IT AND IS THE PROS AND CONS

Information technology and information systems the pros and Cons

With the new age we are living in comes the induction of the technological tide, sweeping across every sector of this diverse world, from health to government, to sports to environmental issues and the entertainment world at large. Yes, technology has managed to seep its way into all these various dimensions. This article serves to discuss a few other aspects that we find technology bringing about pros and cons.

Education

Advantages

E-learning; It has brought a lot of benefits to the world of education; nowadays there are advances such as e-learning where people can acquire degrees over leaning online, which gives people  opportunities to study material from abroad from the comfort of their homes.

Practical ways of learning ;IT has also brought about the practicality of learning for many areas of study ,for example air flight simulations, though the use of IT software has been incorporated into many aviation school to give students a feel of how it is to fly an aircraft before they can do the actual thing.

Innovative ways of sharing knowledge, IT and its services has also brought about innovative ways of sharing knowledge to bridge the gap between the educated and non- educated. For instance the ‘talking radio’ a new innovation that has been made to help share knowledge with people in rural settings where there is no electricity and most of the people there are uneducated.

http://vimeo.com/8003275 follow link to view video

Disadvantages

While IT has brought about such brilliant benefits it does have the disadvantages.

Illegitimate Information overload; These days when we talk of technology people immediately think of the internet and a lot of times though it can be beneficial the internet also poses as a danger, it holds immense amounts of information some of which is totally from legitimate sources and some which is simply contorted by imposters. This is a problem because students end up using information that is not legit and it can feed them with wrong thinking, this poses as a hindrance to learning.

Reduced use of reading material; With IT innovation such as the internet comes the ever famous techniques of copy and paste of which if really looked into have become an impediment to the learning process as students tend to just copy and paste things, these days it is rare to find students actually reading books from a shelf, and as a result the knowledge they have is lacks content and it is very flaky, resulting in inability to apply.

Wider technology gap; yes Information technology results in this too  ,because as more people get educated more ways are put up to educate even more people, but how many can afford to actually get learning facilities on line ,or purchase technology devices to help aid their learning ,not many and as such ,this widens the gap between the computer literate and those who are not computer literate. Which means that there is an education whole there is been created in a country’s development.

Growth of the organization,

The concept of organizational development has been an important research

Agenda for decades. This portion of the article looks into the benefits and identified disadvantages that IT OR IS has on the growth of an organization.

Throughout the business world information technology has proved its self to be a catalyst in the growth of organizations. There is proof of organizations that have boomed to the top because of the induction of information technology or IS into the daily operations of the organization.

Advantages

Cost effectiveness – When business processes become cost effective an organisation is able to grow because all the costs being saved are spread out into other areas of the organisation and thus contributing to its growth. Information technology has helped to computerize the business process thus streamlining businesses to make them extremely cost effective money making machines. This in turn increases productivity which ultimately gives rise to profits that means better pay and less strenuous working conditions.

Time saving: Information technology helps an organisation to save time, and saving time means that more processes are done in a smaller amount of time, this brings a rises to high levels or production in lesser time which will eventually lead to profit and as profit comes in this means more improvements and eventually tangible growth in the organisation structure in terms of management and also infrastructure.

Communication - With the help of information technology the gap in organisational communication has been bridged because now departments are able to communicate even more smoothly, It also helps to connect the departments making the flow of information faster and quicker thereby resulting in productivity of which in time will lead to organisational growth.

Disadvantages

High cost of implementation; The cost of implementing Information technology within an organisation is very high, for some organisations this can cripple the organisation’s growth especially if the technology implemented fails to deliver the expected results. This means that there are parts of the organisation that are hindered from growing because there is an insufficiency of funds where they are concerned.

High job requirements, for an organisation to really grow a change must be implemented and with this change comes the induction of advanced processes, in today’s world many organisations are lacking behind in terms of growth because they have posts for advanc3ede technological position which people do not have the qualifications to fill. This results in some departments being dormant and eventually hindering the growth of the organisation.

Need of expertise; Using information technology in n organisation means that experts have to be employed in order to help in the running of the systems and even training of the existing employees, all of this means more and more spending for the organisation which will result in a hindrance of growth.

Interpersonal Skills of an individual

According to my own understanding Interpersonal skills here refers to the skills that a person uses to get on well with others. So here we are dealing with the science of relation with other people.

Advantages

Finding an advantage for technology in a world crowded by the disadvantages especially to young individuals is indeed a difficult, so I will draw from my own experiences.

Learning of new vocabulary; Throughout the use of technology I have picked up a lot of useful vocabulary in terms of English language which has helped me be able to communicate better with others and in situations where required I have been able to communicate formally in the English language too.

Learning of new languages; the ability to communicate in someone else’s language is a great thing according to me. With using technology especially the internet I have been able to pick up some basics in different languages, this has helped my interpersonal skills in a great way especially when it comes to relation to people from different countries especially because I am studying in a foreign country. I find that I am less anxious around other foreigners because when I say a basic in their language it is able to start a conversation which later ends in a friendship.

Disadvantages

Depersonalisation of relationships

Information technology has seemingly brought information closer but at the same timer for some people it has totally annihilated the aspect of communication with other people. With the rise of the use of IT comes the isolation of people from the society ,in today’s world of blogging and online chat and social networking people become more isolated living virtual lives which brings about a depersonalisation of relationships due to a failure to effectively communicate with other people.

Gives rise to interpersonal disorders; This may sound bizarre but yes because of the increased use of online communication there have been proven research of such disorder which have been detected because o this ,for example some for the disorders that affect a person’s interpersonal skills are Avoidant personality disorder is a psychiatric condition in which a person has a lifelong pattern of feeling extremely shy, inadequate, and sensitive to rejection. And Schizoid personality disorder (SPD) is a personality disorder characterized by a lack of interest in social relationships.

Sources:

http://www.ncbi.nlm.nih.gov/pubmedhealth/PMH0001918/

http://computer-technology-information.blogspot.com/2011/04/is-computer-technology-harming-our.html

http://www.slideshare.net/CEP810/group-2-technology-and-social-skills-158820

http://www.smallbusinessbible.org/advan_disadvan_informationtechnology.html

Disaster Recovery Plan

When disaster strikes an organization ,the first thing that will come to mind would be a disaster recovery plan,why because this offers business continuity.

Without a recovery of data then the business is completely doomed because it relies heavily on information and data for it to run.

The question that may arise now is What exactly is a disaster recovery plan?

Disaster recovery plan can best be define as a document that explores how a network recovers from a disaster that either imperils its data or stops its functioning.

With a disaster recovery plan in place an organization is more prepared for the unexpected.But in order to maximize the use of the disaster recovery plan the plan its self must focus on problems that are at least likely to occur.Not on problems that do not even occur in the environment that the organization is.

An example of disaster scenarios:
   An electrical problem of some kind of causes power failure

·         A structural building failure.

Format for a disaster recovery plan

Introduction and statement of purpose

Why the plan has been written,what is the intended goal or ain=m of it.

This should include information about who developed it and how it can be kept current.

Authority

This part has to do with the designation of responsibility over the plan,as in who will coordinate the execution of the plan and the line of succession

Scope of the pl;an

Events planned for ,where the writer has to itemize each of the events that the plan is put in place for

Locations planned for

This is especially essential if there is more than one building involved so there is a need to indicate which sites are covered

Relationship to other plans If the organization has other plans then it is important to highlight how these plans will relate with the disaster recovery plan.

Emergency procedures this mostly has to do with who is to put the plan into use and under what circumstances exactly.

Benefits of a disaster recovery plan

Improved Technology this is because there is a need to improved IT systems in order to fulfill recovery objectives,this makes your IT system more consistent with the plan at hand

Fewer disruptions.,as a result of improved IT there will be fewer disruptions since the IT systems will now be more stable than in  the past

Higher quality services

Because of improved technology there is a higher chance for the organization to improve services

Competitive edge
having a good disaster recovery plan gives a company bragging rights over its rivals because the organization is able to claim higher availability and reliability.

With today's increasing technology solutions a disaster recovery plan is one of the essentials of any business  Or organization.But it is important to recognize that though this technology improvements come with great solutions there is a need for the solutions such as the disaster recovery plans to become even more complex in order to stay at par with up coming threats to the computer system,everyday there is new threat that pose harm to the world of computing and so increasing the complexity of the recovery plan is very essential .

Sources

Introduction to nursing informatics, Volume 243

 By Kathryn J. Hannah, Marion J. Ball, Margaret J. A. Edwards

IT disaster recovery planning for dummies

 By Peter Gregory

Risk management 15 wed 2011

ISOM TUTORIAL ON RISK MANAGEMENT

Risk can be defined as the potential harm to a system that may arise.

 From the IT security perspective, risk management is the process of

 understanding and responding to factors that may lead to a failure in the confidentiality, integrity or availability of an information system.

5 information System risks

•         Human errors

It is of no doubt that Humans are not able to work with the same constancy as

Machines therefore the case of human error is highly likely in any organization, sometimes it may be due to a direct error by a hum n which can cause a malfunction in the system or incomplete or incorrect information. An example could be when a person fails to understand an instruction given by the system and later on getting a different response that the expected one.

•            Environmental hazards

These are usually considered as the harms that are outside human control they, in most if not all cases there is nothing to be done to stop them,,in recent news Japan had been hit by a natural disaster, yet they had setup a system to detect the natural disaster beforehand but despite their efforts to protect themselves for such situations it still took place bringing a devastation impact. Natural disasters such as earthquakes can cause communication disruption and even total annihilation of computer hardware and software.

•            Computer systems failures

A system failure may often occur because of a number of reasons, some of which include poor design or lack of good quality control and poor development practices, An example of poor development practices causing a system failure can be found in the experience of the Pentagon’s National Reconnaissance Office (NRO). The inadequate testing of the delivery system of Titan IV rocket. Two Titan rockets were lost, meaning that expensive military equipment necessary to the U.S. Governments defence program (namely early warning satellites) were unable to be deployed. The head of the N.R.O. has attributed this error to “a misplaced decimal point” in software, which controlled the rocket.

•            Intentional threats

An intentional threat is usually one that is device by a culprit to intentionally cause harm to systems operation. Such threats include deliberate manipulation of data, sabotage, theft of data down to the inappropriate use of it. For example corporate espionage which is Acquisition of trade secrets from business competitors. This can be done by means of computer tapping and many other ways. For instance In the early ’90s allegations came to light that Avant!, a Silicon Valley software company, had stolen code from a rival company, Cadence design systems.

•            Cyber Crime

Any crime that involves a computer and a network can be classified as a cyber crime. These are common to hackers and activities such as data tampering and programming fraud. An example is the Nasa incident which took place Seven hours after the Columbia shuttle tragedy a hacking group struck down nine servers belonging to NASA's Jet Propulsion Laboratory (JPL).

The digital attacks were recorded around 22:15 GMT and carried on in succession until 23:54 GMT. All nine JPL.NASA.GOV servers were running on the Sun Solaris operating system at the time.
Ways to prevent system risks

·         Virus protection

Using a virus to keep the system for being vulnerable to attacks acan be a way to control risks

·         Encryption

Refers to the act of putting data in a way that can be understood by the authorized people. For example using Public-key cryptography which is used algorithmic keys to read data form a sender to an intended recipient

·         Audit trail

This is a sequence of steps supported by proof documenting the real processing of a transaction flow through an organization, a process or a system. They can help to protect information from unauthorized use and increase visibility into enterprise processes.

·         Backup

Regular backups, with at least a weekly copy of the backed-up data kept off-site are, of course, a necessity and the most effective way to minimize data loss when inevitable hardware breakdowns occur.
Types of audits
Internal
Internal Auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes
Objective

·         An internal audit looks more into forming an opinion on the adequacy and effectiveness of systems of risk management and internal control.

·         Scope

The scope here lies on checking every other operation in the organization.
External

·         Objective

An external audit seeks to test the underlying transactions that form the basis of the financial statements. In other words, an external auditor reviews the control procedures and many other operations as their overall evaluation of internal controls.

·         Scope

The Scope of an external Audit is check financial statement

http://www.laserfiche.com/en-US/Products/Audit-Trail
http://www.google.com.my/search?q=HUMAN+ERROR%2BRISK+MANAGEMENT&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a
http://www.sans.org/reading_room/whitepapers/auditing/introduction-information-system-risk-management_1204
http://www.responsiblenetizen.org/139457-How-to-Prevent-Computer-Security-Risk-and-How-to-Keep-Your-Small.html

Risk management for Capital bank Limited

Risk

Capital bank Limited has internet banking but to analyze the kinds of risks involved with the online banking system there should be an understanding of what kind of internet banking the bank majors in.For capital bank limited their online banking system is more on to transactional banking which carries the highest risk in the E-banking today.Although their online system carries some  features of communicative and informational internet banking the main focus for this project would be drawn to Transactional internet banking.

Transactional banking at Capital Bank limited allows customer to execute financial transactions online.For instance with capital banking the system allows the customer to do inter account,internal and domestic Funds transfers.

Current risks identified

Transactions risk

‘This is the current and prospective risk to earnings and capital arising from fraud, error, negligence and the inability to maintain expected service levels.’

(http://www.isaca.org/Journal/Past-Issues/2001/Volume-6/Pages/Risk-Management-for-Internet-Banking.aspx)

Denial of service attack

‘An attempt to extort money from legitimate users of an internet service by threatening to prevent the user from accessing the service.’( Criminology

 By Larry J. Siegel,2000)

With Siege of various financial crimes taking place capital Bank is prone to the risk of Denial of service attacks.

Hacking

Hacking is the practice of modifying the features of a system, in order to accomplish a goal outside of the creator's original purpose.There are many cases of Hacking and because the current system uses Microsoft system resources which have proven to be the most prone to hacking attacks.

Phishing

According to word spy.com Phishing is the act of fooling a computer user into submitting personal information by creating a counterfeit website that looks like a real (and trusted) site. It is a hacker technique of "fishing" for passwords and other secret financial information.

This is a practice which is very common nowadays,Capital bank has faced phishing attack as the bank rose to prominence in the public.

Vishing
Using the telephone to collect peoples personal and financial data  (Stopping Identity Theft: 10 Easy Steps to Security

 By Scott Mitic,2001).Although this is not really an online risk but it is one of the prominent cases of financial crimes faced by Capital bank.Impostors usually fool customers into giving their details over the phone.

Combating Risk

Capital bank has taken various measures to address the issues of Risk that the banks is facing,On their websites they have described the various and most common attacks and they actual go into advising the readers on what to do if faced with such problems,there are precautions outlined to help people to be highly conscious of these crimes before they become a noticeable target.

 

Apart from that the bank has also installed firewalls to its main systems ,they system that is currently the banks back bone system;Flex cube has its own inbuilt security system.Oracle FLEXCUBE Direct Banking addresses all aspects of internet banking

security, at both the transmission and application levels. The solution offers

advanced transmission security features to resolve issues of mutual authentication,

message privacy, and data integrity.