E-Business, E-Commerce



Similar documents
10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

i. Definition ii. Primary Activities iii. Support Activities iv. Information Systems role in value chain analysis

E Commerce and Internet Security

National Cyber Security Month 2015: Daily Security Awareness Tips

9. Information Assurance and Security, Protecting Information Resources. Janeela Maraj. Tutorial 9 21/11/2014 INFO 1500

Lectures 9 Advanced Operating Systems Fundamental Security. Computer Systems Administration TE2003

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

Brainloop Cloud Security

BE SAFE ONLINE: Lesson Plan

Why is a strong password important?

How to Search the Internet

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

Chapter 11 Manage Computing Securely, Safely and Ethically. Discovering Computers Your Interactive Guide to the Digital World

OCT Training & Technology Solutions Training@qc.cuny.edu (718)

E-Commerce: Challenges and Issues ดร.มนต ช ย โศภ ษฐกมล ภาคว ชาว ศวกรรมคอมพ วเตอร คณะว ศวกรรมศาสตร มหาว ทยาล ยเกษตรศาสตร

Network Security and the Small Business

Chapter 10 Objectives. Chapter 10 E-Commerce: A Revolution in the Way We Do Business. What Is E-Commerce? What Is E-Commerce? What Is E-Commerce?

COB 302 Management Information System (Lesson 8)

FBLA Cyber Security aligned with Common Core FBLA: Cyber Security RST RST RST RST WHST WHST

Chapter 7 Information System Security and Control

Network Security: Introduction

Certified Information Systems Auditor (CISA)

Module 6. e-business and e- Commerce

Achieving Truly Secure Cloud Communications. How to navigate evolving security threats

Section 12 MUST BE COMPLETED BY: 4/22

Internet threats: steps to security for your small business

E-BUSINESS THREATS AND SOLUTIONS

Cyber Security. An Executive Imperative for Business Owners. 77 Westport Plaza, St. Louis, MO p f

How to Identify Phishing s

Brief Contents. Part Three: Decisions and Strategies. Part One: Information Technology Infrastructure. Part Four: Organizing Businesses and Systems

Spyware. Michael Glenn Technology Management 2004 Qwest Communications International Inc.

PC Security and Maintenance

JK0 015 CompTIA E2C Security+ (2008 Edition) Exam

CHAPTER 10: COMPUTER SECURITY AND RISKS

DON T BE FOOLED BY SPAM FREE GUIDE. Provided by: Don t Be Fooled by Spam FREE GUIDE. December 2014 Oliver James Enterprise

Rajan R. Pant Controller Office of Controller of Certification Ministry of Science & Technology rajan@cca.gov.np

Directory computing, or folder, a file

Alexander Nikov. 9. Information Assurance and Security, Protecting Information Resources. Learning Objectives. You re on Facebook? Watch Out!

E-BUSINESS SECURITY ASPECTS

How To Deal With A Converged Threat From A Cloud And Mobile Device To A Business Or A Customer'S Computer Or Network To A Cloud Device

Network Security: 30 Questions Every Manager Should Ask. Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting

PROTECT YOUR COMPUTER AND YOUR PRIVACY!

Identity Theft. CHRISTOS TOPAKAS Head of Group IT Security and Control Office

SBA Cybersecurity for Small Businesses. 1.1 Introduction. 1.2 Course Objectives. 1.3 Course Topics

Web Foundations Series Internet Business Associate

How to stay safe online

Malware & Botnets. Botnets

Security Practices for Online Collaboration and Social Media

ACS Final Exam Topic Outline. Functional Area Information Systems. V. Enterprise Information Systems

Corporate Account Takeover & Information Security Awareness. Customer Training

Brazosport College VPN Connection Installation and Setup Instructions. Draft 2 March 24, 2005

1 Introduction. Agenda Item: Work Item:

Stable and Secure Network Infrastructure Benchmarks

INTERNET & COMPUTER SECURITY March 20, Scoville Library. ccayne@biblio.org

Infocomm Sec rity is incomplete without U Be aware,

Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media

WEB PROTECTION. Features SECURITY OF INFORMATION TECHNOLOGIES

Case-study: SwissAir. The Internet Business. Case-study: SwissAir. Case-study: SwissAir. Summary. Summary

WHITE PAPER. Understanding How File Size Affects Malware Detection

Countering and reducing ICT security risks 1. Physical and environmental risks

The information contained in this session may contain privileged and confidential information. This presentation is for information purposes only.

Information Security. Louis Morgan, CISSP Information Security Officer

Content Teaching Academy at James Madison University

Montgomery College Course Designator/Course Number: CS 110 Course Title: Computer Literacy

s Software as a Service (SaaS) offering: T-Suite Making your hard costs soft

Network Security. Demo: Web browser

Basics of Internet Security

Securing mobile devices in the business environment

INFORMATION SECURITY FOR YOUR AGENCY

Don t Fall Victim to Cybercrime:

Top tips for improved network security

Information Technology Cyber Security Policy

SERVICE LEVEL AGREEMENT

Learn to protect yourself from Identity Theft. First National Bank can help.

High Speed Internet - User Guide. Welcome to. your world.

Threats and Attacks. Modifications by Prof. Dong Xuan and Adam C. Champion. Principles of Information Security, 5th Edition 1

Computer Protection. Computer Protection. Computer Protection 5/1/2013. Classic Battle of Good vs Evil. David Watterson & Ross Cavazos

TRAINING FOR AMERICAN MOMENTUM BANK CLIENTS. Corporate Account Takeover & Information Security Awareness

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.

APPENDIX A WORK PROCESS SCHEDULE RELATED INSTRUCTION OUTLINE

How To Manage A Network Safely

Security Basics: A Whitepaper

United Tribes Technical College Acceptable Use Policies for United Tribes Computer System

Data Management & Protection: Common Definitions

Security Policy JUNE 1, SalesNOW. Security Policy v v

ORANGE REGIONAL MEDICAL CENTER Hospital Wide Policy/Procedure

IT Checklist. for Small Business INFORMATION TECHNOLOGY & MANAGEMENT INTRODUCTION CHECKLIST

Course: Information Security Management in e-governance

TELE 301 Network Management. Lecture 18: Network Security

The data which you put into our systems is yours, and we believe it should stay that way. We think that means three key things.

Transcription:

E-Business, E-Commerce Lecture Outline 11 Instructor: Kevin Robertson

Introduction to Information Systems Explain the differences between extranets and intranets as well as show how organizations utilize these environments Describe electronic commerce and how it has evolved Describe the strategies that companies are adopting to compete in cyberspace Describe the stages of business-to-consumer electronic commerce and the key drivers for the emergence of mobile commerce Understand the keys to successful electronic commerce applications Understand general ebusiness security fundamentals

Network Computing Spectrum Intranet/ Extranet/ Internet/ WWW

Network Computing Spectrum

Internet and the World Wide Web Capabilities The Internet Changed Everything: Intranet internal, private network using Web technologies to facilitate transmission of proprietary information within the organization Extranet two or more firms using the Internet to do business together Internet and World Wide Web created an entirely new communications capability for the emergence of Electronic Business (ebusiness) The Internet opened up access to markets by lowering barriers to entry.

Internet and the World Wide Web Capabilities

Network Computing Spectrum

Intranet Architecture

Intranet Architecture Firewalls hardware devices with special software that prevent unauthorized access An intranet server is placed behind the firewall Packets are never routed outside the firewall, but remain within the organizations network

Intranet Applications

Network Computing Spectrum

Extranets Extranets Extranets are secure network architectures that provide customers, suppliers, and employees with access to internal systems. Extranets enable two or more firms to use the Internet to do business together. They are an excellent use of B2B to allow companies to achieve a positive return on their tech investments. Extranet Benefits Improves timeliness and accuracy of communications, thereby reducing errors and misunderstandings Uses Electronic Data Interchange (EDI) as the standard protocol for allowing disparate computing platforms to communicate without additional investments in the application systems. Easy to use, requires little training Used to automate transactions, reducing cost and cycle time

Electronic Data Interchange (EDI) Electronic Data Interchange The transmission of electronic business forms between business partners (e.g. purchase order) Typically used by large organizations via VAN very expensive The internet (VPN) has opened this technology to smaller firms Utilizes universal standard transmission protocols to communicate and transmit data between different systems. How it works EDI transactions are supported by two types of network methods: 1.VAN (Value Added Network) 2.VPN (Virtual Private Network)

Value Added Network (VAN) VAN (Value Added Network) providers are private network operators that provide guaranteed delivery. The VAN is responsible for routing, storing and delivering EDI messages. They also provide delivery reports. VANs may be operated by various entities: telecom companies; industry group consortia; a large company interacting with its suppliers/vendors.

Virtual Private Network (VPN) Virtual Private Network (VPN) is a secure network technique to protect extranet communications over an IP network Uses a technique called tunneling to encapsulate, encrypt, and transmit data over the Internet Requires server authentication (verify user with password) to allow operation May be managed as a fully integrated, end-to-end dedicated private network. Similar to a VAN utilizes the IP network backbone and is a more cost-effective option for SME s.

Extranet Applications

ebusiness/ ecommerce B2C, B2B, B2E, C2C

Electronic Business Defined

Types of Electronic Commerce

The Growth of B2C E-commerce

The Growth of B2B E-commerce

The Evolution of the Web

Stages of E-Commerce Maturity

E-Commerce Impact to Competiveness Enables new products and services Encourages substitute products Lowers barrier to entry Changes balance of power of customers and suppliers Transforms some industries Creates new opportunities for creating new markets, building brands, and large customer bases

ebusiness/ ecommerce Strategy and Competitiveness

Traditional vs. Strategy Support Process Example AVIS RENTA CAR Using handheld technology combined with a reengineered business process to create a competitive advantage

Impact of the Web: Disintermediation

Electronic Commerce Business Strategies

Developing a Competitive Business Strategy

Developing a Competitive Business Strategy How does it optimize its value process?

Developing a Competitive Business Strategy Use the value chain to: Plan for a better way of meeting customer demands. Identifying processes that add value. Identifying processes that reduce value.

Developing a Competitive Business Strategy Differentiator adding value to the process

Value Chain Integration

ebusiness/ ecommerce Web 2.0/ M-Commerce

EC Models Bus Consumer Gov t Often referred to as Web 2.0 (Social Networking)

Web 2.0 Features and Services Blogs Personal Web page that typically contains a series of chronological entries by its author, and links to related Web pages Really Simple Syndication (RSS) Program that allows users to have digital content automatically sent to their computers over the Internet

Web 2.0 Features and Services Podcasting Audio presentation stored as an audio file and available for download from Web Wikis Allows user to easily add and edit content on Web page New music and video services Video-casts Digital video on demand

The Mobile Platform Most recent development in Internet infrastructure Enables access to the Internet via wireless networks or cell-phone service Mobile devices include Tablets Smartphones Ultra-lightweight laptops

Mobile Commerce in Perspective Global M-commerce spending: Mobile retail sales grew from $20.9 billion (2012) to $34.2 billion (2013) or 64% E-Bay accounts for $20 billion sales 90% of consumers trust recommendations from friends, and another 70% trust consumer opinion and brand websites Only 62% of consumers trust TV, and only about four in 10 (41%) trust search engine ads By 2019, 60 percent of the projected 9.3 billion mobile subscriptions will be for smartphones. 3G networks will cover 90 percent of the world's population, while 65 percent will be covered by 4G LTE networks.

B2B vs B2C vs MC

ebusiness/ ecommerce Establishing an ecommerce Website

Front & Back-End Systems

Front-End Systems Front- end (client) systems are those processes with which a user interfaces, and over which a customer can exert some control. For an ebusiness, front-end systems are the Web site processes that customers use to view information and purchase products and services.

Back-End Systems Back-end (server) systems are those processes that are not directly accessed by customers. Back-end systems include the business s TPS and MIS systems that handle the accounting and budgeting, manufacturing, marketing, inventory management, distribution, order-tracking, and customer support processes.

Establishing an ecommerce Web Site Dedicated Server business sets up own server to serve ebusiness web pages connect to Internet through a dedicated line install proper software for managing server and creating Web pages expert staff required offers most control

Web Hosting Services Hosting company offers space on its server for the hosting of Web sites may provide software tools for flexible page development majority of businesses do not maintain their own Web server; they use host services;

Showing Your ebusiness on Customer Screen Storefront: can have your own business on one separate web page OR Cybermall hosts pages of many businesses and users browse them all Users who enter one mall store may also visit yours out of curiosity

Outsourcing Web Operations Using a web hosting service provides an ebusiness with several advantages. A web hosting service has a staff available 24 hours a day with the technical knowledge to keep the servers and network connections running. A web hosting company can provide a level of redundancy that an ebusiness may not be able to provide for itself, including redundant hard drives on the servers, backup power from generators, and redundant connections to the internet.

Outsourcing cont d One disadvantage of outsourcing Web site operations is lack of control. One solution to this lack of control is for an ebusiness to provide its own servers and software and simply co-locate its servers at the Web hosting company facilities.

ebusiness/ ecommerce General ebusiness Security

General ebusiness Security Businesses must protect against the unknown. New methods of attacking networks and Web sites and new network security holes are being constantly discovered or invented. An ebusiness cannot expect to achieve perfect security for its network and Web site

General ebusiness Security cont d How is the data protected once it is delivered to the ebusiness? How are credit card transactions authenticated and authorized? The biggest potential security problem in an ebusiness is of human, rather than electronic, origin. The weakest link in any security system is the people using it.

Network and Web Site Security An entire glossary of words and phrases identifies network and web security risks, such as hacker, cracker, Trojan horse, and more. As part of planning a startup ebusiness s security, management should become familiar with network and web server security risk terminology

Denial of Service Attacks A type of attack designed to disable a web site by flooding it with useless traffic or activity. Distributed denial of service attack uses multiple computers to attack in a coordinated fashion. Risk is primarily centered around downtime or lack of web site availability. Defenses exist for these attacks.

Credit Card Fraud & Data Theft ebusiness is at risk from credit card fraud from stolen data. Secure your own data. Verify the identity of your customers and the validity of the incoming credit card data. Identity theft by a criminal masquerading as someone else, is a too common problem.

Information System Security IS Security Precautions taken to keep all aspects of information systems safe from unauthorized access Phishing is the act of attempting to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication such as social web sites, auction sites, banks, online payment processors. Phishing emails may contain links to websites that are infected with malware. Phishing is typically carried out by email spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.

IS Security Managerial Techniques Organizational Policies and Procedures * Acceptable Use Policies formally document how systems should be used, for what, and penalties for non-compliance Backups and Disaster Recovery * Backups taking periodic snapshots of critical systems data and storing in a safe place or system (e.g. backup tape) Disaster Recovery Plans spell out detailed procedures to be used by the organization to restore access to critical business systems (e.g. viruses or fire) Disaster Recovery executing Disaster Recovery procedures using backups to restore the system to the last backup if it was totally lost

Spyware, Spam, and Cookies * Spyware * Any software that covertly gathers information about a user through an Internet connection without the user s knowledge Problems: uses memory resources, uses bandwidth, and can cause system instability Prevention: Firewalls and Anti-spyware software Spam * Electronic junk mail or junk newsgroup postings usually for purpose of advertising some product and/or service Problems: nuisance, wastes time deleting, uses storage Prevention: Spam Blocker software Cookies * A message passed to a browser from a Web server. Used by legitimate programs to store state and user information Problems: can be used to track user activities Prevention: browser settings, firewall

Security Threat: Viruses* Viruses * Programs that can attack a computer and/or a network and delete information, disable software, use up system resources, etc. Prevention Steps: * AntiVirus software: Install this software which is designed to block all known viruses and offers automatic or manual updates to virus patterns to block future viruses No Disk Sharing Viruses can be transferred to clean computers by inserting disks containing infected files Delete Suspicious Email Messages Do not open suspicious e-mail messages Delete Only! Report Viruses If you get a virus, report it to you network administrator immediately!

Security Technology: Biometrics

Management Information Systems (MIS) End of Lecture 11-1