Author: Ra'fat H. Bandak

One Minute Paper 3: Unit 3 – Lecture 1 video

The subject of the video is Enhancing Business Processes Using Enterprise Information Systems by Dr. David Costa.

The lecture started with what are functional perspective versus business process prospective.

It is good to see the systems in the organization as pyramid with 3 major level types:

  1. Executive information systems (ESS): Strategic Level Systems.
  2. Management Information Systems (MIS): Management Level Systems.
  3. Transaction Processing Systems (TPS): Operational Level Systems which called Functional Areas.

It is straight forward explaining the two processing types, online processing and batch processing with very clear examples.

The lecture gave many challenges questions to think of related to the Enterprise Information Systems like: Enterprise Resource Planning (ERP) Systems, Customer Relations Management (CRM) Systems and Supply Chain Management (SCM) Systems and how to integrate all the systems together which is not an easy task.

I really was wonder of the examples set in the lecture about big companies failed in implementing enterprise information systems.

White Paper 1 Review: Information is a strategic business asset – are you managing it as such?

White Paper Title: Information is a strategic business asset – are you managing it as such?

Author: Arja Julia-Numi from Tieto Corportation

White Paper Link: https://www.tieto.com/sites/default/files/files/information-management-white-paper.pdf

Summary:

The paper is discussing a very important topic regarding information management and define it as the “right decisions and actions at the right time based on correct information” (Arja Julin-Nurmi, 2013). Nowadays organizations receive huge information through their business processes, now the question is how the organization handle the information, process the information and had the information ready on time for right decision making.

Quality of the Research:

The quality of the research is very good as the research question stated clearly and the topic of research is very important and interesting.

The work is original based on the author experience and the company experience in this field.

The author includes all the key points behind having a valuable information system and the component of this information whether it is business data, business information or business knowledge.

The Research Method:

The paper uses qualitative research method based life example from their work. Also, based on implemented projects and the paper gave 4 successful examples.

Quality of Presentation:

It is very good paper and the presentation is very good from start to end, I liked the title of the paper as it includes a question to let reader think about the answer and encourage him/her to read the article. Then the paper continues by describing the issues and set a solution for them all.

References:

Arja Julin-Nurmi. (2013). Information is strategic busniess asset – are you managing it as such? White paper: Information Managemnt, 1-10. Retrieved from https://www.tieto.com/sites/default/files/files/information-management-white-paper.pdf

 

White Paper 2 Review: Protecting Corporate Information in the Cloud

White Paper Title: Protecting Corporate Information in the Cloud

Author: Symantec Corporation

White Paper Link: https://www.symantec.com/content/en/us/enterprise/white_papers/protecting-corporate-information-wp-21354920.pdf

Summary:

The paper is about protecting corporate information in the cloud, it describes how the cloud is increasingly used and the IT managers of the companies should make sure where the information stored and who is accessing it and, they mentioned the correlation engine which will track all data changes and suspect any misuse or access.

At the end, the paper showed the importance to use cloud security in which Symantec solutions is one of the clear choices (Symantec Corporation, 2015).

Quality of the Research:

It’s rather than research, it is concept paper in which Symantec highlight the use of the cloud and the security issues around it. It discussed very clearly the 3 keys that cloud security relies on which are identity protection, data protection and correlation engine.

Quality of Presentation:

Even though the white paper presented to market Symantec solutions and products but it contains a very important and helpful information to the reader to understand the security related to the cloud and how the cloud is the new generation which no one can live without it as many applications nowadays running in the cloud.

 Additional Notes:

It gives a real-world example showed how cloud security works, in my opinion it is very interesting to know specially about correlation engine.

References:

Symantec Corporation. (2015). Protecting Corporate Information in the Cloud. White Paper from Symantec, 1-5. Retrieved from https://www.symantec.com/content/en/us/enterprise/white_papers/protecting-corporate-information-wp-21354920.pdf

Theoretical Paper 2 Review: An information security knowledge sharing model in organizations

Theoretical Paper Title: An information security knowledge sharing model in organizations

Authors: Nader Sohrabi Safa, Rossouw Von Solms

Theoretical Paper Link: http://www.sciencedirect.com/science/article/pii/S0378720617303300?via%3Dihub

 Summary:

The article describes how sharing knowledge about information security in organizations reduce the risk of information security occurrences. The study took in consideration the Theory of Planned Behavior, The Motivation Theory and Triandis’ model as the background of the study. The study relates between the motivation and information security sharing attitudes. The study collect data from several organizations in Malaysia with different type of work through paper based questionnaire and electronic questionnaire. The complete answered sample was 482 questionnaires.

Studying behavior of participants in several areas related to the information security sharing is not easy. The study results show a very clear relationship between sharing security information and reducing the risk of security as the more employees know about the information security and cases happened with their colleagues, they will be more aware and will reduce the risk of repeating the same issues.

Presently we can state the data security information sharing, data security coordinated effort, and agreeing to data security authoritative arrangements and methods are hierarchical parts of data security that ought to be taken into the thought by the two academic and professionals (Safa & Von Solms, 2016).

Quality of the Research:

The research question and objective is clearly stated as the information security is a critical issue for current organizations. The research is interesting and very important.  The study is original in the way to tackle the employee’s behavior in sharing information security knowledge. The background of the research is clear and relevant and discussed in details. No ethical problems noted.

The Research Method:

The research summarizes the research methods used which are Interviews with the experts, Data collection through questionnaires and apply structural equation modeling. The research method seemed appropriate for the research question but the sample could be bigger to cover more industries and got more accurate results. The methodology adequately described. The analyses done correctly using Confirmatory Factor Analysis (CFA) which will confirm the data consistency.  The conclusion supported by the data in Table 2 the authors summarize Respondents’ characteristics and in Table 3 full items and their descriptive statistics.

Quality of Presentation:

The study is well presented and well structured. All the symbols, terms, and concepts adequately defined. Additional tables with figures could help to clarify the work as the included figures are statistics oriented.

Additional Notes:

The authors of the research had covered a very important issue about sharing information security knowledge will help organizations reduce security risks and save money. The article had many references to support their research.

References:

Safa, N. S., & Von Solms, R. (2016). An information security knowledge sharing model in organizations. Computers in Human Behavior, 57, 442-451. doi:http://dx.doi.org/10.1016/j.chb.2015.12.037

Theoretical Paper 1 Review: A comprehensive framework if information system design to provide organizational creativity support

Theoretical Paper Title: A comprehensive framework if information system design to provide organizational creativity support

Authors: Celina M. Olszak, Tomasz Bartus, Pawel Lorek

Theoretical Paper Link: http://www.sciencedirect.com/science/article/pii/S0378720617303300?via%3Dihub

 Summary:

The paper is about the information system design related to the organizational creativity. It based the study to answer two questions, one what is the essence of organizational creativity and its It-based support? Two How to use the resource based view and a multiagent approach for the design of information systems for organizational creativity support? (Olszak, Bartus, & Lorek, 2017).

The authors list all related works and literature review in the mentioned topic and how their framework consist of 6 stages:

  • “Problem finding and identification of major creative needs of organization.
  • Acquiring information resources.
  • Information analysis, knowledge discovery, providing some suggestions concerning innovative ideas.
  • Evaluating and selecting discovered knowledge.
  • Communicating newly discovered knowledge in an organization and considering whether the new knowledge should be transformed into innovation; and
  • Evolving creative knowledge in an organization and organizational learning. (Olszak, Bartus, & Lorek, 2017)”

The authors describe each stage of their framework and how it related to the creativity in organizations. The authors mentioned that this study is new and give a good start about having new framework to study the organization creativity related to information systems.

Quality of the Research:

The questions of the research and objective of the research are clearly stated. The questions of the research are very interesting and important. The research is original being the first research create an understanding and framework to make the study. The background of the research is clear and relevant.

The Research Method:

The paper summarized the research method used very clearly which are theoretical, methodological and empirical foundation. The research method seems appropriate for the research questions. All the used methods adequately described. The analysis done correctly and it sets the framework for future research. There is no numeric data provided as the research is theoretical and set the framework and bases for future research.

Quality of Presentation:

The research is well presented and well-structured with very good sequence. All symbols terms and concepts adequately defined specially the research methods used.

Additional Notes:

The research is very good source of information and includes some very good references.

References:

Olszak, C. M., Bartus, T., & Lorek, P. (2017). A comprehensive framework of information system design to provide organizational creativity support. Information & Management. doi:https://doi.org/10.1016/j.im.2017.04.004

Article 1: Business Process Modelling (BPM)

Overview:

The developing models to speak to business process is ordinarily known as Business Process Modelling (BPM). BPM is a necessary piece of business process management, which tends to the outline, support, investigation, and change of business forms in ventures. The center of Business Process Management (BPM) are business process models. A business procedure show organizes an arrangement of exercises to a work process, which satisfies a specific business objective (Gerth, 2013).

This led us to ask what Business Process Management (BPM) is. Business Process Management speaks to one of the center ideas empowering organizations to adaptably respond to the continually changing business conditions (Leopold, 2013).

As we can see both terminologies has abbreviation of BPM but it most used for Business Process Modelling rather than Business Process Management.

Our concern is Business Processes (BPes) which are increasing more ground in controlling how work processes are overseen and taken care of. These parts contribute incredibly to the advancement of vital execution measurements, for example, timeliness, effectiveness and correctness (Yousfi, Saidi, & Dey, 2016).

Business Process Modeling Languages:

There are many languages used to address the business process modelling, the most used languages are Unified Modeling Language Activity Diagrams (ULM-AD), Business Process Execution Language (BPEL), Business Process Model and Notation (BPMN) and Event-driven Process Chains (EPC) (Gerth, 2013).

Business Process Modelling and Notation:

The most use language especially for business is BPMN. BPMN has three different diagram types: Business Process Diagrams (BPD), Choreography Diagrams, and Conversation Diagrams (Gerth, 2013).

Example on BPD of the BPMN:

Fig. 1 Source Process Model V modeled as a BPD of the BPMN (Gerth, 2013)

As we can see the structure of the diagram is different shapes from the start to the end of the process.

The shapes used in BMPN is as follows:

Fig. 2 BPMN Start and End Event (Gerth, 2013)

Fig. 3 Selected BPMN Activities (Gerth, 2013)

Fig. 4 BPMN Gateways (Gerth, 2013)

Fig. 5 BPMN Connections (Gerth, 2013)

There are many other different shapes but the most common ones that are mentioned above.

Summary:

Business Process Modelling (BPM) is essentially needed for all organizations to summarize their business processes from purchases, providing services to hiring staff and all other processes. The management can easily review the process and suggest updates/changes to improve the process to save time and increase efficiency of the process.

References:

Gerth, C. (2013). Business Process Models. Change Management. Berlin, Heidelberg: Springer. doi:https://doi-org.salford.idm.oclc.org/10.1007/978-3-642-38604-6

Leopold, H. (2013). Natural Language in Business Process Models Theoretical Foundations, Techniques, and Applications. Cham Heidelberg: Springer. doi:DOI 10.1007/978-3-319-04175-9

Yousfi, A., Saidi, R., & Dey, A. K. (2016). Variability patterns for business processes in BPMN. Information Systems and e-Business Management, 14, 443-467. doi:DOI 10.1007/s10257-015-0290-7

 

 

One Minute Paper 2: Unit 2 – Video lecture

The subject of the video is Social Media by Dr. David Kreps (May 2016).

The presentation is very good and it focus on the social media, it is good to know the following facts: 1. Facebook has 1.5 billion active users per month. 2. YouTube has over a billion users per day. 3. Twitter has 1 billion registered users in which 100 million tweeters per day. 4. Flicker has 11 billion photos.

In 10 years period the usage of the internet increased from 1996 (45 million users) to 2006 (1 billion users).

In June 2017, internet users become 3.89 billion from 7.52 billion world population around 51.68% (Internetworldstats.com, 2017).

The instructor gave more statistics data (7:06) about the social internet revolution which all shows the trends of using the internet and smart phones are increasing over the period.

Some example about companies using social media creatively, like Dell, Blendtec, Toyota and others.

Using blogs as a tool of communications between customers and employees. It is very important to know that one message on social media will be distributed across other social media channels (blogs, you tube, twitter, and Facebook) which allow to be viewed with many people which they will share with many other people.

The most interesting information to me is the versions of web: Web 1.0 vs. Web 2.0 vs. Web 3.0 and how the progress over the period.

References:

Internetworldstats.com. (2017). World Internet Users Statistics and 2017 World Population Stats. [online] Available at: http://www.internetworldstats.com/stats.htm [Accessed 12 Oct. 2017].

One Minute Paper 1: Unit 1 – Video lecture 1

The subject of the video is Introduction to Information Systems by Dr. David Kreps (May 2016).

The presentation is very good and it is introduction to information systems which is to the point and covers the basics of what is information, the value and characteristics of information, lifecycle and processes of information. Plus, Information Systems as an Academic Discipline with several types of academic research. Legal issues arise from the use of information for protecting and privacy.  Information Management Strategy is in place to outline the vision and objectives as well as specify the policies and responsibility within the organization. Business Process Modeling which includes the diagram to show the process of information. Challenges were pointed for the organizations in terms of changing to business and changing information systems and information technology used in the organization.

The most interesting part to me is ‘Business Process Modeling’ which should be used in all organizations to clarify the processes in each department.

Webinar/Webcast 1 Review: Digital Certificates – A Critical Line of defense Against Cybercrime

Webcast Title: Digital Certificates – A Critical Line of defense Against Cybercrime

Presenters:

  • Ted Shorter from is CTO at Certified Security Solutions (CSS)
  • John Grimm is Senior Director – Product Marketing at Thales E-Security

Scheduled Time: December 16, 2015

Duration: 1 Hour and 1 Minute

Link:   https://www.thalesesecurity.com/resources/webinars/digital-certificates-critical-line-defense-against-cybercrime?utm_source=CSS-invite

Summary:

The webinar/webcast is highlighting one of the very important security topics about digital certificates which are more and more used to protect our privacy.

The presenters had very good experience through presenting and discussing the topic of Digital Certificates and PKI (Public Key Infrastructure). The presentation is very good and they divided the presentation between them in very good way which you will be interested to follow up.

They covered the following agenda items:

  • PKI beginnings – solving a simpler problem
  • PKI evolution – solving today’s problems
  • Preparing for what’s coming tomorrow

The presenters gave a list of resources which are available on their websites as well as in the presentation itself.

Review:

The webcast is well organized the presenter started with a carton with a fog using the computer with a statement “On the Internet, nobody knows you’re a dog” and sked the audience which year this carton created and the right answer was 1993. This is a good start to explain why digital certificate is needed to solve the issue.

Then, they explained the history of using PKI from 1995 till 2015 in three periods from 1995 to 2002: Beginnings of PKI, then from 2003 to 2010: The Enterprise PLI Emerges and finally from 2011 to 2015: New Uses and Growing Pains. Using PKI is increased dramatically over periods and they need management and protection from hackers.

They explained some use cases like E-Ticketing, Digital Cinema and Manufacturing.

The good things that the presenter’s shows statistics figures about reliance on PKI, applications use PKI credentials which SSL certificates for public facing websites and services are the higher percentage about 78%, and mobile authentication is the lower percentage at 49% but still big use. Challenges to enable applications to use PKI, future trends which shows cloud-based services is used 64% based on the study (31:30), SSL Certificate Research which shows how many certificates, how they issued whether through Certificate Authority or Self-Signed, when they will have expired and if they are already expired. Another one shows Top Ten Issuer of SSL Certificate and Go Daddy is number one in the number of issued certificates.

At (44:31) they explained how can Thales and CSS help? The two companies that are working in this field and made this webcast available. Thales products provide strong key management by providing hardware to store PKI and centralize and control services and CSS makes PKI easier by providing software and expertise.

The digital certificates will continue despite all the issues around them and it will be increased.  The private key should be protected as well.

Conclusions:

The aim of the webinar/webcast to highlight the importance of the PKI and how it used increasingly from the past till now. Also, to link this need with what are the solutions offered by the two companies?

The presentation is valid and in line with today’s use of digital certificates. (Brands, 2000) says “In the near future, digital certificates may be built into any device or piece of software that must be able to communicate securely with other devices or with individuals. This includes mobile phones, watches, televisions, cars, and conceivably even computerized household appliances.”

“As infrastructure of authentication on open networks like the internet, public key infrastructure (PKI) is well known.  In PKI, a user generates a pair of keys which are private key and public key. The user enrolls the pair of keys to certificate authority (CA). By verifying a public key certificate (PKC) which CA issues, service providers can authenticate user who has valid pair of keys (Zhou, 2005). “

References:

Brands, S. A. (2000). Rethinking Public Key Infrastructures and Digital Certificates : Building in Privacy. Cambridge, Mass: The MIT Press.

Zhou, J. (2005). Applied Public Key Infrastructure : 4th International Workshop: IWAP 2005. Amsterdam: IOS Press.