Ohio Lottery

Post one thread of at least 800 – 1000 words

Then post two (2) replies of at least 450–600 words

For each thread, there are multiple questions based off the case study; each question response must be supported with at least 1 peer-reviewed source.Each thread must also include 1 biblical application/integration.

Each response must be supported with at least 2 peer-reviewed sources and include 1 biblical application/integration.

Note that the biblical application/integration cannot be more than 10% of the thread or replies.

From the Ohio Lottery case, answer the following questions:

1. Detail the overall research design in the Ohio Lottery case (See Exhibit OL1). What are the advantages and disadvantages of this design?
2. Evaluate the MET process (Exhibit OL-2). What are some of the strengths and weaknesses of the MET technique?
3. What measurement scales are used in the sample questions provided (Exhibit OL-3)? Why might the lottery attitude and lottery importance questions have presented the most challenge to the professional researchers?
4. Using text Exhibit 12-2, map out the likely quantitative instrument content.
5. The survey contained several questions that would alert the researchers that the participant was not taking the research process seriously (see case exhibit OL-3). Is this a good or a poor idea? Why?
6. Evaluate the MET discussion guide for the Ohio Lottery Research. 

PLACE YOUR ORDER NOW

Response #1

R. Guerra

 

Detail the overall research design in the Ohio Lottery case (See Exhibit OL1). What are the advantages and disadvantages of this design?

The Ohio lottery researchers began by determining the issue and subject matter-based management dilemma. The issue was that sales were declining for the lottery tickets and thus educational funds were decreasing as well relative to the sales. Based upon this they needed to figure out a way to increase the sales of tickets and opted to gather information on consumers opinion towards the lottery. They used both primary and secondary research techniques in order to gather the information, some of these include MET long form interviews, survey questionnaires, and experiments. The disadvantages to this kind of research is the amount of time it takes to host these research methods. According to the textbook one of the researchers even said, “MET interviews are long, often 90 minutes or more” (Schindler & Cooper, 2018). This can significantly decrease the population pool of individuals willing to participate in the study. The advantage of this kind of research is that the researchers are able to get very detailed information that can provide clear solutions to their issue.

 

Evaluate the MET process (Exhibit OL-2). What are some of the strengths and weaknesses of the MET technique?

The researchers for this study understood that a lot of communication is nonverbal. They opted to utilize the metaphor elicitation technique (MET) as a way to gain valuable information based upon the participants non-verbal insights toward the lottery. According to the article Advances in Consumer Research by Robin Coulture and Gerald Zaltman, “Zaltman Metaphor Elicitation Technique (ZMET) employs qualitative methods to elicit the metaphors, constructs and mental models that drive customers’ thinking and behavior, as well as quantitative analyses to provide data for marketing mix decisions and segmentation strategies” (Coulture & Zaltman, 1994). The strength to this type of research is that it focuses on determining the behavioral and psychological aspects of the participants which can reveal valuable information that could otherwise be easily overlooked from traditional research methods. As mentioned previously the weakness is the length of time it takes to conduct this study and participants may not be willing to complete it.

 

What measurement scales are used in the sample questions provided (Exhibit OL-3)? Why might the lottery attitude and lottery importance questions have presented the most challenge to the professional researchers?

For the sample questions the interviewers used interval scales to gain the information. The specific type of interval scale that they used was the Likert scale. “Likert scale was devised in order to measure ‘attitude’ in a scientifically accepted and validated manner in 1932. An attitude can be defined as preferential ways of behaving/reacting in a specific circumstance rooted in relatively enduring organization of belief and ideas (around an object, a subject or a concept) acquired through social interactions” (Joshi, A., Kale, S., Chandel, S., & Pal, D. K., 2015). Likert scale questions are a sufficient way to get direct answers from the participants which could be very valuable in contrast to the MET results. The lottery attitude and importance might have been a challenge for the researchers due to the number of questions that they had to examine in addition to all of the other methods they were looking at.

 

 

Using text Exhibit 12-2, map out the likely quantitative instrument content.

The questionnaire used to survey the question and answers given by the participants was utilized to gain understanding of the various component’s involved with the Ohio lottery. The measurements points for the scale were 1-7. “Using a scale from 1 to 7, where 1 means the attribute is “Not At All Important” and 7 means the attribute is “Extremely Important” in deciding if you participate in lottery games, how important are the following attributes to you?” (Schindler & Cooper, 2009). The questions were not based upon right or wrong answers they were all based upon opinion-based answers from the participants.

 

The survey contained several questions that would alert the researchers that the participant was not taking the research process seriously (see case exhibit OL-3). Is this a good or a poor idea? Why?

Overall, I think that it is a really good idea for the researchers to contain these types of questions within the survey. This is a good way for the researchers to be able to organize the surveys where participants likely gave legitimate answers from the ones where they did not fully participate on a serious level. According to an article on serious checks, “The main problem resulting from the participation of nonserious respondents, however, is that they increase noise and reduce experimental power” (Aust, F., Diedenhofen, B., Ullrich, S., 2013). This could be detrimental for data results because it can skew the results in an inaccurate way.

 

Evaluate the MET discussion guide for the Ohio Lottery Research.

The first phase of the MET analysis began with the researchers showing the participants pictures in order for them to express their feelings after they saw the pictures. The participants were given the option to “story tell” describing what their feelings were toward the lottery. “Photos have been claimed to make the interview situation more comfortable, since there is something to focus on—the images, which are familiar to the participant” (Clark-Ibanez, 2004). After that the second phase involved removing the pictures from the participants and they were asked to rank the pictures in order of importance to them. After that researchers were asked to create a collage that represented their feeling on the lottery.

 

 

Reference:

 

Aust, F., Diedenhofen, B., Ullrich, S. et al. Seriousness checks are useful to improve data validity in online research. Behav Res 45, 527–535 (2013). https://doi.org/10.3758/s13428-012-0265-2

 

Clark-Iba´n˜ez, M. (2004). Framing the social world with photo-elicitation interviews. American Behavioral Scientist, 46, 1507–1527.

 

Coulter, R. H., & Zaltman, G. (1994). Using the Zaltman metaphor elicitation technique to understand brand images. ACR North American Advances.

 

Joshi, A., Kale, S., Chandel, S., & Pal, D. K. (2015). Likert scale: Explored and explained. British Journal of Applied Science & Technology, 7(4), 396.

 

Schindler, P.S. (2019). Business Research Methods (Thirteen ed.). New York: McGraw-Hill/Irwin

 

Response #2

 

1. Nowinski

 

 

Case Study: Ohio Lottery

 

1. Detail the overall research design in the Ohio Lottery case (See Exhibit OL-1). What are the advantages and disadvantages of this design?

The research design used both qualitative and quantitative research methods. The advantages of qualitative method looked the emotions displayed from the participants through the photos they would take as they were buying a lottery ticket. Another aspect was understanding what winning meant to the person buying a ticket. They recognized that winning in general was more important than winning the jackpot amount when players played the lottery. A disadvantage of qualitative research is the smaller sample size they use to gain more detailed data. The advantages of quantitative method used a larger sample than the qualitative method which could help discover more accurate trends among the data that the participants display.

 

2. Evaluate the MET process (Exhibit OL-2). What are some of the strengths and weaknesses of the MET technique?

The advantages when using MET is it enables the behaviors that are present in consumers who play the lottery. MET interviews are long, about 90 ninety minutes, and these interviews have somebody watching the participant behind a special mirror. In the interviews they seek “to understand motivations for playing lottery games, to determine obstacles to playing or playing more often, and to provide guidance for the quantitative segmentation study to follow” (Schindler. 2019). By having such a long interview, researchers are able to gather more quality data based on the participants responses and reactions towards the questions asked. The moderator in the MET interviews is asking the participants to elaborate or in depth about their responses and they look encourage more detailed answers. Two weaknesses when using MET did stand out. One was that there is only a total of twenty-five interviews. This is such a small sample of the actual number of lottery players in Ohio, so the data gained may not be the same data they would gain if they used a larger sample. The second issue is that the participants consisted of heavy lottery players and then some players who occasionally, rarely, or never play. The reactions and responses will certainly vary in the participants depending on how often they play.

 

3. What measurement scales are used in the sample questions provided (Exhibit OL-3)? Why might the lottery attitude and lottery importance questions have presented the most challenge to the professional researchers?

The measurement scale present in exhibit OL-3 is interval because the participants are rating the level of importance of their answer to each question (Yusoff & Mohd. 2014). Each rating has a different meaning than the next. The ratings are based on numbers 1-7 and 7 means extremely important while 1 means not important at all. The lottery attitude and importance questions would vary greatly among the users because the users consist of heavy, moderate, and rare players of the lottery. Also, rating scales do not offer very precise data because the users can choose between two or three rating numbers that might not very much from one another and therefore not offer the most accurate insights.

 

4. Using text Exhibit 12-2, map out the likely quantitative instrument content.

Proper measurement instruments consist of three measurement question categories and multiple non-question sections. The administrative questions help answer basic information such as participant names, who the interviewer(s) is, the research locations, and research conditions (Schindler. 2019). Classification questions will be used next, and these helps identify patterns based on participant responses. Target questions follow classification questions. These kinds of questions also help identify patterns, but the patterns will help the researchers make decisions. The non-question elements of the study contain the introduction, conclusions, instructions, and transitions from each phase of the research.

 

5. The survey contained several questions that would alert the researchers that the participant was not taking the research process seriously (see case exhibit OL-3). Is this a good or a poor idea? Why?

When conducting research of any type, “Non serious answering behavior increases noise and reduces experimental power; it is therefore one of the most important threats to the validity of online research” (Aust. Diedenhofen. & Ullrich. 2013). Again, this goes for all research studies, not just online. I think it is a good idea to ensure the data you gather is accurate. Inaccurate answers due to carelessness of the participant can skew the data one is trying to process and organize.

 

6. Evaluate the MET discussion guide for the Ohio Lottery Research.

The discussion guide was very precise as to what types of questions would be asked, what topics the questions are centered around, and explain other aspects of the study. It was very informative as a reader to see this and know what exactly what objectives the researchers are after in this study. The discussion guide does show a direction of broad to specific as far as what the main points of study are in each of the four steps. The final step just said wrap-up, but I believe this doesn’t involve the participants anymore, so they don’t really need to know how the data is being configured.

 

References

Aust, F., Diedenhofen, B., Ullrich, S. (2013) Seriousness checks are useful to improve data validity in online research. Behavior Research Methods. 45, 527–535. https://doi.org/10.3758/s13428-012-0265-2.

Schindler, P. S. (2019). Business research method. (14^th ed.) McGraw Hill.

Yusoff, R., & Mohd Janor, R. (2014). Generation of an Interval Metric Scale to Measure Attitude. SAGE Open. https://doi.org/10.1177/2158244013516768

 

MBA 670

 

Note:  Weekly sessions run based on the start of the semester.  If a semester starts on a Wednesday, then the weekly session runs Wednesday to Tuesday.  Milestone or Scheduled Due Dates generally occur at the end of a weekly session, unless otherwise stated in the classroom. Submissions are due in your Assignment folder by 11:59 PM ET on the last day of the weekly session.
Week	Items to work on	Milestone Submission Date	Project Scheduled Due Date
Week 1  Jul 14-20	·  Introduce yourself (see Discussion Area) ·  Review the Syllabus ·  ·Review all course projects and related competencies ·  Download Microsoft Project software and confirm in the discussion area. ·  Post your Project 2 Team agreement in your team discussion area. Title your file using this protocol: team_name_Project2_TeamAgreement.docx ·  Complete your Capsim registration o  Go to https://www.capsim.com  and register ($43.15 payment to Capsim) with the Industry ID o  Enter the Participant Dashboard, click Training to commence three training levels: beginner, intermediate, and advanced. o  Complete all three levels of training. Post your Training Completion Confirmation in area. o  Prepare Capsim Team Roles Plan and Team Coordination Plan for the Capsim Practice Round by Jul 18 (Practice Round 1 opens Jul 20). ·  Complete your preliminary skills gap analysis Project 1: Strategic Leadership ·  Expand Your Knowledge of Strategic Leadership ·  Discuss Conference Materials ·  Complete your two main postings, one in each discussion topic, by 11:59 PM ET on Monday of Week 1 (Jul 19) ·   Complete week 1 activities by Jul 20
Week 2  Jul 21-27	Complete and post your MS Project Practice Exercise in the class discussion area by Jul 25.  Post your Project 2 Work Plan in your team discussion area  Project 1 o Expand Your Knowledge of Strategic Leadership o Respond to a minimum of two postings from your classmates, at least one in each topic, before the Sunday of Week 2 (Jul 25). Project 1 discussion locks on Jul 25  Submit your initial gap analysis for MBA 670.  Title your file using this protocol:  yourlastname_MBA670Week1SkillsGap_date.  Submit your Project 1 Final Report Title your file using this protocol: lastname_firstname_Project 1_Report.docx  Commence Capsim simulation practice round Jul 22 (Round 1 opens Jul 20).		Jul 27
Week 3  Jul 28-Aug 3	Complete Capsim simulation practice round by Jul 28:  ·  Make your Capsim simulation decisions. ·  Save your Capsim simulation decisions. ·  Record decisions for all Capsim rounds in each of the four area (R&D, Marketing, Production and Finance) in Capsim Decision Record format.  Confirm completion of the Capsim practice round in the discussion area.  Project 2: Project Management in an International Environment ·  Develop a Project Charter. Title your file using this protocol: teamname_Project2_Charter.docx ·  Develop a Stakeholder Management Plan. Title your file using this protocol: teamname_Project2_Stakeholder.docx ·  Create a Work Breakdown Structure (WBS) and Gantt chart with Critical Path [In an MS Project .mpp file]. Title your file using this protocol:  teamname_Project2_WBS.mpp  Submit Project 2 Milestone (optional)	Aug 3
Week 4  Aug 4-10	Project 2 ·  Create the Project Risk Register ·  Prepare Project Cost Estimate ·  The project management plan includes all milestones from Weeks 3 and 4. Submit your Team Project 2 Final Report Title your file using this protocol: teamname_Project2_PMP_Final.docx teamname_Project2_WBS_Final.mpp  Prepare for Project 3: ·  Select your team’s choice of local strategy for Project 3 in the Strategy Selection by Aug 6. ·  Each team will post the team role plan and team coordination plan for Project 3 to the group’s discussion area by Aug 6. Team Role Plan – teamname_CapsimRolePlan3.docx Team Role Plan – teamname_CapsimCoordinationPlan3.docx Project 3 Capsim simulation Round 1 opens Aug 10.		Aug 10
Week 5  Aug 11-17	Project 3:  Simulation as a Tool for Strategic Decision Making—Part 1 ·  Complete your two main postings, one in each discussion topic, by 11:59 PM ET on Monday of Week 5 (Aug 16)  Project 3 Capsim simulation ·  Project 3 Capsim simulation Rounds start Aug 12-18. ·   Make your Capsim simulation decisions. ·  Save your Capsim simulation decisions. ·  Record decisions for all Capsim rounds in each of the four areas (R&D, Marketing, Production and Finance) for Project 3 in Capsim Decision Record format.		Aug 17
Week 6 Aug 18-24	Project 3 ·  Respond to a minimum of two postings from your classmates, at least one in each topic, before the Sunday of Week 6 (Aug 22). Project 3 discussion locks on Aug 22 Project 3 Capsim simulation ·  Make your Capsim simulation decisions. ·  Save your Capsim simulation decisions ·  Record decisions for all Capsim rounds in each of the four areas (R&D, Marketing, Production and Finance) for Project 3 in Capsim Decision Record format. ·  Complete Project 3 Capsim simulation practice rounds Aug 12-18. ·  Evaluate your Contribution to the Team. Write a post of 200 words or less in your group discussion area explaining the decisions in which you were involved, the logic behind those choices, and how those decisions contributed to the team’s strategy and results. ·  Submit your individual contribution in the group discussion area. ·  Analyze your Team’s Decisions and Results by responding to Project 3 analysis questions. Project 3 analysis questions – Title your file using this protocol lastname_firstname_Project3_Analysis.docx   teamname_capsimdecisionrecord_project3.docx  Prepare for Project 4:  ·  Select your team’s choice of global strategy for Project 4 in the Strategy Selection discussion by Aug 20. ·  Each team coordinator will post the team role plan and team coordination plan for Project 4 to the group’s discussion area by Aug 20. teamname_CapsimRolePlan4.docx teamname_CapsimCoordinationPlan4.docx Project 4 Capsim simulation Round 1 opens Aug 24.		Aug 24
Week 7  Aug 25-31	Project 4:  Simulation as a Tool for Strategic Decision Making—Part 2 ·  Complete your two main postings, one in each discussion topic, by 11:59 PM ET on Monday of Week 7 (Aug 30) Project 4 Capsim simulation ·  Project 4 Capsim simulation Rounds start Aug 26-Sep 1. ·  Make your Capsim simulation decisions. ·  Save your Capsim simulation decisions. ·  Record decisions for all Capsim rounds in each of the four areas (R&D, Marketing, Production and Finance) for Project 4 in Capsim Decision Record format.		Aug 31
Week 8  Sep 1-7	Project 4 ·Respond to a minimum of two postings from your classmates, at least one in each topic, before the Sunday of Week 8 (Sep 5). Project 4 discussion locks on Sep 5      Project 4 Capsim simulation ·  Make your Capsim simulation decisions. ·  Save your Capsim simulation decisions ·  Complete Project 4 Capsim simulation practice rounds Aug 26-Sep 1. ·  Evaluate your Contribution to the Team. Write a post of 200 words or less in your group discussion area explaining the decisions in which you were involved, the logic behind those choices, and how those decisions contributed to the team’s strategy and results. ·  Submit your individual contribution in the group discussion area. ·  Analyze your Team’s Decisions and Results by responding to Project 4 analysis questions. Project 4 analysis questions – Title your file using this protocol lastname_firstname_Project4_Analysis.docx teamname_capsimdecisionrecord_project4.docx  Prepare for Project 5:  Select your medical devices and country from the list in the discussion area.		Sep 7
Week 9  Sep 8-14	Project 5: Creating an International Business Plan ·  Assess the Characteristics of MediCorp’s Potential Customers in the Selected Country ·  Develop a Marketing Strategy ·  Submit your six- to seven-page marketing strategy to include the components outlined in Step 1 and Step 2. Submit Project 5 milestone (optional) Title your milestone file using this protocol: lastname_firstname_Project5_Marketing_strategy.docx	Sep 14
Week 10  Sep 15-21	Project 5 final report Your final international business plan should include key findings from your marketing strategy (Steps 1–2) and financial projections and strategy implementation (Steps 3–4). It should also include an executive summary. Title your file using this protocol: lastname_firstname_Project5_International_business_plan.docx Final skills gap analysis lastname_firstname_Project5_SkillsGapAnalysis.docx Leadership development plan lastname_firstname_Project5_LDP.docx		Sep 21
Week 11  Sep 22-28	Review faculty feedback, revise, and resubmit if necessary		Sep 28

 

I think it’s time to take a step back and assess the direction of our work with this client. I need you to write an analysis that (1) describes the decisions your team made in Rounds 1–4 and the results of those rounds and (2) interprets how your decisions influenced the results.

I’m looking for an eight- to ten-page analysis that answers some key questions about the influence of the decisions you made for MediCorp. Please use the attached template and have the report ready for me by the end of the week. Type your answers directly in the template.

PLACE YOUR ORDER NOW

case study questions

Assignment Content

Top of Form

Purpose of Assessment 

Apply theories about leadership, structure, and culture to real-world scenarios that have occurred in various organizations. You will be measured on how you narrate various leadership styles to foster innovation and lead change in a dynamic environment. Use the chart you created in Week 3 as a quick reference as you work.

 

Review the following cases from Organizational Behavior:

1. • Ch. 12: Case Incident 1: Sharing is Performing
   • Review questions: 12-13, 12-14, and 12-15.
   • Ch. 15: Case Incident 2: Turbulence on United Airlines
   • Review questions: 15-10, 15-11, and 15-12.
   • Ch. 16: Case Incident 2: Active Cultures
   • Review questions: 16-16, 16-17, and 16-18.

 

In 780- to 1050-words, do the following:

1. • For each of the above cases:
   • Describe, through a story, the leader’s use of the leadership style in response to the situation. Use various action verbs in your story.
   • Explain what makes the selected leadership style effective for the particular situation.
   • Compare and contrast the leadership styles leaders chose for each case.
   • Explain why the leadership styles should differ for each case.
   • Use at least two references. The textbook is required as is the plagiarism checker. Please include APA Section Headers, a cover page and properly formatted reference page.

Bottom of Form

 

PLACE YOUR ORDER NOW

1. 12 Case Incident 1: Sharing Is Performing

Replacing Nicholas Dirks as the chancellor of University of California at Berkeley, Carol T. Christ is taking on a strategy that her predecessors did not utilize: sharing leadership. Notably, the prior chancellor and provost would not consult other decision makers and stakeholders at the university when they proposed to dissolve completely the College of Chemistry. Christ, on the other hand, met with Frances McGinley, the student vice president of academic affairs, reaching out to “get a beat on what [student government] was doing and how [she] could help.” This move was unusual because McGinley would often have to track down the other administrators to even get a meeting (or would be merely delegated work). Another such arrangement between Jill Martin and David Barrs at a high school in Essex, England, designates special interest areas where each takes the lead, and they both share an educational philosophy, meet daily, have the authority to make decisions on the spot, and challenge one another.

As Declan Fitzsimons suggests in a Harvard Business Review article, the twenty-first century moves too quickly and is too dynamic to be handled by one person. By sharing leadership among multiple individuals, the organization can respond more adaptively to challenges, share disparate but complementary perspectives, and ease the burden experienced by the traditional charismatic leader figurehead. However, sharing leadership leads to its own issues and obstacles, which are apparent in the multiple relationships between team members, subordinates, and other employees. Not only do individual identities become involved, but so do collective identities shared as a group. It is also important to recognize that shared leadership is not about delegation but about putting in effort to coordinate and collaborate, along with balancing individual and collective goals.

Recent reviews of the research on shared leadership suggest that, overall, shared leadership is effective at improving team performance, attitudes, and behaviors, especially when the leadership is transformational or charismatic and when the team tasks are complex.

Questions

12-13. What kind of obstacles can you foresee in taking a shared leadership approach? How might they (or can they) be solved?

12-14. How would you implement a shared leadership initiative in a company where you were the CEO? What elements of job design and redesign might you draw on to increase the effectiveness of the shared leadership initiative?

12-15. Can you think of any instances in which nonshared, traditional approaches to leadership would be preferable to a shared leadership approach? What are they, and how are they preferable? What sort of situational or individual factors lead to the traditional approach being more effective in these instances? (Robbins, 20180110, p. 426)

Robbins, S. P., Judge, T. A.  (20180110). Organizational Behavior, 18th Edition [VitalSource Bookshelf version].  Retrieved from vbk://9780134729749

 

PLACE YOUR ORDER NOW

1. 15 Case Incident 2: Turbulence on United Airlines

The beginning of 2017 was not good for United Airlines. Several incidents involving United Airlines personnel enforcing a variety of rules, regulations, and protocols in employees’ interactions with customers caused international outcry. The first incident involved two teenagers who were wearing leggings for their flight from Minneapolis to Denver. They were stopped by the gate agent and not allowed to board for violating the United Airlines travel perk program. These travel perk passes hinge on a requirement for users of the passes to dress themselves so that the airline is presented in a favorable light. United defended its decision via Twitter: “Leggings are not inappropriate attire except in the case of someone traveling as a pass rider.” Comedian Seth Rogan tweeted, “We here at @United are just trying to police the attire of the daughters of our employees! That’s all! Cool, right?”

A second, more severe incident occurred when David Dao, a doctor who needed to see his patients the following morning, was aboard a Louisville-bound flight from Chicago in April. Four United employees needed to get to Louisville at the last minute, and it was announced that four people needed to give up their seats or else the flight would be cancelled. Attendants called the police after no one complied. The police approached Dao and forcibly removed him from the plane. Dao suffered a broken nose and concussion after his head smashed into an armrest. United policy allowed for the involuntary removal of passengers from flights, although this time United was not as defensive. Dao later filed a lawsuit against United for its actions.

A third incident, in Houston, involved a soon-to-be-married couple, Michael and Amber, headed to Costa Rica for their wedding. When they entered the plane, they noticed a man sleeping in the row where their seats were assigned. Instead of disturbing him, they found some seats three rows up and sat there instead. They were soon asked by an attendant to return to their seats and they complied. A U.S. marshall approached them soon after and ejected them from the plane. According to United statements, the couple “repeatedly” tried to sit in upgraded seats and would not follow the instructions of the attendants and crew members, and, as such, they were within their power to eject the passengers.

These incidents suggest that, starting with the structure as created by the CEO, United employees do not have much latitude or flexibility when dealing with day-to-day policy breaches. Taking cost-minimization and efficiency-boosting strategies to the extreme may also have had an effect given that the focus drifted from the customer and toward rule following. Many attribute this inflexibility to the strict, rule-following bureaucracy created by United managers. In this bureaucracy, their 85,000 employees may be reluctant to deviate from the rules—intracompany historical precedent suggests that many employees face termination if they break the rules.

Questions

15-13. How do you think United Airlines should have handled the recent string of incidents? Do you think that United Airlines was within its power to have removed these people from the flights? Why or why not?

15-14. What are the pros and cons of having a bureaucratic organizational structure for an airline? Do you think the pros and cons are justified for United Airlines and that they should keep the structure they have? Why or why not?

15-15. What do you think United Airlines should do in the future? Do you have any suggestions for enhancements or improvements to the United Airlines organizational structure? Would you consider restructuring? Why or why not? (Robbins, 20180110, pp. 536-537)

Robbins, S. P., Judge, T. A.  (20180110). Organizational Behavior, 18th Edition [VitalSource Bookshelf version].  Retrieved from vbk://9780134729749

Always check citation for accuracy before use.

 

PLACE YOUR ORDER NOW

Ch. 16 Case Incident 2: Active Cultures

Employees at many successful companies start the day by checking the economic forecast. Patagonia’s Ventura, California, employees start the day by checking the surf forecast. The outdoor clothing company encourages its workforce to take time from the workday to get outside and get active. For Patagonia, linking employees with the natural environment is a major part of the culture.

New hires are introduced to this mindset very quickly. Soon after starting at Patagonia, marketing executive Joy Howard was immediately encouraged to go fly fishing, surfing, and rock climbing all around the world. She notes that all this vacationing is not just playing around—it’s an important part of her job. “I needed to be familiar with the products we market,” she said. Other practices support this outdoors-oriented, healthy culture. The company has an on-site organic café featuring locally grown produce. Employees at all levels are encouraged through an employee discount program to try out activewear in the field. And highly flexible hours ensure that employees feel free to take the occasional afternoon off to catch the waves or get out of town for a weekend hiking trip.

Are there bottom-line benefits to this organizational culture? Some corporate leaders think so. As Neil Blumenthal, one of the founders of Warby Parker eyewear, observes, “[T]hey’ve shown that you can build a profitable business while thinking about the environment and thinking about your team and community.” As Patagonia CEO Rose Marcario says, “People recognize Patagonia as a company that’s … looking at business through a more holistic lens other than profit.” However, she is quick to add, “Profit is important; if it wasn’t you wouldn’t be talking to me.”

Patagonia’s culture obviously makes for an ideal workplace for some people—but not for others who don’t share its values. People who are just not outdoor types would likely feel excluded. While the unique mission and values of Patagonia may not be for everyone, for its specific niche in the product and employment market, the culture fits like a glove.

Questions

16-16. What do you think are the key dimensions of culture that make Patagonia successful? How does the organization help to foster this culture?

16-17. Does Patagonia use strategies to build its culture that you think could work for other companies? Is the company a useful model for others that aren’t so tied to a lifestyle? Why or why not?

16-18. What are the drawbacks of Patagonia’s culture? Might it sometimes be a liability and, if so, in what situations? (Robbins, 20180110, pp. 574-575)

Robbins, S. P., Judge, T. A.  (20180110). Organizational Behavior, 18th Edition [VitalSource Bookshelf version].  Retrieved from vbk://9780134729749

PLACE YOUR ORDER NOW

UMSD7T-15-3 – Strategic management (business, international and management)

UMSD7T-15-3 – Strategic management (business, international and management) 20sep_1

 

Strategy and Innovation – Portfolio Test 3

Question 1

 

True or False?

Path dependency not only impacts on the strategic choices a firm considers and makes, it also influences the expectations of key stakeholders – shareholders, regulators, media etc. An approach in the industry becomes the expected norm and managers are challenged if they go against that norm. Ultimately the approach becomes taken for granted and not even thought about.

True

False

PLACE YOUR ORDER NOW

Question 2

 

Kim and Mauborgne’s strategy canvas depicts the ‘as is’ value curve and ‘target’ value curve by plotting competitive factors against which of the following?

		The amount of each competing factor (e.g. in the hotel industry the number room types)
		The perceived quality or value as rated by customers)
		The level of fit to customer’s needs derived from senior managers interviewing customers and non customers
		The difficulty competitors have copying each competing factor

 

Question 3

Which of the following is at the core of the Blue Ocean strategy perspective?

	a.	Possessing a small number of unique and difficult to copy competencies that enable the firm to do things others can not
	b.	Looking across and challenging existing industry boundaries to create uncontested market space
	c.	Seeking a series of resource advantages. As competitors match an advantage the firm has moved on to a new source of advantage
	d.	Choosing a position in an industry and then aligning all the activities in the firm to that choice

Question 4

Which of the following were competing factors in the ‘as is’ value curve for Blockbuster and other video rental stores

(Select ALL that apply)

	a.	The customer value delivered by the video store offering.
	b.	Number of copies available in store of new release hit films
	c.	Rental price
	d.	Proximity of physical store to residential areas
	e.	Number of Stores

Question 5

True or False?

As a product or service passes through its life cycle – from invention to maturity – a dominant design will emerge in an industry. At early stages of the life cycle there will be wide variations in the components used and also in the product and production architecture. However, in maturity, when a dominant design is established, the architecture will be set  and often taken for granted, with competition taking place on changes to components.

True

False

Question 6

Which of the following are symptoms you will tend to see if a firm has misinterpreted architectural innovation as component or modular innovation?

(Select ALL that apply)

	a.	Legacy processes and systems (e.g. IT systems) hinder the transitioning to a new architecture
	b.	Change is being interpreted through existing, usually effective, frameworks (e.g. capital allocation processes, capacity planning) and explained by making links to previous events
	c.	The firm makes rational choices to serve the needs of it’s best customers for whom the new approach does not offer the required performance
	d.	The firm is reluctant or unable to redirect time and resources to the new approach (often the firm is still reliant on the revenue generated by the old approach)
	e.	Managers are unsure of what existing architectural knowledge can be retained and what needs to be replaced
	f.	The firm does not possess the competencies needed to make the change and can not obtain them

Question 7

True or False?

As performance of a low end innovation improves and starts to attract the customers who had traditionally been price sensitive, and who made little contribution to profitability, Christensen argues that the a logical reaction of existing firms is to increase focus on existing customers especially those who need higher performance and are often more profitable.

True

False

Question 8

What are the two types of innovation that Christensen suggests have the potential to cause disruption

	a.	An innovation with very low performance on attributes valued in the market (Low-End Foothold)
	b.	An upgrade in the performance of the the products sold in the market (High-End Foothold)
	c.	An innovation in a new market segment/adjacent industry offering different attributes not valued in the established market (New-Market Foothold)
	d.	A radical innovation that offers superior performance to existing customers (First Mover Foothold)

Question 9

How should you use the theories of disruption to analyse a case or business?

	a.	Work through each of the two theories separately and see what facts from the case or business fit the theory.
	b.	Pick the theory you prefer and just use that in your analysis
	c.	Work through the case drawing in which ever element of the theory fits what you see.

Question 10

Which of the following suggest that Christensen’s theory of disruptive innovation may explain the failure of Blockbuster?

	a.	Initially Netflix was a low performing market entrant that could not match the performance of Blockbuster on traditional industry metrics (e.g. availability of latest Hollywood film releases)
	b.	Recruitment of a new CEO with retail turnaround experience
	c.	The focus by Blockbuster on to in-store cross-sales to its regular (best) customers
	d.	Netflix/streaming was just one of the competitive changes faced by the video rental market in the early 2000s (e.g. supermarket sales, vending machines, Amazon)

 

Strategy as Choice – Portfolio Test 1

 Question 1

The following are areas of primary activities in Porter’s value chain

(Select ALL that apply)

	a.	In Bound Logistics
	b.	Operations
	c.	Human Resource Management
	d.	Finance Function
	e.	After Sales Service
	f.	Out Bound Logistics

Question 2

Porter argues that competitive strategy requires firms to think about which of the following 2 areas

(Select the 2 answers that apply)

	a.	Its geographic scope
	b.	How the firm positions itself in the industry
	c.	The industry structure
	d.	Its social responsibilities to its stakeholders

Question 3

True or false?

“A trade off choice means you are making a choice that in doing so you are also choosing to not do something else – even if that alternative is attractive”

True

False

Question 4

To prevent competitors from imitating your strategic position Porter describes a number of “lines of defence”. these are:

(Select ALL that apply)

 

	a.	You need a tailored value chain to deliver the chosen value proposition
	b.	There must be a high level of fit in the system of activity choices the firm has made
	c.	Trade off choices need to have been made in your value proposition and/or value chain
	d.	The ability to create new Blue Ocean space where the competition is irrelevant
	e.	You have unique strategic assets that others cannot acquire

Question 5

Which of the following does Porter argue create a successful strategy?

(Select ALL that apply)

	a.	A different, tailored value chain
	b.	Strategic continuity
	c.	A generic strategy (cost leadership or differentiation)
	d.	A unique Value Proposition
	e.	Activities that fit together and reinforce each other as an activity system
	f.	Clear trade off choices
	g.	None of the above

Question 6

Which of the following are dimensions of Porter’s “Value Proposition” that define the strategic position of a firm?

(Select All that apply)

 

	a.	Choosing what relative price position to adopt
	b.	Choosing which customers to serve and which not
	c.	Choosing which customer needs to meet and which not
	d.	The mapping of activities into the value chain
	e.	Choosing a generic strategy i.e. cost leadership or differentiation

Question 7

Porter’s activity system map is constructed by drawing and linking together which of the following?

(Select ALL that apply)

 

	a.	Strategic themes
	b.	Specific activity choices
	c.	All activities carried out by the firm
	d.	The resources in the firm

Question 8

Porter’s activity system map can be used to assess which levels of fit?

(Select ALL that apply)

		First Order Fit: Simple Consistency
		Second Order Fit: Reinforcing Fit
		Third Order of Fit: Optimisation of Effort
		Strategic Consistency

Question 9

Looking at Jet Blue’s introduction of the new business class service from Porter’s pperspective the danger is that the firm …

	a.	Is trying to straddle two strategic positions and so lose its competitive advantage
	b.	Has not thought through the operational implications of the new service
	c.	Has failed to fully assess the financial implications of the move
	d.	Is not going far or quickly enough to satisfy the demands of its shareholders

Question 10

What could be the impact of adding a second type of aircraft to Jet Blues operation as envisaged in Jet Blue case (part 1)

(Select ALL that apply)

	a.	Increased training costs
	b.	Higher purchase prices of aircraft
	c.	Increase in stocks of spare parts
	d.	Reduced air and ground crew familiarity with an aircraft leading to longer turnaround times
	e.	Increase maintenance crew training

 

RBV and Competencies – Portfolio Test 2

 Question 1

True or False?

A competency is an integrated bundle of resources where the elements create more value by operating together than if they stood alone. As an integrated bundle competencies are potentially far more difficult for others to copy.

True

False

Question 2

Fill in the missing word:

The competencies – integrated bundles of resources – possessed by the organisation create the Strategic ______________ of the organisation – the reason why customers choose to buy from this organisation. This Strategic  ____________ enables the firm to operate across multiple product/service markets.

Question 3

In a VRIO test a competency is found to be valuable and inimitable, and the organisation benefits from the competency. However it is  not rare in the industry where the firm competes. Does the competency provided competitive advantage?

	a.	No it provides parity with its competitors.
	b.	Yes sustainable competitive advantage – it will enjoy an advantage for the foreseeable future
	c.	Yes but only temporary competitive advantage – at some stage competitors will copy the competency and so the firm will lose its advantage
	d.	No the cost of holding that competency put the firm at a disadvantage to its competiotrs

Question 4

While a highly useful analysis tool the RBV theory is criticised for its static view of competitive advantage. Critics argue that in today’s turbulent markets it is unrealistic to believe that a resource advantage will provide sustainable competitive advantage.

True

False

Question 5

To determine whether an organisation gains competitive advantage from its competencies its needs to test them using Barney’s VRIO test (Valuable, Rare, Inimitable and Organisation). Which of the following is the correct way to apply the VRIO test.

	a.	Look across the competencies and see if there is one that passes the valuable test. Then move to the rare element and determine if there is a competency that is rare. Conduct a similar approach with inimitable and organisation.  Back up your assessment with evidence from the organisation or case study.
	b.	Test each competency in turn using the the full VRIO test. So is that competency valuable, is it rare, is it inimitable and does the organisation gain the value from that competency. Ensure evidence is provided from  the organisation to support your assessment of each element of the test.

Question 6

CEMEX’s relationships with owners of the stores that are members of the Construrama network suggest as a competency it may be difficult to copy due to…

	a.	Causal ambiguity
	b.	Social complexity
	c.	The cost of setting it up
	d.	Historic circumstances

Question 7

Which of the following are mechanisms and formal routines that firms employ to reconfigure/transform their competency and resource portfolio?

(Select ALL that apply)

	a.	Strategic Alliances
	b.	Cultural change
	c.	M&A (mergers and acquisitions) to acquire new competencies and single resources
	d.	Succession Planning and Senior Leadership Changes

Question 8

True or False?

Dynamic capabilities create a firm’s consistent ability to integrate, build and reconfigure competencies to address rapidly changing environment.

True

False

Question 9

The managing/seizing dynamic capabilities that IBM put in place included which of the following?

(Select ALL that apply)

	a.	The $500 million corporate investment fund
	b.	The integration and values team
	c.	Strategic leadership forums (SLFs)
	d.	The emerging opportunities portfolio of processes
	e.	None of these

Question 10

Which of the following are formal mechanisms delivering CEMEX’s dynamic capabilities

(Select ALL that apply)

	a.	Its formal PMI process (post merger integration process)
	b.	Construrama
	c.	Its social media system ‘Shift’
	d.	Its CEMEXnet satellite system
	e.	Its global networks

 

Strategy and Responsibility – Portfolio Test 4

 Question 1

Complete the following sentence

When developing corporate strategy you are looking at the firm for the perspective of _____________

	a.	Society
	b.	Gaining competitive advantage
	c.	Customers
	d.	Shareholders

Question 2

Managers often claim that growth and risk reduction result from diversification. However such moves are often not in the interests of shareholders. What are the reasons for this?

(Select ALL that apply)

	a.	In a developed capital market shareholders can more effectively diversify their portfolio themselves to reduce risk
	b.	In a less developed capital market, ownership by a group is needed to gain transparency on performance and exert control
	c.	Unless growth is achieved at a level of profitability above that in the firm’s current activities then it dilutes the performance of the firm’s stock. Shareholders would have been better off investing directly in the acquired business.
	d.	While diversification can lead to more consistent firm performance this often comes at the expense of above average performance. This reduces the returns across shareholder’s own investment portfolios

Question 3

A Synergy Manager adds value through which of the following activities?

	a.	Realising the cost savings in an acquisition by the removal of duplicate activities and departments
	b.	Using the parent’s centrally held competencies and expertise to enhance the performance of individual business units (for example subsidiaries of Virgin using its brand)
	c.	Managing the financial flows between individual subsidiaries. For example balancing the cash needs of mature businesses with those of businesses in growing markets
	d.	Spotting opportunities and facilitating the sharing/transfer of resources and expertise between different subsidiaries to grasp those opportunities

Question 4

A parent firm imposes cost on to any business unit under its ownership. The reasons for this include:

(Select ALL that apply)

	a.	The are business unit administration costs resulting from control, reporting and other governance processes required by the parent
	b.	There are opportunity costs for business units resulting from it’s managers having less focus on its performance
	c.	It needs to allocate headquarters expenses
	d.	There are opportunity costs for the business unit as a result of reduced flexibility and a lower speed of reaction to market events

Question 5

Given the group’s origin, which business unit most clearly fits into the heartland zone of a Parenting Matrix for Esquel?

	a.	The cotton farms the group own
	b.	The accessory manufacturing business
	c.	The retailing business (Pye)
	d.	Garment Manufacture

Question 6

Match the area on Porter and Kramer’s CSV framework with its definition

– a. b. c. Social Dimensions of Competitive Context                                         – a. b. c. Value Chain Impacts                                         – a. b. c. Generic Social Issues

a. Social issues in the external environment that most significantly affect a company’s current or future competitiveness and strategy b. Social issues that are not significantly affected by the company’s operations and do not materially affect its long term competitiveness c. Social issues that are significantly affected by a company’s everyday activities in its business operations

Question 7

In Porter and Kramer’s CSV matrix, strategic CSR includes which of the following social issues?

(Select ALL that apply)

	a.	Value Chain Impacts where action will create economic value as well as social value
	b.	The small number of significant social issues mapped into the ‘Social Dimensions of Competitive Context’ box
	c.	Generic Social Issues
	d.	All Value Chain Impacts

Question 8

Porter and Kramer suggest actions for each social issue depending on where it maps in the CSV framework. Match the action to each part of the framework.

– a. b. c. d. Act as a good citizen by responding to local requirements but minimising effort. CSR spend can have more impact if invested elsewhere                                                    – a. b. c. d. Mitigate any harm to social value being caused by the day-to-day activities of the firm. Fix and then focus CSR investment elsewhere                                                    – a. b. c. d. Invest to change the day-to-day activities of the firm to benefit society where the investments also creating economic value                                                    – a. b. c. d. Invest and leverage the firm’s capabilities to have a major impact on improving key areas of the firms current and future competitive landscape as well as significantly benefiting society

a. Value Chain Impacts where action creates shared value (social value and economic value) b. Social Dimensions of Competitive Context c. Generic Social Issues d. Value Chain Impacts where actions do not create economic value

Question 9

Which of the following are criticisms of Porter and Kramer’s concept of share value?

(Select ALL that apply)

	a.	It reflects a shallow conception of what the role of a firm in society actually is
	b.	It ignore deep tensions between social and economic goals in the firm and society
	c.	It is naive about the challenges of business compliance (what is right and wrong is not clear cut)
	d.	It brings a strategic perspective to the social responsibility of a firm

Question 10

In to which categories on Porter and Kramer’s CSV framework would the following social initiatives pursued by Esquel be placed?

– a. b. c. d. e. Donations to areas struck by a natural disaster                                                               – a. b. c. d. e. Improving waste water treatment in its dying operations in Gaoming                                                               – a. b. c. d. e. Installation of a thermo-power plant in Gaoming that cuts emmisions and cost of electricity                                                               – a. b. c. d. e. Working with farmers on organic approaches to growing of cotton in response to growing concern from end customers and major clothing brands.                                                               – a. b. c. d. e. Providing employment to people in the Gaoming province of China

a. Generic Social Issues b. This is part of Esquel’s standard business practices and therefore not a voluntary social responsibility initiative c. Value Chain Impacts (mitigating harm to social value) d. Value Chain Impacts (creating shared value) e. Social Dimensions of Competitive Context

PLACE YOUR ORDER NOW

Week 6

Week 6 Final paper:

 

• Baltzan, P., and Phillips, A. (2015). Business Driven Information Systems (5^thed).
• Week 1 through 5 articles and videos
• Week 1 through 5 individual homework assignments
• It is recommended students search the Internet for an Information Technology (IT) Strategy Plan template.

Scenario: You are an entrepreneur in the process of researching a business development idea. You have come to the stage in your research of creating a high-level Information Technology (IT) strategy for your new enterprise. This plan is a high-level strategic planning document that will inform more detailed operational plans for the individual components. Considerin the business intelligence plan how the enterprise will use information technology, selected data, and data analytics to develop competitive intelligence, identify market trends and opportunities, and measure enterprise performance.

Synthesize the individual assignment deliverables from Weeks 1 through 5 and create a broad high-level Information Technology (IT) Strategy plan for your chosen business organization in a minimum of 3,150 words which includes the following:

• An executive summary that includes your chosen enterprise, industry sector, product, intended market with an overview of the business focus, corporate culture, ethical framework, and discussion of how the IT value chain will support enterprise innovation and competitive advantage
• A technology governance plan for managing the selection, acquisition, management, use, and security of business information systems
• A systems acquisition plan that includes steps to initiate, analyze, design, acquire, implement, and maintain business information systems
• An outline in the data collection plan of the data requirements, data collection, and management process
• An information systems risk management plan that includes the process of identifying, analyzing, and mitigating information systems risk, including a brief summary of the disaster recovery and business resumption planning process

Cite a minimum of 3 peer-reviewed references from the University of Phoenix Library.

Format consistent with APA guidelines.

Submit your assignment.

PLACE YOUR ORDER NOW

ection 1.1

Business Driven MIS

LEARNING OUTCOMES

1.1Describe the information age and the differences among data, information, business intelligence, and knowledge.

1.2Explain systems thinking and how management information systems enable business communications.

COMPETING IN THE INFORMATION AGE

1. 1.1:Describe the information age and the differences among data, information, business intelligence, and knowledge.

Did you know that . . .

The movie Avatar took more than four years to create and cost $450 million?

Lady Gaga’s real name is Stefani Joanne Angelina Germanotta?

Customers pay $2.6 million for a 30-second advertising time slot during the Super Bowl?²

A fact is the confirmation or validation of an event or object. In the past, people primarily learned facts from books. Today, by simply pushing a button, people can find out anything, from anywhere, at any time. We live in the information age, when infinite quantities of facts are widely available to anyone who can use a computer. The impact of information technology on the global business environment is equivalent to the printing press’s impact on publishing and electricity’s impact on productivity. College student start-ups were mostly unheard of before the information age. Now, it’s not at all unusual to read about a business student starting a multimillion-dollar company from his or her dorm room. Think of Mark Zuckerberg, who started Facebook from his dorm, or Michael Dell (Dell Computers) and Bill Gates (Microsoft), who both founded their legendary companies as college students.

You may think only students well versed in advanced technology can compete in the information age. This is simply not true. Many business leaders have created exceptional opportunities by coupling the power of the information age with traditional business methods. Here are just a few examples:

Amazon is not a technology company; its original business focus was to sell books, and it now sells nearly everything.

Netflix is not a technology company; its primary business focus is to rent videos.

Zappos is not a technology company; its primary business focus is to sell shoes, bags, clothing, and accessories.

Amazon’s founder, Jeff Bezos, at first saw an opportunity to change the way people purchase books. Using the power of the information age to tailor offerings to each customer and speed the payment process, he in effect opened millions of tiny virtual bookstores, each with a vastly larger selection and far cheaper product than traditional bookstores. The success of his original business model led him to expand Amazon to carry many other types of products. The founders of Netflix and Zappos have done the same thing for videos and shoes. All these entrepreneurs were business professionals, not technology experts. However, they understood enough about the information age to apply it to a particular business, creating innovative companies that now lead entire industries.

The Internet of Things (IoT) is a world where interconnected, Internet-enabled devices or “things” can collect and share data without human intervention. Another term commonly associated with the Internet of Things is machine to machine (M2M), which refers to devices that connect directly to other devices. Students who understand business along with the power associated with the information age and IoT will create their own opportunities and perhaps even new industries. Realizing the value of obtaining real-time data from connected things will allow you to make better-informed decisions, identify new opportunities, and analyze customer patterns to predict new behaviors. Our primary goal in this course is to arm you with the knowledge you need to compete in the information age. The core drivers of the information age are:

Page 6

APPLY YOUR KNOWLEDGE

BUSINESS DRIVEN DISCUSSION

View from a Flat World

Bill Gates, founder of Microsoft, stated that 20 years ago most people would rather have been a B student in New York City than a genius in China because the opportunities available to students in developed countries were limitless. Today, many argue that the opposite is now true due to technological advances making it easier to succeed as a genius in China than a B student in New York. As a group, discuss whether you agree or disagree with Bill Gate’s statement.³

Data

Information

Business intelligence

Knowledge (see Figure 1.2)

Data

Data are raw facts that describe the characteristics of an event or object. Before the information age, managers manually collected and analyzed data, a time-consuming and complicated task without which they would have little insight into how to run their business. Lacking data, managers often found themselves making business decisions about how many products to make, how much material to order, or how many employees to hire based on intuition or gut feelings. In the information age, successful managers compile, analyze, and comprehend massive amounts of data daily, which helps them make more successful business decisions.

FIGURE 1.2

The Differences among Data, Information, Business Intelligence, and Knowledge

Page 7

APPLY YOUR KNOWLEDGE

BUSINESS DRIVEN MIS

Who Really Won the 2014 Winter Olympics?

If you were watching the 2014 Winter Olympics, I bet you were excited to see your country and its amazing athletes compete. As you were following the Olympics day by day, you were probably checking different websites to see how your country ranked. And depending on the website you visited, you could get a very different answer to this seemingly easy question. On the NBC and ESPN networks, the United States ranked second, and on the official Sochie Olympic website, the United States ranked fourth. The simple question of who won the 2014 Winter Olympics changes significantly, depending on whom you asked.⁴

In a group, take a look at the following two charts and brainstorm the reasons each internationally recognized source has a different listing for the top five winners. What measurement is each chart using to determine the winner? Who do you believe is the winner? As a manager, what do you need to understand when reading or listening to business forecasts and reports?

Figure 1.3 shows sales data for Tony’s Wholesale Company, a fictitious business that supplies snacks to stores. The data highlight characteristics such as order date, customer, sales representative, product, quantity, and profit. The second line in Figure 1.3, for instance, shows that Roberta Cross sold 90 boxes of Ruffles to Walmart for $1,350, resulting in a profit of $450 (note that Profit = Sales − Costs). These data are useful for understanding individual sales; however, they do not provide us much insight into how Tony’s business is performing as a whole. Tony needs to answer questions that will help him manage his day-to-day operations such as:

Who are my best customers?

Who are my least-profitable customers?

Page 8

FIGURE 1.3

Tony’s Snack Company Data

What is my best-selling product?

What is my slowest-selling product?

Who is my strongest sales representative?

Who is my weakest sales representative?

What Tony needs, in other words, is not data but information.

Information

Information is data converted into a meaningful and useful context. Having the right information at the right moment in time can be worth a fortune. Having the wrong information at the right moment, or the right information at the wrong moment, can be disastrous. The truth about information is that its value is only as good as the people who use it. People using the same information can make different decisions depending on how they interpret or analyze the information. Thus information has value only insofar as the people using it do as well.

Tony can analyze his sales data and turn them into information to answer all the preceding questions and understand how his business is operating. Figures 1.4 and 1.5, for instance, show us that Walmart is Roberta Cross’s best customer and that Ruffles is Tony’s best product measured in terms of total sales. Armed with this information, Tony can identify and then address such issues as weak products and underperforming sales representatives.

A variable is a data characteristic that stands for a value that changes or varies over time. For example, in Tony’s data, price and quantity ordered can vary. Changing variables allows managers to create hypothetical scenarios to study future possibilities. Tony may find it valuable to anticipate how sales or cost increases affect profitability. To estimate how a 20 percent increase in prices might improve profits, Tony simply changes the price variable for all orders, which automatically calculates the amount of new profits. To estimate how a 10 percent increase in costs hurts profits, Tony changes the cost variable for all orders, which automatically calculates the amount of lost profits. Manipulating variables is an important tool for any business.

Business Intelligence

Business intelligence (BI) is information collected from multiple sources such as suppliers, customers, competitors, partners, and industries that analyzes patterns, trends, and relationships for strategic decision making. BI manipulates multiple variables and in some cases even hundreds of variables, including such items as interest rates, weather conditions, and even gas prices. Tony could use BI to analyze internal data, such as company sales, along with external data about the environment such as competitors, finances, weather, holidays, and even sporting events. Both internal and external variables affect snack sales, and analyzing these variables will help Tony determine ordering levels and sales forecasts. For instance, BI can predict inventory requirements for Tony’s business for the week before the Super Bowl if, say, the home team is playing, average temperature is above 80 degrees, and the stock market is performing well. This is BI at its finest, incorporating all types of internal and external variables to anticipate business performance.

Page 9

FIGURE 1.4

Tony’s Data Sorted by Customer “Walmart” and Sales Representative “Roberta Cross”

A big part of business intelligence is an area called predictive analytics, which extracts information from data and uses it to predict future trends and identify behavioral patterns. Top managers use predictive analytics to define the future of the business, analyzing markets, industries, and economies to determine the strategic direction the company must follow to remain profitable. Tony will set the strategic direction for his firm, which might include introducing new flavors of potato chips or sports drinks as new product lines or schools and hospitals as new market segments.

Knowledge

Knowledge includes the skills, experience, and expertise, coupled with information and intelligence, that create a person’s intellectual resources. Knowledge workers are individuals valued for their ability to interpret and analyze information. Today’s workers are commonly referred to as knowledge workers and they use BI along with personal experience to make decisions based on both information and intuition, a valuable resource for any company.

Page 10

APPLY YOUR KNOWLEDGE

BUSINESS DRIVEN ETHICS AND SECURITY

The Internet of Things Is Wide Open—For Everyone!

IoT is transforming our world into a living information system as we control our intelligent lighting from our smart phone to a daily health check from our smart toilet. Of course, with all great technological advances come unexpected risks, and you have to be prepared to encounter various security issues with IoT. Just imagine if your devices are hacked by someone who now can shut off your water, take control of your car, or unlock the doors of your home from thousands of miles away. We are just beginning to understand the security issues associated with IoT and M2M, and you can be sure that sensitive data leakage from your IoT device is something you will most likely encounter in your life.⁵ (For more information about IoT, refer to the Opening Case Study.)

In a group, identify a few IoT devices you are using today. These can include fitness trackers that report to your iPhone, sports equipment that provides immediate feedback to an app, or even smart vacuum cleaners. If you are not using any IoT devices today, brainstorm a few you might purchase in the future. How could a criminal or hacker use your IoT to steal your sensitive data? What potential problems or issues could you experience from these types of illegal data thefts? What might be some of the signs that someone had accessed your IoT data illegally? What could you do to protect the data in your device?

Imagine that Tony analyzes his data and finds his weakest sales representative for this period is Craig Schultz. If Tony considered only this information, he might conclude that firing Craig was a good business decision. However, because Tony has knowledge about how the company operates, he knows Craig has been out on medical leave for several weeks; hence, his sales numbers are low. Without this additional knowledge, Tony might have executed a bad business decision, delivered a negative message to the other employees, and sent his best sales representatives out to look for other jobs.

The key point in this scenario is that it is simply impossible to collect all the information about every situation, and yet without that, it can be easy to misunderstand the problem. Using data, information, business intelligence, and knowledge to make decisions and solve problems is the key to finding success in business. These core drivers of the information age are the building blocks of business systems.

FIGURE 1.5

Information Gained after Analyzing Tony’s Data

Page 11

THE CHALLENGE OF DEPARTMENTAL COMPANIES AND THE MIS SOLUTION

LO 1.2: Explain systems thinking and how management information systems enable business communications.

Companies are typically organized by department or functional area such as:

Accounting: Records, measures, and reports monetary transactions.

Finance: Deals with strategic financial issues, including money, banking, credit, investments, and assets.

Human resources: Maintains policies, plans, and procedures for the effective management of employees.

Marketing: Supports sales by planning, pricing, and promoting goods or services.

Operations management: Manages the process of converting or transforming resources into goods or services.

Sales: Performs the function of selling goods or services (see Figure 1.6).

Each department performs its own activities. Sales and marketing focus on moving goods or services into the hands of consumers; they maintain transactional data. Finance and accounting focus on managing the company’s resources and maintain monetary data. Operations management focuses on manufacturing and maintains production data; human resources focuses on hiring and training people and maintains employee data. Although each department has its own focus and data, none can work independently if the company is to operate as a whole. It is easy to see how a business decision one department makes can affect other departments. Marketing needs to analyze production and sales data to come up with product promotions and advertising strategies. Production needs to understand sales forecasts to determine the company’s manufacturing needs. Sales needs to rely on information from operations to understand inventory, place orders, and forecast consumer demand. All departments need to understand the accounting and finance departments’ information for budgeting. For the firm to be successful, all departments must work together as a single unit sharing common information and not operate independently or in a silo (see Figure 1.7).

FIGURE 1.6

Departments Working Independently

Page 12

FIGURE 1.7

Departments Working Together

The MIS Solution

You probably recall the old story of three blind men attempting to describe an elephant. The first man, feeling the elephant’s girth, said the elephant seemed very much like a wall. The second, feeling the elephant’s trunk, declared the elephant was like a snake. The third man felt the elephant’s tusks and said the elephant was like a tree or a cane. Companies that operate departmentally are seeing only one part of the elephant, a critical mistake that hinders successful operation.

Successful companies operate cross-functionally, integrating the operations of all departments. Systems are the primary enabler of cross-functional operations. A system is a collection of parts that link to achieve a common purpose. A car is a good example of a system, since removing a part, such as the steering wheel or accelerator, causes the entire system to stop working.

Before jumping into how systems work, it is important to have a solid understanding of the basic production process for goods and services. Goods are material items or products that customers will buy to satisfy a want or need. Clothing, groceries, cell phones, and cars are all examples of goods that people buy to fulfill their needs. Services are tasks people perform that customers will buy to satisfy a want or need. Waiting tables, teaching, and cutting hair are all examples of services that people pay for to fulfill their needs (see Figure 1.8).

Page 13

FIGURE 1.8

Different Types of Goods and Services

Production is the process by which a business processes raw materials or converts them into a finished product for its goods or services. Just think about making a hamburger (see Figure 1.9). First, you must gather all of the inputs or raw materials such as the bun, patty, lettuce, tomato, and ketchup. Second, you process the raw materials, so in this example you would need to cook the patty, wash and chop the lettuce and tomato, and place all of the items in the bun. Finally, you would have your output or finished product—your hamburger! Productivity is the rate at which goods and services are produced based on total output given total inputs. Given our previous example, if a business could produce the same hamburger with less-expensive inputs or more hamburgers with the same inputs, it would see a rise in productivity and possibly an increase in profits. Ensuring the input, process, and output of goods and services work across all of the departments of a company is where systems add tremendous value to overall business productivity.

FIGURE 1.9

Input, Process, Output Example

Page 14

FIGURE 1.10

Overview of Systems Thinking

Systems Thinking

Systems thinking is a way of monitoring the entire system by viewing multiple inputs being processed or transformed to produce outputs while continuously gathering feedback on each part (see Figure 1.10). Feedback is information that returns to its original transmitter (input, transform, or output) and modifies the transmitter’s actions. Feedback helps the system maintain stability. For example, a car’s system continuously monitors the fuel level and turns on a warning light if the gas level is too low. Systems thinking provides an end-to-end view of how operations work together to create a product or service. Business students who understand systems thinking are valuable resources because they can implement solutions that consider the entire process, not just a single component.

Management information systems (MIS) is a business function, like accounting and human resources, which moves information about people, products, and processes across the company to facilitate decision making and problem solving. MIS incorporates systems thinking to help companies operate cross-functionally. For example, to fulfill product orders, an MIS for sales moves a single customer order across all functional areas, including sales, order fulfillment, shipping, billing, and finally customer service. Although different functional areas handle different parts of the sale, thanks to MIS, to the customer the sale is one continuous process. If one part of the company is experiencing problems, however, then, like the car without a steering wheel, the entire system fails. If order fulfillment packages the wrong product, it will not matter that shipping, billing, and customer service did their jobs right, since the customer will not be satisfied when he or she opens the package.

MIS can be an important enabler of business success and innovation. This is not to say that MIS equals business success and innovation, or that MIS represents business success and innovation. MIS is a tool that is most valuable when it leverages the talents of people who know how to use and manage it effectively. To perform the MIS function effectively, almost all companies, particularly large and medium-sized ones, have an internal MIS department, often called information technology (IT), information systems (IS), or management information systems (MIS). For the purpose of this text, we will refer to it as MIS.

MIS Department Roles and Responsibilities

MIS as a department is a relatively new functional area, having been around formally for about 40 years. Job titles, roles, and responsibilities often differ from company to company, but the most common are displayed in Figure 1.11. Although many companies may not have a different individual for each of these positions, they must have top managers who take responsibility for all these areas.

Page 15

FIGURE 1.11

The Roles and Responsibilities of MIS

section 1.2

Business Strategy

LEARNING OUTCOMES

1.3Explain why competitive advantages are temporary.

1.4Identify the four key areas of a SWOT analysis.

1.5Describe Porter’s Five Forces Model and explain each of the five forces.

1.6Compare Porter’s three generic strategies.

1.7Demonstrate how a company can add value by using Porter’s value chain analysis.

IDENTIFYING COMPETITIVE ADVANTAGES

LO 1.3: Explain why competitive advantages are temporary.

Running a company today is similar to leading an army; the top manager or leader ensures all participants are heading in the right direction and completing their goals and objectives. Companies lacking leadership quickly implode as employees head in different directions attempting to achieve conflicting goals. To combat these challenges, leaders communicate and execute business strategies (from the Greek word stratus for army and ago for leading).

Page 16

A business strategy is a leadership plan that achieves a specific set of goals or objectives such as increasing sales, decreasing costs, entering new markets, or developing new products or services. A stakeholder is a person or group that has an interest or concern in an organization. Stakeholders drive business strategies, and depending on the stakeholder’s perspective, the business strategy can change. It is not uncommon to find stakeholders’ business strategies have conflicting interests such as investors looking to increase profits by eliminating employee jobs. Figure 1.12 displays the different stakeholders found in an organization and their common business interests.

Good leaders also anticipate unexpected misfortunes, from strikes and economic recessions to natural disasters. Their business strategies build in buffers or slack, allowing the company the ability to ride out any storm and defend against competitive or environmental threats. Of course, updating business strategies is a continuous undertaking as internal and external environments rapidly change. Business strategies that match core company competencies to opportunities result in competitive advantages, a key to success!

A competitive advantage is a feature of a product or service on which customers place a greater value than they do on similar offerings from competitors. Competitive advantages provide the same product or service either at a lower price or with additional value that can fetch premium prices. Unfortunately, competitive advantages are typically temporary because competitors often quickly seek ways to duplicate them. In turn, organizations must develop a strategy based on a new competitive advantage. Ways that companies duplicate competitive advantages include acquiring the new technology, copying the business operations, and hiring away key employees. The introduction of Apple’s iPod and iTunes, a brilliant merger of technology, business, and entertainment, offers an excellent example.

FIGURE 1.12

Stakeholders’ Interests

Page 17

In early 2000, Steve Jobs was fixated on developing video editing software when he suddenly realized that millions of people were using computers to listen to music, a new trend in the industry catapulted by illegal online services such as Napster. Jobs was worried that he was looking in the wrong direction and had missed the opportunity to jump on the online music bandwagon. He moved fast, however, and within four months he had developed the first version of iTunes for the Mac. Jobs’ next challenge was to make a portable iTunes player that could hold thousands of songs and be completely transportable. Within nine months, the iPod was born. With the combination of iTunes and iPod, Apple created a significant competitive advantage in the marketplace. Many firms began following Apple’s lead by creating portable music players to compete with the iPod. In addition, Apple continues to create new and exciting products to gain competitive advantages, such as its iPad, a larger version of the iPod that functions more as a computer than a music player.⁶

When a company is the first to market with a competitive advantage, it gains a particular benefit, such as Apple did with its iPod. This first-mover advantage occurs when a company can significantly increase its market share by being first with a new competitive advantage. FedEx created a first-mover advantage by developing its customer self-service software, which allows people to request parcel pickups, print mailing slips, and track parcels online. Other parcel delivery companies quickly began creating their own online services. Today, customer self-service on the Internet is a standard feature of the parcel delivery business.

Competitive intelligence is the process of gathering information about the competitive environment, including competitors’ plans, activities, and products, to improve a company’s ability to succeed. It means understanding and learning as much as possible as soon as possible about what is occurring outside the company to remain competitive. Frito-Lay, a premier provider of snack foods such as Cracker Jacks and Cheetos, does not send its sales representatives into grocery stores just to stock shelves; they carry handheld computers and record the product offerings, inventory, and even product locations of competitors. Frito-Lay uses this information to gain competitive intelligence on everything from how well-competing products are selling to the strategic placement of its own products.⁷ Managers use four common tools to analyze competitive intelligence and develop competitive advantages as displayed in Figure 1.13.

Swot Analysis: Understanding Business Strategies

LO 1.4: Identify the Four Key Areas of a SWOT.

A SWOT analysis evaluates an organization’s strengths, weaknesses, opportunities, and threats to identify significant influences that work for or against business strategies (see Figure 1.14). Strengths and weaknesses originate inside an organization, or internally. Opportunities and threats originate outside an organization, or externally and cannot always be anticipated or controlled.

FIGURE 1.13

Business Tools for Analyzing Business Strategies

Page 18

APPLY YOUR KNOWLEDGE

BUSINESS DRIVEN INNOVATION

SWOT Your Students

What is your dream job? Do you have the right skills and abilities to land the job of your dreams? If not, do you have a plan to acquire those sought-after skills and abilities? Do you have a personal career plan or strategy? Just like a business, you can perform a personal SWOT analysis to ensure your career plan will be successful. You want to know your strengths and recognize career opportunities while mitigating your weaknesses and any threats that can potentially derail your career plans. A key area where many people struggle is technology, and without the right technical skills, you might find you are not qualified for your dream job. One of the great benefits of this course is its ability to help you prepare for a career in business by understanding the key role technology plays in the different industries and functional areas. Regardless of your major, you will all use business driven information systems to complete the tasks and assignments associated with your career.

Perform a personal SWOT analysis for your career plan, based on your current skills, talents, and knowledge. Be sure to focus on your personal career goals, including the functional business area in which you want to work and the potential industry you are targeting, such as health care, telecommunications, retail, or travel.

After completing your personal SWOT analysis, take a look at the table of contents in this text and determine whether this course will eliminate any of your weaknesses or create new strengths. Determine whether you can find new opportunities or mitigate threats based on the material we cover over the next several weeks. For example, Chapter 9 covers project management in detail—a key skill for any business professional who must run a team. Learning how to assign and track work status will be a key tool for any new business professional. Where would you place this great skill in your SWOT analysis? Did it help eliminate any of your weaknesses? When you have finished this exercise, compare your SWOT with your peers to see what kind of competition you will encounter when you enter the workforce.

Potential Internal Strengths (Helpful): Identify all key strengths associated with the competitive advantage including cost advantages, new and/or innovative services, special expertise and/or experience, proven market leader, improved marketing campaigns, and so on.

Page 19

FIGURE 1.14

Sample SWOT Analysis

Potential Internal Weaknesses (Harmful): Identify all key areas that require improvement. Weaknesses focus on the absence of certain strengths, including absence of an Internet marketing plan, damaged reputation, problem areas for service, outdated technology, employee issues, and so on.

Potential External Opportunities (Helpful): Identify all significant trends along with how the organization can benefit from each, including new markets, additional customer groups, legal changes, innovative technologies, population changes, competitor issues, and so on.

Potential External Threats (Harmful): Identify all threats or risks detrimental to your organization, including new market entrants, substitute products, employee turnover, differentiating products, shrinking markets, adverse changes in regulations, economic shifts, and so on.

THE FIVE FORCES MODEL—EVALUATING INDUSTRY ATTRACTIVENESS

LO 1.5: Describe Porter’s Five Forces Model and explain each of the five forces.

Michael Porter, a university professor at Harvard Business School, identified the following pressures that can hurt potential sales:

Knowledgeable customers can force down prices by pitting rivals against each other.

Influential suppliers can drive down profits by charging higher prices for supplies.

Competition can steal customers.

New market entrants can steal potential investment capital.

Substitute products can steal customers.

Formally defined, Porter’s Five Forces Model analyzes the competitive forces within the environment in which a company operates to assess the potential for profitability in an industry. Its purpose is to combat these competitive forces by identifying opportunities, competitive advantages, and competitive intelligence. If the forces are strong, they increase competition; if the forces are weak, they decrease competition. This section details each of the forces and its associated MIS business strategy (see Figure 1.15).⁸

Page 20

FIGURE 1.15

Porter’s Five Forces Model

Buyer Power

Buyer power is the ability of buyers to affect the price they must pay for an item. Factors used to assess buyer power include number of customers, their sensitivity to price, size of orders, differences between competitors, and availability of substitute products. If buyer power is high, customers can force a company and its competitors to compete on price, which typically drives prices down.

One way to reduce buyer power is by manipulating switching costs, costs that make customers reluctant to switch to another product or service. Switching costs include financial as well as intangible values. The cost of switching doctors, for instance, includes the powerful intangible components of having to build relationships with the new doctor and nurses as well as transferring all your medical history. With MIS, however, patients can store their medical records on DVDs or thumb drives, allowing easy transferability. The Internet also lets patients review websites for physician referrals, which takes some of the fear out of trying someone new.⁹

Companies can also reduce buyer power with loyalty programs, which reward customers based on their spending. The airline industry is famous for its frequent-flyer programs, for instance. Because of the rewards travelers receive (free airline tickets, upgrades, or hotel stays), they are more likely to be loyal to or give most of their business to a single company. Keeping track of the activities and accounts of many thousands or millions of customers covered by loyalty programs is not practical without large-scale business systems, however. Loyalty programs are thus a good example of using MIS to reduce buyer power.¹⁰

Supplier Power

A supply chain consists of all parties involved, directly or indirectly, in obtaining raw materials or a product. In a typical supply chain, a company will be both a supplier (to customers) and a customer (of other suppliers), as illustrated in Figure 1.16. Supplier power is the suppliers’ ability to influence the prices they charge for supplies (including materials, labor, and services). Factors used to appraise supplier power include number of suppliers, size of suppliers, uniqueness of services, and availability of substitute products. If supplier power is high, the supplier can influence the industry by:

Charging higher prices.

Limiting quality or services.

Shifting costs to industry participants.¹¹

Page 21

FIGURE 1.16

Traditional Supply Chain

Typically, when a supplier raises prices, the buyers will pass on the increase to their customers by raising prices on the end product. When supplier power is high, buyers lose revenue because they cannot pass on the raw material price increase to their customers. Some powerful suppliers, such as pharmaceutical companies, can exert a threat over an entire industry when substitutes are limited and the product is critical to the buyers. Patients who need to purchase cancer-fighting drugs have no power over price and must pay whatever the drug company asks because there are few available alternatives.

Using MIS to find alternative products is one way of decreasing supplier power. Cancer patients can now use the Internet to research alternative medications and practices, something that was next to impossible just a few decades ago. Buyers can also use MIS to form groups or collaborate with other buyers, increasing the size of the buyer group and reducing supplier power. For a hypothetical example, the collective group of 30,000 students from a university has far more power over price when purchasing laptops than a single student.¹²

Threat of Substitute Products or Services

The threat of substitute products or services is high when there are many alternatives to a product or service and low when there are few alternatives from which to choose. For example, travelers have numerous substitutes for airline transportation, including automobiles, trains, and boats. Technology even makes videoconferencing and virtual meetings possible, eliminating the need for some business travel. Ideally, a company would like to be in a market in which there are few substitutes for the products or services it offers.

Polaroid had this unique competitive advantage for many years until it forgot to observe competitive intelligence. Then the firm went bankrupt when people began taking digital pictures with everything from video cameras to cell phones.

A company can reduce the threat of substitutes by offering additional value through wider product distribution. Soft-drink manufacturers distribute their products through vending machines, gas stations, and convenience stores, increasing the availability of soft drinks relative to other beverages. Companies can also offer various add-on services, making the substitute product less of a threat. For example, iPhones include capabilities for games, videos, and music, making a traditional cell phone less of a substitute.¹³

Threat of New Entrants

The threat of new entrants is high when it is easy for new competitors to enter a market and low when there are significant entry barriers to joining a market. An entry barrier is a feature of a product or service that customers have come to expect, and entering competitors must offer the same for survival. For example, a new bank must offer its customers an array of MIS-enabled services, including ATMs, online bill paying, and online account monitoring. These are significant barriers to new firms entering the banking market. At one time, the first bank to offer such services gained a valuable first-mover advantage, but only temporarily, as other banking competitors developed their own MIS services.¹⁴

Rivalry among Existing Competitors

Rivalry among existing competitors is high when competition is fierce in a market and low when competitors are more complacent. Although competition is always more intense in some industries than in others, the overall trend is toward increased competition in almost every industry. The retail grocery industry is intensively competitive. Kroger, Safeway, and Albertsons in the United States compete in many ways, essentially trying to beat or match each other on price. Most supermarket chains have implemented loyalty programs to provide customers special discounts while gathering valuable information about their purchasing habits. In the future, expect to see grocery stores using wireless technologies that track customer movements throughout the store to determine purchasing sequences.

Page 22

APPLY YOUR KNOWLEDGE

BUSINESS DRIVEN GLOBALIZATION

Keeping Sensitive Data Safe When It’s Not in a Safe

In the past few years, data collection rates have skyrocketed, and some estimate we have collected more data in the past four years than since the beginning of time. According to International Data Corporation (IDC), data collection amounts used to double every four years. With the massive growth of smart phones, tablets, and wearable technology devices, it seems as though data is being collected from everything, everywhere, all the time. It is estimated that data collection is doubling every two years, and soon it will double every six months. That is a lot of data! With the explosion of data collection, CTOs, CIOs, and CSOs are facing extremely difficult times as the threats to steal corporate sensitive data also growing exponentially. Hackers and criminals have recently stolen sensitive data from retail giant Target and even the Federal Reserve Bank.

To operate, sensitive data has to flow outside an organization to partners, suppliers, community, government, and shareholders. List 10 types of sensitive data found in a common organization. Review the list of stakeholders; determine which types of sensitive data each has access to and whether you have any concerns about sharing this data. Do you have to worry about employees and sensitive data? How can using one of the four business strategies discussed in this section help you address your data leakage concerns?

Product differentiation occurs when a company develops unique differences in its products or services with the intent to influence demand. Companies can use differentiation to reduce rivalry. For example, although many companies sell books and videos on the Internet, Amazon differentiates itself by using customer profiling. When a customer visits Amazon.com repeatedly, Amazon begins to offer products tailored to that particular customer based on his or her profile. In this way, Amazon has reduced its rivals’ power by offering its customers a differentiated service.

To review, the Five Forces Model helps managers set business strategy by identifying the competitive structure and economic environment of an industry. If the forces are strong, they increase competition; if the forces are weak, they decrease it (see Figure 1.17).¹⁵

Analyzing the Airline Industry

Let us bring Porter’s five forces together to look at the competitive forces shaping an industry and highlight business strategies to help it remain competitive. Assume a shipping company is deciding whether to enter the commercial airline industry. If performed correctly, an analysis of the five forces should determine that this is a highly risky business strategy because all five forces are strong. It will thus be difficult to generate a profit.

FIGURE 1.17

Strong and Weak Examples of Porter’s Five Forces

Page 23

FIGURE 1.18

Five Forces Model in the Airline Industry

Buyer power: Buyer power is high because customers have many airlines to choose from and typically make purchases based on price, not carrier.

Supplier power: Supplier power is high since there are limited plane and engine manufacturers to choose from, and unionized workforces (suppliers of labor) restrict airline profits.

Threat of substitute products or services: The threat of substitute products is high from many transportation alternatives, including automobiles, trains, and boats, and from transportation substitutes such as videoconferencing and virtual meetings.

Threat of new entrants: The threat of new entrants is high because new airlines are continually entering the market, including sky taxies offering low-cost on-demand air taxi service.

Rivalry among existing competitors: Rivalry in the airline industry is high, and websites such as Travelocity.com force them to compete on price (see Figure 1.18).¹⁶

THE THREE GENERIC STRATEGIES—CHOOSING A BUSINESS FOCUS

LO 1.6: Compare Porter’s three generic strategies.

Once top management has determined the relative attractiveness of an industry and decided to enter it, the firm must formulate a strategy for doing so. If our sample company decided to join the airline industry, it could compete as a low-cost, no-frills airline or as a luxury airline providing outstanding service and first-class comfort. Both options offer different ways of achieving competitive advantages in a crowded marketplace. The low-cost operator saves on expenses and passes the savings along to customers in the form of low prices. The luxury airline spends on high-end service and first-class comforts and passes the costs on to the customer in the form of high prices.

Porter’s three generic strategies are generic business strategies that are neither organization nor industry specific and can be applied to any business, product, or service. These three generic business strategies for entering a new market are: (1) broad cost leadership, (2) broad differentiation, and (3) focused strategy. Broad strategies reach a large market segment, whereas focused strategies target a niche or unique market with either cost leadership or differentiation. Trying to be all things to all people is a recipe for disaster because doing so makes projecting a consistent image to the entire marketplace difficult. For this reason, Porter suggests adopting only one of the three generic strategies illustrated in Figure 1.19.¹⁷

Figure 1.20 applies the three strategies to real companies, demonstrating the relationships among strategies (cost leadership versus differentiation) and market segmentation (broad versus focused).

Broad market and low cost: Walmart competes by offering a broad range of products at low prices. Its business strategy is to be the low-cost provider of goods for the cost-conscious consumer.

Page 24

APPLY YOUR KNOWLEDGE

BUSINESS DRIVEN DEBATE

Is Technology Making Us Dumber or Smarter?

Choose a side and debate the following:

Side A Living in the information age has made us smarter because we have a huge wealth of knowledge at our fingertips whenever or wherever we need it.

Side B Living in the information age has caused people to become lazy and dumber because they are no longer building up their memory banks to solve problems; machines give them the answers they need to solve problems.

 

Broad market and high cost: Neiman Marcus competes by offering a broad range of differentiated products at high prices. Its business strategy is to offer a variety of specialty and upscale products to affluent consumers.

Narrow market and low cost: Payless competes by offering a specific product, shoes, at low prices. Its business strategy is to be the low-cost provider of shoes. Payless competes with Walmart, which also sells low-cost shoes, by offering a far bigger selection of sizes and styles.

Narrow market and high cost: Tiffany & Co. competes by offering a differentiated product, jewelry, at high prices. Its business strategy allows it to be a high-cost provider of premier designer jewelry to affluent consumers.

FIGURE 1.19

Porter’s Three Generic Strategies

FIGURE 1.20

Examples of Porter’s Three Generic Strategies

Page 25

VALUE CHAIN ANALYSIS—EXECUTING BUSINESS STRATEGIES

LO 1.7: Demonstrate how a company can add value by using Porter’s value chain analysis.

Firms make profits by applying a business process to raw inputs to turn them into a product or service that customers find valuable. A business process is a standardized set of activities that accomplish a specific task, such as processing a customer’s order. Once a firm identifies the industry it wants to enter and the generic strategy it will focus on, it must then choose the business processes required to create its products or services. Of course, the firm will want to ensure the processes add value and create competitive advantages. To identify these competitive advantages, Michael Porter created value chain analysis, which views a firm as a series of business processes, each of which adds value to the product or service.

Value chain analysis is a useful tool for determining how to create the greatest possible value for customers (see Figure 1.21). The goal of value chain analysis is to identify processes in which the firm can add value for the customer and create a competitive advantage for itself, with a cost advantage or product differentiation.

The value chain groups a firm’s activities into two categories, primary value activities, and support value activities. Primary value activities, shown at the bottom of the value chain in Figure 1.21, acquire raw materials and manufacture, deliver, market, sell, and provide aftersales services.

1.Inbound logistics acquires raw materials and resources and distributes to manufacturing as required.

2.Operations transforms raw materials or inputs into goods and services.

3.Outbound logistics distributes goods and services to customers.

4.Marketing and sales promotes, prices, and sells products to customers.

5.Service provides customer support after the sale of goods and services.¹⁸

Support value activities, along the top of the value chain in Figure 1.21, include firm infrastructure, human resource management, technology development, and procurement. Not surprisingly, these support the primary value activities.

Firm infrastructure includes the company format or departmental structures, environment, and systems.

Human resource management provides employee training, hiring, and compensation.

Technology development applies MIS to processes to add value.

Procurement purchases inputs such as raw materials, resources, equipment, and supplies.

It is easy to understand how a typical manufacturing firm transforms raw materials such as wood pulp into paper. Adding value in this example might include using high-quality raw materials or offering next-day free shipping on any order. How, though, might a typical service firm transform raw inputs such as time, knowledge, and MIS into valuable customer service knowledge? A hotel might use MIS to track customer reservations and then inform front-desk employees when a loyal customer is checking in so the employee can call the guest by name and offer additional services, gift baskets, or upgraded rooms. Examining the firm as a value chain allows managers to identify the important business processes that add value for customers and then find MIS solutions that support them.

FIGURE 1.21

The Value Chain

Page 26

APPLY YOUR KNOWLEDGE

BUSINESS DRIVEN START-UP

Cool College Start-ups

Not long ago, people would call college kids who started businesses quaint. Now they call them the boss. For almost a decade, Inc. magazine has been watching college start-ups and posting a list of the nation’s top start-ups taking campuses by storm. Helped in part by low-cost technologies and an increased prevalence of entrepreneurship training at the university level, college students—and indeed those even younger—are making solid strides at founding companies. And they’re not just launching local pizza shops and fashion boutiques. They are starting up businesses that could scale into much bigger companies and may already cater to a national audience.¹⁹

Research Inc. magazine at www.inc.com and find the year’s current Coolest College Startup listing. Choose one of the businesses and perform a Porter’s Five Forces analysis and a Porter’s Three Generic Strategies analysis. Be sure to highlight each force, including switching costs, product differentiation, and loyalty programs.

When performing a value chain analysis, a firm could survey customers about the extent to which they believe each activity adds value to the product or service. This step generates responses the firm can measure, shown as percentages in Figure 1.22, to describe how each activity adds (or reduces) value. Then the competitive advantage decision for the firm is whether to (1) target high value-adding activities to enhance their value further, (2) target low value-adding activities to increase their value, or (3) perform some combination of the two.

Page 27

FIGURE 1.22

The Value Chain and Porter’s Five Forces Model

FIGURE 1.23

Overview of Business Driven Information Systems

Page 28

MIS adds value to both primary and support value activities. One example of a primary value activity MIS facilitates is the development of a marketing campaign management system that could target marketing campaigns more efficiently, thereby reducing marketing costs. The system would also help the firm pinpoint target market needs better, thereby increasing sales. One example of a support value activity MIS facilitates is the development of a human resources system that could more efficiently reward employees based on performance. The system could also identify employees who are at risk of quitting, allowing managers time to find additional challenges or opportunities that would help retain these employees and thus reduce turnover costs.

Value chain analysis is a highly useful tool that provides hard and fast numbers for evaluating the activities that add value to products and services. Managers can find additional value by analyzing and constructing the value chain in terms of Porter’s Five Forces Model (see Figure 1.22). For example, if the goal is to decrease buyer power, a company can construct its value chain activity of “service after the sale” by offering high levels of customer service. This will increase customers’ switching costs and reduce their power. Analyzing and constructing support value activities can help decrease the threat of new entrants. Analyzing and constructing primary value activities can help decrease the threat of substitute products or services.²⁰

Revising Porter’s three business strategies is critical. Firms must continually adapt to their competitive environments, which can cause business strategy to shift. In the remainder of this text, we discuss how managers can formulate business strategies using MIS to create competitive advantages. Figure 1.23 gives an overview of the remaining chapters, along with the relevant business strategy and associated MIS topics.

LEARNING OUTCOME REVIEW

Learning Outcome 1.1: Describe the information age and the differences among data, information, business intelligence, and knowledge.

We live in the information age, when infinite quantities of facts are widely available to anyone who can use a computer. The core drivers of the information age include data, information, business intelligence, and knowledge. Data are raw facts that describe the characteristics of an event or object. Information is data converted into a meaningful and useful context. Business intelligence (BI) is information collected from multiple sources such as suppliers, customers, competitors, partners, and industries that analyzes patterns, trends, and relationships for strategic decision making. Knowledge includes the skills, experience, and expertise, coupled with information and intelligence, that creates a person’s intellectual resources. As you move from data to knowledge, you include more and more variables for analysis, resulting in better, more precise support for decision making and problem solving.

Learning Outcome 1.2: Explain systems thinking and how management information systems enable business communications.

A system is a collection of parts that link to achieve a common purpose. Systems thinking is a way of monitoring the entire system by viewing multiple inputs being processed or transformed to produce outputs while continuously gathering feedback on each part. Feedback is information that returns to its original transmitter (input, transform, or output) and modifies the transmitter’s actions. Feedback helps the system maintain stability. Management information systems (MIS) is a business function, like accounting and human resources, which moves information about people, products, and processes across the company to facilitate decision making and problem solving. MIS incorporates systems thinking to help companies operate cross-functionally. For example, to fulfill product orders, an MIS for sales moves a single customer order across all functional areas, including sales, order fulfillment, shipping, billing, and finally customer service. Although different functional areas handle different parts of the sale, thanks to MIS, to the customer the sale is one continuous process.

Page 29

Learning Outcome 1.3: Explain why competitive advantages are temporary.

A competitive advantage is a feature of a product or service on which customers place a greater value than they do on similar offerings from competitors. Competitive advantages provide the same product or service either at a lower price or with additional value that can fetch premium prices. Unfortunately, competitive advantages are typically temporary because competitors often quickly seek ways to duplicate them. In turn, organizations must develop a strategy based on a new competitive advantage. Ways that companies duplicate competitive advantages include acquiring the new technology, copying business processes, and hiring away employees.

Learning Outcome 1.4: Identify the four key areas of a SWOT analysis

A SWOT analysis evaluates an organization’s strengths, weaknesses, opportunities, and threats to identify significant influences that work for or against business strategies. Strengths and weaknesses originate inside an organization or internally. Opportunities and threats originate outside an organization or externally and cannot always be anticipated or controlled.

Learning Outcome 1.5: Describe Porter’s Five Forces Model and explain each of the five forces.

Porter’s Five Forces Model analyzes the competitive forces within the environment in which a company operates, to assess the potential for profitability in an industry.

Buyer power is the ability of buyers to affect the price they must pay for an item.

Supplier power is the suppliers’ ability to influence the prices they charge for supplies (including materials, labor, and services).

Threat of substitute products or services is high when there are many alternatives to a product or service and low when there are few alternatives from which to choose.

Threat of new entrants is high when it is easy for new competitors to enter a market and low when there are significant entry barriers to entering a market.

Rivalry among existing competitors is high when competition is fierce in a market and low when competition is more complacent.

Learning Outcome 1.6: Compare Porter’s three generic strategies.

Organizations typically follow one of Porter’s three generic strategies when entering a new market: (1) broad cost leadership, (2) broad differentiation, and (3) focused strategy. Broad strategies reach a large market segment. Focused strategies target a niche market. Focused strategies concentrate on either cost leadership or differentiation.

Learning Outcome 1.7: Demonstrate how a company can add value by using Porter’s value chain analysis.

To identify competitive advantages, Michael Porter created value chain analysis, which views a firm as a series of business processes, each of which adds value to the product or service. The goal of value chain analysis is to identify processes in which the firm can add value for the customer and create a competitive advantage for itself, with a cost advantage or product differentiation. The value chain groups a firm’s activities into two categories—primary value activities and support value activities. Primary value activities acquire raw materials and manufacture, deliver, market, sell, and provide after-sales services. Support value activities, along the top of the value chain in the figure, include firm infrastructure, human resource management, technology development, and procurement. Not surprisingly, these support the primary value activities.

Page 30

OPENING CASE QUESTIONS

1.Knowledge: Explain the Internet of Things and list three IoT devices.

2.Comprehension: Explain why it is important for business managers to understand that data collection rates from IoT devices is increasing exponentially.

3.Application: Demonstrate how data from an IoT device can be transformed into information and business intelligence.

4.Analysis: Analyze the current security issues associated with IoT devices.

5.Synthesis: Propose a plan for how a start-up company can use IoT device data to make better business decisions.

6.Evaluate: Argue for or against the following statement: “The Internet of Things is just a passing fad and will be gone within a decade.”

KEY TERMS

Business intelligence (BI)

Business process

Business strategy

Buyer power

Chief information officer (CIO)

Chief knowledge officer (CKO)

Chief privacy officer (CPO)

Chief security officer (CSO)

Chief technology officer (CTO)

Competitive advantage

Competitive intelligence

Data

Entry barrier

Fact

Feedback

First-mover advantage

Goods

Information

Information age

Internet of Things (IoT)

Knowledge

Knowledge worker

Loyalty program

Machine-to-machine (M2M)

Management information systems (MIS)

Porter’s Five Forces Model

Porter’s three generic strategies

Predictive analytics

Primary value activities

Production

Productivity

Product differentiation

Rivalry among existing competitors

Services

Stakeholder

Supplier power

Supply chain

Support value activities

Switching costs

System

Systems thinking

SWOT analysis

Threat of new entrants

Threat of substitute products or services

Value chain analysis

Variable

REVIEW QUESTIONS

1.What is data and why is it important to a business?

2.How can a manager turn data into information?

3.What is the relationship between data, information, business intelligence, and knowledge?

4.Why is it important for a company to operate cross-functionally?

5.Why would a company want to have a CIO, CPO, and CSO?

6.Explain MIS and the role it plays in a company and global business.

7.Do you agree that MIS is essential for businesses operating in the information age? Why or why not?

8.Why is it important for a business major to understand MIS?

Page 31

9.What type of career are you planning to pursue? How will your specific career use data, information, business intelligence, and knowledge?

10.Explain systems thinking and how it supports business operations.

11.What business strategies would you use if you were developing a competitive advantage for a company?

12.Explain Porter’s Five Forces Model and the role it plays in decision making.

13.How could a company use loyalty programs to influence buyer power? How could a company use switching costs to lock in customers and suppliers?

14.What are Porter’s three generic strategies and why would a company want to follow only one?

15.How can a company use Porter’s value chain analysis to measure customer satisfaction?

CLOSING CASE ONE

The World Is Flat: Thomas Friedman

Christopher Columbus proved in 1492 that the world is round. For centuries, sailors maneuvered the seas, discovering new lands, new people, and new languages as nations began trading goods around the globe. Then Thomas Friedman, a noted columnist for The New York Times,published his book The World Is Flat.

Friedman argues that the world has become flat due to technological advances connecting people in China, India, and the United States as if we were all next-door neighbors. Physicians in India are reading X-rays for U.S. hospitals, and JetBlue Airways ticket agents take plane reservations for the company from the comfort of their Utah homes. Technology has eliminated some of the economic and cultural advantages developed countries enjoy, making the world a level playing field for all participants. Friedman calls this Globalization 3.0.

Globalization 1.0 started when Christopher Columbus discovered the world is round and the world shrank from large to medium. For the next several hundred years, countries dominated by white men controlled business. Globalization 2.0 began around 1800, during the Industrial Revolution, when the world went from medium to small. In this era, international companies dominated by white men controlled business. Globalization 3.0 began in early 2000, removing distance from the business equation, and the world has gone from small to tiny. In this era, people of all colors from the four corners of the world will dominate business. Farmers in remote villages in Nepal carry an iPhone to access the world’s knowledge at, say, Wikipedia or the stock market closing prices at Bloomberg.

Outsourcing, or hiring someone from another country to complete work remotely, will play an enormous role in this era. It has advantages and disadvantages. Outsourcing work to countries where labor is cheap drives down production costs and allows companies to offer lower prices to U.S. consumers. Having an accountant in China complete a U.S. tax return is just as easy as driving to the H&R Block office on the corner and, probably, far cheaper. Calling an 800 number for service can connect consumers to an Indian, Canadian, or Chinese worker on the other end of the line. Of course, outsourcing also eliminates some U.S. manufacturing and labor jobs, causing pockets of unemployment. In fact, the United States has outsourced several million service and manufacturing jobs to offshore, low-cost producers.

Figure 1.24 shows Friedman’s list of forces that flattened the world. They converged around the year 2000 and “created a flat world: a global, web-enabled platform for multiple forms of sharing knowledge and work, irrespective of time, distance, geography, and increasingly, language.” Three powerful new economies began materializing at this time. In India, China, and the former Soviet Union, more than 3 billion new willing and able participants walked onto the business playing field. Business students will be competing for their first jobs not only against other local students but also against students from around the country and around the globe.²¹

Page 32

FIGURE 1.24

Thomas Friedman’s 10 Forces That Flattened the World

Questions

1.Define Globalization 1.0, 2.0, and 3.0 and provide a sample of the type of business data managers collected during each era.

2.Explain Friedman’s flat world and the reasons it is important for all businesses, small or large, to understand.

3.Demonstrate how students competing for jobs in a flat world can create competitive advantages to differentiate themselves in the marketplace.

4.Analyze the current business environment and identify a new flattener not mentioned on Friedman’s list.

5.Propose a plan for how a start-up company can use any of Porter’s strategies to combat competition in a global world.

6.Argue for or against the following statement: “The world is not flat (in Friedman’s sense of the term) because many undeveloped countries are not connected electronically.”

CLOSING CASE TWO

CRUSHING CANDY

“What makes an application successful?” is a multimillion dollar question. If you can develop and deploy a successful application, you can make millions—every single day. Is it luck that creates that app millions of people download, like Flappy Birds, or is it a genuine business strategy that can be implemented by anyone? With the millions of applications already in the app store and hundreds being added each day, what are the chances you can find that sweet spot to success? If you are lucky enough to create an app that jumps to the top ten list, you can open your doors, sit back, and watch the money flow in.

Page 33

This is exactly what happened to Candy Crush—the highly successful puzzle game that matches fun with pain. Candy Crush offers a range of 3-D sweets that players must eliminate by matching colored candies to crush them, thus advancing to the next level. Candy Crush brilliantly combines Bejeweled, Candy Land, and Tetris into one game. Each player receives five lives and, once completed, must wait 30 minutes to play again, which can be the longest 30 minutes of your life if you are on level 99. Candy Crush held the coveted position of the number one downloaded app for more than nine months and is one of the highest grossing U.S. applications. The company responsible for the Candy Crush craze is Sweden’s King.com (https://king.com/), and it boasts making between $1 million and $3 million daily on its applications. King.com is the latest among European technology firms entering the international gaming scene similar to Mojang’s Minecraft and Rovio’s Angry Birds. What sets King.com apart is its unbelievable profitability in an industry plagued with failed companies. King. com is truly an icon for others seeking to match its success. Perhaps if you study the secret to King. com’s sweet success, you can be the next star of Apple’s App store.

Here’s the secret to King’s success: freemium. Anyone competing in business today must understand this term. A freemium game is free to download and play and then charges customers for extras. King.com takes advantage of freemium and is making millions as it purposely creates pain points in the game, which users can pay extra for as a way out. For a meager .99 cents, users can purchase a lollipop hammer that thrashes unruly jujubes. Just imagine you have been beaten at level 49 and for just .99 cents, you can regain five lives and continue playing. Or you can buy a lollipop hammer and literally beat your way to the next level.

Many business applications operate using the freemium model, giving customers a functional but limited time to use their applications for free. For example, you can download Microsoft Office for a free trial version and in 90 days purchase the fully functional version for $499. It is important to note that the freemium business strategy does not work with physical products that cost money to produce; the closest you will see in freemium is free shipping. In business, the something-for-nothing feeling resonates with customers. Grocery stores often use the BOGO concept: buy one get one. Instead of simply offering a 50 percent discount on all products purchased, customers tend to buy more when they think they are getting one product for free. The bottom line for the company remains the same regardless if it offers each product at a 50 percent discount or two products for the price of one.²²

Questions

1.Do you agree or disagree that freemium business strategies can provide a company with a competitive advantage? Be sure to justify your answer.

2.Why are data, information, business intelligence, and knowledge important to King.com? Give an example of each in relation to a customer playing Candy Crush.

3.Analyze King.com’s Candy Crush, using Porter’s Five Forces. If you have one million dollars, would you invest in Candy Crush?

4.According to Porter’s three generic strategies, where does King.com’s Candy Crush reside?

5.Why do freemium business strategies work well for virtual products and typically fail for physical products?

CRITICAL BUSINESS THINKING

1.Focusing on Friedman
Thomas Friedman’s newest book is titled Hot, Flat, and Crowded: Why We Need a Green Revolution—And How It Can Renew America. Research the Internet to find out as much information as you can about this text. Why would a business manager be interested in reading this text? How will this text affect global business? Do you think Hot, Flat, and Crowded will have as great an impact on society as The World Is Flat had on business? Why or why not?²³

Page 34

2.Pursuing Porter
There is no doubt that Michael Porter is one of the more influential business strategists of the 21st century. Research Michael Porter on the Internet for interviews, additional articles, and new or updated business strategies. Create a summary of your findings to share with your class. How can learning about people such as Thomas Friedman and Michael Porter help prepare you for a career in business? Name three additional business professionals you should follow to help prepare for your career in business.

3.Renting Movies
The video rental industry is fiercely competitive. Customers have their choice of renting a movie by driving to a store (Redbox), ordering through the mail (Netflix), or watching directly from their television (pay-per-view or Netflix). Using Porter’s Five Forces Model (buyer power, supplier power, threat of new entrants, threat of substitute products, and competition), evaluate the attractiveness of entering the movie rental business. Be sure to include product differentiation, switching costs, and loyalty programs in your analysis.

4.Working for the Best
Each year, Fortune magazine creates a list of the top 100 companies to work for. Find the most recent list. What types of data do you think Fortune analyzed to determine the company ranking? What issues could occur if the analysis of the data was inaccurate? What types of information can you gain by analyzing the list? Create five questions a student performing a job search could answer by analyzing this list.

5.Manipulating Data to Find Your Version of the Truth
How can global warming be real when there is so much snow and cold weather? That’s what some people wondered after a couple of massive snowstorms buried Washington, DC Politicians across the capital made jokes and built igloos as they disputed the existence of climate change. Some concluded the planet simply could not be warming with all the snow on the ground. These comments frustrated Joseph Romm, a physicist and climate expert with the Center for American Progress. He spent weeks turning data into information and graphs to educate anyone who would listen about why this reasoning was incorrect. Climate change is all about analyzing data, turning it into information to detect trends. You cannot observe climate change by looking out the window; you have to review decades of weather data with advanced tools to understand the trends.²⁴
Increasingly we see politicians, economists, and newscasters boiling tough issues down to simplistic arguments over what the data mean, each interpreting and spinning the data to support their views and agendas. You need to understand the data and turn them into useful information, or you will not understand when someone is telling the truth and when you are being lied to.
Brainstorm two or three types of data economists use to measure the economy. How do they turn the data into information? What issues do they encounter when attempting to measure the economy? As a manager, what do you need to understand when reading or listening to economic and business reports?

6.Starting Your Own Business
Josh James recently sold his web analytics company, Omniture, to Adobe for $1.8 billion. Yes, James started Omniture from his dorm room! Have you begun to recognize the unbelievable opportunities available to those students who understand the power of MIS, regardless of their major? Answer the following questions.²⁵

a.Why is it so easy today for students to create start-ups while still in college?

b.What would it take for you to start a business from your dorm room?

c.How will this course help you prepare to start your own business?

d.Research the Internet and find three examples of college student start-ups.

Page 35

e.What’s stopping you from starting your own business today? You are living in the information age and, with the power of MIS, it is easier than ever to jump into the business game with very little capital investment. Why not start your own business today?

7.Information Issues in the Information Age
We live in the information age, when the collection, storage, and use of data are hot topics. One example of inappropriate data handling occurred at a college where the monitoring of restrooms occurred every 15 seconds to observe the use of toilets, mirrors, and sinks. Students, faculty, and staff began complaining that the data collection was an invasion of their privacy and a violation of their rights.
Another example of inappropriate data handling occurred when a professor of accounting at a college lost a flash drive containing information for more than 1,800 students, including Social Security numbers, grades, and names. Social Security numbers were included because the data went back to before 1993, when the college used Social Security numbers to identify students.
What types of student data does your college collect? What could happen if your professor lost a thumb drive with all of your personal information? What types of issues could you encounter if someone stole your personal data? What can your college do to ensure this type of data storage violation does not occur?

8.Competitive Analysis
Cheryl O’Connell is the owner of a small, high-end retailer of women’s clothing called Excelus. Excelus’s business has been successful for many years, largely because of O’Connell’s ability to anticipate the needs and wants of her loyal customer base and provide her customers with personalized service. O’Connell does not see any value in IT and does not want to invest any capital in something that will not directly affect her bottom line. Develop a proposal describing the potential IT-enabled competitive opportunities or threats O’Connell might be missing by not embracing IT. Be sure to include a Porter’s Five Forces analysis and discuss which one of the three generic strategies O’Connell should pursue.

9.The Competitive Landscape for Students
According to the Economic Policy Institute, over the past decade the United States has lost an estimated 2.4 million factory jobs to China. Factories in South Korea, Taiwan, and China are producing toys, toothpaste, running shoes, computers, appliances, and cars. For a long time, U.S. firms did not recognize these products as competition; they regarded Asia’s high-tech products as second-rate knockoffs and believed Asian countries maintained a factory culture—they could imitate but not innovate.
In hindsight, it is obvious that once these countries did begin designing and creating high-end products, they would have obvious competitive advantages, with high-value research and development coupled with low-cost manufacturing of unbeatable goods and services. Asia is now on the rise in all industries from wind turbines to high-speed bullet trains. According to Bloomberg Businessweek’s ranking of the most innovative companies, 15 of the top 50 are Asian, up from just 5 in 2006. In fact, for the first time, the majority of the top 25 are based outside the United States.
How do you, as a business student, view these statistics? What type of global business climate will you be competing in when you graduate? If you wanted to gather competitive intelligence about the job market, where would you look and what types of data would you want to analyze? What can you do to create personal competitive advantages to differentiate yourself when searching for a job?²⁶

10.10 Best Things You Will Say to Your Grandchildren
Wired magazine recently posted the top 10 things you will say to your grandchildren. For each expression below, try to identify what it is referring to and why it will be considered outdated.²⁷

 

Page 36

1.Back in my day, we only needed 140 characters.

2.There used to be so much snow up here, you could strap a board to your feet and slide all the way down.

3.Televised contests gave cash prizes to whoever could store the most data in their head.

4.Well, the screens were bigger, but they only showed the movies at certain times of day.

5.We all had one, but nobody actually used it. Come to think of it, I bet my LinkedIn profile is still out there on the web somewhere.

6.Translation: “English used to be the dominant language. Crazy, huh?”

7.Our bodies were made of meat and supported by little sticks of calcium.

8.You used to keep files right on your computer, and you had to go back to that same computer to access them!

9.Is that the new iPhone 27G? Got multitasking yet?

10.I just can’t get used to this darn vat-grown steak. Texture ain’t right.

ENTREPRENEURIAL CHALLENGE

BUILD YOUR OWN BUSINESS

You have recently inherited your grandfather’s business, which is conveniently located in your city’s downtown. The business offers many kinds of specialized products and services. It was first opened in 1952 and was a local hot spot for many years. Unfortunately, business has been steadily declining over the past few years. The business runs without any computers and all ordering takes place manually. Your grandfather had a terrific memory and knew all of his customers and suppliers by name, but unfortunately, none of this information is located anywhere in the store. The operational information required to run the business, such as sales trends, vendor information, promotional information, and so on, is all located in your grandfather’s memory. Inventory is tracked in a notepad, along with employee payroll, and marketing coupons. The business does not have a website, uses very little marketing except word of mouth, and essentially still operates the same as it did in 1952.

Throughout this course, you will own and operate your grandfather’s business, and by taking advantage of business practices discussed in this text, you will attempt to increase profits, decrease expenses, and bring the business into the 21st century. For the purpose of this case, please choose the business you wish to operate and create a name for the business. For example, the business could be a coffee shop called The Broadway Café, an extreme sports store called Cutting Edge Sports, or even a movie store called The Silver Screen. Try to pick a business you are genuinely interested in running and that aligns with your overall career goals.

Project Focus: Competitive Advantage

1.Identify the business you will build throughout this course and choose a name for your business.

2.Write an analysis of buyer power and supplier power for your business, using Porter’s Five Forces Model. Be sure to discuss how you could combat the competition with strategies such as switching costs and loyalty programs.

3.Write an analysis of rivalry, entry barriers, and the threat of substitute products for your business, using Porter’s Five Forces Model. Be sure to discuss how you could combat the competition with strategies such as product differentiation.

4.Describe which of Porter’s three generic strategies you would use for your business. Be sure to describe the details of how you will implement this strategy and how it will help you create a competitive advantage in your industry.

Page 37

APPLY YOUR KNOWLEDGE BUSINESS PROJECTS

PROJECT ICapitalizing on Your Career

Business leaders need to be comfortable with management information systems (MIS) for the following (primary) reasons:

The sheer magnitude of the dollars spent on MIS must be managed to ensure business value.

Research has consistently shown that when top managers are active in supporting MIS, they realize a number of benefits, such as gaining a competitive advantage, streamlining business processes, and even transforming entire industries.

When business leaders are not involved in MIS, systems fail, revenue is lost, and entire companies can even fail because of poorly managed systems.

How do companies get managers involved in MIS? One of the biggest positive factors is managers’ personal experience with MIS and MIS education, including university classes and executive seminars. Once managers understand MIS through experience and education, they are more likely to lead their companies in achieving business success through MIS.

1.Search the Internet for examples of the types of technologies currently used in the field or industry that you plan to pursue. For example, if you are planning a career in accounting or finance, you should become familiar with financial systems such as Oracle Financials. For a career in logistics or distribution, research supply chain management systems. If marketing appeals to you, research customer relationship management systems, blogs, emarketing, and social networking.

2.As a competitive tool, MIS can differentiate products, services, and prices from competitors’ offerings by improving product quality, shortening product development or delivery time, creating new MIS-based products and services, and improving customer service before, during, and after a transaction. Search the Internet for examples of companies in the industry where you plan to work that have achieved a competitive advantage through MIS.

3.Create a brief report of your findings; include an overview of the type of technologies you found and how companies are using them to achieve a competitive advantage.

PROJECT IIAchieving Alignment

Most companies would like to be in the market-leading position of JetBlue, Dell, or Walmart, all of which have used management information systems to secure their respective spots in the marketplace. These companies are relentless about keeping the cost of technology down by combining the best of MIS and business leadership.

The future belongs to those organizations perceptive enough to grasp the significance of MIS and resourceful enough to coordinate their business and management information systems.

1.Use any resource to answer the question, “Why is it challenging for businesses to align MIS and their other operations?” Use the following questions to begin your analysis:

a.How do companies monitor competitive intelligence and create competitive advantages?

b.What are some of the greatest MIS challenges for most firms?

c.What drives MIS decisions?

1. what is the moving force behind MIS decisions for most companies?

PROJECT IIIMarket Dissection

To illustrate the use of the three generic strategies, consider Figure 1.25. The matrix shown demonstrates the relationships among strategies (cost leadership versus differentiation) and market segmentation (broad versus focused).

Page 38

FIGURE 1.25

Porter’s Three Generic Strategies

Hyundai is following a broad cost leadership strategy. It offers low-cost vehicles, in each particular model stratification, that appeal to a large audience.

Audi is pursuing a broad differentiation strategy with its Quattro models available at several price points. Audi’s differentiation is safety, and it prices its models higher than Hyundai’s to reach a large, stratified audience.

Kia has a more focused cost leadership strategy. Kia mainly offers low-cost vehicles in the lower levels of model stratification.

Hummer offers the most focused differentiation strategy of any in the industry (including Mercedes-Benz).

Create a similar graph displaying each strategy for a product of your choice. The strategy must include an example of the product in each of the following markets: (1) cost leadership, broad market; (2) differentiation, broad market; (3) cost leadership, focused market; and (4) differentiation, focused market. Potential products include cereal, dog food, soft drinks, computers, shampoo, snack foods, jeans, sneakers, sandals, mountain bikes, TV shows, and movies.

PROJECT IVFixing the Post Office

Is there anything more frustrating than waiting in line at the post office? Not only are those lines frustrating, but they are also unprofitable. The U.S. Postal Service has faced multibillion-dollar losses every year for the past few years, making for one of the greatest challenges in its history.

What is killing the post office? Perhaps it is Stamps.com, a website that allows you to customize and print your own stamps 24 hours a day. Getting married? Place a photo of the happy couple right on the stamp for the invitations. Starting a business? Place your business logo on your stamps. Stamps.com even keeps track of a custome’s postal spending and can recommend optimal delivery methods. Plus, Stamps.com gives you postage discounts you can’t get at the post office or with a postage meter.

Evaluate the U.S. Postal Service, using Porter’s Five Forces Model. How could the Postal Service create new products and services to help grow its business? What types of competitive advantages can you identify for the Postal Service?

Page 39

PROJECT VThe iPad—The Greatest Product in History or Just Another Gadget?

Apple sold 300,000 units of its highly anticipated iPad in the first 15 hours it was available for sale. Hundreds of thousands of Apple devotees flocked to stores during Passover and Easter to be the first to obtain the new device, even though it is neither a phone nor a laptop computer and many people are still wondering what it’s for.

The controversy over the usefulness of Apple’s portable tablet began as soon as Apple announced the device was heading to market. At first glance, the iPad is little more than a touch screen the size of a slim book, with a few control buttons along the edges and a home button at the bottom. Shrink it, and it would look like an iPod Touch. What is the value of this device? That’s the question everyone wants to answer.

The iPad’s modest features might represent an entirely new way of consuming media—video, web pages, music, pictures, and even books. Break into groups and review the current value of the iPad for business. Find three examples of the ways businesses are using, or could use, the iPad. Do you consider it the next revolutionary device or just an overpriced music player?

PROJECT VIFlat Competition

“When I was growing up in Minneapolis, my parents always said, ‘Tom, finish your dinner. There are people starving in China and India.’ Today I tell my girls, ‘Finish your homework, because people in China and India are starving for your jobs.’ And in a flat world, they can have them, because there’s no such thing as an American job anymore.” Thomas Friedman.

In his book, The World Is Flat, Thomas Friedman describes the unplanned cascade of technological and social shifts that effectively leveled the economic world, and “accidentally made Beijing, Bangalore, and Bethesda next-door neighbors.” The video of Thomas Friedman’s lecture at MIT discussing the flat world is available at http://mitworld.mit.edu/video/266. If you want to be prepared to compete in a flat world, you must watch this video and answer the following questions:

Do you agree or disagree with Friedman’s assessment that the world is flat?

What are the potential impacts of a flat world for a student performing a job search?

What can students do to prepare themselves for competing in a flat world?²⁸

Page 40

PROJECT VIIFinding Your College Start-up

Derek Johnson, a student at the University of Houston, was having lunch with his friend who happened to be the communications director for her sorority. During lunch, Derek’s friend was telling him how hard it was to communicate with all of her sisters in the sorority. She had to send out important announcements about meetings, charitable events, and even dues. She had tried everything, including Facebook, email, and message boards, but so far nothing was working. As Derek pondered his friend’s dilemma, he came up with a solution: mass text messaging.

Johnson began researching mass text messaging products and was surprised to find that none existed for the average consumer. Spotting an entrepreneurial opportunity, Derek quickly began working on a product. Within a few months, he launched his website, Tatango, and began offering group text messaging at a reasonable price. Now, a few years later, Tatango offers customers subscription plans starting under $20 a month that allows groups to send text messages to all members at once—whether 10 or 10,000—from any device.²⁹

In a group, brainstorm a list of problems you are currently experiencing. Decide whether any present potential new business opportunities and, if so, analyze the potential, using the tools introduced in this chapter. Be prepared to present your new business to the class.

PROJECT VIIIWhat’s Wrong with This Bathroom?

If you were the CEO of a global financial company that was experiencing a financial crisis, would you invest $1 million to renovate your office? Probably not, and you are possibly wondering whether this is a fabricated story from The Onion. Guess what, this is a true story! John Thain, the former CEO of Merrill Lynch, decided to spend $1.2 million refurbishing his office—well after Merrill Lynch posted huge financial losses. Thain personally signed off on all of the following:

Area rug: $87,784

Mahogany pedestal table: $25,713

19th century credenza: $68,179

Pendant light furniture: $19,751

4 pairs of curtains: $28,091

Pair of guest chairs: $87,784

George IV chair: $18,468

6 wall sconces: $2,741

Parchment waste can: $1,405 (yes, for a trash can!)

Roman shade fabric: $10,967

Roman shades: $7,315

Coffee table: $5,852

Commode on legs: $35,115³⁰

It takes years of education and work experience for people to build the skills necessary to take on the role of CEO. Obviously, a company like Merril Lynch would only hire a highly qualified person for the job. What do you think happened to John Thain? Why would he spend an obscene amount of money redecorating his office when his company was having financial trouble? What happens to a company whose executives are not aligned with company goals? How can you ensure that your company’s executives are not making monumental mistakes, such as million-dollar bathroom renovations?

PROJECT IXI Love TED!

A small nonprofit started in 1984, TED (Technology, Entertainment, and Design) hosts conferences for Ideas Worth Spreading. TED brings people from all over the globe to share award-winning talks covering the most innovative, informative, and exciting speeches ever given in 20 minutes. You can find TED talks by Al Gore, Bill Gates, Steve Jobs, Douglas Adams, Steven Levitt, Seth Godin, Malcolm Gladwell, and so on.³¹

Visit www.ted.com and peruse the thousands of videos that are available; then answer the following:

Review the TED website and find three talks you would want to watch. Why did you pick these three and will you make time outside of class to watch them?

How can you gain a competitive advantage by watching TED?

How can you find innovative ideas for a start-up by watching TED?

How can you find competitive intelligence by watching TED?

Page 41

AYK APPLICATION PROJECTS

If you are looking for Excel projects to incorporate into your class, try any of the following after reading this chapter.

PLACE YOUR ORDER NOW

 

 

Page 215

section 6.1

Data, Information, and Databases

LEARNING OUTCOMES

6.1Explain the four primary traits that determine the value of information.

6.2Describe a database, a database management system, and the relational database model.

6.3Identify the business advantages of a relational database.

6.4Explain the business benefits of a data-driven website.

THE BUSINESS BENEFITS OF HIGH-QUALITY INFORMATION

LO 6.1: Explain the four primary traits that determine the value of information.

Information is powerful. Information can tell an organization how its current operations are performing and help it estimate and strategize about how future operations might perform. The ability to understand, digest, analyze, and filter information is key to growth and success for any professional in any industry. Remember that new perspectives and opportunities can open up when you have the right data that you can turn into information and ultimately business intelligence.

Information is everywhere in an organization. Managers in sales, marketing, human resources, and management need information to run their departments and make daily decisions. When addressing a significant business issue, employees must be able to obtain and analyze all the relevant information so they can make the best decision possible. Information comes at different levels, formats, and granularities. Information granularity refers to the extent of detail within the information (fine and detailed or coarse and abstract). Employees must be able to correlate the different levels, formats, and granularities of information when making decisions. For example, a company might be collecting information from various suppliers to make needed decisions, only to find that the information is in different levels, formats, and granularities. One supplier might send detailed information in a spreadsheet, whereas another supplier might send summary information in a Word document, and still another might send a collection of information from emails. Employees will need to compare these differing types of information for what they commonly reveal to make strategic decisions. Figure 6.4 displays the various levels, formats, and granularities of organizational information.

Successfully collecting, compiling, sorting, and finally analyzing information from multiple levels, in varied formats, and exhibiting different granularities can provide tremendous insight into how an organization is performing. Exciting and unexpected results can include potential new markets, new ways of reaching customers, and even new methods of doing business. After understanding the different levels, formats, and granularities of information, managers next want to look at the four primary traits that help determine the value of information (see Figure 6.5).

Information Type: Transactional and Analytical

As discussed previously in the text, the two primary types of information are transactional and analytical. Transactional information encompasses all of the information contained within a single business process or unit of work, and its primary purpose is to support daily operational tasks. Organizations need to capture and store transactional information to perform operational tasks and repetitive decisions such as analyzing daily sales reports and production schedules to determine how much inventory to carry. Consider Walmart, which handles more than 1 million customer transactions every hour, and Facebook, which keeps track of 400 million active users (along with their photos, friends, and web links). In addition, every time a cash register rings up a sale, a deposit or withdrawal is made from an ATM, or a receipt is given at the gas pump, the transactional information must be captured and stored.

Page 216

FIGURE 6.4

Levels, Formats, and Granularities of Organizational Information

Analytical information encompasses all organizational information, and its primary purpose is to support the performance of managerial analysis tasks. Analytical information is useful when making important decisions such as whether the organization should build a new manufacturing plant or hire additional sales personnel. Analytical information makes it possible to do many things that previously were difficult to accomplish, such as spot business trends, prevent diseases, and fight crime. For example, credit card companies crunch through billions of transactional purchase records to identify fraudulent activity. Indicators such as charges in a foreign country or consecutive purchases of gasoline send a red flag highlighting potential fraudulent activity.

Walmart was able to use its massive amount of analytical information to identify many unusual trends, such as a correlation between storms and Pop-Tarts. Yes, Walmart discovered an increase in the demand for Pop-Tarts during the storm season. Armed with that valuable information, the retail chain was able to stock up on Pop-Tarts that were ready for purchase when customers arrived. Figure 6.6 displays different types of transactional and analytical information.

FIGURE 6.5

The Four Primary Traits of the Value of Information

Page 217

Information Timeliness

Timeliness is an aspect of information that depends on the situation. In some firms or industries, information that is a few days or weeks old can be relevant, whereas in others information that is a few minutes old can be almost worthless. Some organizations, such as 911 response centers, stock traders, and banks, require up-to-the-second information. Other organizations, such as insurance and construction companies, require only daily or even weekly information.

Real-time information means immediate, up-to-date information. Real-time systems provide real-time information in response to requests. Many organizations use real-time systems to uncover key corporate transactional information. The growing demand for real-time information stems from organizations’ need to make faster and more effective decisions, keep smaller inventories, operate more efficiently, and track performance more carefully. Information also needs to be timely in the sense that it meets employees’ needs, but no more. If employees can absorb information only on an hourly or daily basis, there is no need to gather real-time information in smaller increments.

Most people request real-time information without understanding one of the biggest pitfalls associated with real-time information—continual change. Imagine the following scenario: Three managers meet at the end of the day to discuss a business problem. Each manager has gathered information at different times during the day to create a picture of the situation. Each manager’s picture may be different because of the time differences. Their views on the business problem may not match because the information they are basing their analysis on is continually changing. This approach may not speed up decision making, and it may actually slow it down. Business decision makers must evaluate the timeliness of the information for every decision. Organizations do not want to find themselves using real-time information to make a bad decision faster.

Information Quality

Business decisions are only as good as the quality of the information used to make them. Information inconsistency occurs when the same data element has different values. Take for example the amount of work that needs to occur to update a customer who had changed her last name due to marriage. Changing this information in only a few organizational systems will lead to data inconsistencies causing customer 123456 to be associated with two last names. Information integrity issues occur when a system produces incorrect, inconsistent, or duplicate data. Data integrity issues can cause managers to consider the system reports invalid and will make decisions based on other sources.

FIGURE 6.6

Transactional versus Analytical Information

Page 218

FIGURE 6.7

Five Common Characteristics of High-Quality Information

To ensure that your systems do not suffer from data integrity issues, review Figure 6.7 for the five characteristics common to high-quality information: accuracy, completeness, consistency, timeliness, and uniqueness. Figure 6.8 provides an example of several problems associated with using low-quality information, including:

1.Completeness. The customer’s first name is missing.

2.Another issue with completeness. The street address contains only a number and not a street name.

3.Consistency. There may be a duplication of information since there is a slight difference between the two customers in the spelling of the last name. Similar street addresses and phone numbers make this likely.

FIGURE 6.8

Example of Low-Quality Information

Page 219

APPLY YOUR KNOWLEDGE

BUSINESS DRIVEN MIS

Determining Information Quality Issues

Real People magazine is geared toward working individuals and provides articles and advice on everything from car maintenance to family planning. The magazine is currently experiencing problems with its distribution list. More than 30 percent of the magazines mailed are returned because of incorrect address information, and each month it receives numerous calls from angry customers complaining that they have not yet received their magazines. Below is a sample of Real People’s customer information. Create a report detailing all the issues with the information, potential causes of the information issues, and solutions the company can follow to correct the situation.

4.Accuracy. This may be inaccurate information because the customer’s phone and fax numbers are the same. Some customers might have the same number for phone and fax, but the fact that the customer also has this number in the email address field is suspicious.

5.Another issue with accuracy. There is inaccurate information because a phone number is located in the email address field.

6.Another issue with completeness. The information is incomplete because there is not a valid area code for the phone and fax numbers.

Nestlé uses 550,000 suppliers to sell more than 100,000 products in 200 countries. However, due to poor information, the company was unable to evaluate its business effectively. After some analysis, it found that it had 9 million records of vendors, customers, and materials, half of which were duplicated, obsolete, inaccurate, or incomplete. The analysis discovered that some records abbreviated vendor names, and other records spelled out the vendor names. This created multiple accounts for the same customer, making it impossible to determine the true value of Nestlé’s customers. Without being able to identify customer profitability, a company runs the risk of alienating its best customers.²

Knowing how low-quality information issues typically occur can help a company correct them. Addressing these errors will significantly improve the quality of company information and the value to be extracted from it. The four primary reasons for low-quality information are:

1.Online customers intentionally enter inaccurate information to protect their privacy.

2.Different systems have different information entry standards and formats.

3.Data-entry personnel enter abbreviated information to save time or erroneous information by accident.

4.Third-party and external information contains inconsistencies, inaccuracies, and errors.

Page 220

Understanding the Costs of Using Low-Quality Information Using the wrong information can lead managers to make erroneous decisions. Erroneous decisions in turn can cost time, money, reputations, and even jobs. Some of the serious business consequences that occur due to using low-quality information to make decisions are:

Inability to track customers accurately.

Difficulty identifying the organization’s most valuable customers.

Inability to identify selling opportunities.

Lost revenue opportunities from marketing to nonexistent customers.

The cost of sending undeliverable mail.

Difficulty tracking revenue because of inaccurate invoices.

Inability to build strong relationships with customers.

Understanding the Benefits of Using High-Quality Information High-quality information can significantly improve the chances of making a good decision and directly increase an organization’s bottom line. One company discovered that even with its large number of golf courses, Phoenix, Arizona, is not a good place to sell golf clubs. An analysis revealed that typical golfers in Phoenix are tourists and conventioneers who usually bring their clubs with them. The analysis further revealed that two of the best places to sell golf clubs in the United States are Rochester, New York, and Detroit, Michigan. Equipped with this valuable information, the company was able to place its stores strategically and launch its marketing campaigns.

High-quality information does not automatically guarantee that every decision made is going to be a good one, because people ultimately make decisions and no one is perfect. However, such information ensures that the basis of the decisions is accurate. The success of the organization depends on appreciating and leveraging the true value of timely and high-quality information.

Information Governance

Information is a vital resource, and users need to be educated on what they can and cannot do with it. To ensure that a firm manages its information correctly, it will need special policies and procedures establishing rules on how the information is organized, updated, maintained, and accessed. Every firm, large and small, should create an information policy concerning data governance. Data governance refers to the overall management of the availability, usability, integrity, and security of company data. Master data management (MDM) is the practice of gathering data and ensuring that it is uniform, accurate, consistent, and complete, including such entities as customers, suppliers, products, sales, employees, and other critical entities that are commonly integrated across organizational systems. MDM is commonly included in data governance. A company that supports a data governance program has a defined a policy that specifies who is accountable for various portions or aspects of the data, including its accuracy, accessibility, consistency, timeliness, and completeness. The policy should clearly define the processes concerning how to store, archive, back up, and secure the data. In addition, the company should create a set of procedures identifying accessibility levels for employees. Then, the firm should deploy controls and procedures that enforce government regulations and compliance with mandates such as Sarbanes-Oxley.

STORING INFORMATION USING A RELATIONAL DATABASE MANAGEMENT SYSTEM

LO 6.2: Describe a database, a database management system, and the relational database model.

The core component of any system, regardless of size, is a database and a database management system. Broadly defined, a database maintains information about various types of objects (inventory), events (transactions), people (employees), and places (warehouses). A database management system (DBMS) creates, reads, updates, and deletes data in a database while controlling access and security. Managers send requests to the DBMS, and the DBMS performs the actual manipulation of the data in the database. Companies store their information in databases, and managers access these systems to answer operational questions such as how many customers purchased Product A in December or what the average sales were by region. Two primary tools are available for retrieving information from a DBMS. First is a query-by-example (QBE) tool that helps users graphically design the answer to a question against a database. Second is a structured query language (SQL) that asks users to write lines of code to answer questions against a database. Managers typically interact with QBE tools, and MIS professionals have the skills required to code SQL. Figure 6.9 displays the relationship between a database, a DBMS, and a user. Some of the more popular examples of DBMS include MySQL, Microsoft Access, SQL Server, FileMaker, Oracle, and FoxPro.

Page 221

APPLY YOUR KNOWLEDGE

BUSINESS DRIVEN DEBATE

Excel or Access?

Excel is a great tool with which to perform business analytics. Your friend, John Cross, owns a successful publishing company specializing in Do It Yourself books. John started the business 10 years ago and has slowly grown to 50 employees and $1 million in sales. John has been using Excel to run the majority of his business, tracking book orders, production orders, shipping orders, and billing. John even uses Excel to track employee payroll and vacation dates. To date, Excel has done the job, but as the company continues to grow, the tool is becoming inadequate.

You believe John could benefit from moving from Excel to Access. John is skeptical of the change because Excel has done the job up to now, and his employees are comfortable with the current processes and technology. John has asked you to prepare a presentation explaining the limitations of Excel and the benefits of Access. In a group, prepare the presentation that will help convince John to make the switch.

A data element (or data field) is the smallest or basic unit of information. Data elements can include a customer’s name, address, email, discount rate, preferred shipping method, product name, quantity ordered, and so on. Data models are logical data structures that detail the relationships among data elements by using graphics or pictures.

Metadata provides details about data. For example, metadata for an image could include its size, resolution, and date created. Metadata about a text document could contain document length, data created, author’s name, and summary. Each data element is given a description, such as Customer Name; metadata is provided for the type of data (text, numeric, alphanumeric, date, image, binary value) and descriptions of potential predefined values such as a certain area code; and finally the relationship is defined. A data dictionary compiles all of the metadata about the data elements in the data model. Looking at a data model along with reviewing the data dictionary provides tremendous insight into the database’s functions, purpose, and business rules.

DBMS use three primary data models for organizing information—hierarchical, network, and the relational database, the most prevalent. A relational database model stores information in the form of logically related two-dimensional tables. A relational database management system allows users to create, read, update, and delete data in a relational database. Although the hierarchical and network models are important, this text focuses only on the relational database model.

FIGURE 6.9

Relationship of Database, DBMS, and User

Page 222

Storing Data Elements in Entities and Attributes

For flexibility in supporting business operations, managers need to query or search for the answers to business questions such as which artist sold the most albums during a certain month. The relationships in the relational database model help managers extract this information. Figure 6.10 illustrates the primary concepts of the relational database model—entities, attributes, keys, and relationships. An entity (also referred to as a table) stores information about a person, place, thing, transaction, or event. The entities, or tables, of interest in Figure 6.10 are TRACKS, RECORDINGS, MUSICIANS, and CATEGORIES. Notice that each entity is stored in a different two-dimensional table (with rows and columns).

Attributes (also called columns or fields) are the data elements associated with an entity. In Figure 6.10, the attributes for the entity TRACKS are TrackNumber, TrackTitle, TrackLength, and RecordingID. Attributes for the entity MUSICIANS are MusicianID, MusicianName, MusicianPhoto, and MusicianNotes. A record is a collection of related data elements (in the MUSICIANS table, these include “3, Lady Gaga, gag.tiff, Do not bring young kids to live shows”). Each record in an entity occupies one row in its respective table.

Creating Relationships Through Keys

To manage and organize various entities within the relational database model, you use primary keys and foreign keys to create logical relationships. A primary key is a field (or group of fields) that uniquely identifies a given record in a table. In the table RECORDINGS, the primary key is the field RecordingID that uniquely identifies each record in the table. Primary keys are a critical piece of a relational database because they provide a way of distinguishing each record in a table; for instance, imagine you need to find information on a customer named Steve Smith. Simply searching the customer name would not be an ideal way to find the information because there might be 20 customers with the name Steve Smith. This is the reason the relational database model uses primary keys to identify each record uniquely. Using Steve Smith’s unique ID allows a manager to search the database to identify all information associated with this customer.

FIGURE 6.10

Primary Concepts of the Relational Database Model

Page 223

APPLY YOUR KNOWLEDGE

BUSINESS DRIVEN START-UP

2 Trillion Rows of Data Analyzed Daily—No Problem

eBay is the world’s largest online marketplace, with 97 million global users selling anything to anyone at a yearly total of $62 billion—more than $2,000 every second. Of course with this many sales, eBay is collecting the equivalent of the Library of Congress worth of data every three days that must be analyzed to run the business successfully. Luckily, eBay discovered Tableau!

Tableau started at Stanford when Chris Stolte, a computer scientist; Pat Hanrahan, an Academy Award–winning professor; and Christian Chabot, a savvy business leader, decided to solve the problem of helping ordinary people understand big data. The three created Tableau, which bridged two computer science disciplines: computer graphics and databases. No more need to write code or understand the relational database keys and categories; users simply drag and drop pictures of what they want to analyze. Tableau has become one of the most successful data visualization tools on the market, winning multiple awards, international expansion, and millions in revenue and spawning multiple new inventions.³

Tableau is revolutionizing business analytics, and this is only the beginning. Visit the Tableau website and become familiar with the tool by watching a few of the demos. Once you have a good understanding of the tool, create three questions eBay might be using Tableau to answer, including the analysis of its sales data to find patterns, business insights, and trends.

A foreign key is a primary key of one table that appears as an attribute in another table and acts to provide a logical relationship between the two tables. For instance, Black Eyed Peas in Figure 6.10 is one of the musicians appearing in the MUSICIANS table. Its primary key, MusicianID, is “2.” Notice that MusicianID also appears as an attribute in the RECORDINGS table. By matching these attributes, you create a relationship between the MUSICIANS and RECORDINGS tables that states the Black Eyed Peas (MusicianID 2) have several recordings, including The E.N.D., Monkey Business, and Elepunk. In essence, MusicianID in the RECORDINGS table creates a logical relationship (who was the musician that made the recording) to the MUSICIANS table. Creating the logical relationship between the tables allows managers to search the data and turn it into useful information.

Coca Cola Relational Database Example

Figure 6.11 illustrates the primary concepts of the relational database model for a sample order of soda from Coca Cola. Figure 6.11 offers an excellent example of how data is stored in a database. For example, the order number is stored in the ORDER table, and each line item is stored in the ORDER LINE table. Entities include CUSTOMER, ORDER, ORDER LINE, PRODUCT, and DISTRIBUTOR. Attributes for CUSTOMER include Customer ID, Customer Name, Contact Name, and Phone. Attributes for PRODUCT include Product ID, Description, and Price. The columns in the table contain the attributes.

Consider Hawkins Shipping, one of the distributors appearing in the DISTRIBUTOR table. Its primary key, Distributor ID, is DEN8001. Distributor ID also appears as an attribute in the ORDER table. This establishes that Hawkins Shipping (Distributor ID DEN8001) was responsible for delivering orders 34561 and 34562 to the appropriate customer(s). Therefore, Distributor ID in the ORDER table creates a logical relationship (who shipped what order) between ORDER and DISTRIBUTOR.

Page 224

FIGURE 6.11

Potential Relational Database for Coca-Cola Bottling Company of Egypt (TCCBCE)

Page 225

USING A RELATIONAL DATABASE FOR BUSINESS ADVANTAGES

LO 6.3: Identify the business advantages of a relational database.

Many business managers are familiar with Excel and other spreadsheet programs they can use to store business data. Although spreadsheets are excellent for supporting some data analysis, they offer limited functionality in terms of security, accessibility, and flexibility and can rarely scale to support business growth. From a business perspective, relational databases offer many advantages over using a text document or a spreadsheet, as displayed in Figure 6.12.

Increased Flexibility

Databases tend to mirror business structures, and a database needs to handle changes quickly and easily, just as any business needs to be able to do. Equally important, databases need to provide flexibility in allowing each user to access the information in whatever way best suits his or her needs. The distinction between logical and physical views is important in understanding flexible database user views. The physical view of information deals with the physical storage of information on a storage device. The logical view of information focuses on how individual users logically access information to meet their own particular business needs.

In the database illustration from Figure 6.10, for example, one user could perform a query to determine which recordings had a track length of four minutes or more. At the same time, another user could perform an analysis to determine the distribution of recordings as they relate to the different categories. For example, are there more R&B recordings than rock, or are they evenly distributed? This example demonstrates that although a database has only one physical view, it can easily support multiple logical views that provide for flexibility.

Consider another example—a mail-order business. One user might want a report presented in alphabetical format, in which case, the last name should appear before first name. Another user, working with a catalog mailing system, would want customer names appearing as first name and then last name. Both are easily achievable but different logical views of the same physical information.

Increased Scalability and Performance

In its first year of operation, the official website of the American Family Immigration History Center, www.ellisisland.org, generated more than 2.5 billion hits. The site offers immigration information about people who entered America through the Port of New York and Ellis Island between 1892 and 1924. The database contains more than 25 million passenger names that are correlated to 3.5 million images of ships’ manifests.⁴

The database had to be scalable to handle the massive volumes of information and the large numbers of users expected for the launch of the website. In addition, the database needed to perform quickly under heavy use. Some organizations must be able to support hundreds or thousands of users, including employees, partners, customers, and suppliers, who all want to access and share the same information. Databases today scale to exceptional levels, allowing all types of users and programs to perform information-processing and information-searching tasks.

FIGURE 6.12

Business Advantages of a Relational Database

Page 226

Reduced Information Redundancy

Information redundancy is the duplication of data, or the storage of the same data in multiple places. Redundant data can cause storage issues along with data integrity issues, making it difficult to determine which values are the most current or most accurate. Employees become confused and frustrated when faced with incorrect information causing disruptions to business processes and procedures. One primary goal of a database is to eliminate information redundancy by recording each piece of information in only one place in the database. This saves disk space, makes performing information updates easier, and improves information quality.

Increased Information Integrity (Quality)

Information integrity is a measure of the quality of information. Integrity constraints are rules that help ensure the quality of information. The database design needs to consider integrity constraints. The database and the DBMS ensures that users can never violate these constraints. There are two types of integrity constraints: (1) relational and (2) business critical.

Relational integrity constraints are rules that enforce basic and fundamental information-based constraints. For example, a relational integrity constraint would not allow someone to create an order for a nonexistent customer, provide a markup percentage that was negative, or order zero pounds of raw materials from a supplier. A business rule defines how a company performs certain aspects of its business and typically results in either a yes/no or true/false answer. Stating that merchandise returns are allowed within 10 days of purchase is an example of a business rule. Business-critical integrity constraints enforce business rules vital to an organization’s success and often require more insight and knowledge than relational integrity constraints. Consider a supplier of fresh produce to large grocery chains such as Kroger. The supplier might implement a business-critical integrity constraint stating that no product returns are accepted after 15 days past delivery. That would make sense because of the chance of spoilage of the produce. Business-critical integrity constraints tend to mirror the very rules by which an organization achieves success.

The specification and enforcement of integrity constraints produce higher-quality information that will provide better support for business decisions. Organizations that establish specific procedures for developing integrity constraints typically see an increase in accuracy that then increases the use of organizational information by business professionals.

Increased Information Security

Managers must protect information, like any asset, from unauthorized users or misuse. As systems become increasingly complex and highly available over the Internet on many devices, security becomes an even bigger issue. Databases offer many security features, including passwords to provide authentication, access levels to determine who can access the data, and access controls to determine what type of access they have to the information.

For example, customer service representatives might need read-only access to customer order information so they can answer customer order inquiries; they might not have or need the authority to change or delete order information. Managers might require access to employee files, but they should have access only to their own employees’ files, not the employee files for the entire company. Various security features of databases can ensure that individuals have only certain types of access to certain types of information.

Security risks are increasing as more and more databases and DBMS systems are moving to data centers run in the cloud. The biggest risks when using cloud computing are ensuring the security and privacy of the information in the database. Implementing data governance policies and procedures that outline the data management requirements can ensure safe and secure cloud computing.

Page 227

APPLY YOUR KNOWLEDGE

BUSINESS DRIVEN ETHICS AND SECURITY

Unethical Data Mining

Mining large amounts of data can create a number of benefits for business, society, and governments, but it can also create a number of ethical questions surrounding an invasion of privacy or misuse of information. Facebook recently came under fire for its data mining practices as it followed 700,000 accounts to determine whether posts with highly emotional content are more contagious. The study concluded that highly emotional texts are contagious, just as with real people. Highly emotional positive posts received multiple positive replies whereas highly emotional negative posts received multiple negative replies. Although the study seems rather innocent, many Facebook users were outraged; they felt the study was an invasion of privacy because the 700,000 accounts had no idea Facebook was mining their posts. As a Facebook user, you willingly consent that Facebook owns every bit and byte of data you post and, once you press submit, Facebook can do whatever it wants with your data. Do you agree or disagree that Facebook has the right to do whatever it wants with the data its 1.5 billion users post on its site?⁵

DRIVING WEBSITES WITH DATA

LO 6.4: Explain the business benefits of a data-driven website.

A content creator is the person responsible for creating the original website content. A content editor is the person responsible for updating and maintaining website content. Static information includes fixed data incapable of change in the event of a user action. Dynamic information includes data that change based on user actions. For example, static websites supply only information that will not change until the content editor changes the information. Dynamic information changes when a user requests information. A dynamic website changes information based on user requests such as movie ticket availability, airline prices, or restaurant reservations. Dynamic website information is stored in a dynamic catalog, or an area of a website that stores information about products in a database.

Websites change for site visitors depending on the type of information they request. Consider, for example, an automobile dealer. The dealer would create a database containing data elements for each car it has available for sale, including make, model, color, year, miles per gallon, a photograph, and so on. Website visitors might click Porsche and then enter their specific requests such as price range or year made. Once the user hits Go, the website automatically provides a custom view of the requested information. The dealer must create, update, and delete automobile information as the inventory changes.

A data-driven website is an interactive website kept constantly updated and relevant to the needs of its customers using a database. Data-driven capabilities are especially useful when a firm needs to offer large amounts of information, products, or services. Visitors can become quickly annoyed if they find themselves buried under an avalanche of information when searching a website. A data-driven website can help limit the amount of information displayed to customers based on unique search requirements. Companies even use data-driven websites to make information in their internal databases available to customers and business partners.

There are a number of advantages to using the web to access company databases. First, web browsers are much easier to use than directly accessing the database by using a custom-query tool. Second, the web interface requires few or no changes to the database model. Finally, it costs less to add a web interface in front of a DBMS than to redesign and rebuild the system to support changes. Additional data-driven website advantages include:

Easy to manage content: Website owners can make changes without relying on MIS professionals; users can update a data-driven website with little or no training.

Page 228

FIGURE 6.13

Zappos.com—A Data-Driven Website

FIGURE 6.14

BI in a Data-Driven Website

Page 229

Easy to store large amounts of data: Data-driven websites can keep large volumes of information organized. Website owners can use templates to implement changes for layouts, navigation, or website structure. This improves website reliability, scalability, and performance.

Easy to eliminate human errors: Data-driven websites trap data-entry errors, eliminating inconsistencies while ensuring that all information is entered correctly.

Zappos credits its success as an online shoe retailer to its vast inventory of nearly 3 million products available through its dynamic data-driven website. The company built its data-driven website catering to a specific niche market: consumers who were tired of finding that their most-desired items were always out of stock at traditional retailers. Zappos’ highly flexible, scalable, and secure database helped it rank as the most available Internet retailer. Figure 6.13 displays the Zappos data-driven website illustrating a user querying the database and receiving information that satisfies the user’s request.⁶

Companies can gain valuable business knowledge by viewing the data accessed and analyzed from their websites. Figure 6.14 displays how running queries or using analytical tools, such as a PivotTable, on the database that is attached to the website can offer insight into the business, such as items browsed, frequent requests, items bought together, and so on.

section 6.2

Business Intelligence

LEARNING OUTCOMES

6.5Identify the advantages of using business intelligence to support managerial decision making.

6.6Define data warehousing and data marts and explain how they support business decisions.

6.7Describe the three organizational methods for analyzing big data.

SUPPORTING DECISIONS WITH BUSINESS INTELLIGENCE

LO 6.5: Identify the advantages of using business intelligence to support managerial decision making.

Many organizations today find it next to impossible to understand their own strengths and weaknesses, let alone their biggest competitors, because the enormous volume of organizational data is inaccessible to all but the MIS department. Organization data include far more than simple structured data elements in a database; the set of data also includes unstructured data such as voice mail, customer phone calls, text messages, video clips, and numerous new forms of data such as tweets from Twitter.

The Problem: Data Rich, Information Poor

An ideal business scenario would be as follows. As a business manager on his way to meet with a client reviews historical customer data, he realizes that the client’s ordering volume has substantially decreased. As he drills down into the data, he notices the client had a support issue with a particular product. He quickly calls the support team to find out all of the information and learns that a replacement for the defective part can be shipped in 24 hours. In addition, he learns that the client has visited the website and requested information on a new product line. Armed with all this information, the business manager is prepared for a productive meeting with his client. He now understands the client’s needs and issues, and he can address new sales opportunities with confidence.

For many companies, the preceding example is simply a pipe dream. Attempting to gather all of the client information would actually take hours or even days to compile. With so much data available, it is surprisingly hard for managers to get information, such as inventory levels, past order history, or shipping details. Managers send their information requests to the MIS department where a dedicated person compiles the various reports. In some situations, responses can take days, by which time the information may be outdated and opportunities lost. Many organizations find themselves in the position of being data rich and information poor. Even in today’s electronic world, managers struggle with the challenge of turning their business data into business intelligence.

Page 230

APPLY YOUR KNOWLEDGE

BUSINESS DRIVEN INNOVATION

News Dots

Gone are the days of staring at boring spreadsheets and trying to understand how the data correlate. With innovative data visualization tools, managers can arrange different ways to view the data, providing new forms of pattern recognition not offered by simply looking at numbers. Slate, a news publication, developed a new data visualization tool called News Dots, that offers readers a different way of viewing the daily news through trends and patterns. The News Dots tool scans about 500 stories a day from major publications and then tags the content with important keywords such as people, places, companies, and topics. Surprisingly, the majority of daily news overlaps as the people, places, and stories are frequently connected. Using News Dots, you can visualize how the news fits together, almost similar to a giant social network. News Dots uses circles (or dots) to represent the tagged content and arranges them according to size. The more frequently a certain topic is tagged, the larger the dot and its relationship to other dots. The tool is interactive and users simply click a dot to view which stories mention that topic and which other topics it connects to in the network such as a correlation among the U.S. government, Federal Reserve, Senate, bank, and Barack Obama.⁷

How can data visualization help identify trends? What types of business intelligence could you identify if your college used a data visualization tool to analyze student information? What types of business intelligence could you identify if you used a data visualization tool to analyze the industry in which you plan to compete?

The Solution: Business Intelligence

Employee decisions are numerous, and they include providing service information, offering new products, and supporting frustrated customers. Employees can base their decisions on data, experience, or knowledge and preferably a combination of all three. Business intelligence can provide managers with the ability to make better decisions. A few examples of how different industries use business intelligence include:

Airlines: Analyze popular vacation locations with current flight listings.

Banking: Understand customer credit card usage and nonpayment rates.

Health care: Compare the demographics of patients with critical illnesses.

Insurance: Predict claim amounts and medical coverage costs.

Law enforcement: Track crime patterns, locations, and criminal behavior.

Marketing: Analyze customer demographics.

Retail: Predict sales, inventory levels, and distribution.

Technology: Predict hardware failures.

Figure 6.15 displays how organizations using BI can find the cause to many issues and problems simply by asking “Why?” The process starts by analyzing a report such as sales amounts by quarter. Managers will drill down into the report looking for why sales are up or why sales are down. Once they understand why a certain location or product is experiencing an increase in sales, they can share the information in an effort to raise enterprisewide sales. Once they understand the cause for a decrease in sales, they can take effective action to resolve the issue. Here are a few examples of how managers can use BI to answer tough business questions:

Page 231

FIGURE 6.15

How BI Can Answer Tough Customer Questions

Where has the business been? Historical perspective offers important variables for determining trends and patterns.

Where is the business now? Looking at the current business situation allows managers to take effective action to solve issues before they grow out of control.

Where is the business going? Setting strategic direction is critical for planning and creating solid business strategies.

Ask a simple question—such as who is my best customer or what is my worst-selling product—and you might get as many answers as you have employees. Databases, data warehouses, and data marts can provide a single source of “trusted” data that can answer questions about customers, products, suppliers, production, finances, fraud, and even employees. They can also alert managers to inconsistencies or help determine the causes and effects of enter-prisewide business decisions. All business aspects can benefit from the added insights provided by business intelligence, and you, as a business student, will benefit from understanding how MIS can help you make intelligent decisions.

THE BUSINESS BENEFITS OF DATA WAREHOUSING

LO 6.6: Define data warehousing and data marts and explain how they support business decisions.

In the 1990s as organizations began to need more timely information about their business, they found that traditional management information systems were too cumbersome to provide relevant information efficiently and effectively. Most of the systems were in the form of operational databases that were designed for specific business functions, such as accounting, order entry, customer service, and sales, and were not appropriate for business analysis for the reasons shown in Figure 6.16.

During the latter half of the 20th century, the numbers and types of operational databases increased. Many large businesses found themselves with information scattered across multiple systems with different file types (such as spreadsheets, databases, and even word processing files), making it almost impossible for anyone to use the information from multiple sources. Completing reporting requests across operational systems could take days or weeks using antiquated reporting tools that were ineffective for running a business. From this idea, the data warehouse was born as a place where relevant information could be stored and accessed for making strategic queries and reports.

A data warehouse is a logical collection of information, gathered from many operational databases, that supports business analysis activities and decision-making tasks. The primary purpose of a data warehouse is to combine information, more specifically, strategic information, throughout an organization into a single repository in such a way that the people who need that information can make decisions and undertake business analysis. A key idea within data warehousing is to collect information from multiple systems in a common location that uses a universal querying tool. This allows operational databases to run where they are most efficient for the business, while providing a common location using a familiar format for the strategic or enterprisewide reporting information.

Page 232

FIGURE 6.16

Reasons Business Analysis Is Difficult from Operational Databases

Data warehouses go even a step further by standardizing information. Gender, for instance can be referred to in many ways (Male, Female, M/F, 1/0), but it should be standardized on a data warehouse with one common way of referring to each data element that stores gender (M/F). Standardization of data elements allows for greater accuracy, completeness, and consistency and increases the quality of the information in making strategic business decisions. The data warehouse then is simply a tool that enables business users, typically managers, to be more effective in many ways, including:

Developing customer profiles.

Identifying new-product opportunities.

Improving business operations.

Identifying financial issues.

Analyzing trends.

Understanding competitors.

Understanding product performance. (See Figure 6.17 for the three core concepts of data warehousing.)

DATA MARTS

Businesses collect a tremendous amount of transactional information as part of their routine operations. Marketing, sales, and other departments would like to analyze these data to understand their operations better. Although databases store the details of all transactions (for instance, the sale of a product) and events (hiring a new employee), data warehouses store that same information but in an aggregated form more suited to supporting decision-making tasks. Aggregation, in this instance, can include totals, counts, averages, and the like.

Page 233

FIGURE 6.17

Three Core Concepts of Data Warehousing

The data warehouse modeled in Figure 6.18 compiles information from internal databases (or transactional and operational databases) and external databases through extraction, transformation, and loading. Extraction, transformation, and loading (ETL) is a process that extracts information from internal and external databases, transforms it using a common set of enterprise definitions, and loads it into a data warehouse. The data warehouse then sends portions (or subsets) of the information to data marts. A data mart contains a subset of data warehouse information. To distinguish between data warehouses and data marts, think of data warehouses as having a more organizational focus and data marts as having a functional focus. Figure 6.18 provides an illustration of a data warehouse and its relationship to internal and external databases, ETL, and data marts.

FIGURE 6.18

Data Warehouse Model

Page 234

Multidimensional Analysis

A relational database contains information in a series of two-dimensional tables. In a data warehouse and data mart, information contains layers of columns and rows. For this reason, most data warehouses and data marts are multidimensional databases. A dimension is a particular attribute of information. Each layer in a data warehouse or data mart represents information according to an additional dimension. An information cube is the common term for the representation of multidimensional information. Figure 6.19 displays a cube (cube a) that represents store information (the layers), product information (the rows), and promotion information (the columns).

After creating a cube of information, users can begin to slice and dice the cube to drill down into the information. The second cube (cube b) in Figure 6.19 displays a slice representing promotion II information for all products at all stores. The third cube (cube c) in Figure 6.19displays only information for promotion III, product B, at store 2. By using multidimensional analysis, users can analyze information in a number of ways and with any number of dimensions. Users might want to add dimensions of information to a current analysis, including product category, region, and even forecasted versus actual weather. The true value of a data warehouse is its ability to provide multidimensional analysis that allows users to gain insights into their information.

Data warehouses and data marts are ideal for off-loading some of the querying against a database. For example, querying a database to obtain an average of sales for Product B at Store 2 while Promotion III is under way might create a considerable processing burden for a database, increasing the time it takes another person to enter a new sale into the same database. If an organization performs numerous queries against a database (or multiple databases), aggregating that information into a data warehouse will be beneficial.

Information Cleansing or Scrubbing

Dirty data is erroneous or flawed data (see Figure 6.20). The complete removal of dirty data from a source is impractical or virtually impossible. According to Gartner Inc., dirty data is a business problem, not an MIS problem. Over the next two years, more than 25 percent of critical data in Fortune 1000 companies will continue to be flawed; that is, the information will be inaccurate, incomplete, or duplicated.

Obviously, maintaining quality information in a data warehouse or data mart is extremely important. To increase the quality of organizational information and thus the effectiveness of decision making, businesses must formulate a strategy to keep information clean. Information cleansing or scrubbing is a process that weeds out and fixes or discards inconsistent, incorrect, or incomplete information.

FIGURE 6.19

A Cube of Information for Performing a Multidimensional Analysis on Three Stores for Five Products and Four Promotions

Page 235

APPLY YOUR KNOWLEDGE

BUSINESS DRIVEN DISCUSSION

Butterfly Effects

The butterfly effect, an idea from chaos theory in mathematics, refers to the way a minor event—like the movement of a butterfly’s wing—can have a major impact on a complex system like the weather. Dirty data can have the same impact on a business as the butterfly effect. Organizations depend on the movement and sharing of data throughout the organization, so the impact of data quality errors are costly and far-reaching. Such data issues often begin with a tiny mistake in one part of the organization, but the butterfly effect can produce disastrous results, making its way through MIS systems to the data warehouse and other enterprise systems. When dirty data or low-quality data enters organizational systems, a tiny error such as a spelling mistake can lead to revenue loss, process inefficiency, and failure to comply with industry and government regulations. Explain how the following errors can affect an organization:

A cascading spelling mistake

Inaccurate customer records

Incomplete purchasing history

Inaccurate mailing address

Duplicate customer numbers for different customers

 

Specialized software tools exist that use sophisticated procedures to analyze, standardize, correct, match, and consolidate data warehouse information. This step is vitally important because data warehouses often contain information from several databases, some of which can be external to the organization. In a data warehouse, information cleansing occurs first during the ETL process and again once the information is in the data warehouse. Companies can choose information cleansing software from several vendors, including Oracle, SAS, Ascential Software, and Group 1 Software. Ideally, scrubbed information is accurate and consistent.

FIGURE 6.20

Dirty Data Problems

Page 236

Looking at customer information highlights why information cleansing is necessary. Customer information exists in several operational systems. In each system, all the details could change—from the customer ID to contact information—depending on the business process the user is performing (see Figure 6.21).

Figure 6.22 displays a customer name entered differently in multiple operational systems. Information cleansing allows an organization to fix these types of inconsistencies in the data warehouse. Figure 6.23 displays the typical events that occur during information cleansing.

FIGURE 6.21

Contact Information in Operational Systems

FIGURE 6.22

Standardizing a Customer Name in Operational Systems

Page 237

FIGURE 6.23

Information Cleansing Activities

FIGURE 6.24

The Cost of Accurate and Complete Information

Achieving perfect information is almost impossible. The more complete and accurate a company wants its information to be, the more it costs (see Figure 6.24). Companies may also trade accuracy for completeness. Accurate information is correct, whereas complete information has no blanks. A birth date of 2/31/10 is an example of complete but inaccurate information (February 31 does not exist). An address containing Denver, Colorado, without a zip code is an example of accurate information that is incomplete. Many firms complete data quality auditsto determine the accuracy and completeness of its data. Most organizations determine a percentage of accuracy and completeness high enough to make good decisions at a reasonable cost, such as 85 percent accurate and 65 percent complete.

THE POWER OF BIG DATA ANALYTICS

LO 6.7: Describe the three organizational methods for analyzing big data.

Companies are collecting more data than ever. Historically, data were housed in functional systems that were not integrated, such as customer service, finance, and human resources. Today companies can gather all of the functional data together by the zetabyte, but finding a way to analyze the data is incredibly challenging. Figure 6.25 displays the three methods organizations are using to dissect, analyze, and understand organizational data.

Page 238

FIGURE 6.25

Three Organizational Methods for Analyzing Big Data

Data Mining

Data mining is the process of analyzing data to extract information not offered by the raw data alone. Data mining can also begin at a summary information level (coarse granularity) and progress through increasing levels of detail (drilling down) or the reverse (drilling up). Companies use data-mining techniques to compile a complete picture of their operations, all within a single view, allowing them to identify trends and improve forecasts. Consider Best Buy, which used data-mining tools to identify that 7 percent of its customers accounted for 43 percent of its sales, so the company reorganized its stores to accommodate those customers.

To perform data mining, users need data-mining tools. Data-mining tools use a variety of techniques to find patterns and relationships in large volumes of information that predict future behavior and guide decision making. Data mining uncovers trends and patterns, which analysts use to build models that, when exposed to new information sets, perform a variety of information analysis functions. Data-mining tools for data warehouses help users uncover business intelligence in their data. Figure 6.26 displays the data-mining analysis methods used to uncover patterns and trends for business analysis such as:

Analyzing customer buying patterns to predict future marketing and promotion campaigns.

Building budgets and other financial information.

Detecting fraud by identifying deceptive spending patterns.

Finding the best customers who spend the most money.

Keeping customers from leaving or migrating to competitors.

Promoting and hiring employees to ensure success for both the company and the individual.

Page 239

FIGURE 6.26

Data Mining Analysis Methods

Data mining enables these companies to determine relationships among such internal factors as price, product positioning, or staff skills, and external factors such as economic indicators, competition, and customer demographics. In addition, it enables companies to determine the impact on sales, customer satisfaction, and corporate profits and to drill down into summary information to view detailed transactional data. With data mining, a retailer could use point-of-sale records of customer purchases to send targeted promotions based on an individual’s purchase history. By mining demographic data from comment or warranty cards, the retailer could develop products and promotions to appeal to specific customer segments.

Netflix uses data mining to analyze each customer’s film-viewing habits to provide recommendations for other customers with Cinematch, its movie recommendation system. Using Cinematch, Netflix can present customers with a number of additional movies they might want to watch based on the customer’s current preferences. Netflix’s innovative use of data mining provides its competitive advantage in the movie rental industry. Data mining uses specialized technologies and functionalities such as query tools, reporting tools, multidimensional analysis tools, statistical tools, and intelligent agents to uncover patterns displayed in Figure 6.27.

FIGURE 6.27

Data-Mining Techniques

Page 240

Big Data Analytics

Structured data has a defined length, type, and format and includes numbers, dates, or strings such as Customer Address. Structured data is typically stored in a traditional system such as a relational database or spreadsheet and accounts for about 20 percent of the data that surrounds us. The sources of structured data include:

Machine-generated data, created by a machine without human intervention. Machine-generated structured data includes sensor data, point-of-sale data, and web log (blog) data.

Human-generated data is data that humans, in interaction with computers, generate. Human-generated structured data includes input data, click-stream data, or gaming data.

Unstructured data is not defined, does not follow a specified format, and is typically free-form text such as emails, Twitter tweets, and text messages. Unstructured data accounts for about 80 percent of the data that surrounds us. The sources of unstructured data include:

Machine-generated unstructured data: satellite images, scientific atmosphere data, and radar data.

Human-generated unstructured data: text messages, social media data, and emails.

Big data is a collection of large, complex data sets, including structured and unstructured data, which cannot be analyzed using traditional database methods and tools. The four common characteristics of big data are detailed in Figure 6.28. Big data requires sophisticated tools to analyze all the unstructured information from millions of customers, devices, and machine interactions. Big data are analyzed for marketing trends in business as well as in the fields of manufacturing, medicine, and science.

FIGURE 6.28

Four Common Characteristics of Big Data

Page 241

Distributed computing processes and manages algorithms across many machines in a computing environment. Big data tools use distributed computing to store and analyze data across databases stored around the globe. Traditional analytical tools focus on basic business intelligence, including querying and reporting of historical data against a relational database. Traditional data-mining tools focus on history and explain where the organization has been. Advanced analytics focuses on forecasting future trends and producing insights using sophisticated quantitative methods, including statistics, descriptive and predictive data mining, simulation, and optimization. Advanced analytics uses data patterns to make forward-looking predictions to explain to the organization where it is headed. A data scientist extracts knowledge from data by performing statistical analysis, data mining, and advanced analytics on big data to identify trends, market changes, and other relevant information. Figure 6.29 displays the techniques a data scientist will use to perform big data advanced analytics.

Data Visualization

Traditional bar graphs and pie charts are boring and at best confusing and at worst misleading. As databases and graphics collide more and more, people are creating infographics (information graphics), which display information graphically so it can be easily understood. Infographics present the results of data analysis, displaying the patterns, relationships, and trends in a graphical format. Inforgraphics are exciting and quickly convey a story users can understand without having to analyze numbers, tables, and boring charts. Great data visualizations provide insights into something new about the underlying patterns and relationships. Just think of the periodic table of elements and imagine if you had to look at an Excel spreadsheet showing each element and the associated attributes in a table format. This would be not only difficult to understand but easy to misinterpret. By placing the elements in the visual periodic table, you quickly grasp how the elements relate and the associated hierarchy. Infographics perform the same function for business data as the periodic table does for chemical elements.

FIGURE 6.29

Big Data Advanced Analytical Techniques

Page 242

APPLY YOUR KNOWLEDGE

BUSINESS DRIVEN GLOBALIZATION

Integrity Information Inc.

Congratulations! You have just been hired as a consultant for Integrity Information Inc., a start-up business intelligence consulting company. Your first job is to help work with the sales department in securing a new client, The Warehouse. The Warehouse has been operating in the United States for more than a decade, and its primary business is to sell wholesale low-cost products. The Warehouse is interested in hiring Integrity Information Inc. to clean up the data that are stored in its U.S. database. To determine how good your work is, the client would like your analysis of the following spreadsheet. The Warehouse is also interested in expanding globally and wants to purchase several independent wholesale stores located in Australia, Thailand, China, Japan, and the United Kingdom. Before the company moves forward with the venture, it wants to understand what types of data issues it might encounter as it begins to transfer data from each global entity to the data warehouse. Please create a list detailing the potential issues The Warehouse can anticipate encountering as it consolidates the global databases into a single data warehouse.⁸

Page 243

Analysis paralysis occurs when the user goes into an emotional state of over-analysis (or over-thinking) a situation so that a decision or action is never taken, in effect paralyzing the outcome. In the time of big data, analysis paralysis is a growing problem. One solution is to use data visualizations to help people make decisions faster. Data visualization describes technologies that allow users to see or visualize data to transform information into a business perspective. Data visualization is a powerful way to simplify complex data sets by placing data in a format that is easily grasped and understood far quicker than the raw data alone. Data visualization tools move beyond Excel graphs and charts into sophisticated analysis techniques such as controls, instruments, maps, time-series graphs, and more. Data visualization tools can help uncover correlations and trends in data that would otherwise go unrecognized. Business intelligence dashboards track corporate metrics such as critical success factors and key performance indicators and include advanced capabilities such as interactive controls, allowing users to manipulate data for analysis. The majority of business intelligence software vendors offer a number of data visualization tools and business intelligence dashboards. A data artist is a business analytics specialist who uses visual tools to help people understand complex data.

Big data is one of the most promising technology trends occurring today. Of course, notable companies such as Facebook, Google, and Netflix are gaining the most business insights from big data currently, but many smaller markets are entering the scene, including retail, insurance, and health care. Over the next decade, as big data starts to improve your everyday life by providing insights into your social relationships, habits, and careers, you can expect to see the need for data scientists and data artists dramatically increase.

LEARNING OUTCOME REVIEW

Learning Outcome 6.1: Explain the four primary traits that determine the value of information.

Information is data converted into a meaningful and useful context. Information can tell an organization how its current operations are performing and help it estimate and strategize about how future operations might perform. It is important to understand the different levels, formats, and granularities of information along with the four primary traits that help determine the value of information, which include (1) information type: transactional and analytical; (2) information timeliness; (3) information quality; and (4) information governance.

Learning Outcome 6.2: Describe a database, a database management system, and the relational database model.

A database maintains information about various types of objects (inventory), events (transactions), people (employees), and places (warehouses). A database management system (DBMS) creates, reads, updates, and deletes data in a database while controlling access and security. A DBMS provides methodologies for creating, updating, storing, and retrieving data in a database. In addition, a DBMS provides facilities for controlling data access and security, allowing data sharing and enforcing data integrity. The relational database model allows users to create, read, update, and delete data in a relational database.

Learning Outcome 6.3: Identify the business advantages of a relational database.

Many business managers are familiar with Excel and other spreadsheet programs they can use to store business data. Although spreadsheets are excellent for supporting some data analysis, they offer limited functionality in terms of security, accessibility, and flexibility and can rarely scale to support business growth. From a business perspective, relational databases offer many advantages over using a text document or a spreadsheet, including increased flexibility, increased scalability and performance, reduced information redundancy, increased information integrity (quality), and increased information security.

Page 244

Learning Outcome 6.4: Explain the business benefits of a data-driven website.

A data-driven website is an interactive website kept constantly updated and relevant to the needs of its customers using a database. Data-driven capabilities are especially useful when the website offers a great deal of information, products, or services because visitors are frequently annoyed if they are buried under an avalanche of information when searching a website. Many companies use the web to make some of the information in their internal databases available to customers and business partners.

Learning Outcome 6.5: Identify the advantages of using business intelligence to support managerial decision making.

Many organizations today find it next to impossible to understand their own strengths and weaknesses, let alone their biggest competitors, due to enormous volumes of organizational data being inaccessible to all but the MIS department. Organization data include far more than simple structured data elements in a database; the set of data also includes unstructured data such as voice mail, customer phone calls, text messages, video clips, along with numerous new forms of data, such as tweets from Twitter. Managers today find themselves in the position of being data rich and information poor, and they need to implement business intelligence systems to solve this challenge.

Learning Outcome 6.6: Define data warehousing and data marts and explain how they support business decisions.

A data warehouse is a logical collection of information, gathered from many different operational databases, that supports business analysis and decision making. The primary value of a data warehouse is to combine information, more specifically, strategic information, throughout an organization into a single repository in such a way that the people who need that information can make decisions and undertake business analysis.

Learning Outcome 6.7: Describe the three organizational methods for analyzing big data.

Data mining, big data analytics, and data visualization are the three methods organizations are using to dissect, analyze, and understand organizational data. Data mining is the process of analyzing data to extract information not offered by the raw data alone. Data mining can also begin at a summary information level (coarse granularity) and progress through increasing levels of detail (drilling down), or the reverse (drilling up). Big data is a collection of large, complex data sets, including structured and unstructured data, which cannot be analyzed using traditional database methods and tools. Data visualization describes technologies that allow users to see or visualize data to transform information into a business perspective.

OPENING CASE QUESTIONS

1. Knowledge:List the reasons a business would want to display information in a graphic or visual format.
2. Comprehension:Describe how a business could use a business intelligence digital dashboard to gain an understanding of how the business is operating.
3. Application:Explain how a marketing department could use data visualization tools to help with the release of a new product.
4. Analysis:Categorize the five common characteristics of high-quality information and rank them in order of importance forHotels.com.
5. Synthesis:Develop a list of some possible entities and attributes located in theHotels.com database.
6. Evaluate:Assess howHotels.com is using BI to identify trends and change associated business processes.

Page 245

KEY TERMS

Advanced analytics

Analysis paralysis

Attribute

Big data

Business-critical integrity constraint

Business rule

Business intelligence dashboard

Content creator

Content editor

Data dictionary

Data element (or data field)

Data governance

Data mart

Data mining

Data model

Data quality audit

Data visualization

Data visualization tools

Data warehouse

Database

Database management system (DBMS)

Data-driven website

Data-mining tool

Data artist

Data scientist

Dirty data

Distributed computing

Dynamic catalog

Dynamic information

Entity

Extraction, transformation, and loading (ETL)

Foreign key

Human-generated data

Infographic (or information graphic)

Information cleansing or scrubbing

Information cube

Information granularity

Information inconsistency

Information integrity

Information integrity issues

Information redundancy

Integrity constraint

Logical view of information

Machine-generated data

Master data management (MDM)

Metadata

Physical view of information

Primary key

Query-by-example (QBE) tool

Real-time information

Real-time system

Record

Relational database management system

Relational database model

Relational integrity constraint

Static information

Structured data

Structured query language (SQL)

Time-series information

Unstructured data

REVIEW QUESTIONS

1.How does a database turn data elements into information?

2.Why does a business need to be concerned with the quality of its data?

3.How can data governance help protect a business from hackers?

4.Why would a company care about the timeliness of its data?

5.What are the five characteristics common to high-quality information?

6.What is data governance and its importance to a company?

7.What are the four primary traits that help determine the value of information?

8.What is the difference between an entity and an attribute?

9.What are the advantages of a relational database?

10.What are the advantages of a data-driven website?

11.What is a data warehouse and why would a business want to implement one?

12.Why would you need to use multidimensional analysis?

13.What is the purpose of information cleansing (or scrubbing)?

14.Why would a department want a data mart instead of just accessing the entire data warehouse?

15.Why would a business be data rich but information poor?

Page 246

CLOSING CASE ONE

Data Visualization: Stories for the Information Age

At the intersection of art and algorithm, data visualization schematically abstracts information to bring about a deeper understanding of the data, wrapping it in an element of awe. Although the practice of visually representing information is arguably the foundation of all design, a newfound fascination with data visualization has been emerging. After The New York Times and The Guardian recently opened their online archives to the public, artists rushed to dissect nearly two centuries’ worth of information, elevating this art form to new prominence.

For artists and designers, data visualization is a new frontier of self-expression, powered by the proliferation of information and the evolution of available tools. For enterprise, it is a platform for displaying products and services in the context of the cultural interaction that surrounds them, reflecting consumers’ increasing demand for corporate transparency.

“Looking at something ordinary in a new way makes it extraordinary,” says Aaron Koblin, one of the more recent pioneers of the discipline. As technology lead of Google’s Creative Labs in San Francisco, he spearheaded the search giant’s Chrome Experiments series designed to show off the speed and reliability of the Chrome browser.

Forget Pie Charts and Bar Graphs

Data visualization has nothing to do with pie charts and bar graphs. And it’s only marginally related to infographics, information design that tends to be about objectivity and clarification. Such representations simply offer another iteration of the data—restating it visually and making it easier to digest. Data visualization, on the other hand, is an interpretation, a different way to look at and think about data that often exposes complex patterns or correlations.

Data visualization is a way to make sense of the ever-increasing stream of information with which we’re bombarded and provides a creative antidote to the analysis paralysis that can result from the burden of processing such a large volume of information. “It’s not about clarifying data,” says Koblin. “It’s about contextualizing it.”

Today algorithmically inspired artists are reimagining the art-science continuum through work that frames the left-brain analysis of data in a right-brain creative story. Some use data visualization as a bridge between alienating information and its emotional impact—see Chris Jordan’s portraits of global mass culture. Others take a more technological angle and focus on cultural utility—the Zoetrope project offers a temporal and historical visualization of the ephemeral web. Still others are pure artistic indulgence—like Koblin’s own Flight Patterns project, a visualization of air traffic over North America.

How Business Can Benefit

There are real implications for business here. Most cell phone providers, for instance, offer a statement of a user’s monthly activity. Most often it’s an overwhelming table of various numerical measures of how much you talked, when, with whom, and how much it cost. A visual representation of this data might help certain patterns emerge, revealing calling habits and perhaps helping users save money.

Companies can also use data visualization to gain new insight into consumer behavior. By observing and understanding what people do with the data—what they find useful and what they dismiss as worthless—executives can make the valuable distinction between what consumers say versus what they do. Even now, this can be a tricky call to make from behind the two-way mirror of a traditional qualitative research setting.

It’s essential to understand the importance of creative vision along with the technical mastery of software. Data visualization isn’t about using all the data available, but about deciding which patterns and elements to focus on, building a narrative, and telling the story of the raw data in a different, compelling way.

Page 247

Ultimately, data visualization is more than complex software or the prettying up of spreadsheets. It’s not innovation for the sake of innovation. It’s about the most ancient of social rituals: storytelling. It’s about telling the story locked in the data differently, more engagingly, in a way that draws us in, makes our eyes open a little wider and our jaw drop ever so slightly. And as we process it, it can sometimes change our perspective altogether.⁹

Questions

1.Identify the effects poor information might have on a data visualization project.

2.How does data visualization use database technologies?

3.How could a business use data visualization to identify new trends?

4.What is the correlation between data mining and data visualization?

5.Is data visualization a form of business intelligence? Why or why not?

6.What security issues are associated with data visualization?

7.What might happen to a data visualization project if it failed to cleanse or scrub its data?

CLOSING CASE TWO

Zillow

Zillow.com is an online, web-based real estate site helping homeowners, buyers, sellers, renters, real estate agents, mortgage professionals, property owners, and property managers find and share information about real estate and mortgages. Zillow allows users to access, anonymously and free of charge, the kinds of tools and information previously reserved for real estate professionals. Zillow’s databases cover more than 90 million homes, which represents 95 percent of the homes in the United States. Adding to the sheer size of its databases, Zillow recalculates home valuations for each property every day, so it can provide historical graphs on home valuations over time. In some areas, Zillow is able to display 10 years of valuation history, a value-added benefit for many of its customers. This collection of data represents an operational data warehouse for anyone visiting the website.

As soon as Zillow launched its website, it immediately generated a massive amount of traffic. As the company expanded its services, the founders knew the key to its success would be the site’s ability to process and manage massive amounts of dataquickly, in real time. The company identified a need for accessible, scalable, reliable, secure databases that would enable it to continue to increase the capacity of its infrastructure indefinitely without sacrificing performance. Zillow’s traffic continues to grow despite the weakened real estate market; the company is experiencing annual traffic growth of 30 percent, and about a third of all U.S. mortgage professionals visit the site in a given month.

Data Mining and Business Intelligence

Zestimate values on Zillow use data-mining features for spotting trends across property valuations. Data mining also allows the company to see how accurate Zestimate values are over time. Zillow has also built the industry’s first search by monthly payment, allowing users to find homes that are for sale and rent based on a monthly payment they can afford. Along with the monthly payment search, users can also enter search criteria such as the number of bedrooms or bathrooms.

Zillow also launched a new service aimed at changing the way Americans shop for mortgages. Borrowers can use Zillow’s new Mortgage Marketplace to get custom loan quotes from lenders without having to give their names, addresses, phone numbers, or Social Security numbers, or field unwanted telephone calls from brokers competing for their business. Borrowers reveal their identities only after contacting the lender of their choice. The company is entering a field of established mortgage sites such as LendingTree.com and Experian Group’sLowermybills.com, which charge mortgage companies for borrower information. Zillow, which has an advertising model, says it does not plan to charge for leads.

Page 248

For mortgage companies, the anonymous leads come free; they can make a bid based on information provided by the borrower, such as salary, assets, credit score, and the type of loan. Lenders can browse borrower requests and see competing quotes from other brokers before making a bid.¹⁰

Questions

1.List the reasons Zillow would need to use a database to run its business.

2.Describe how Zillow uses business intelligence to create a unique product for its customers.

3.How could the marketing department at Zillow use a data mart to help with the release of a new product launch?

4.Categorize the five common characteristics of high-quality information and rank them in order of importance to Zillow.

5.Develop a list of some possible entities and attributes of Zillow’s mortgage database.

6.Assess how Zillow uses a data-driven website to run its business.

CRITICAL BUSINESS THINKING

1.Information–Business Intelligence or a Diversion from the Truth?
President Obama used part of his commencement address at Virginia’s Hampton University to criticize the flood of incomplete information or downright incorrect information that flows in the 24-hour news cycle. The president said, “You’re coming of age in a 24/7 media environment that bombards us with all kinds of content and exposes us to all kinds of arguments, some of which don’t always rank all that high on the truth meter. With iPods and iPads and Xboxes and PlayStations—none of which I know how to work—information becomes a distraction, a diversion, a form of entertainment, rather than a tool of empowerment, rather than the means of emancipation.”¹¹
Do you agree or disagree with President Obama’s statement? Who is responsible for verifying the accuracy of online information? What should happen to companies that post inaccurate information? What should happen to individuals who post inaccurate information? What should you remember when reading or citing sources for online information?

2.Illegal Database Access
Goldman Sachs has been hit with a $3 million lawsuit by a company that alleges the brokerage firm stole intellectual property from its database that had market intelligence facts. The U.S. District Court for the Southern District of New York filed the lawsuit in 2010 claiming Goldman Sachs employees used other people’s access credentials to log on to Ipreo’s proprietary database, dubbed Bigdough. Offered on a subscription basis, Bigdough provides detailed information on more than 80,000 contacts within the financial industry. Ipreo complained to the court that Goldman Sachs employees illegally accessed Bigdough at least 264 times in 2008 and 2009.¹²
Do you agree or disagree with the lawsuit? Should Goldman Sachs be held responsible for rogue employees’ behavior? What types of policies should Goldman Sachs implement to ensure that this does not occur again?

3.Data Storage
Information is one of the most important assets of any business. Businesses must ensure information accuracy, completeness, consistency, timeliness, and uniqueness. In addition, business must have a reliable backup service. In part thanks to cloud computing, there are many data hosting services on the Internet. These sites offer storage of information that can be accessed from anywhere in the world.
These data hosting services include Hosting (www.hosting.com), Mozy (www.mozy.com), My Docs Online (www.mydocsonline.com), and Box (www.box.net). Visit a few of these sites along with several others you find through research. Which sites are free? Are there limits to how much you can store? If so, what is the limit? What type of information can you store (video, text, photos, etc.)? Can you allow multiple users with different passwords to access your storage area? Are you contractually bound for a certain duration (annual, etc.)? Are different levels of services provided such as personal, enterprise, and work group? Does it make good business sense to store business data on the Internet? What about personal data?

Page 249

4.Gathering Business Intelligence
When considering new business opportunities, you need knowledge about the competition. One of the things many new business owners fail to do is gather business intelligence on their competitors, such as how many there are and what differentiates each of them. You may find there are too many and that they would be tough competition for you. Or, you may find that there are few competitors and the ones who are out there offer very little value.
Generate a new business idea you could launch on the Internet. Research the Internet to find similar business in the area you have chosen. How many sites did you find that are offering the same products or services you are planning to offer? Did you come across any sites from another country that have a unique approach that you did not see on any of the sites in your own country? How would you use this information in pursuing your business idea?

5.Free Data!
The U.S. Bureau of Labor Statistics states that its role is as the “principal fact-finding agency for the federal government in the broad field of labor economics and statistics.” And the data that the bureau provides via its website are available to anyone, free. This can represent a treasure trove of business intelligence and data mining for those who take advantage of this resource. Visit the website www.bls.gov. What type of information does the site provide? What information do you find most useful? What sort of information concerning employment and wages is available? How is this information categorized? How would this type of information be helpful to a business manager? What type of demographic information is available? How could this benefit a new start-up business?¹³

6.Explaining Relational Databases
You have been hired by Vision, a start-up clothing company. Your manager, Holly Henningson, is unfamiliar with databases and their associated business value. Henningson has asked you to create a report detailing the basics of databases. She would also like you to provide a detailed explanation of relational databases along with their associated business advantages.

7.Entities and Attributes
Martex Inc. is a manufacturer of athletic equipment, and its primary lines of business include running, tennis, golf, swimming, basketball, and aerobics equipment. Martex currently supplies four primary vendors, including Sam’s Sports, Total Effort, The Underline, and Maximum Workout. Martex wants to build a database to help it organize its products. In a group, identify the different types of entities, attributes, keys, and relationships Martex will want to consider when designing its relational database.

8.Compiling Information
You are currently working for the Public Transportation Department of Chatfield. The department controls all forms of public transportation, including buses, subways, and trains. Each department has about 300 employees and maintains its own accounting, inventory, purchasing, and human resource systems. Generating reports across departments is a difficult task and usually involves gathering and correlating the information from the many databases. It typically takes about two weeks to generate the quarterly balance sheets and profit and loss statements. Your team has been asked to compile a report recommending what the Public Transportation Department of Chatfield can do to alleviate its information and system issues. Be sure that your report addresses the various reasons departmental reports are presently difficult to obtain as well as how you plan to solve this problem.¹⁴

Page 250

9.Information Timeliness
Information timeliness is a major consideration for all organizations. Organizations need to decide the frequency of backups and the frequency of updates to a data warehouse. In a team, describe the timeliness requirements for backups and updates to a data warehouse for each of the following:

Weather tracking systems

Car dealership inventories

Vehicle tire sales forecasts

Interest rates

Restaurant inventories

Grocery store inventories

10.Improving Information Quality
HangUps Corporation designs and distributes closet organization structures. The company operates five systems—order entry, sales, inventory management, shipping, and billing. The company has severe information quality issues, including missing, inaccurate, redundant, and incomplete information. The company wants to implement a data warehouse containing information from the five systems to help maintain a single customer view, drive business decisions, and perform multidimensional analysis. Identify how the organization can improve its information quality when it begins designing and building its data warehouse.

ENTREPRENEURIAL CHALLENGE

BUILD YOUR OWN BUSINESS

1.Provide an example of your business data that fits each of the five common characteristics of high-quality information. Explain why each characteristic is important to your business data and what might happen if your business data were of low quality. (Be sure to identify your business and the name of your company.)

2.Identify the different entities and their associated attributes that would be found in your potential relational database model for your sales database.

3.Identify the benefits of having a data warehouse for your business. What types of data marts would you want to extract from your data warehouse to help you run your business and make strategic decisions?

APPLY YOUR KNOWLEDGE BUSINESS PROJECTS

PROJECT I Mining the Data Warehouse

Alana Smith is a senior buyer for a large wholesaler that sells different types of arts and crafts to greeting card stores such as Hallmark. Smith’s latest marketing strategy is to send all of her customers a new line of handmade picture frames from Russia. All of her information supports her decision for the new line. Her analysis predicts that the frames should sell an average of 10 to 15 per store, per day. Smith is excited about the new line and is positive it will be a success.

Page 251

One month later, Smith learns the frames are selling 50 percent below expectations and averaging between five and eight frames sold daily in each store. She decides to access the company’s data warehouse information to determine why sales are below expectations. Identify several dimensions of information that Smith will want to analyze to help her decide what is causing the problems with the picture frame sales.

PROJECT IIDifferent Dimensions

The focus of data warehousing is to extend the transformation of data into information. Data warehouses offer strategic level, external, integrated, and historical information so businesses can make projections, identify trends, and make key business decisions. The data warehouse collects and stores integrated sets of historical information from multiple operational systems and feeds them to one or more data marts. It may also provide end user access to support enterprisewide views of information.

You are currently working on a marketing team for a large corporation that sells jewelry around the world. Your boss has asked you to look at the following dimensions of data to determine which ones you want in your data mart for performing sales and market analysis (seeFigure AYK.1). As a team, categorize the different dimensions, ranking them from 1 to 5, with 1 indicating that the dimension offers the highest value and must be in your data mart and 5 indicating that the dimension offers the lowest value and does not need to be in your data mart.

PROJECT IIIUnderstanding Search

Pretend that you are a search engine. Choose a topic to query. It can be anything such as your favorite book, movie, band, or sports team. Search your topic on Google, pick three or four pages from the results, and print them out. On each printout, find the individual words from your query (such as “Boston Red Sox” or “The Godfather”) and use a highlighter to mark each word with color. Do that for each of the documents that you print out. Now tape those documents on a wall, step back a few feet, and review your documents.

FIGURE AYK.1

Data Warehouse Data

Page 252

If you did not know what the rest of a page said and could judge only by the colored words, which document do you think would be most relevant? Is there anything that would make a document look more relevant? Is it better for the words to be in a large heading or to occur several times in a smaller font? Do you prefer the words to be at the top or the bottom of the page? How often do the words need to appear? Come up with two or three things you would look for to see whether a document matched a query well. This exercise mimics search engine processes and should help you understand why a search engine returns certain results over others.

PROJECT IVPredicting Netflix

Netflix Inc., the largest online movie rental service, provides more than 12 million subscribers access to more than 100,000 unique DVD titles along with a growing on-demand library in excess of 10,000 choices. Data and information are so important to Netflix that it created The Netflix Prize, an open competition for anyone who could improve the data used in prediction ratings for films (an increase of 10 percent), based on previous ratings. The winner would receive a $1 million prize.

The ability to search, analyze, and comprehend information is vital for any organization’s success. It certainly was for Netflix—it was happy to pay anyone $1 million to improve the quality of its information. In a group, explain how Netflix might use databases, data warehouses, and data marts to predict customer movie recommendations. Here are a few characteristics you might want to analyze to get you started:

Customer demographics

Movie genre, rating, year, producer, and type

Actor information

Internet access

Location for mail pickup

PROJECT VThe Crunch Factory

The Crunch Factory is one of the fourth-largest gyms operating in Australia, and each gym operates its own system with its own database. Unfortunately, the company failed to develop any data-capturing standards and now faces the challenges associated with low-quality enterprisewide information. For example, one system has a field to capture email addresses, but another system does not. Duplicate customer information among the different systems is another major issue, and the company continually finds itself sending conflicting or competing messages to customers from different gyms. A customer could also have multiple accounts within the company, one representing a membership, another representing additional classes, and yet another for a personal trainer. The Crunch Factory has no way to identify that the different customer accounts are actually for the same customer.

To remain competitive and be able to generate business intelligence, The Crunch Factory has to resolve these challenges. The Crunch Factory has just hired you as its data quality expert. Your first task is to determine how the company can turn its low-quality information into high-quality business intelligence. Create a plan that The Crunch Factory can implement that details the following:

Challenges associated with low-quality information

Benefits associated with high-quality information

Recommendations on how the company can clean up its data

PROJECT VIToo Much of a Good Thing

The Castle, a premium retailer of clothes and accessories, created an enterprisewide data warehouse so all its employees could access information for decision making. The Castle soon discovered that it is possible to have too much of a good thing. The Castle employees found themselves inundated with data and unable to make any decisions, a common occurrence called analysis paralysis. When sales representatives queried the data warehouse to determine whether a certain product in the size, color, and category was available, they would get hundreds of results showing everything from production orders to supplier contracts. It became easier for the sales representatives to look in the warehouse themselves than to check the system. Employees found the data warehouse was simply too big, too complicated, and contained too much irrelevant information.

Page 253

The Castle is committed to making its data warehouse system a success and has come to you for help. Create a plan that details the value of the data warehouse to the business, how it can be easier for all employees to use, and the potential business benefits the company can derive from its data warehouse.

PROJECT VIITwitter Buzz

Technology tools that can predict sales for the coming week, decide when to increase inventory, and determine when additional staff is required are extremely valuable. Twitter is not just for tweeting your whereabouts anymore. Twitter and other social-media sites have become great tools for gathering business intelligence on customers, including what they like, dislike, need, and want. Twitter is easy to use, and businesses can track every single time a customer makes a statement about a particular product or service. Good businesses turn this valuable information into intelligence spotting trends and patterns in customer opinion.

Do you agree that a business can use Twitter to gain business intelligence? How many companies do you think are aware of Twitter and exactly how they can use it to gain BI? How do you think Twitter uses a data warehouse? How do you think companies store Twitter information? How would a company use Twitter in a data mart? How would a company use cubes to analyze Twitter data?

AYK APPLICATION PROJECTS

If you are looking for Access projects to incorporate into your class, try any of the following after reading this chapter.

PLACE YOUR ORDER NOW

section 4.1

Ethics

LEARNING OUTCOMES

4.1Explain the ethical issues in the use of information technology.

4.2Identify the six epolicies organizations should implement to protect themselves.

INFORMATION ETHICS

LO 4.1: Explain the ethical issues in the use of information technology.

Ethics and security are two fundamental building blocks for all organizations. In recent years, enormous business scandals along with 9/11 have shed new light on the meaning of ethics and security. When the behavior of a few individuals can destroy billion-dollar organizations, the value of ethics and security should be evident.

Copyright is the legal protection afforded an expression of an idea, such as a song, book, or video game. Intellectual property is intangible creative work that is embodied in physical form and includes copyrights, trademarks, and patents. A patent is an exclusive right to make, use, and sell an invention and is granted by a government to the inventor. As it becomes easier for people to copy everything from words and data to music and video, the ethical issues surrounding copyright infringement and the violation of intellectual property rights are consuming the ebusiness world. Technology poses new challenges for our ethics—the principles and standards that guide our behavior toward other people.

The protection of customers’ privacy is one of the largest, and murkiest, ethical issues facing organizations today. Privacy is the right to be left alone when you want to be, to have control over your personal possessions, and not to be observed without your consent. Privacy is related to confidentiality, which is the assurance that messages and information remain available only to those authorized to view them. Each time employees make a decision about a privacy issue, the outcome could sink the company.

Trust among companies, customers, partners, and suppliers is the support structure of ebusiness. Privacy is one of its main ingredients. Consumers’ concerns that their privacy will be violated because of their interactions on the web continue to be one of the primary barriers to the growth of ebusiness.

Information ethics govern the ethical and moral issues arising from the development and use of information technologies as well as the creation, collection, duplication, distribution, and processing of information itself (with or without the aid of computer technologies). Ethical dilemmas in this area usually arise not as simple, clear-cut situations but as clashes among competing goals, responsibilities, and loyalties. Inevitably, there will be more than one socially acceptable or correct decision. The two primary areas concerning software include pirated software and counterfeit software. Pirated software is the unauthorized use, duplication, distribution, or sale of copyrighted software. Counterfeit software is software that is manufactured to look like the real thing and sold as such. Digital rights management is a technological solution that allows publishers to control their digital media to discourage, limit, or prevent illegal copying and distribution. Figure 4.2 contains examples of ethically questionable or unacceptable uses of information technology.²

FIGURE 4.2

Ethically Questionable or Unacceptable Information Technology Use

Page 137

APPLY YOUR KNOWLEDGE

BUSINESS DRIVEN DISCUSSION

Information—Does It Have Ethics?

A high school principal decided it was a good idea to hold a confidential conversation about teachers, salaries, and student test scores on his cellular phone in a local Starbucks. Not realizing that one of the students’ parents was sitting next to him, the principal accidentally divulged sensitive information about his employees and students. The irate parent soon notified the school board about the principal’s inappropriate behavior and a committee was formed to decide how to handle the situation.³

With the new wave of collaboration tools, electronic business, and the Internet, employees are finding themselves working outside the office and beyond traditional office hours. Advantages associated with remote workers include increased productivity, decreased expenses, and boosts in morale as employees are given greater flexibility to choose their work location and hours. Unfortunately, disadvantages associated with workers working remotely include new forms of ethical challenges and information security risks.

In a group, discuss the following statement: Information does not have any ethics. If you were elected to the committee to investigate the principal’s inappropriate Starbucks phone conversation, what types of questions would you want answered? What type of punishment, if any, would you enforce on the principal? What types of policies would you implement across the school district to ensure that this scenario is never repeated? Be sure to highlight how workers working remotely affect business along with any potential ethical challenges and information security issues.

 

Unfortunately, few hard and fast rules exist for always determining what is ethical. Many people can either justify or condemn the actions in Figure 4.2, for example. Knowing the law is important, but that knowledge will not always help because what is legal might not always be ethical, and what might be ethical is not always legal. For example, Joe Reidenberg received an offer for AT&T cell phone service. AT&T used Equifax, a credit reporting agency, to identify potential customers such as Joe Reidenberg. Overall, this seemed like a good business opportunity between Equifax and AT&T wireless. Unfortunately, the Fair Credit Reporting Act (FCRA) forbids repurposing credit information except when the information is used for “a firm offer of credit or insurance.” In other words, the only product that can be sold based on credit information is credit. A representative for Equifax stated, “As long as AT&T Wireless (or any company for that matter) is offering the cell phone service on a credit basis, such as allowing the use of the service before the consumer has to pay, it is in compliance with the FCRA.” However, the question remains—is it ethical?⁴

Figure 4.3 shows the four quadrants where ethical and legal behaviors intersect. The goal for most businesses is to make decisions within quadrant I that are both legal and ethical. There are times when a business will find itself in the position of making a decision in quadrant III, such as hiring child labor in foreign countries, or in quadrant II when a business might pay a foreigner who is getting her immigration status approved because the company is in the process of hiring the person. A business should never find itself operating in quadrant IV. Ethics are critical to operating a successful business today.

Information Does Not Have Ethics, People Do

Information itself has no ethics. It does not care how it is used. It will not stop itself from spamming customers, sharing itself if it is sensitive or personal, or revealing details to third parties. Information cannot delete or preserve itself. Therefore, it falls to those who own the information to develop ethical guidelines about how to manage it.

Page 138

APPLY YOUR KNOWLEDGE

BUSINESS DRIVEN ETHICS AND SECURITY

Is IT Really Worth the Risk?

Ethics. It’s just one tiny word, but it has monumental impact on every area of business. From the magazines, blogs, and newspapers you read to the courses you take, you will encounter ethics because it is a hot topic in today’s electronic world. Technology has provided so many incredible opportunities, but it has also provided those same opportunities to unethical people. Discuss the ethical issues surrounding each of the following situations (yes, these are true stories):

A student raises her hand in class and states, “I can legally copy any DVD I get from Netflix because Netflix purchased the DVD and the copyright only applies to the company who purchased the product.”

A student stands up the first day of class before the professor arrives and announces that his fraternity scans textbooks and he has the textbook for this course on his thumb drive, which he will gladly sell for $20. Several students pay on the spot and upload the scanned textbook to their PCs. One student takes down the student information and contacts the publisher about the incident.

A senior marketing manager is asked to monitor his employee’s email because there is a rumor that the employee is looking for another job.

A vice president of sales asks her employee to burn all of the customer data onto an external hard drive because she made a deal to provide customer information to a strategic partner.

A senior manager is asked to monitor his employee’s email to discover whether she is sexually harassing another employee.

An employee is looking at the shared network drive and discovers that his boss’s entire hard drive, including his email backup, has been copied to the network and is visible to all.

An employee is accidently copied on an email listing the targets for the next round of layoffs.

 

FIGURE 4.3

Acting Ethically and Acting Legally Are Not Always the Same Thing

Page 139

FIGURE 4.4

Ethical Guidelines for Information Management

A few years ago, the ideas of information management, governance, and compliance were relatively obscure. Today, these concepts are a must for virtually every company, both domestic and global, primarily due to the role digital information plays in corporate legal proceedings or litigation. Frequently, digital information serves as key evidence in legal proceedings, and it is far easier to search, organize, and filter than paper documents. Digital information is also extremely difficult to destroy, especially if it is on a corporate network or sent by email. In fact, the only reliable way to obliterate digital information reliably is to destroy the hard drives on which the file was stored. Ediscovery (or electronic discovery) refers to the ability of a company to identify, search, gather, seize, or export digital information in responding to a litigation, audit, investigation, or information inquiry. As the importance of ediscovery grows, so does information governance and information compliance. The Child Online Protection Act (COPA) was passed to protect minors from accessing inappropriate material on the Internet. Figure 4.4 displays the ethical guidelines for information management.

DEVELOPING INFORMATION MANAGEMENT POLICIES

LO 4.2: Identify the six epolicies organizations should implement to protect themselves.

Treating sensitive corporate information as a valuable resource is good management. Building a corporate culture based on ethical principles that employees can understand and implement is responsible management. Organizations should develop written policies establishing employee guidelines, employee procedures, and organizational rules for information. These policies set employee expectations about the organization’s practices and standards and protect the organization from misuse of computer systems and IT resources. If an organization’s employees use computers at work, the organization should, at a minimum, implement epolicies. Epolicies are policies and procedures that address information management along with the ethical use of computers and the Internet in the business environment. Figure 4.5 displays the epolicies a firm should implement to set employee expectations.

Page 140

FIGURE 4.5

Overview of Epolicies

Ethical Computer Use Policy

In a case that illustrates the perils of online betting, a leading Internet poker site reported that a hacker exploited a security flaw to gain an insurmountable edge in high-stakes, no-limit Texas hold- ’em tournaments—the ability to see his opponents’ hole cards. The cheater, whose illegitimate winnings were estimated at between $400,000 and $700,000 by one victim, was an employee of AbsolutePoker.com and hacked the system to show that it could be done. Regardless of what business a company operates—even one that many view as unethical—the company must protect itself from unethical employee behavior.⁵ Cyberbullying includes threats, negative remarks, or defamatory comments transmitted through the Internet or posted on the website. A threat is an act or object that poses a danger to assets. Click-fraud is the abuse of pay-per-click, pay-per-call, and pay-per-conversion revenue models by repeatedly clicking a link to increase charges or costs for the advertiser. Competitive click-fraud is a computer crime in which a competitor or disgruntled employee increases a company’s search advertising costs by repeatedly clicking the advertiser’s link.

Cyberbullying and click-fraud are just a few examples of the many types of unethical computer use found today.

One essential step in creating an ethical corporate culture is establishing an ethical computer use policy. An ethical computer use policy contains general principles to guide computer user behavior. For example, it might explicitly state that users should refrain from playing computer games during working hours. This policy ensures that the users know how to behave at work and the organization has a published standard to deal with infractions. For example, after appropriate warnings, the company may terminate an employee who spends significant amounts of time playing computer games at work.

Organizations can legitimately vary in how they expect employees to use computers, but in any approach to controlling such use, the overriding principle should be informed consent. The users should be informed of the rules and, by agreeing to use the system on that basis, consent to abide by them.

Managers should make a conscientious effort to ensure all users are aware of the policy through formal training and other means. If an organization were to have only one epolicy, it should be an ethical computer use policy because that is the starting point and the umbrella for any other policies the organization might establish.

Part of an ethical computer use policy can include a BYOD policy. A bring your own device (BYOD) policy allows employees to use their personal mobile devices and computers to access enterprise data and applications. BYOD policies offer four basic options, including:

Unlimited access for personal devices.

Access only to nonsensitive systems and data.

Access, but with IT control over personal devices, apps, and stored data.

Access, but preventing local storage of data on personal devices.

Page 141

Information Privacy Policy

An organization that wants to protect its information should develop an information privacy policy, which contains general principles regarding information privacy. Visa created Innovant to handle all its information systems, including its coveted customer information, which details how people are spending their money, in which stores, on which days, and even at what time of day. Just imagine what a sales and marketing department could do if it gained access to this information. For this reason, Innovant bans the use of Visa’s customer information for anything outside its intended purpose—billing. Innovant’s privacy specialists developed a strict credit card information privacy policy, which it follows.

Innovant has been asked whether it can guarantee that unethical use of credit card information will never occur. In a large majority of cases, the unethical use of information happens not through the malicious scheming of a rogue marketer but, rather, unintentionally. For instance, information is collected and stored for some purpose, such as record keeping or billing. Then, a sales or marketing professional figures out another way to use it internally, share it with partners, or sell it to a trusted third party. The information is “unintentionally” used for new purposes. The classic example of this type of unintentional information reuse is the Social Security number, which started simply as a way to identify government retirement benefits and then was used as a sort of universal personal ID, found on everything from drivers’ licenses to savings accounts.

Fair information practices is a general term for a set of standards governing the collection and use of personal data and addressing issues of privacy and accuracy. Different organizations and countries have their own terms for these concerns. The United Kingdom terms it “Data Protection,” and the European Union calls it “Personal Data Privacy”; the Organisation for Economic Co-operation and Development (OECD) has written Guidelines on the Protection of Privacy and Transborder Flows of Personal Data, which can be found at www.oecd.org/unitedstates.⁶

Acceptable Use Policy

An acceptable use policy (AUP) requires a user to agree to follow it to be provided access to corporate email, information systems, and the Internet. Nonrepudiation is a contractual stipulation to ensure that ebusiness participants do not deny (repudiate) their online actions. A nonrepudiation clause is typically contained in an acceptable use policy. Many businesses and educational facilities require employees or students to sign an acceptable use policy before gaining network access. When signing up with an email provider, each customer is typically presented with an AUP, which states that the user agrees to adhere to certain stipulations. Users agree to the following in a typical acceptable use policy:

Not using the service as part of violating any law.

Not attempting to break the security of any computer network or user.

Not posting commercial messages to groups without prior permission.

Not performing any nonrepudiation.

Some organizations go so far as to create a unique information management policy focusing solely on Internet use. An Internet use policy contains general principles to guide the proper use of the Internet. Because of the large amounts of computing resources that Internet users can expend, it is essential for such use to be legitimate. In addition, the Internet contains numerous materials that some believe are offensive, making regulation in the workplace a requirement. Cybervandalism is the electronic defacing of an existing website. Typosquatting is a problem that occurs when someone registers purposely misspelled variations of well-known domain names. These variants sometimes lure consumers who make typographical errors when entering a URL. Website name stealing is the theft of a website’s name that occurs when someone, posing as a site’s administrator, changes the ownership of the domain name assigned to the website to another website owner. These are all examples of unacceptable Internet use. Internet censorship is government attempts to control Internet traffic, thus preventing some material from being viewed by a country’s citizens. Generally, an Internet use policy:

Describes the Internet services available to users.

Defines the organization’s position on the purpose of Internet access and what restrictions, if any, are placed on that access.

Page 142

APPLY YOUR KNOWLEDGE

BUSINESS DRIVEN GLOBALIZATION

The Right to Be Forgotten

The European Commissioner for Justice, Fundamental Rights, and Citizenship, Viviane Reding, announced the European Commission’s proposal to create a sweeping new privacy right—the right to be forgotten, allowing individuals to request to have all content that violates their privacy removed. The right to be forgotten addresses an urgent problem in the digital age: the great difficulty of escaping your past on the Internet now that every photo, status update, and tweet lives forever in the cloud. To comply with the European Court of Justice’s decision, Google created a new online form by which individuals can request search providers to remove links that violate their online privacy. In the first month, Google received more than 50,000 submissions from people asking the company to remove links. Many people in the United States believe that the right to be forgotten conflicts with the right to free speech. Do people who want to erase their past deserve a second chance? Do you agree or disagree?⁷

Describes user responsibility for citing sources, properly handling offensive material, and protecting the organization’s good name.

States the ramifications if the policy is violated.

Email Privacy Policy

An email privacy policy details the extent to which email messages may be read by others. Email is so pervasive in organizations that it requires its own specific policy. Most working professionals use email as their preferred means of corporate communications. Although email and instant messaging are common business communication tools, risks are associated with using them. For instance, a sent email is stored on at least three or four computers (see Figure 4.6). Simply deleting an email from one computer does not delete it from the others. Companies can mitigate many of the risks of using electronic messaging systems by implementing and adhering to an email privacy policy.

FIGURE 4.6

Email Is Stored on Multiple Computers

Page 143

One major problem with email is the user’s expectations of privacy. To a large extent, this expectation is based on the false assumption that email privacy protection exists somehow analogous to that of U.S. first-class mail. Generally, the organization that owns the email system can operate the system as openly or as privately as it wishes. Surveys indicate that the majority of large firms regularly read and analyze employees’ email looking for confidential data leaks such as unannounced financial results or the sharing of trade secrets that result in the violation of an email privacy policy and eventual termination of the employee. That means that if the organization wants to read everyone’s email, it can do so. Basically, using work email for anything other than work is not a good idea. A typical email privacy policy:

Defines legitimate email users and explains what happens to accounts after a person leaves the organization.

Explains backup procedure so users will know that at some point, even if a message is deleted from their computer, it is still stored by the company.

Describes the legitimate grounds for reading email and the process required before such action is performed.

Discourages sending junk email or spam to anyone who does not want to receive it.

Prohibits attempting to mail bomb a site. A mail bomb sends a massive amount of email to a specific person or system that can cause that user’s server to stop functioning.

Informs users that the organization has no control over email once it has been transmitted outside the organization.

Spam is unsolicited email. It plagues employees at all levels within an organization, from receptionist to CEO, and clogs email systems and siphons MIS resources away from legitimate business projects. An anti-spam policy simply states that email users will not send unsolicited emails (or spam). It is difficult to write anti-spam policies, laws, or software because there is no such thing as a universal litmus test for spam. One person’s spam is another person’s newsletter. End users have to decide what spam is, because it can vary widely not just from one company to the next, but from one person to the next. A user can opt out of receiving emails by choosing to deny permission to incoming emails. A user can opt in to receive emails by choosing to allow permissions to incoming emails.

Teergrubing is an anti-spamming approach by which the receiving computer launches a return attack against the spammer, sending email messages back to the computer that originated the suspected spam.

Social Media Policy

Did you see the YouTube video showing two Domino’s Pizza employees violating health codes while preparing food by passing gas on sandwiches? Millions of people did, and the company took notice when disgusted customers began posting negative comments all over Twitter. Because they did not have a Twitter account, corporate executives at Domino’s did not know about the damaging tweets until it was too late. The use of social media can contribute many benefits to an organization, and implemented correctly, it can become a huge opportunity for employees to build brands. But there are also tremendous risks because a few employees representing an entire company can cause tremendous brand damage. Defining a set of guidelines implemented in a social media policy can help mitigate that risk. Companies can protect themselves by implementing a social media policy outlining the corporate guidelines or principles governing employee online communications. Having a single social media policy might not be enough to ensure that the company’s online reputation is protected. Additional, more specific, social media policies a company might choose to implement include:

Employee online communication policy detailing brand communication.

Employee blog and personal blog policies.

Employee social network and personal social network policies.

Employee Twitter, corporate Twitter, and personal Twitter policies.

Employee LinkedIn policy.

Employee Facebook usage and brand usage policy.

Corporate YouTube policy.

Page 144

APPLY YOUR KNOWLEDGE

BUSINESS DRIVEN MIS

15 Million Identity Theft Victims

Identity theft has quickly become the most common, expensive, and pervasive crime in the United States. The identities of more than 15 million U.S. citizens are stolen each year, with financial losses exceeding $50 billion. This means that the identities of almost 10 percent of U.S. adults will be stolen this year, with losses of around $4,000 each, not to mention the 100 million U.S. citizens whose personal data will be compromised due to data breaches on corporate and government databases.

The growth of organized crime can be attributed to the massive amounts of data collection along with the increased cleverness of professional identity thieves. Starting with individually tailored phishing and vishing scams, increasingly successful corporate and government databases hackings, and intricate networks of botnets that hijack millions of computers without a trace, we must wake up to this ever-increasing threat to all Americans.⁸

You have the responsibility to protect yourself from data theft. In a group, visit the Federal Trade Commission’s Consumer Information Identity Theft website at http://www.consumer.ftc.gov/features/feature-0014-identity-theft and review what you can do today to protect your identity and how you can ensure that your personal information is safe.

Social media monitoring is the process of monitoring and responding to what is being said about a company, individual, product, or brand. Social media monitoring typically falls to the social media manager, a person within the organization who is trusted to monitor, contribute, filter, and guide the social media presence of a company, individual, product, or brand. Organizations must protect their online reputations and continuously monitor blogs, message boards, social networking sites, and media sharing sites. However, monitoring the hundreds of social media sites can quickly become overwhelming. To combat these issues, a number of companies specialize in online social media monitoring; for example, Trackur.com creates digital dashboards that allow executives to view at a glance the date published, source, title, and summary of every item tracked. The dashboard not only highlights what’s being said but also the influence of the particular person, blog, or social media site.

Workplace Monitoring Policy

Increasingly, employee monitoring is not a choice; it is a risk-management obligation. Michael Soden, CEO of the Bank of Ireland, issued a mandate stating that company employees could not surf illicit websites with company equipment. Next, he hired Hewlett-Packard to run the MIS department, and illicit websites were discovered on Soden’s own computer, forcing Soden to resign. Monitoring employees is one of the biggest challenges CIOs face when developing information management policies.⁹

Physical security is tangible protection such as alarms, guards, fireproof doors, fences, and vaults. New technologies enable employers to monitor many aspects of their employees’ jobs, especially on telephones, computer terminals, through electronic and voice mail, and when employees are using the Internet. Such monitoring is virtually unregulated. Therefore, unless company policy specifically states otherwise (and even this is not ensured), your employer may listen, watch, and read most of your workplace communications. Workplace MIS monitoring tracks people’s activities by such measures as number of keystrokes, error rate, and number of transactions processed (see Figure 4.7 for an overview). The best path for an organization planning to engage in employee monitoring is open communication, including an employee monitoring policy stating explicitly how, when, and where the company monitors its employees. Several common stipulations an organization can follow when creating an employee monitoring policy include:

Page 145

APPLY YOUR KNOWLEDGE

BUSINESS DRIVEN DEBATE

Monitoring Employees

Every organization has the right to monitor its employees. Organizations usually inform their employees when workplace monitoring is occurring, especially regarding organizational assets such as networks, email, and Internet access. Employees traditionally offer their consent to be monitored and should not have any expectations of privacy when using organizational assets.

Do you agree or disagree that organizations have an obligation to notify employees about the extent of workplace monitoring, such as how long employees are using the Internet and which websites they are visiting? Do you agree or disagree that organizations have the right to read all employees’ email sent or received on an organizational computer, including personal Gmail accounts?

Be as specific as possible stating when and what (email, IM, Internet, network activity, etc.) will be monitored.

Expressly communicate that the company reserves the right to monitor all employees.

State the consequences of violating the policy.

Always enforce the policy the same for everyone.

Many employees use their company’s high-speed Internet access to shop, browse, and surf the web. Most managers do not want their employees conducting personal business during working hours, and they implement a Big Brother approach to employee monitoring. Many management gurus advocate that organizations whose corporate cultures are based on trust are more successful than those whose corporate cultures are based on mistrust. Before an organization implements monitoring technology, it should ask itself, “What does this say about how we feel about our employees?” If the organization really does not trust its employees, then perhaps it should find new ones. If an organization does trust its employees, then it might want to treat them accordingly. An organization that follows its employees’ every keystroke might be unwittingly undermining the relationships with its employees, and it might find the effects of employee monitoring are often worse than lost productivity from employee web surfing.

FIGURE 4.7

Internet Monitoring Technologies

Page 146

section 4.2

Information Security

LEARNING OUTCOMES

4.3Describe the relationships and differences between hackers and viruses.

4.4Describe the relationship between information security policies and an information security plan.

4.5Provide an example of each of the three primary information security areas: (1) authentication and authorization, (2) prevention and resistance, and (3) detection and response.

PROTECTING INTELLECTUAL ASSETS

LO 4.3: Describe the relationships and differences between hackers and viruses.

To reflect the crucial interdependence between MIS and business processes accurately, we should update the old business axiom “Time is money” to say “Uptime is money.” Downtime refers to a period of time when a system is unavailable. Unplanned downtime can strike at any time for any number of reasons, from tornadoes to sink overflows to network failures to power outages (see Figure 4.8). Although natural disasters may appear to be the most devastating causes of MIS outages, they are hardly the most frequent or most expensive. Figure 4.9demonstrates that the costs of downtime are not only associated with lost revenues but also with financial performance, damage to reputations, and even travel or legal expenses. A few questions managers should ask when determining the cost of downtime are:¹⁰

How many transactions can the company afford to lose without significantly harming business?

Does the company depend on one or more mission-critical applications to conduct business?

How much revenue will the company lose for every hour a critical application is unavailable?

FIGURE 4.8

Sources of Unplanned Downtime

Page 147

FIGURE 4.9

The Cost of Downtime

What is the productivity cost associated with each hour of downtime?

How will collaborative business processes with partners, suppliers, and customers be affected by an unexpected IT outage?

What is the total cost of lost productivity and lost revenue during unplanned downtime?

The reliability and resilience of IT systems have never been more essential for success as businesses cope with the forces of globalization, 24/7 operations, government and trade regulations, global recession, and overextended IT budgets and resources. Any unexpected downtime in today’s business environment has the potential to cause both short- and long-term costs with far-reaching consequences.

Information security is a broad term encompassing the protection of information from accidental or intentional misuse by persons inside or outside an organization. Information security is the primary tool an organization can use to combat the threats associated with downtime. Understanding how to secure information systems is critical to keeping downtime to a minimum and uptime to a maximum. Hackers and viruses are two of the hottest issues currently facing information security.

Security Threats Caused by Hackers and Viruses

Hackers are experts in technology who use their knowledge to break into computers and computer networks, either for profit or simply for the challenge. Smoking is not just bad for a person’s health; it seems it is also bad for company security because hackers regularly use smoking entrances to gain building access. Once inside, they pose as employees from the MIS department and either ask for permission to use an employee’s computer to access the corporate network or find a conference room where they simply plugin their own laptop. Drive-by hacking is a computer attack by which an attacker accesses a wireless computer network, intercepts data, uses network services, and/or sends attack instructions without entering the office or organization that owns the network. Figure 4.10 lists the various types of hackers for organizations to be aware of, and Figure 4.11 shows how a virus is spread.

Page 148

FIGURE 4.10

Types of Hackers

One of the most common forms of computer vulnerabilities is a virus. A virus is software written with malicious intent to cause annoyance or damage. Some hackers create and leave viruses, causing massive computer damage. A worm spreads itself not only from file to file but also from computer to computer. The primary difference between a virus and a worm is that a virus must attach to something, such as an executable file, to spread. Worms do not need to attach to anything to spread and can tunnel themselves into computers. Figure 4.12 provides an overview of the most common types of viruses. Two additional computer vulnerabilities include adware and spyware. Adware is software that, although purporting to serve some useful function and often fulfilling that function, also allows Internet advertisers to display advertisements without the consent of the computer user. Spyware is a special class of adware that collects data about the user and transmits it over the Internet without the user’s knowledge or permission. Spyware programs collect specific data about the user, ranging from general demographics such as name, address, and browsing habits to credit card numbers, Social Security numbers, and user names and passwords. Not all adware programs are spyware and, used correctly, it can generate revenue for a company, allowing users to receive free products. Spyware is a clear threat to privacy. Ransomware is a form of malicious software that infects your computer and asks for money. Simplelocker is a new ransomware program that encrypts your personal files and demands payment for the files’ decryption keys. Figure 4.13 displays a few additional weapons hackers use for launching attacks.¹¹

FIGURE 4.11

How Computer Viruses Spread

Page 149

FIGURE 4.12

Common Forms of Viruses

FIGURE 4.13

Hacker Weapons

Organizational information is intellectual capital. Just as organizations protect their tangible assets—keeping their money in an insured bank or providing a safe working environment for employees—they must also protect their intellectual capital, everything from patents to transactional and analytical information. With security breaches and viruses on the rise and computer hackers everywhere, an organization must put in place strong security measures to survive.

THE FIRST LINE OF DEFENSE—PEOPLE

LO 4.4: Describe the relationship between information security policies and an information security plan.

Organizations today can mine valuable information such as the identity of the top 20 percent of their customers, who usually produce 80 percent of revenues. Most organizations view this type of information as intellectual capital and implement security measures to prevent it from walking out the door or falling into the wrong hands. At the same time, they must enable employees, customers, and partners to access needed information electronically. Organizations address security risks through two lines of defense; the first is people, the second is technology.

Surprisingly, the biggest problem is people because the majority of information security breaches result from people misusing organizational information. Insiders are legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident. For example, many individuals freely give up their passwords or write them on sticky notes next to their computers, leaving the door wide open for hackers. Through social engineering, hackers use their social skills to trick people into revealing access credentials or other valuable information. Dumpster diving, or looking through people’s trash, is another way hackers obtain information. Pretexting is a form of social engineering in which one individual lies to obtain confidential data about another individual.

Page 150

Information security policies identify the rules required to maintain information security, such as requiring users to log off before leaving for lunch or meetings, never sharing passwords with anyone, and changing passwords every 30 days. An information security plan details how an organization will implement the information security policies. The best way a company can safeguard itself from people is by implementing and communicating its information security plan. This becomes even more important with Web 2.0 as the use of mobile devices, remote workforce, and contractors continue growing. A few details managers should consider surrounding people and information security policies include defining the best practices for¹²

Applications allowed to be placed on the corporate network, especially various file sharing applications (Kazaz), IM software, and entertainment or freeware created by unknown sources (iPhone applications).

Corporate computer equipment used for personal reasons on personal networks.

Password creation and maintenances including minimum password length, characters to be included while choosing passwords, and frequency for password changes.

Personal computer equipment allowed to connect to the corporate network.

Virus protection, including how often the system should be scanned and how frequently the software should be updated. This could also include if downloading attachments is allowed and practices for safe downloading from trusted and untrustworthy sources.

THE SECOND LINE OF DEFENSE—TECHNOLOGY

LO 4.5: Provide an example of each of the three primary information security areas: (1) authentication and authorization, (2) prevention and resistance, and (3) detection and response.

Once an organization has protected its intellectual capital by arming its people with a detailed information security plan, it can begin to focus on deploying technology to help combat attackers. Destructive agents are malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines. Figure 4.14 displays the three areas where technology can aid in the defense against attacks.

People: Authentication and Authorization

Identity theft consists of forging someone’s identity for the purpose of fraud. The fraud is often financial because thieves apply for and use credit cards or loans in the victim’s name. Two means of stealing an identity are phishing and pharming. Phishing is a technique to gain personal information for the purpose of identity theft, usually by means of fraudulent emails that look as though they came from legitimate businesses. The messages appear to be genuine, with official-looking formats and logos, and typically ask for verification of important information such as passwords and account numbers, ostensibly for accounting or auditing purposes. Since the emails look authentic, up to one in five recipients responds with the information and subsequently becomes a victim of identity theft and other fraud. Figure 4.15 displays a phishing scam attempting to gain information for Skyline Bank; you should never click emails asking you to verify your identity because companies will never contact you directly asking for your user name or password.¹³ A phishing expedition is a masquerading attack that combines spam with spoofing. The perpetrator sends millions of spam emails that appear to be from a respectable company. The emails contain a link to a website that is designed to look exactly like the company’s website. The victim is encouraged to enter his or her username, password, and sometimes credit card information. Spear phishing is a phishing expedition in which the emails are carefully designed to target a particular person or organization. Vishing (or voice phishing) is a phone scam that attempts to defraud people by asking them to call a bogus telephone number to confirm their account information.

FIGURE 4.14

Three Areas of Information Security

Page 151

Pharming reroutes requests for legitimate websites to false websites. For example, if you were to type in the URL to your bank, pharming could redirect to a fake site that collects your information. A zombie is a program that secretly takes over another computer for the purpose of launching attacks on other computers. Zombie attacks are almost impossible to trace back to the attacker. A zombie farm is a group of computers on which a hacker has planted zombie programs. A pharming attack uses a zombie farm, often by an organized crime association, to launch a massive phishing attack.

FIGURE 4.15

Skyline Bank Phishing Scam

Page 152

APPLY YOUR KNOWLEDGE

BUSINESS DRIVEN INNOVATION

Beyond the Password

The password, a combination of a user name and personal code, has been the primary way to secure systems since computers first hit the market in the 1980s. Of course, in the 1980s, users had only one password to maintain and remember, and chances are they still probably had to write it down. Today, users have dozens of user names and passwords they have to remember to multiple systems and websites—it is simply no longer sustainable! A few companies are creating new forms of identification, hoping to eliminate the password problem.

Bionym is developing the Nymi, a wristband with two electrodes that reads your heart’s unique electrocardiogram signal and can unlock all your devices.

Clef is developing the Clef Wave, a free app that generates a unique image on your smart phone that you can point at your webcam, which reads the image and unlocks your websites. The image cannot be stolen because it only stays on your screen for a few seconds. More than 300 websites have enabled the Clef Wave service.

Illiri is developing an app that emits a unique sound on your smart phone that can be used to unlock other devices, process payments, and access websites. The sound lasts for 10 seconds and can be heard within 1 foot of your device.

In a group, evaluate the three preceding technologies and determine which one you would choose to implement at your school.

Authentication and authorization technologies can prevent identity theft, phishing, and pharming scams. Authentication is a method for confirming users’ identities. Once a system determines the authentication of a user, it can then determine the access privileges (or authorization) for that user. Authorization is the process of providing a user with permission, including access levels and abilities such as file access, hours of access, and amount of allocated storage space. Authentication and authorization techniques fall into three categories; the most secure procedures combine all three:

1.Something the user knows, such as a user ID and password. The first type of authentication, using something the user knows, is the most common way to identify individual users and typically consists of a unique user ID and password. However, this is actually one of the most ineffective ways for determining authentication because passwords are not secure. All it typically takes to crack one is enough time. More than 50 percent of help-desk calls are password related, which can cost an organization significant money, and a social engineer can coax a password from almost anybody.

2.Something the user has, such as a smart card or token. The second type of authentication, using something the user has, offers a much more effective way to identify individuals than a user ID and password. Tokens and smart cards are two of the primary forms of this type of authentication. Tokens are small electronic devices that change user passwords automatically. The user enters his or her user ID and token-displayed password to gain access to the network. A smart card is a device about the size of a credit card, containing embedded technologies that can store information and small amounts of software to perform some limited processing. Smart cards can act as identification instruments, a form of digital cash, or a data storage device with the ability to store an entire medical record.

Page 153

3.Something that is part of the user, such as a fingerprint or voice signature. The third kind of authentication, something that is part of the user, is by far the best and most effective way to manage authentication. Biometrics (narrowly defined) is the identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting. A voiceprint is a set of measurable characteristics of a human voice that uniquely identifies an individual. These characteristics, which are based on the physical configuration of a speaker’s mouth and throat, can be expressed as a mathematical formula. Unfortunately, biometric authentication such as voiceprints can be costly and intrusive.

Single-factor authentication is the traditional security process, which requires a user name and password. Two-factor authentication requires the user to provide two means of authentication, what the user knows (password) and what the user has (security token). Multifactor authentication requires more than two means of authentication such as what the user knows (password), what the user has (security token), and what the user is (biometric verification). The goal of multifactor authentication is to make it difficult for an unauthorized person to gain access to a system because, if one security level is broken, the attacker will still have to break through additional levels.

Data: Prevention and Resistance

Prevention and resistance technologies stop intruders from accessing and reading data by means of content filtering, encryption, and firewalls. Time bombs are computer viruses that wait for a specific date before executing their instructions. Content filtering occurs when organizations use software that filters content, such as emails, to prevent the accidental or malicious transmission of unauthorized information. Organizations can use content filtering technologies to filter email and prevent emails containing sensitive information from transmitting, whether the transmission was malicious or accidental. It can also filter emails to prevent any suspicious files from transmitting, such as potentially virus-infected files. Email content filtering can also filter for spam, a form of unsolicited email.

Encryption scrambles information into an alternative form that requires a key or password to decrypt. If there were a security breach and the stolen information were encrypted, the thief would be unable to read it. Encryption can switch the order of characters, replace characters with other characters, insert or remove characters, or use a mathematical formula to convert the information into a code. Companies that transmit sensitive customer information over the Internet, such as credit card numbers, frequently use encryption. To decrypt information is to decode it and is the opposite of encrypt. Cryptography is the science that studies encryption, which is the hiding of messages so that only the sender and receiver can read them. The National Institute of Standards and Technology (NIST) introduced an advanced encryption standard (AES) designed to keep government information secure.

Some encryption technologies use multiple keys. Public key encryption (PKE) uses two keys: a public key that everyone can have and a private key for only the recipient (see Figure 4.16). The organization provides the public key to all customers, whether end consumers or other businesses, who use that key to encrypt their information and send it via the Internet. When it arrives at its destination, the organization uses the private key to unscramble it.

FIGURE 4.16

Public Key Encryption (PKE)

Page 154

FIGURE 4.17

Sample Firewall Architecture Connecting Systems Located in Chicago, New York, and Boston

Public keys are becoming popular to use for authentication techniques consisting of digital objects in which a trusted third party confirms correlation between the user and the public key. A certificate authority is a trusted third party, such as VeriSign, that validates user identities by means of digital certificates. A digital certificate is a data file that identifies individuals or organizations online and is comparable to a digital signature.

A firewall is hardware and/or software that guard a private network by analyzing incoming and outgoing information for the correct markings. If they are missing, the firewall prevents the information from entering the network. Firewalls can even detect computers communicating with the Internet without approval. As Figure 4.17 illustrates, organizations typically place a firewall between a server and the Internet. Think of a firewall as a gatekeeper that protects computer networks from intrusion by providing a filter and safe transfer points for access to and from the Internet and other networks. It screens all network traffic for proper passwords or other security codes and allows only authorized transmissions in and out of the network.

Firewalls do not guarantee complete protection, and users should enlist additional security technologies such as antivirus software and antispyware software. Antivirus software scans and searches hard drives to prevent, detect, and remove known viruses, adware, and spyware. Antivirus software must be frequently updated to protect against newly created viruses.

Attack: Detection and Response

Cyberwar is an organized attempt by a country’s military to disrupt or destroy information and communication systems for another country. Cyberterrorism is the use of computer and networking technologies against persons or property to intimidate or coerce governments, individuals, or any segment of society to attain political, religious, or ideological goals. With so many intruders planning computer attacks, it is critical for all computer systems to be protected. The presence of an intruder can be detected by watching for suspicious network events such as bad passwords, the removal of highly classified data files, or unauthorized user attempts. Intrusion detection software (IDS) features full-time monitoring tools that search for patterns in network traffic to identify intruders. IDS protects against suspicious network traffic and attempts to access files and data. If a suspicious event or unauthorized traffic is identified, the IDS will generate an alarm and can even be customized to shut down a particularly sensitive part of a network. After identifying an attack, an MIS department can implement response tactics to mitigate the damage. Response tactics outline procedures such as how long a system under attack will remain plugged in and connected to the corporate network, when to shut down a compromised system, and how quickly a backup system will be up and running.

Page 155

APPLY YOUR KNOWLEDGE

BUSINESS DRIVEN START-UP

LifeLock: Keeping Your Identity Safe

Have you ever seen a LifeLock advertisement? If so, you know the Social Security number of LifeLock CEO Todd Davis because he posts it in all ads daring hackers to try to steal his identity. Davis has been a victim of identity theft at least 13 times. The first theft occurred when someone used his identity to secure a $500 loan from a check-cashing company. Davis discovered the crime only after the company called his wife’s cell phone to recover the unpaid debt.¹⁴

If you were starting an identity theft prevention company, do you think it would be a good idea to post your Social Security number in advertisements? Why or why not? What do you think happened that caused Davis’s identity to be stolen? What types of information security measures should LifeLock implement to ensure that Davis’s Social Security number is not stolen again? If you were LifeLock’s CEO, what type of marketing campaign would you launch next?

Guaranteeing the safety of organization information is achieved by implementing the two lines of defense: people and technology. To protect information through people, firms should develop information security policies and plans that provide employees with specific precautions they should take in creating, working with, and transmitting the organization’s information assets. Technology-based lines of defense fall into three categories: authentication and authorization; prevention and resistance; and detection and response.

LEARNING OUTCOME REVIEW

Learning Outcome 4.1: Explain the ethical issues in the use of information technology.

Information ethics govern the ethical and moral issues arising from the development and use of information technologies as well as the creation, collection, duplication, distribution, and processing of information itself (with or without the aid of computer technologies). Ethical dilemmas in this area usually arise not as simple, clear-cut situations but as clashes among competing goals, responsibilities, and loyalties. Inevitably, there will be more than one socially acceptable or correct decision. For this reason, acting ethically and legally are not always the same.

Learning Outcome 4.2: Identify the six epolicies organizations should implement to protect themselves.

1.An ethical computer use policy contains general principles to guide computer user behavior. For example, it might explicitly state that users should refrain from playing computer games during working hours.

2.An information privacy policy contains general principles regarding information privacy.

3.An acceptable use policy (AUP) is a policy that a user must agree to follow to be provided access to corporate email, information systems, and the Internet.

4.An email privacy policy details the extent to which email messages may be read by others.

Page 156

5.A social media policy outlines the corporate guidelines or principles governing employee online communications.

6.An employee-monitoring policy states explicitly how, when, and where the company monitors its employees.

Learning Outcome 4.3: Describe the relationships and differences between hackers and viruses.

Hackers are experts in technology who use their knowledge to break into computers and computer networks, either for profit or just for the challenge. A virus is software written with malicious intent to cause annoyance or damage. Some hackers create and leave viruses, causing massive computer damage.

Learning Outcome 4.4: Describe the relationship between information security policies and an information security plan.

Information security policies identify the rules required to maintain information security, such as requiring users to log off before leaving for lunch or meetings, never sharing passwords with anyone, and changing passwords every 30 days. An information security plan details how an organization will implement the information security policies. The best way a company can safeguard itself from people is by implementing and communicating its information security plan.

Learning Outcome 4.5: Provide an example of each of the three primary information security areas: (1) authentication and authorization, (2) prevention and resistance, and (3) detection and response.

Authentication and authorization: Authentication is a method for confirming users’ identities. Once a system determines the authentication of a user, it can then determine the access privileges (or authorization) for that user. Authorization is the process of providing a user with permission, including access levels and abilities such as file access, hours of access, and amount of allocated storage space.

Prevention and resistance: Content filtering occurs when organizations use software that filters content, such as emails, to prevent the accidental or malicious transmission of unauthorized information. Encryption scrambles information into an alternative form that requires a key or password to decrypt. In a security breach, a thief is then unable to read encrypted information. A firewall is hardware and/or software that guard a private network by analyzing incoming and outgoing information for the correct markings.

Detection and response: Intrusion detection software (IDS) features full-time monitoring tools that search for patterns in network traffic to identify intruders.

OPENING CASE QUESTIONS

1.Knowledge: Define information ethics and information security and explain whether they are important to help prevent hackers from gaining access to an organization.

2.Comprehension: Identify two epolicies that a business could implement to ensure the protection of sensitive corporate data from hackers.

3.Application: Demonstrate how a business can use authentication and authorization technologies to prevent hackers from gaining access to organizational systems.

4.Analysis: Analyze how a business can use prevention and resistance technologies to safeguard its employees from hackers and viruses.

5.Synthesis: Explain why hackers want to gain access to organizational data.

6.Evaluate: Evaluate additional ways hackers can gain access to organizational data.

Page 157

KEY TERMS

Acceptable use policy (AUP)

Advanced encryption standard (AES)

Adware

Anti-spam policy

Antivirus software

Authentication

Authorization

Biometrics

Black-hat hackers

Bring your own device (BYOD)

Certificate authority

Child Online Protection Act (COPA)

Click-fraud

Competitive click-fraud

Confidentiality

Content filtering

Copyright

Counterfeit software

Cracker

Cryptography

Cyberbullying

Cyberterrorism

Cyberterrorists

Cybervandalism

Cyberwar

Decrypt

Destructive agents

Digital certificate

Digital rights management

Downtime

Drive-by hacking

Dumpster diving

Ediscovery (or electronic discovery)

Email privacy policy

Employee monitoring policy

Encryption

Epolicies

Ethical computer use policy

Ethics

FIP (Fair Information Practices)

Firewall

Hackers

Hactivists

Identity theft

Information compliance

Information ethics

Information governance

Information management

Information property

Information secrecy

Information privacy policy

Information security

Information security plan

Information security policies

Insiders

Intellectual property

Internet censorship

Internet use policy

Intrusion detection software (IDS)

Mail bomb

Multifactor authentication

Nonrepudiation

Opt in

Opt out

Patent

Pharming

Pharming attack

Phishing

Phishing expedition

Physical security

Pirated software

Pretexting

Privacy

Public key encryption (PKE)

Ransomware

Script kiddies or script bunnies

Single-factor authentication

Smart card

Social engineering

Social media manager

Social media monitoring

Social media policy

Spam

Spear phishing

Spyware

Teergrubing

Threat

Time bomb

Tokens

Two-factor authentication

Typosquatting

Virus

Vishing (voice phishing)

Voiceprint

Website name stealing

White-hat hackers

Worm

Workplace MIS monitoring

Zombie

Zombie farm

REVIEW QUESTIONS

1.What are ethics and why are they important to a company?

2.What is the relationship between information management, governance, and compliance?

3.Why are epolicies important to a company?

4.What is the correlation between privacy and confidentiality?

5.What is the relationship between adware and spyware?

6.What are the positive and negative effects associated with monitoring employees?

7.What is the relationship between hackers and viruses?

8.Why is security a business issue, not just a technology issue?

9.What are the growing issues related to employee communication methods and what can a company do to protect itself?

Page 158

10.How can a company participating in ebusiness keep its information secure?

11.What technologies can a company use to safeguard information?

12.Why is ediscovery important to a company?

13.What are the reasons a company experiences downtime?

14.What are the costs associated with downtime?

CLOSING CASE ONE

Targeting Target

The biggest retail hack in U.S. history wasn’t particularly inventive, nor did it appear destined for success. In the days prior to Thanksgiving 2013, someone installed malware in Target’s security and payments system designed to steal every credit card used at the company’s 1,797 U.S. stores. At the critical moment—when the Christmas gifts had been scanned and bagged and the cashier asked for a swipe—the malware would step in, capture the shopper’s credit card number, and store it on a Target server commandeered by the hackers.

It’s a measure of how common these crimes have become, and how conventional the hackers’ approach in this case, that Target was prepared for such an attack. Six months earlier, the company began installing a $1.6 million malware detection tool made by the computer security firm FireEye, whose customers also include the CIA and the Pentagon. Target had a team of security specialists in Bangalore to monitor its computers around the clock. If Bangalore noticed anything suspicious, Target’s security operations center in Minneapolis would be notified.

On Saturday, Nov. 30, 2013, the hackers had set their traps and had just one thing to do before starting the attack: plan the data’s escape route. As they uploaded exfiltration malware to move stolen credit card numbers—first to staging points spread around the U.S. to cover their tracks, then into their computers in Russia—FireEye spotted them. Bangalore got an alert and flagged the security team in Minneapolis. And then . . .

Nothing happened.

For some reason, Minneapolis didn’t react to the sirens. Bloomberg Businessweek spoke to more than 10 former Target employees familiar with the company’s data security operation, as well as eight people with specific knowledge of the hack and its aftermath, including former employees, security researchers, and law enforcement officials. The story they tell is of an alert system, installed to protect the bond between retailer and customer, that worked beautifully. But then, Target stood by as 40 million credit card numbers—and 70 million addresses, phone numbers, and other pieces of personal information—gushed out of its mainframes.

When asked to respond to a list of specific questions about the incident and the company’s lack of an immediate response to it, Target chairman, president, and chief executive officer Gregg Steinhafel issued an emailed statement: “Target was certified as meeting the standard for the payment card industry (PCI) in September 2013. Nonetheless, we suffered a data breach. As a result, we are conducting an end-to-end review of our people, processes and technology to understand our opportunities to improve data security and are committed to learning from this experience. While we are still in the midst of an ongoing investigation, we have already taken significant steps, including beginning the overhaul of our information security structure and the acceleration of our transition to chip-enabled cards. However, as the investigation is not complete, we don’t believe it’s constructive to engage in speculation without the benefit of the final analysis.”

More than 90 lawsuits have been filed against Target by customers and banks for negligence and compensatory damages. That’s on top of other costs, which analysts estimate could run into the billions. Target spent $61 million through February 1, 2014, responding to the breach, according to its fourth-quarter report to investors. It set up a customer response operation, and in an effort to regain lost trust, Steinhafel promised that consumers won’t have to pay any fraudulent charges stemming from the breach. Target’s profit for the holiday shopping period fell 46 percent from the same quarter the year before; the number of transactions suffered its biggest decline since the retailer began reporting the statistic in 2008.¹⁵

Page 159

Questions

1.How did the hackers steal Target’s customer data?

2.What types of technology could big retailers use to prevent identity thieves from stealing information?

3.What can organizations do to protect themselves from hackers looking to steal account data?

4.In a team, research the Internet and find the best ways to protect yourself from identity theft.

CLOSING CASE TWO

To Share—Or Not to Share

People love social networks! Social networks are everywhere and a perfect way to share vacation photos, family events, and birthday parties with family, friends, and co-workers. About 40 percent of adults use at least one social media website, and 51 percent of those use more than one website. The majority of users are between the ages of 18 and 24. The Pew Research Center found that 89 percent of social network users primarily use the websites to update friends and family, 57 percent use the websites to make plans with friends, and 49 percent use the websites to make new friends.

Facebook, MySpace, LinkedIn, Friendster, Urban Chat, and Black Planet are just a few of more than 100 websites connecting people around the world who are eager to share everything from photos to thoughts and feelings. But we need to remember that sometimes you can share too much; there can be too much information. Choosing who you share with and what you share is something you want to think about for your personal social networks and corporate social networks. According to Pew Research, more than 40 percent of users allow open access to their social networking profiles, which allows anyone from anywhere to view all of their personal information. The remaining 60 percent restrict access to friends, family, and co-workers. The following are the top 10 things you should consider before posting information to your social networks.

1: If You Don’t Want to Share It – Don’t Post It

You can select all the privacy settings you want on social networking sites, but the fact is, if you post it, it has the potential to be seen by someone you don’t want seeing it. You know all those fun Facebook applications, quizzes, and polls you can’t help but fill out? A study performed by the University of Virginia found that of the top 150 applications on Facebook, 90 percent were given access to information they didn’t need for the application to function. So when you sign up to find out what sitcom star you most identify with, the makers of that poll now have access to your personal information. It’s anybody’s guess where it goes from there. Social networking is all about sharing, so something you think is in confidence can easily be shared and then shared again, and before you know it, someone you don’t even know has access to something private. “When in doubt, leave it out” is a good motto to follow. And always remember that anything you share has the potential to be leaked in some way.

2: Never Give Out Your Password Hints

Most websites that contain secure personal information require a password and have at least one password hint in case you forget. It typically goes like this: You sign up for something such as online banking; you get a logon and password and then choose a security question for when you forget your password. What’s the name of your first pet? What’s your mother’s maiden name? What was your high school mascot? What’s the name of the first street you lived on? Including any of these details on a Facebook wall or status update may not seem like a big deal, but it could provide an identity thief with the last piece of the puzzle needed to hack into your bank account. Think before you post anything that could compromise this information.

Page 160

3: Never Give Out Your Password

This one really seems like a no-brainer, but if it didn’t happen, then Facebook probably wouldn’t feel the need to list it in the No. 1 slot on its list of things you shouldn’t share. Even sharing the password with a friend so he or she can log on and check something for you can be a risk. This is especially true with couples who feel like there’s enough trust to share these kinds of things. Here’s another scenario for you: You give your boyfriend your Facebook password because he wants to help you upload some vacation photos. A couple of months later, the relationship sours, he turns into a not-so-nice guy, and then there’s a person out there who doesn’t like you and has your logon information. Time to cancel your account and get a new one. If you’d kept that information private, you could simply move on with your life. Now you have a compromised profile, and if you link to other sites or profiles, all that information is at risk as well. Keep your password to yourself, no matter what, and you never have to worry about it.

4: Never Provide Personal Financial Information

You would think that nobody would share things like where they do their banking or what their stock portfolio looks like, but it happens. It’s easy for an innocent Facebook comment to reveal too much about your personal finances. Consider this scenario: You’re posting to a long thread on a friend’s wall about the bank crisis. You say something along the lines of, “We don’t need to worry because we bank with a teacher’s credit union,” or even, “We put all our money into blue chip stocks and plan to ride it out.” Again, if you’re one of the 40 percent who allow open access to your profile, then suddenly identity thieves know where you bank and where you have the bulk of your investments. It’s easy to forget that what may seem like a harmless comment on a Facebook wall could reveal a great deal about your personal finances. It’s best to avoid that kind of talk.

5: Never Give Out Your Address or Phone Numbers

File this one under security risk. If you share your address and phone number on a social networking site, you open yourself up to threats of identity theft and other personal dangers such as burglaries. If you post that you’re going on vacation and you have your address posted, then everyone knows you have an empty house. Identity thieves could pay a visit to your mailbox and open up a credit card in your name. Burglars could rid your home of anything of value. Even just posting your phone number gives people with Internet savvy easy access to your address. Reverse lookup services can supply anyone with your home address in possession of your phone number.

6: Never Share Photos of Your Children

Social networking sites are a common place for people to share pictures of their families, but if you’re one of the 40 percent of users who don’t restrict access to your profile, then those pictures are there for everyone to see. It’s a sad fact, but a lot of predators use the Internet to stalk their prey. If you post pictures of your family and combine that with information like, “My husband is out of town this weekend” or “Little Johnny is old enough to stay at home by himself now,” then your children’s safety could be at risk. Nobody ever thinks it will happen to them until it does, so safety first is a good default mode when using social networking sites. Just like with other private matters, send family photos only to a select group of trusted friends and colleagues who you know won’t share them.

7: Never Provide Company Information

You may be dying to tell the world about your new work promotion, but if it’s news that could be advantageous to one of your company’s competitors, then it’s not something you should share. News of a planned expansion or a big project role and anything else about your workplace should be kept private. Sophos, a security software company, found that 63 percent of companies were afraid of what their employees were choosing to share on social networking sites. If you want to message it out, be selective and send private emails. Many companies are so serious about not being included in social networking sites that they forbid employees from using sites like Facebook at work. Some IT departments even filter the URLs and block access to these sites so employees aren’t tempted to log on.

Page 161

8: Never Give Links to Websites

With 51 percent of social network users taking advantage of more than one site, there’s bound to be some crossover, especially if you have the sites linked. You may post something you find innocuous on Facebook, but then it’s linked to your LinkedIn work profile and you’ve put your job at risk. If you link your various profiles, be aware that what you post in one world is available to the others. In 2009, a case of an employee caught lying on Facebook hit the news. The employee asked off for a weekend shift because he was ill and then posted pictures on his Facebook profile of himself at a party that same weekend. The news got back to his employer easily enough and he was fired. So if you choose to link your profiles, it’s no longer a “personal life” and “work life” scenario.

9: Keep Your Social Plans to Yourself

Sharing your social plans for everybody to see isn’t a good idea. Unless you’re planning a big party and inviting all the users you’re connected to, it will only make your other friends feel left out. Some security issues are also at stake here. Imagine a scenario in which a jealous ex-boyfriend knows that you’re meeting a new date out that night. What’s to keep the ex from showing up and causing a scene or even potentially getting upset or violent? Nothing. If you’re planning a party or an outing with a group of friends, send a personal “e-vite” for their eyes only and nobody is the wiser. If you’re trying to cast a wide net by throwing out an idea for a social outing, just remember that anyone who has access to your profile sees it.

10: Do Not Share Personal Conversations

On Facebook, users can send personal messages or post notes, images, or videos to another user’s wall. The wall is there for all to see, while messages are between the sender and the receiver, just like an email. Personal and private matters should never be shared on your wall. You wouldn’t go around with a bullhorn announcing a private issue to the world, and the same thing goes on the Internet. This falls under the nebulous world of social networking etiquette. There is no official handbook for this sort of thing, but use your best judgment. If it’s not something you’d feel comfortable sharing in person with extended family, acquaintances, work colleagues, or strangers, then you shouldn’t share it on your Facebook wall.¹⁶

Questions

1.Define information ethics and information security and explain why each is critical to any business.

2.Identify two epolicies that a business could implement to ensure the protection of sensitive corporate data.

3.Demonstrate how a business can use authentication and authorization technologies to prevent information theft.

4.Analyze how a business can use prevention and resistance technologies to safeguard its employees from hackers and viruses.

5.Propose a plan to implement information security plans to ensure your critical information is safe and protected.

6.Evaluate the information security issues facing a business and identify its three biggest concerns.

Page 162

CRITICAL BUSINESS THINKING

1.Cheerleader Charged $27,750 for File Sharing 37 Songs
A federal appeals court is ordering a university student to pay the Recording Industry Association of America $27,750—$750 a track—for file sharing 37 songs when she was a high school cheerleader. Have you ever illegally copied or downloaded a song or movie? If you have and you were forced to pay $750 per track, how much would you owe? What is the difference between file sharing and Internet radio streaming? Do you agree or disagree with the federal appeals decision? Why or why not? Why is claiming a lack of copyright knowledge not a good defense against illegally sharing movies or music? If you do not have a good understanding of information laws, what can you do to ensure that you are never named in a federal lawsuit for violating information laws?¹⁷

2.Police Records Found in Old Copy Machine
Copy machines made after 2002 all contain a hard drive that stores a copy of every document the machine has ever scanned, printed, copied, or faxed. If the hard drive is not erased or scrubbed when the copy machine is resold, all of that digital information is still maintained inside the machine. The Buffalo, New York, Police Sex Crimes Division recently sold several copy machines without scrubbing the hard drives. The hard drives yielded detailed domestic violence complaints and a list of wanted sex offenders. A machine from the Buffalo Police Narcotics Unit contained targets in a major drug raid, and a copier once used by a New York construction company stored 95 pages of pay stubs with names, addresses, and Social Security numbers.¹⁸
Who do you think should be held responsible for the information issues caused at the Buffalo police department? What types of ethical issues and information security issues are being violated? What types of epolicies could a company implement to ensure that these situations do not occur? What forms of information security could a company implement to ensure that these situations do not occur? How does this case support the primary reason that ediscovery is so important to litigation?

3.Firewall Decisions
You are the CEO of Inverness Investments, a medium-size venture capital firm that specializes in investing in high-tech companies. The company receives more than 30,000 email messages per year. On average, there are two viruses and three successful hackings against the company each year, which result in losses to the company of about $250,000. Currently, the company has antivirus software installed but does not have any firewalls.
Your CIO is suggesting implementing 10 firewalls for a total cost of $80,000. The estimated life of each firewall is about three years. The chances of hackers breaking into the system with the firewalls installed are about 3 percent. Annual maintenance costs on the firewalls are estimated around $15,000. Create an argument for or against supporting your CIO’s recommendation to purchase the firewalls. Are there any considerations in addition to finances?

4.Preventing Identity Theft
The FBI states that identity theft is one of the fastest-growing crimes. If you are a victim of identity theft, your financial reputation can be ruined, making it impossible for you to cash a check or receive a bank loan. Learning how to avoid identity theft can be a valuable activity. Using the Internet, research the most current ways the government recommends for you to prevent identity theft.

5.Discussing the Three Areas of Information Security
Great Granola Inc. is a small business operating out of northern California. The company specializes in selling homemade granola, and its primary sales vehicle is through its website. The company is growing exponentially and expects its revenues to triple this year to $12 million. The company also expects to hire 60 additional employees to support its growth. Joan Martin, the CEO, is aware that if her competitors discover the recipe for her granola, or who her primary customers are, it could easily ruin her business. Martin has hired you to draft a document discussing the different areas of information security, along with your recommendations for providing a secure ebusiness environment.

Page 163

6.Spying on Email
Technology advances now allow individuals to monitor computers that they do not even have physical access to. New types of software can capture an individual’s incoming and outgoing email and then immediately forward that email to another person. For example, if you are at work and your child is home from school and she receives an email from John at 3:00 p.m., at 3:01 p.m. you can receive a copy of that email sent to your email address. If she replies to John’s email, within seconds you will receive a copy of what she sent to John. Describe two scenarios (other than those described here) for the use of this type of software: one in which the use would be ethical and one in which it would be unethical.

7.Stealing Software
The software industry fights against pirated software on a daily basis. The major centers of software piracy are in places such as Russia and China where salaries and disposable income are comparatively low. People in developing and economically depressed countries will fall behind the industrialized world technologically if they cannot afford access to new generations of software. Considering this, is it reasonable to blame someone for using pirated software when it could cost him or her two months’ salary to purchase a legal copy? Create an argument for or against the following statement: Individuals who are economically less fortunate should be allowed access to software free of charge to ensure that they are provided with an equal technological advantage.

8.Censoring Google
The Google debate over operations in China is an excellent example of types of global ethical and security issues U.S. companies face as they expand operations around the world. Google’s systems were targeted by highly sophisticated hacker attacks aimed at obtaining proprietary information, including personal data belonging to Chinese human rights activists who use Google’s Gmail service.
Google, which originally agreed to filter search results based on Chinese government censorship rules, decided to unfilter search results after what it called an infiltration of its technology and the email accounts of Chinese human-rights activists. China called Google’s plan to defy government censorship rules unfriendly and irresponsible and demanded Google to shut down all operations in China.
Why would China want to filter search results? Do you agree or disagree with China’s censorship rules? Do you think Google was acting ethically when it agreed to implement China’s censorship rules? Why do companies operating abroad need to be aware of the different ethical perspective found in other cultures?

9.Sources are not Friends
The Canadian Broadcasting Company (CBC) has issued a social networking policy directing journalists to avoid adding sources or contacts as friends on social networking sites such as Facebook or LinkedIn. Basic rules state that reporters must never allow one source to view what another source says, and reporters must ensure that private conversations with sources remain private. Adding sources as friends can compromise a journalist’s work by allowing friends to view other friends in the network. It may also not be in a journalist’s best interest to become a friend in a source’s network. The CBC also discourages posting any political preferences in personal profiles, comments on bulletin boards, or people’s Facebook wall.
This might seem like common sense, but for employees who do not spend countless hours on the Internet, using social networking sites can be confusing and overwhelming. Why is it critical for any new hire to research and review all policies, especially social media policies? Research three companies you would like to work for after graduation and detail the types of social media policies that the company currently has or should implement.

Page 164

ENTREPRENEURIAL CHALLENGE

BUILD YOUR OWN BUSINESS

1.Providing employees with computer access is one of the perks offered by your business. Employees enjoy checking their personal email and surfing the Internet on their breaks. So far, computer access has been a cherished employee benefit. When you came into work this morning you found the following anonymous letter from one of your employees on your desk. “I received a highly inappropriate joke from a fellow employee that I found extremely offensive. The employee who sent the joke was Debbie Fernandez and I believe she should be reprimanded for her inappropriate actions. Signed—a disturbed employee.” What would you do? What could you have done to ensure that situations such as these would be easily handled if they did arise? What could you do to ensure that such situations do not happen in the future and if they do, all employees are aware of the ramifications of inappropriate emails? (Be sure to identify your business and the name of your company.)

2.The local community has always been a big part of your grandfather’s business, and he knew almost everyone in the community. Your grandfather attended all types of community events and would spend hours talking with friends and neighbors, soliciting feedback and ideas on his business. As you know, data are important to any business. In fact, data are an essential business asset. You have decided to start tracking detailed customer information for all business events from fund-raising to promotions. Since you took over the business, you have been collecting more and more event data to help you run marketing campaigns across events and optimize the event schedules. One day, a sophisticated businessman walks into your business and asks to speak to the owner. He introduces himself as Lance Smith and says that he would like to talk to you in private. Smith is retiring and is closing his business that was located just down the street, and he wants to sell you his detailed customer information. Smith would like a large sum of money to sell you his confidential customer contact information and sales reports for the past 20 years. He says he has more than 10,000 customers in his unique database. What do you do?

3.Yesterday you had an interesting conversation with one of your loyal customers, Dan Martello. He asked you the following question: “If I find a digital camera on the street is it OK to look at the contents, or am I invading the owner’s privacy?” You have a lengthy debate and decided that in some scenarios it is an invasion of privacy to be looking at someone else’s photos and is similar to looking in their windows. In other scenarios, it is not an invasion of privacy if you do not know the person and it is the primary way to identify the owner to return the camera, similar to looking in a wallet. As you are cleaning your business, you find a 30 gigabyte thumb drive and you know that it probably belongs to one of your valuable customers and contains his sensitive information. What do you do? What security concerns are associated with the thumb drive? How could information security policies or an information security plan help your business with this type of situation?

APPLY YOUR KNOWLEDGE BUSINESS PROJECTS

PROJECT IGrading Security

Making The Grade is a nonprofit organization that helps students learn how to achieve better grades in school. The organization has 40 offices in 25 states and more than 2,000 employees. The company wants to build a website to offer its services online. Making The Grade’s online services will provide parents seven key pieces of advice for communicating with their children to help them achieve academic success. The website will offer information on how to maintain open lines of communication, set goals, organize academics, regularly track progress, identify trouble spots, get to know their child’s teacher, and celebrate their children’s successes.

Page 165

You and your team work for the director of information security. Your team’s assignment is to develop a document discussing the importance of creating information security policies and an information security plan. Be sure to include the following:

The importance of educating employees on information security.

A few samples of employee information security policies specifically for Making The Grade.

Other major areas the information security plan should address.

Signs the company should look for to determine whether the website is being hacked.

The major types of attacks the company should expect to experience.

PROJECT IIEyes Everywhere

The movie Minority Report chronicled a futuristic world where people are uniquely identifiable by their eyes. A scan of each person’s eyes gives or denies them access to rooms, computers, and anything else with restrictions. The movie portrayed a black market in new eyeballs to help people hide from the authorities. (Why did they not just change the database entry instead? That would have been much easier but a lot less dramatic.)

The idea of using a biological signature is entirely plausible; biometrics is currently being used and is expected to gain wider acceptance in the near future because forging documents has become much easier with the advances in computer graphics programs and color printers. The next time you get a new passport, it may incorporate a chip that has your biometric information encoded on it. Office of Special Investigations agents with fake documents found that it was relatively easy to enter the United States from Canada, Mexico, and Jamaica by land, sea, and air.

The task of policing the borders is daunting. Some 500 million foreigners enter the country every year and go through identity checkpoints. More than 13 million permanent-resident and border-crossing cards have been issued by the U.S. government. Also, citizens of 27 countries do not need visas to enter this country. They are expected to have passports that comply with U.S. specifications that will also be readable at the border.

In the post-9/11 atmosphere of tightened security, unrestricted border crossing is not acceptable. The Department of Homeland Security is charged with securing the nation’s borders, and as part of this plan, new entry/exit procedures were instituted at the beginning of 2003. An integrated system, using biometrics, will be used to identify foreign visitors to the United States and reduce the likelihood of terrorists entering the country.

Early in 2003, after 6 million biometric border-crossing cards had been issued, a pilot test conducted at the Canadian border detected more than 250 imposters. The testing started with two biometric identifiers: photographs for facial recognition and fingerprint scans. As people enter and leave the country, their actual fingerprints and facial features are compared to the data on the biometric chip in the passport.

In a group, discuss the following:

a.How do you feel about having your fingerprints, facial features, and perhaps more of your biometric features encoded in documents such as your passport? Explain your answer.

b.Would you feel the same way about having biometric information on your driver’s license as on your passport? Why or why not?

c.Is it reasonable to have different biometric identification requirements for visitors from different nations? Explain your answer. What would you recommend as criteria for deciding which countries fall into what categories?

Page 166

d.The checkpoints U.S. citizens pass through upon returning to the country vary greatly in the depth of the checks and the time spent. The simplest involves simply walking past the border guards who may or may not ask you your citizenship. The other end of the spectrum requires you to put up with long waits in airports where you have to line up with hundreds of other passengers while each person is questioned and must produce a passport to be scanned. Would you welcome biometric information on passports if it would speed the process, or do you think that the disadvantages of the reduction in privacy, caused by biometric information, outweigh the advantages of better security and faster border processing? Explain your answer.

PROJECT IIISetting Boundaries

Even the most ethical people sometimes face difficult choices. Acting ethically means behaving in a principled fashion and treating other people with respect and dignity. It is simple to say, but not so simple to do since because situations are complex or ambiguous. The important role of ethics in our lives has long been recognized. As far back as 44 BC, Cicero said that ethics are indispensable to anyone who wants to have a good career. Having said that, Cicero, along with some of the greatest minds over the centuries, struggled with what the rules of ethics should be.

Our ethics are rooted in our history, culture, and religion, and our sense of ethics may shift over time. The electronic age brings with it a new dimension in the ethics debate—the amount of personal information that we can collect and store and the speed with which we can access and process that information.

In a group, discuss how you would react to the following situations:

a.A senior marketing manager informs you that one of her employees is looking for another job and she wants you to give her access to look through her email.

b.A vice president of sales informs you that he has made a deal to provide customer information to a strategic partner, and he wants you to copy all of the customer information to a thumb drive.

c.You are asked to monitor your employee’s email to discover whether he is sexually harassing another employee.

d.You are asked to install a video surveillance system in your office to find out whether employees are taking office supplies home with them.

e.You are looking on the shared network drive and discover that your boss’s entire hard drive has been copied to the network for everyone to view. What do you do?

f.You have been accidentally copied on an email from the CEO, which details who will be the targets of the next round of layoffs. What do you do?

PROJECT IVContemplating Sharing

Bram Cohen created BitTorrent, which allows users to upload and download large amounts of data. Cohen demonstrated his program at the world hacker conference, as a free, open source project aimed at computer users who need a cheap way to swap software online. Soon many TV and movie fanatics began using the program to download copyrighted materials. As a result of the hacker conference, more than 20 million people downloaded the BitTorrent program and began sharing movies and television shows across the Internet.

There is much debate surrounding the ethics of peer-to-peer networking. Do you believe BitTorrent is ethical or unethical? Justify your answer.

Page 167

PROJECT VFired For Smoking on the Weekend

New technologies make it possible for employers to monitor many aspects of their employees’ jobs, especially on telephones, computer terminals, through electronic and voice mail, and when employees are using the Internet. Such monitoring is virtually unregulated. Therefore, unless company policy specifically states otherwise (and even this is not ensured), your employer may listen, watch, and read most of your workplace communications.

Employers are taking monitoring activity a step further and monitoring employees, and employees’ spouses, at home and on weekends. Yes, you read that correctly. Numerous employees have been fired for smoking cigarettes on the weekend in the privacy of their own home. As health care costs escalate, employers are increasingly seeking to regulate employee behavior—at home as well as in the workplace. Weyco, an insurance benefits administrator in Michigan, initiated a program requiring mandatory breath tests to detect for nicotine, and any employee testing positive would be sent home without pay for one month. If the employee failed the nicotine test a second time, that person would be fired—no matter how long the employee had been with the company.

Weyco’s smoking prohibition does not stop with employees but extends to spouses, who must also pass monthly nicotine tests. A positive test means the employee must pay a monthly fee of $80 until the spouse takes a smoking cessation program and tests nicotine-free.

Do you agree that companies have the right to hold employees accountable for actions they perform on weekends in the privacy of their own homes? If you were the CEO of Weyco, what would be your argument supporting its smoking prohibition policies? Do you think Weyco’s monitoring practices are ethical? Do you think Weyco’s monitoring practices are legal?

PROJECT VIDoodling Passwords

As our online world continues to explode, people are finding the number of user names and passwords they need to remember growing exponentially. For this reason, many users will assign the same password for every logon, choose easy-to-remember names and dates, or simply write down their passwords on sticky notes and attach them to their computers. Great for the person who needs to remember 72 passwords but not so great for system security.

Of course, the obvious answer is to deploy biometrics across the board, but once you start reviewing the costs associated with biometrics, you quickly realize that this is not feasible. What is coming to the rescue to help with the password nightmare we have created? The doodle. Background Draw-a-Secret (BDAS) is a new program created by scientists at Newcastle University in England. BDAS begins by recording the number of strokes it takes a user to draw a doodle and when the user wants to gain access to the system he simply redraws the doodle on a touchpad and it is matched against the stored prototype. If the doodle matches, the user is granted access. Doodles are even described as being far more anonymous, therefore offering greater security than biometrics.

You are probably thinking that you’ll end up right back in the same position having to remember all 72 of your password doodles. The good news is that with doodle passwords, you don’t have to remember a thing. The doodle password can be displayed to users, and they simply have to redraw it because the system analyzes how the user draws or the user’s unique hand strokes, not the actual doodle (similar to handwriting recognition technologies).

If you were going to deploy doodle passwords to your organization, what issues and concerns do you think might occur? Do you agree that doodles are easier to remember than text passwords? Do you agree that doodles offer the most effective way to manage authentication and authorization, even greater than biometrics? What types of unethical issues do you think you might encounter with doodle passwords?

Page 168

AYK APPLICATION PROJECTS

If you are looking for Excel projects to incorporate into your class, try any of the following after reading this chapter.