1 E-Business, E-Commerce Lecture Outline 11 Instructor: Kevin Robertson
2 Introduction to Information Systems Explain the differences between extranets and intranets as well as show how organizations utilize these environments Describe electronic commerce and how it has evolved Describe the strategies that companies are adopting to compete in cyberspace Describe the stages of business-to-consumer electronic commerce and the key drivers for the emergence of mobile commerce Understand the keys to successful electronic commerce applications Understand general ebusiness security fundamentals
5 Internet and the World Wide Web Capabilities The Internet Changed Everything: Intranet internal, private network using Web technologies to facilitate transmission of proprietary information within the organization Extranet two or more firms using the Internet to do business together Internet and World Wide Web created an entirely new communications capability for the emergence of Electronic Business (ebusiness) The Internet opened up access to markets by lowering barriers to entry.
6 Internet and the World Wide Web Capabilities
7 Network Computing Spectrum
8 Intranet Architecture
9 Intranet Architecture Firewalls hardware devices with special software that prevent unauthorized access An intranet server is placed behind the firewall Packets are never routed outside the firewall, but remain within the organizations network
10 Intranet Applications
11 Network Computing Spectrum
12 Extranets Extranets Extranets are secure network architectures that provide customers, suppliers, and employees with access to internal systems. Extranets enable two or more firms to use the Internet to do business together. They are an excellent use of B2B to allow companies to achieve a positive return on their tech investments. Extranet Benefits Improves timeliness and accuracy of communications, thereby reducing errors and misunderstandings Uses Electronic Data Interchange (EDI) as the standard protocol for allowing disparate computing platforms to communicate without additional investments in the application systems. Easy to use, requires little training Used to automate transactions, reducing cost and cycle time
13 Electronic Data Interchange (EDI) Electronic Data Interchange The transmission of electronic business forms between business partners (e.g. purchase order) Typically used by large organizations via VAN very expensive The internet (VPN) has opened this technology to smaller firms Utilizes universal standard transmission protocols to communicate and transmit data between different systems. How it works EDI transactions are supported by two types of network methods: 1.VAN (Value Added Network) 2.VPN (Virtual Private Network)
14 Value Added Network (VAN) VAN (Value Added Network) providers are private network operators that provide guaranteed delivery. The VAN is responsible for routing, storing and delivering EDI messages. They also provide delivery reports. VANs may be operated by various entities: telecom companies; industry group consortia; a large company interacting with its suppliers/vendors.
15 Virtual Private Network (VPN) Virtual Private Network (VPN) is a secure network technique to protect extranet communications over an IP network Uses a technique called tunneling to encapsulate, encrypt, and transmit data over the Internet Requires server authentication (verify user with password) to allow operation May be managed as a fully integrated, end-to-end dedicated private network. Similar to a VAN utilizes the IP network backbone and is a more cost-effective option for SME s.
16 Extranet Applications
17 ebusiness/ ecommerce B2C, B2B, B2E, C2C
18 Electronic Business Defined
19 Types of Electronic Commerce
20 The Growth of B2C E-commerce
21 The Growth of B2B E-commerce
22 The Evolution of the Web
23 Stages of E-Commerce Maturity
24 E-Commerce Impact to Competiveness Enables new products and services Encourages substitute products Lowers barrier to entry Changes balance of power of customers and suppliers Transforms some industries Creates new opportunities for creating new markets, building brands, and large customer bases
25 ebusiness/ ecommerce Strategy and Competitiveness
26 Traditional vs. Strategy Support Process Example AVIS RENTA CAR Using handheld technology combined with a reengineered business process to create a competitive advantage
27 Impact of the Web: Disintermediation
28 Electronic Commerce Business Strategies
29 Developing a Competitive Business Strategy
30 Developing a Competitive Business Strategy How does it optimize its value process?
31 Developing a Competitive Business Strategy Use the value chain to: Plan for a better way of meeting customer demands. Identifying processes that add value. Identifying processes that reduce value.
32 Developing a Competitive Business Strategy Differentiator adding value to the process
33 Value Chain Integration
34 ebusiness/ ecommerce Web 2.0/ M-Commerce
36 EC Models Bus Consumer Gov t Often referred to as Web 2.0 (Social Networking)
37 Web 2.0 Features and Services Blogs Personal Web page that typically contains a series of chronological entries by its author, and links to related Web pages Really Simple Syndication (RSS) Program that allows users to have digital content automatically sent to their computers over the Internet
38 Web 2.0 Features and Services Podcasting Audio presentation stored as an audio file and available for download from Web Wikis Allows user to easily add and edit content on Web page New music and video services Video-casts Digital video on demand
39 The Mobile Platform Most recent development in Internet infrastructure Enables access to the Internet via wireless networks or cell-phone service Mobile devices include Tablets Smartphones Ultra-lightweight laptops
40 Mobile Commerce in Perspective Global M-commerce spending: Mobile retail sales grew from $20.9 billion (2012) to $34.2 billion (2013) or 64% E-Bay accounts for $20 billion sales 90% of consumers trust recommendations from friends, and another 70% trust consumer opinion and brand websites Only 62% of consumers trust TV, and only about four in 10 (41%) trust search engine ads By 2019, 60 percent of the projected 9.3 billion mobile subscriptions will be for smartphones. 3G networks will cover 90 percent of the world's population, while 65 percent will be covered by 4G LTE networks.
41 B2B vs B2C vs MC
42 ebusiness/ ecommerce Establishing an ecommerce Website
43 Front & Back-End Systems
44 Front-End Systems Front- end (client) systems are those processes with which a user interfaces, and over which a customer can exert some control. For an ebusiness, front-end systems are the Web site processes that customers use to view information and purchase products and services.
45 Back-End Systems Back-end (server) systems are those processes that are not directly accessed by customers. Back-end systems include the business s TPS and MIS systems that handle the accounting and budgeting, manufacturing, marketing, inventory management, distribution, order-tracking, and customer support processes.
46 Establishing an ecommerce Web Site Dedicated Server business sets up own server to serve ebusiness web pages connect to Internet through a dedicated line install proper software for managing server and creating Web pages expert staff required offers most control
47 Web Hosting Services Hosting company offers space on its server for the hosting of Web sites may provide software tools for flexible page development majority of businesses do not maintain their own Web server; they use host services;
48 Showing Your ebusiness on Customer Screen Storefront: can have your own business on one separate web page OR Cybermall hosts pages of many businesses and users browse them all Users who enter one mall store may also visit yours out of curiosity
49 Outsourcing Web Operations Using a web hosting service provides an ebusiness with several advantages. A web hosting service has a staff available 24 hours a day with the technical knowledge to keep the servers and network connections running. A web hosting company can provide a level of redundancy that an ebusiness may not be able to provide for itself, including redundant hard drives on the servers, backup power from generators, and redundant connections to the internet.
50 Outsourcing cont d One disadvantage of outsourcing Web site operations is lack of control. One solution to this lack of control is for an ebusiness to provide its own servers and software and simply co-locate its servers at the Web hosting company facilities.
51 ebusiness/ ecommerce General ebusiness Security
52 General ebusiness Security Businesses must protect against the unknown. New methods of attacking networks and Web sites and new network security holes are being constantly discovered or invented. An ebusiness cannot expect to achieve perfect security for its network and Web site
53 General ebusiness Security cont d How is the data protected once it is delivered to the ebusiness? How are credit card transactions authenticated and authorized? The biggest potential security problem in an ebusiness is of human, rather than electronic, origin. The weakest link in any security system is the people using it.
54 Network and Web Site Security An entire glossary of words and phrases identifies network and web security risks, such as hacker, cracker, Trojan horse, and more. As part of planning a startup ebusiness s security, management should become familiar with network and web server security risk terminology
55 Denial of Service Attacks A type of attack designed to disable a web site by flooding it with useless traffic or activity. Distributed denial of service attack uses multiple computers to attack in a coordinated fashion. Risk is primarily centered around downtime or lack of web site availability. Defenses exist for these attacks.
56 Credit Card Fraud & Data Theft ebusiness is at risk from credit card fraud from stolen data. Secure your own data. Verify the identity of your customers and the validity of the incoming credit card data. Identity theft by a criminal masquerading as someone else, is a too common problem.
57 Information System Security IS Security Precautions taken to keep all aspects of information systems safe from unauthorized access Phishing is the act of attempting to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication such as social web sites, auction sites, banks, online payment processors. Phishing s may contain links to websites that are infected with malware. Phishing is typically carried out by spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.
59 IS Security Managerial Techniques Organizational Policies and Procedures * Acceptable Use Policies formally document how systems should be used, for what, and penalties for non-compliance Backups and Disaster Recovery * Backups taking periodic snapshots of critical systems data and storing in a safe place or system (e.g. backup tape) Disaster Recovery Plans spell out detailed procedures to be used by the organization to restore access to critical business systems (e.g. viruses or fire) Disaster Recovery executing Disaster Recovery procedures using backups to restore the system to the last backup if it was totally lost
60 Spyware, Spam, and Cookies * Spyware * Any software that covertly gathers information about a user through an Internet connection without the user s knowledge Problems: uses memory resources, uses bandwidth, and can cause system instability Prevention: Firewalls and Anti-spyware software Spam * Electronic junk mail or junk newsgroup postings usually for purpose of advertising some product and/or service Problems: nuisance, wastes time deleting, uses storage Prevention: Spam Blocker software Cookies * A message passed to a browser from a Web server. Used by legitimate programs to store state and user information Problems: can be used to track user activities Prevention: browser settings, firewall
61 Security Threat: Viruses* Viruses * Programs that can attack a computer and/or a network and delete information, disable software, use up system resources, etc. Prevention Steps: * AntiVirus software: Install this software which is designed to block all known viruses and offers automatic or manual updates to virus patterns to block future viruses No Disk Sharing Viruses can be transferred to clean computers by inserting disks containing infected files Delete Suspicious Messages Do not open suspicious messages Delete Only! Report Viruses If you get a virus, report it to you network administrator immediately!
62 Security Technology: Biometrics
63 Management Information Systems (MIS) End of Lecture 11-1
ACS 1803 Final Exam Topic Outline I. Enterprise Information Systems a. Enterprise systems vs. inter-organisational systems b. Value Chain Analysis ii. Primary Activities iii. Support Activities iv. Information
1- A (firewall) is a computer program that permits a user on the internal network to access the internet but severely restricts transmissions from the outside 2- A (system failure) is the prolonged malfunction
E Commerce and Internet Security Zachary Rosen, CFE, CIA President, ACFE Czech Republic Chapter Introduction The Internet has become a global phenomenon reshaping the way we communicate and conduct business.
Lectures 9 Advanced Operating Systems Fundamental Security Computer Systems Administration TE2003 Lecture overview At the end of lecture 9 students can identify, describe and discuss: Main factors while
E-Commerce Security and Fraud Protection CHAPTER 9 LEARNING OBJECTIVES 1. Understand the importance and scope of security of information systems for EC. 2. Describe the major concepts and terminology of
National Cyber Security Month 2015: Daily Security Awareness Tips October 1 New Threats Are Constantly Being Developed. Protect Your Home Computer and Personal Devices by Automatically Installing OS Updates.
MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected
Technology In Action 1 Technology In Action Chapter 3 Using the Internet: Making the Most of the Web s Resources 2 Topics Internet basics Internet data Internet service providers Web browsers URLs Hyperlinks
Computer Security and Privacy 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Guidelines for Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures
Internet Security Why is a strong password important? Identity theft motives: To gain access to resources For the challenge/fun Personal reasons Theft methods Brute forcing and other script hacking methods
Whitepaper Brainloop Cloud Security Guide to secure collaboration in the cloud www.brainloop.com Sharing information over the internet The internet is the ideal platform for sharing data globally and communicating
INFO 1500 9. Information Assurance and Security, Protecting Information Resources 11. ecommerce and ebusiness Janeela Maraj Tutorial 9 21/11/2014 9. Information Assurance and Security, Protecting Information
Certified Information Systems Auditor (CISA) Course Introduction Course Introduction Module 01 - The Process of Auditing Information Systems Lesson 1: Management of the Audit Function Organization of the
BE SAFE ONLINE: Lesson Plan Overview Danger lurks online. Web access, social media, computers, tablets and smart phones expose users to the possibility of fraud and identity theft. Learn the steps to take
Test Out Online Lesson 12 Schedule Section 12 MUST BE COMPLETED BY: 4/22 Section 12.1: Best Practices This section discusses the following security best practices: Implement the Principle of Least Privilege
Chapter 7 Information System Security and Control Essay Questions: 1. Hackers and their companion viruses are an increasing problem, especially on the Internet. What can a digital company do to protect
Cyber Security An Executive Imperative for Business Owners SSE Network Services www.ssenetwork.com 77 Westport Plaza, St. Louis, MO 63416 p 314.439.4700 f 314.439.4799 Pretecht SM by SSE predicts and remedies
OCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875 Understanding Information Security Information Security Information security refers to safeguarding information from misuse and theft,
E-BUSINESS THREATS AND SOLUTIONS E-BUSINESS THREATS AND SOLUTIONS E-business has forever revolutionized the way business is done. Retail has now a long way from the days of physical transactions that were
Network Security and the Small Business Why network security is important for a small business Many small businesses think that they are less likely targets for security attacks as compared to large enterprises,
Chapter 11 Manage Computing Securely, Safely and Ethically Discovering Computers 2012 Your Interactive Guide to the Digital World Objectives Overview Define the term, computer security risks, and briefly
Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential
Competency: Defend and Attack (virus, spam, spyware, Trojans, hijackers, worms) 1. Identify basic security risks and issues to computer hardware, software, and data. 2. Define the various virus types and
COB 302 Management Information System (Lesson 8) Dr. Stanley Wong Macau University of Science and Technology Chapter 13 Security and Ethical Challenges 安 全 與 倫 理 挑 戰 Remarks: Some of the contents in this
IIABSC 2015 - Spring Conference Cyber Security With enough time, anyone can be hacked. There is no solution that will completely protect you from hackers. March 11, 2015 Chris Joye, Security + 1 2 Cyber
Achieving Truly Secure Cloud Communications How to navigate evolving security threats Security is quickly becoming the primary concern of many businesses, and protecting VoIP vulnerabilities is critical.
Provided by: December 2014 Oliver James Enterprise DON T BE FOOLED BY EMAIL SPAM FREE GUIDE 1 This guide will teach you: How to spot fraudulent and spam e-mails How spammers obtain your email address How
A1 Terminology-Ilir Term Definition Image Digital literacy Directory Digital literacy is the knowledge, skills, and behaviors used in a broad range of digital devices such as smartphones, tablets, laptops
Identity Theft CHRISTOS TOPAKAS Head of Group IT Security and Control Office Agenda Identity Theft Threats and Techniques Identity Theft Definition and Facts Identity Theft & Financial Institutions Prevention
0 Multiple Choice Questions: 1. What is the difference between information technology (IT) and a management information system (MIS)? A) IT is a type of MIS B) MIS is a type of IT C) IT and MIS are the
Brief Contents 1 Introduction Part One: Information Technology Infrastructure 2 Information Technology Foundations 3 Networks and Telecommunications 4 Database Management Part Two: Business Integration
PC Security and Maintenance by IMRAN GHANI PC Maintenance and Security-Forecast. Major sources of danger. Important steps to protect your PC. PC Security Tools. PC Maintenance Tools. Tips. PC Security-
Practical guide for secure Christmas shopping Navid 1 CONTENTS 1. Introduction 3 2. Internet risks: Threats to secure transactions 3 3. What criteria should a secure e-commerce page meet?...4 4. What security
3GPP TSG SA WG3 Security S3#34 S3-040583 6-9 Jul 2004 updated S3-040566 Acapulco, Mexico Title: Selective Disabling of UE Capabilities; updated S3-040566 based on the comments on SA3 mailing list Source:
JK0 015 CompTIA E2C Security+ (2008 Edition) Exam Version 4.1 QUESTION NO: 1 Which of the following devices would be used to gain access to a secure network without affecting network connectivity? A. Router
Web Foundations Series Internet Business Associate Internet Business Associate prepares students to work effectively in today's business environment. In this course, you will learn about the tasks involved
Rajan R. Pant Controller Office of Controller of Certification Ministry of Science & Technology email@example.com Meaning Why is Security Audit Important Framework Audit Process Auditing Application Security
LOUISIANA BROADBAND INITIATIVE Keeping Your Computers Safe First in a series of White Papers: Staying Safe Online David Moore State Broadband Grant Program Director The 2012 Louisiana State Broadband Survey,
Spyware Michael Glenn Technology Management Michael.Glenn@Qwest.com Agenda Security Fundamentals Current Issues Spyware Definitions Overlaps of Threats Best Practices What Service Providers are Doing References
Ten Tips for Managing Risks on Convergent Networks The Risk Management Group April 2012 Sponsored by: Lavastorm Analytics is a global business performance analytics company that enables companies to analyze,
1. Obtain previous workpapers/audit reports. FIREWALL CHECKLIST Pre Audit Checklist 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review. 3. Obtain current network diagrams
Basics of Internet Security Premraj Jeyaprakash About Technowave, Inc. Technowave is a strategic and technical consulting group focused on bringing processes and technology into line with organizational
3GPP TSG SA WG3 Security S3#34 S3-040682 6-9 Jul 2004 updated S3-040632 Acapulco, Mexico Title: Selective Disabling of UE Capabilities; updated S3-040583 based on the comments in SA3#34 meeting Source:
Last updated: March 4, 2014 Stable and Secure Network Infrastructure Benchmarks 501 Commons has developed a list of key benchmarks for maintaining a stable and secure IT Infrastructure for conducting day-to-day
THE HOME LOAN SAVINGS BANK Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This presentation is
January 2012 Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media January 2012 All contents are Copyright 1992 2012 Cisco Systems, Inc. All rights reserved. This document
Corporate Account Takeover & Information Security Awareness Customer Training No computer system can provide absolute security under all conditions. NO SECURITY MEASURE OR LIST OF SECURITY MEASURES CAN
WHAT ARE THE BIGGEST THREATS TO BUSINESS DATA SECURITY? Contents Introduction... 3 Primary Sources of Security Threats... 3 Instant Messaging... 3 Email... 4 Optical and Flash Media... 4 Social Media...
David Watterson & Ross Cavazos Chief Information Officer IT Director City of Billings Yellowstone County Local Government IT Group Vice-Chairmen Classic Battle of Good vs Evil GOOD EVIL Firewall E-Mail
Helping Your Computer Survive the Zombie Apocalypse Presentation to UCHUG - 11/06/13 G. Skalka What Happens When the Zombie Apocalypse Comes? Evil forces are out to get you You don t know who can be trusted
Network Security: 30 Questions Every Manager Should Ask Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting Network Security: 30 Questions Every Manager/Executive Must Answer in Order
We are a volunteer-based organization that is spreading cyber awareness and creating a cyber first responders unit. We participate in several team-based competitions a year to serve as training and experience
INFORMATION SECURITY FOR YOUR AGENCY Presenter: Chad Knutson Secure Banking Solutions, LLC CONTACT INFORMATION Dr. Kevin Streff Professor at Dakota State University Director - National Center for the Protection
Brazosport College VPN Connection Installation and Setup Instructions Draft 2 March 24, 2005 Introduction This is an initial draft of these instructions. These instructions have been tested by the IT department
Monitoring mobile communication network, how does it work? How to prevent such thing about that? 潘 維 亞 周 明 哲 劉 子 揚 (P78017058) (P48027049) (N96011156) 1 Contents How mobile communications work Why monitoring?
Injazat s Managed Services Portfolio Overview Premium Managed Services to Transform Your IT Environment Injazat s Premier Tier IV Data Center is built to offer the highest level of security and reliability.
Top tips for improved network security Network security is beleaguered by malware, spam and security breaches. Some criminal, some malicious, some just annoying but all impeding the smooth running of a
Cisco IT Best Practice Collaboration Security Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media January 2012 2013 Cisco and/or its affiliates. All rights reserved.
CHAPTER ELECTRONIC COMMERCE SYSTEMS This chapter discusses one of the most visible segments of the business world today e-commerce. In general terms, the issues involve the electronic processing and transmission
WHITE PAPER Understanding How File Size Affects Malware Detection FORTINET Understanding How File Size Affects Malware Detection PAGE 2 Summary Malware normally propagates to users and computers through
Data Management & Protection: Common Definitions Document Version: 5.5 Effective Date: April 4, 2007 Original Issue Date: April 4, 2007 Most Recent Revision Date: November 29, 2011 Responsible: Alan Levy,
- 2 - Malware & Botnets The Internet is a powerful and useful tool, but in the same way that you shouldn t drive without buckling your seat belt or ride a bike without a helmet, you shouldn t venture online
Network Security Demo: Web browser Email Messages An email message can be instantly forwarded around the globe, even if accidentally. Do not write anything in a message that you will later regret! Read
Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect
JUNE 1, 2012 SalesNOW Security Policy v.1.4 2012-06-01 v.1.4 2012-06-01 1 Overview Interchange Solutions Inc. (Interchange) is the proud maker of SalesNOW. Interchange understands that your trust in us
MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file
10 Best Practices to Protect Your Network presented by Saalex Information Technology and Citadel Group Presented by: Michael Flavin and Stan Stahl Saalex Information Technology Overview Saalex Information
ACS 1803 Final Exam Topic Outline IV. Functional Area Information Systems a. Financial Information Systems (Lecture Outline 5.1) i. Budgeting Systems ii. Cash Management Systems iii. Capital Management
TRAINING FOR AMERICAN MOMENTUM BANK CLIENTS Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This
How to stay safe online Everyone knows about computer viruses...or at least they think they do. Nearly 30 years ago, the first computer virus was written and since then, millions of viruses and other malware