to communicate with each other and if they have to spend valuable work time trying to open a file they will be less productive and possibly lose money for their clients.
In addition, all their software and hardware should be able to meet the security standards set up by the network. If the company was using a WEP2 network security standard for example, then their laptop, cellphone, and PDA should be able to access the network. This is important because the company must keep the data secure in order to ensure clients the best service possible, yet they must also allow their employees to work efficiently as needed.
Hector and Betty should have a policy with all their clients as to what file version they use and make sure it is backward compatible so that their clients can read it. For example, if they create a document in Word 2007, they should save it as a backward compatible file so that if their clients have Word 2000 they can read it. This should simply be a policy for them as International Fund Managers.
Having compatible equipment is important for Hector and Betty because if they must lose time fighting the compatibility issues, then the clients may loose money because their information may not be handled as it should. If this happens, N&Q Investments could lose clients and hence money. Therefore, software compatibility is important.
One solution for this is to make sure all employees have uniform equipment. Though this may be expensive, if N&Q Investments does it now, then they might be able to catch the problem early before they expand and then buy all new employees the same equipment everyone else has. This will not cost them as much. Along with compatible hardware then, the IT department could make sure all the software on all the computers is uniform. By buying new equipment, they could make sure all the equipment is compatible and allow the employees to be more efficient and take all necessary precautions. It would also mean that the IT department only had to be trained on how to fix one specific kind of laptop and one specific kind of PDA, allowing them to be more skilled and hence be more efficient in their work.
Another solution is for the company is to make sure all the equipment for each person is compatible, and all the software for the company is compatible. For example, if Hector uses Word 2003 and Betty uses Word 2007, Hector could just open a patch to allow him to open Word 2007 documents and/or Betty could be sure she saves all documents as backward compatible. This would probably cost the company less initially and still allow Hector and Betty to be efficient. However, this means that the IT department would need to be able to fix a multitude of different kind of hardware and software which is almost impossible and would decrease the efficiency they would have in their work.
sources:
Constantly Plugged in: http://www.teach-ict.com/news/news_features/work_employment/going_online_on_holiday.html
Social Networking: http://www.teach-ict.com/news/news_features/work_employment/future_without_rushour.html
Loss of Data: http://www.teach-ict.com/news/news_features/banks/bank_loses_data.html
Network Crime: http://www.teach-ict.com/news/news_features/networks/tackling_britains_wifi_crime.html
Social issues--The analysis of social issues can be guided by answering the following key questions.
- What are the social issues associated with a particular IT development?
- How did the IT development emerge?
- Who are the stakeholders—individuals, institutions, societies who initiate and control the IT developments and are affected by them?
- What are the advantages and disadvantages for the stakeholders?
- What feasible solutions can be applied to overcome problems?
- What is the social impact of the IT development on human life? This may include some or all of the following areas: economic, political, cultural, legal, environmental, ergonomic, health and psychological.
- What are the social impacts on local and global communities?' (IBO 2006)
- What are the ethical issues associated with a particular IT development?
- Who is responsible?
- Who is accountable?
- What policies, rules or laws apply to the situation?
- What are the alternative ethical decisions?
- What are the consequences of these decisions?(IBO 2006)
- What are the relevant IT Systems discussed in the N & Q Investment Case Study?
- The Company's WAN
- hotspots
- Hector and Betty's equipment: PDA, Laptop, Cellphone
- Remote Access server--VPN
- Encryption (SSL, PGP)
- Methods of connectivity: Wifi, bluetooth, infrared, satellite
- Network Servers
- Wireless Networks
- The Company's WAN contains client data
- Hotspots are locations where Hector can use his PDA to connect to a company VPN.
- Used primarily for communication; however, the laptop has more processing power than the other two and the cellphone can send and receive calls and text messages.
- A remote access server is a machine set up so employees can instantly access a central database and files to work remotely.
- Encryption:
- PGP (Pretty Good Privacy): encrypts a sent file using a public/private key system. Computer 2 sends computer 1 its public key which can be shared freely. It allows other computers to encrypt data which can only be decrypted using the matching private key, which is NOT shared with anyone. Computer 1 encrypts the file using computer 2's public key and sends this encrypted file to computer 2. Computer 2 receives the file and decrypts it using its own private key.
- SSL (Secure Socket Layer):
- PGP (Pretty Good Privacy): encrypts a sent file using a public/private key system. Computer 2 sends computer 1 its public key which can be shared freely. It allows other computers to encrypt data which can only be decrypted using the matching private key, which is NOT shared with anyone. Computer 1 encrypts the file using computer 2's public key and sends this encrypted file to computer 2. Computer 2 receives the file and decrypts it using its own private key.
Wifi via hotspots allows Hector to maintain contact with colleagues and clients at all times.
Allows Hector to instantly access client records, make sales, purchases or transfer funds on behalf of his client.
5. What are the underlying problems with the IT systems in this case study?
- Compatibility between hardware/software
- Theft of device (PDA, Cellphone)
- Privacy and security of client data
- Risk of confidentiality
- Carbon footprint
7. What are the consequences of these solutions? (Paul and Stephanie)
8. What are the ethical issues associated with the IT development? (Ryan and Lisa)
9. Who is responsible and/or accountable? (Ryan and Lisa)
10. What policies, rules, or laws apply to the case study? (international laws regarding internet access, language barriers, cultural/globalization issues, level of access, etc.) (Nick and Mary)
Challenges facing Hector and Betty
Analyze the challenges below and come up with an appropriate solution:
1)Security issues with network connections (consider other emerging technologies and wireless network standards. see page 332 in CC): Nick Wireless networks offer constant and mobile access to the Internet and other nodes on the network. However, wirless networks open the possibility for unknown hackers to access the network and tamper with files and settings. Most of the time, a wireless network hacker will wardrive, or literally drive and search for unprotected wireless networks to connect to. Also, hackers can pick up wireless signals with WiFi sniffers. Hackers rely on the 802.11 standard LAN code to operate within a network. The earlier 802.11 a,b,c and g models had little encryption capability, and their network speed was rather lacking. However, as the 802.11 n and e versions were made available, the bandwidth almost tripled and made wireless networks even more popular. However, with such fast network connections, better security measures should be installed because hackers can access the network from a greater distance at a faster rate. The 802.11 i standard remedies this, and even makes business transactions more reliable. Yet, more encryption, firewalls, and network timeouts are needed to keep up with the speed of the new network standards. Other types of networks such as WiMax, Ultrawideband, mesh networks, and adaptive radios provide full Internet service to a broader range of people. This means more anonymous people are connected to the same network and accessing the Internet at once. This makes finding a hacker thousands of times more difficult. Thus, the need for a newer security is needed. Also, since mesh networks rely on every computer connection to maintain Internet connectivity instead of using a centralized server, a virus or worm could easily spread to every connected computer in a heartbeat. Each computer would need serious protocols and security tools to prevent such a devistating attack.
2) Their need to always be accessible: Stephanie
With N&Q Investments becoming an international company, it is important for Hector and Betty to participate and assist with the growth of the company. The most efficient way for them to communicate with each other and also with other employees is through the Internet. For this reason, Hector and Betty should always have access to the Internet. This way they would always have the ability to access databases or websites at a moment's notice through their home PC's, laptops, PDAs, cell phones, etc. Instead of being connected to just any wireless network, Hector and Betty could be connected to the company's VPN that would allow them to access the company's databases with an added level of security. This decreases the chances of hackers stealing any information. However since Hector and Betty would be constantly on the company's network, even if they were on vacations with their family, they would not be able to take a break from work. This would reduce their personal time with their families and would not let them live a life away from work.
N&Q Investments is an investment company in which the stock market plays a crucial part in their company. The stock market has the ability to change dramatically in mere minutes, which supports the need for Hector and Betty to always be accessible to watch the status of their investments.
The need to always be accessible is very important for Hector and Betty, but they should not have to sacrifice their personal lives and their time with their families for it.
3) Social Networking-Privacy Issues when consolidating data: Paul The issue is referring to how user information may be compromised due to the collectivization of data on social networking sites. That is to say, that not only is information on a user’s page available for others to see, but most networking sites claim all content that may be put onto the pages as well. In the case of N&Q investments, it is in the best interest of Hector and Betty (as well as any other employee) to carefully monitor what content they put on their pages. Questionable photos or other types of inappropriate material may not only harm the reputation of the employee, but that of N&Q Investments as well. One simple and relatively easy solution would be to inform current and prospective employees about this concern and perhaps check-in with any of these pages. It is to my knowledge that several colleges and employers are doing this as well, what is there to stop N&Q investments from doing the same? There are relatively few drawbacks besides perhaps the “restriction of freedom of speech/expression”, but I believe what you put on your page is comparable to the clothes you wear or the way you present yourself. If you would not want customers to see you in a bikini, there’s not really a good reason to put that bikini picture up on your website either (especially if you’re a guy). Although each employee is entitled to their private lives, the fact they put it on the web makes it public.
4) Loss of Data: Ryan
This is definitely an important problem that has to be taken care of by N&Q Investments. As shown by the link from teachit.com (shown below), there have been instances where a company has lost private client information. The video in the link is about a HSBC bank whose Southampton offices have lost the personal details of over 370,000 of thier clients. Now whether the details were lost or stolen is still under a pending investigation, but that doesn't matter at the moment because the details didn't have information that could potentially harm their clients' security. However, N&Q Investments should realize that this could be a huge problem if this ever happens to them. They need to start taking precaucions to make sure that their personal client information is never lost or stolen.
When talking about the loss of private information, either one of two things could have happened: it was lost or stolen. Unfortunately, N&Q Investments has to prepare for both of them if they want their data to be completely safe. Several things can be done to make sure that private information is not lost. First of all, all client information should only be held on company-owned technology. This way, the information stays within company hands. This is also a good way to regulate the equipment and make sure that it is never lost. By requiring companies to check-in company technology, the management can feel safe knowing that their clients' information has not been lost as of recently. This may be a stretch, but companies may even want to consider putting a long-range RFID chip into all of the technology. That way, once an employee admits that he has lost the technology, the company can track it down and recover the missing information. But in case worst comes to worse and the technology is ever damaged or manipulated, N&Q has to make sure that they have a backup of all information stored on external hard drives.
The next problem is if the information is stolen. In this scenario, it would also be a good idea to have an RFID chip in the technology so that they might be able to track it down. But if this is unavailable, the company needs to make sure that thier information is protected as best as it can. This means anything from using passwords, biometrics, or encryption before being able to access the information. This way, stolen information is still very hard to access if not impossible. If using a website, management needs to also make sure that this website is very secure under a https. The clients are the first priority of N&Q, and this means that they have to keep a constant care of the clients' information. If the information is ever lost or stolen, N&Q could risk losing clients and getting sued. Even though security of private information can turn into a real hassle, it is always better to be safe than sorry.
5) Wireless Network Crime: Mary
The term “wireless network crime” refers to crimes that take place using or over wireless networks that are available. For example, a passerby who happens to use the LAN available in a location relatively near to N&Q Investments would be considered a network crime (wireless hijacking) because he is using a network he does not necessarily have permission to access. The gravity of a wireless network crime, though, is usually more serious in that it can involve hackers using access to wireless networks to steal information that is being transferred to and from a person or people that access the specific wireless network. This could result in identity theft, loss of a large amount of money, and an overall collapse of N&Q Investments.
As a result, wireless network crime is something that should be taken very seriously and into consideration when N&Q Investments looks at the security options that are available for the networks that are used within company sites and locations (hotspots) used by their employees to ensure that the client’s sensitive information is not stolen or spread. The easiest solution available to N&Q is the use of encryption for the wireless networks – WEP WPA WPA2. WPA2 would be recommended because it is the most advanced type of encryption, enabling pass phrases to be used, and secure type of encryption for the data that is transferred.
A solution to the possibility of a wireless network crime could also be the surveillance of areas where N&Q’s networks are specifically available as the Dallas Police monitors the City Hall. This would enable authorities to ensure that the wireless network is not accessed by anyone out of the company in the case that the security measures already available (WEP WPA WPA2) are broken.
Sources:
http://www.networkcomputing.com/channels/collaboration/showArticle.jhtml?articleID=198100318
http://technology.timesonline.co.uk/tol/news/tech_and_web/the_web/article2872726.ece
6) Compatibility of hardware and software: Lisa
Hector and Betty have a challenge in how to make all their equipment compatible. They use a PDA, laptop, and cellphone. These devices must be able to access the company's WAN whenever needed. For example, Hector's PDA should be able to access the company's WAN and all wireless networks that may be used.
They must also be able to access any other networks, wireless or wired, as needed. Any software on their computer must be compatible with other employees. For example, the software and hardware Hector uses should be the same, or at a minimum compatible with, the software Betty is using. This is important because Hector and Betty may have to communicate with each other and if they have to spend valuable work time trying to open a file they will be less productive and possibly lose money for their clients.
In addition, all their software and hardware should be able to meet the security standards set up by the network. If the company was using a WEP2 network security standard for example, then their laptop, cellphone, and PDA should be able to access the network. This is important because the company must keep the data secure in order to ensure clients the best service possible, yet they must also allow their employees to work efficiently as needed.
Hector and Betty should have a policy with all their clients as to what file version they use and make sure it is backward compatible so that their clients can read it. For example, if they create a document in Word 2007, they should save it as a backward compatible file so that if their clients have Word 2000 they can read it. This should simply be a policy for them as International Fund Managers.
Having compatible equipment is important for Hector and Betty because if they must lose time fighting the compatibility issues, then the clients may loose money because their information may not be handled as it should. If this happens, N&Q Investments could lose clients and hence money. Therefore, software compatibility is important.
One solution for this is to make sure all employees have uniform equipment. Though this may be expensive, if N&Q Investments does it now, then they might be able to catch the problem early before they expand and then buy all new employees the same equipment everyone else has. This will not cost them as much. Along with compatible hardware then, the IT department could make sure all the software on all the computers is uniform. By buying new equipment, they could make sure all the equipment is compatible and allow the employees to be more efficient and take all necessary precautions. It would also mean that the IT department only had to be trained on how to fix one specific kind of laptop and one specific kind of PDA, allowing them to be more skilled and hence be more efficient in their work.
Another solution is for the company is to make sure all the equipment for each person is compatible, and all the software for the company is compatible. For example, if Hector uses Word 2003 and Betty uses Word 2007, Hector could just open a patch to allow him to open Word 2007 documents and/or Betty could be sure she saves all documents as backward compatible. This would probably cost the company less initially and still allow Hector and Betty to be efficient. However, this means that the IT department would need to be able to fix a multitude of different kind of hardware and software which is almost impossible and would decrease the efficiency they would have in their work.
sources:
Constantly Plugged in: http://www.teach-ict.com/news/news_features/work_employment/going_online_on_holiday.html
Social Networking: http://www.teach-ict.com/news/news_features/work_employment/future_without_rushour.html
Loss of Data: http://www.teach-ict.com/news/news_features/banks/bank_loses_data.html
Network Crime: http://www.teach-ict.com/news/news_features/networks/tackling_britains_wifi_crime.html
nickengberg |
Latest page update: made by nickengberg
, Apr 14 2009, 3:43 PM EDT
(about this update
About This Update
Edited by nickengberg
270 words added view changes - complete history) |
|
Keyword tags:
None
More Info: links to this page
|
There are no threads for this page.
Be the first to start a new thread.
