Comprehensive Overview of Information Systems and Data Management

Multi-Processing (Parallel Processing)

A technique where a large problem is divided into smaller ones, allowing all components of the problem to be solved simultaneously.

Information Systems (IS) - Constant Role

Despite advancements over 50 years, the core function remains: problem-solving, providing operational insight, accelerating processes, and using data to confidently select strategies and paths.

Information Systems Components

Hardware and Software.

On-Premise IT

IT infrastructure, including hardware and software applications, that are hosted on-site.

Cloud Computing

On-demand availability of data storage and computing power, free of direct active management, using shared resources to achieve economies of scale.

Cloud Computing Pros

Minimize initial IT costs, faster application deployment with less maintenance, ability to rapidly adjust resources for demand fluctuations, and managed security features like firewalls and intrusion detection.

Cloud Computing Con

The 'pay-as-you-go' model can result in unexpected costs if administrators aren't familiar with cloud pricing structures.

Cloud Service Models

Consists of IaaS (Infrastructure as a Service), PaaS (Platform as a Service), and SaaS (Software as a Service). IaaS provides servers, storage, networking; often used for disaster recovery and big data (System Admins). PaaS offers a development and deployment environment (Developers). SaaS delivers applications, typically accessible via a web browser, often priced per use or via subscription (End Users).

Cloud Types

Different deployment models for cloud services (e.g., Public, Private, Hybrid).

VPN (Virtual Private Network)

Analogous to sending a letter in a locked box accessible only by sender and receiver, rather than an open postcard. It creates an encrypted tunnel for internet traffic.

Server

A computer that stores, manages, and shares information with other devices upon request.

IP (Internet Protocol) Address

A unique ID (digital address) assigned to every device connected to the internet.

Encryption

The process of converting plaintext into ciphertext using an algorithm or passphrase, and back to plaintext.

Virtual Desktop

Allows a user's device to emulate a PC via a VPN connection.

VPN Extension Benefits (for Chrome)

Enhanced privacy, bypassing geo-restrictions, security on public Wi-Fi, accessing blocked websites, preventing ISP tracking, secure file sharing, and avoiding bandwidth throttling.

IS Data Types (Structured)

Includes String (text), Character (single letter/number/symbol), Integer (whole numbers), Float (decimal numbers/fractions), and Boolean (True/False or yes/no).

Qualitative Data Types

Includes Nominal (values without natural ordering, e.g., colors) and Ordinal (values with natural ordering, e.g., small, medium, large).

Quantitative Data Types

Includes Discrete (integers/whole numbers) and Continuous (fractional numbers), both having numeric value.

IS Data Types (Unstructured)

Includes BLOB (Binary Large Object for images, audio, video) and CLOB (Character Large Object, often an address referencing data like books or medical records).

Microsoft Excel / Google Sheets

Applications that run on hardware, support data storage or connections to databases, execute logic, and can integrate APIs.

Application Programming Interface (API)

A software intermediary allowing two applications to communicate; like using pre-built Lego parts for functionality.

Working with Unstructured Data

Assign properties or tags to unstructured data for evaluation, such as using Sentiment Analysis.

Sentiment Analysis (Opinion Mining)

A Natural Language Processing (NLP) technique to determine if data is positive, negative, or neutral; used for monitoring brand sentiment or HR analysis.

Word Cloud

A visual tool to understand audience feelings about a topic or summarize their views. An example tool is MonkeyLearn.

Information Systems Roles

Can be used for Automation (doing things faster/better) and leveraging data to provide insights.

Data Insights

Understanding what happened in the past, what is currently happening, and forecasting the future.

Tier 1

Support transactions & maintain operations.

Tier 2

Know past & current operations.

Tier 3

Combine internal/external data for future insights/probabilities & strategy setting.

Gartner's Analytics Continuum

A model showing the progression of data analysis: Descriptive (What happened?), Diagnostic (Why did it happen?), Predictive (What will happen?), and Prescriptive (What should we do?). This moves from Decision Support towards Decision Automation.

Descriptive Analytics

Current employee count.

Diagnostic Analytics

Relationship between attrition & headcount.

Predictive Analytics

Employee needs based on product volume.

Prescriptive Analytics

Optimal placement of new employees for sales.

Data source for HR System Example

Employee Data from the HR System.

Importance of Collecting Data

Allows working smartly, moving forward with confidence, developing trust, ensuring accuracy for decisions via IS tools, and providing insight.

Infographic

A graphical representation of information designed to make data easily understandable at a glance. E.g., 'Wealth Shown To Scale', 'How Much Does America Spend?'.

100% Stacked Column Chart

Used to compare the percentage contribution of each value to a total across time or categories. Example provided shows BIAS Student by Gender trends from Fall 2020 to Fall 2023.

Cluster Column Chart

Compares values across a few categories. Example shows BIAS Student counts (Male, Female, Not Reported, Total) from Fall 2020 to Fall 2023.

Treemap

Useful for visualizing a large number of related categories.

Bar Chart

Compares values across categories. Example shows Dual Majors/Minors of BAIS Students.

Pie Chart

Compares parts of a whole, representing category sizes as slices totaling 100%. Example shows BAIS Students as of Fall 2023 split by Primary Major vs. Other Major.

Sparkline

A tiny chart within a worksheet cell providing a visual data representation, often showing trends in a series of values. Example table shows trends for various BAIS student metrics.

Time-Series, Line Graphs

Used to spot trends and track changes over time. Example shows Female student enrollment trend from Fall 2020 to Fall 2023.

Dashboards (Interactive Infographs)

Allow data interaction: Consolidation (roll-up groupings), Drill-Down (view details), Slice-and-Dice (different perspectives), and Pivot (rotate data display). Example data table provided.

Lying with Statistics

Concept attributed to Mark Twain: 'There are three kinds of lies: lies, damned lies, and statistics'. Highlights the potential for data misuse. Example: Discrepancies in Winter Olympics medal counts between networks and official sources.

Ways Statistics Can Lie

Includes using poor data samples, biased sources, ambiguity in 'average' (mean, median, mode), and 'Chart Crimes'.

Chart Crimes

Specific ways charts can deceive: omitting numbers/measures on axes; distorting axis proportions to alter line slopes; using pictographs/bar charts where visual size change exaggerates a single factor difference.

Contrast (in Dashboards)

Using differences effectively to make elements stand out and provide focus. Too much difference makes it hard for anything to stand out.

Good GUI characteristics

Self-documenting, minimizes data collection errors, enhances overall understanding.

Dashboard (Definition)

'A visual display of data used to monitor conditions and/or facilitate understanding.' - The Big Book of Dashboard Visualization.

Value of Visualization

It's the best way to understand data. Well-designed dashboards convey data-driven insight and support informed decision-making with confidence.

Monitoring drives action

'What gets measured and monitored moves'. Monitoring allows drilling down into details.

Dashboard Focus

Well-designed dashboards concentrate on specific business areas, should be visually pleasing, logically organized, and allow easy drill-down into key performance indicators (KPIs), trends, or patterns.

Benefits of Dashboards

Improve communication and data-driven competency throughout the organization, contributing to success.

Collaboration (via Dashboards)

Dashboards improve communication strategically by presenting information understandably to everyone, encouraging collaboration.

Responsiveness (via Dashboards)

Help identify and resolve issues quickly, getting projects back on track. Also helps spot and capitalize on positive trends.

Issue with Dashboards w/o Benchmarking

Trends are visible, but it's hard to know if performance is good or top-tier without comparison.

Benchmarking

The practice of comparing one's own data to top performers in other organizations or departments.

Good Dashboard Design Elements

Well organized layout (menus, navigation), grid-based placement, use of BANs (Big *** Numbers) at the top for key metrics, contextual comparisons (prior year, indicators), effective color use (e.g., two colors for good/bad, colorblind friendly), icons as indicators, appropriate chart types (bar, diverging bar, stacked bar), clean tooltip design, and good font contrast/hierarchy.

Benchmarking Benefits

Motivates internal players to strive for top-tier performance (internal competition vs. external data).

Self-Serving Dashboards

Empower end-users with analytics. Data helps motivate action.

Graphicacy

The ability to understand and present information in non-textual formats (sketches, photos, diagrams, maps, charts, graphs).

Benefits of Familiar Format/Standardization

Once a dashboard format is established and understood, leaders/users can consistently use it to monitor business/goals.

Information Security

Protecting information systems from unauthorized access, disruption, or destruction.

IT Risk

Potential for loss or damage to IT systems/data.

Cybersecurity Framework (NIST)

Provided by the National Institute of Standards and Technology (NIST), part of the US Department of Commerce.

Annual Risk Assessment

Includes continuous review and improvement across Physical, Technical, and Administrative safeguards.

Threats

Potential sources of harm, categorized as Natural (floods, tornadoes), Unintentional (employee errors), and Intentional (spyware, malware, disgruntled employees).

Vulnerability

A known weakness that can be exploited by attackers.

Managing Threats

Requires staying informed on current cybersecurity trends, performing regular threat assessments, and conducting penetration testing to find vulnerabilities.

Ransomware Attacks

Cybercriminals use advanced encryption to cripple organizations, demanding ransom.

eMail Phishing

Identity-theft scam using fake emails/websites to trick users into giving personal info (credit cards, passwords, SSNs). Often hijacks brand identities and uses links to fake sites to capture data.

Spear Phishing / Smishing

Targeted malicious email (spear phishing) or text message (smishing) sent to a specific person. Criminals use known victim information (name, job, email) to make the message seem legitimate.

Angler Phishing

Tricking victims using information they posted on social media, often by hijacking responses to customer complaints. Scammers pose as company support to get personal details.

Avoiding Phishing Scams

Check sender email addresses carefully. Be suspicious of requests for sensitive information; legitimate organizations won't ask via email. Never respond directly with personal info; use secure websites (https). Beware of phone phishing; ensure you initiated the call. Don't click suspicious links; hover to check the real URL or navigate to the site directly.

Supply Chain Attacks

Compromising trusted vendors/suppliers to insert malicious code or backdoors into software updates, unknowingly distributed to users. Prevention involves vendor vetting, security assessments, and incident response protocols.

Advanced Persistent Threats (APTs)

Sophisticated, long-term cyber-attacks targeting specific entities (governments, large organizations). Use stealthy techniques for unauthorized access and persistence. Mitigation includes strong access controls, regular assessments, and advanced threat detection/response.

IoT Device Vulnerabilities

Internet of Things devices often lack adequate security, posing risks. Hackers exploit weaknesses for unauthorized access or DDoS attacks. Mitigation: strong passwords, firmware updates, network segregation.

Denial-of-Service (DoS) Attack

Overwhelming a system with traffic/requests from multiple sources or exploiting system vulnerabilities to make it unusable. Causes slowdowns or crashes, denying access and disrupting workflows. Defense includes Intrusion Detection Systems, firewall traffic inspection, source rate limiting, and IP blocking.

Social Engineering

Deceiving individuals using sophisticated techniques and personalized information, often leveraging data from social media. Combat with awareness training, two-factor authentication, and cautious information sharing.

Deepfakes

AI-generated fake videos, images, or audio created using Generative Adversarial Networks (GANs). Used by bad actors for cyber attacks, fraud, extortion, and scams.

AI-Powered Attacks

Cybercriminals use Artificial Intelligence (AI) to automate attacks, evade detection, and bypass traditional security. Defense requires adopting AI-based security solutions and AI-driven defenses.

Cloud Security Risks

Widespread cloud service adoption introduces risks like misconfigurations, data breaches, and unauthorized access. Requires prioritizing secure configurations, strong authentication/encryption, and continuous monitoring.

Mobile Malware and Vulnerabilities

Increased targeting of mobile devices due to widespread use and access to sensitive info. Risks include data breaches and identity theft. Protect with reputable security apps, OS updates, and cautious downloads.

Insider Threats

Malicious or negligent actions by individuals within an organization who have privileged access. Prevent/detect through strict access controls, activity monitoring, and cybersecurity training.

Data Breach

Information is accessed and extracted without authorization.

Data Leak

Data is located where it's not supposed to be, potentially exposed publicly, sold, or held for ransom.

Disaster Recovery Cost Curve

Illustrates the relationship between the cost of recovery solutions and the cost of downtime (visual graph implied, not shown). IT/data security ensures accessibility and accuracy for operations.

Business Continuity Plan

A plan to ensure business operations can continue during and after a disruptive event.

Access Management

Techniques to control who can access information. Includes Multi-factor authentication (password + private device response), Known device warnings (alerts for logins from unknown devices), and Role-based access management (access based on job function).

Strong Password Passphrases

Creating strong passwords using a memorable phrase (at least 8 words), taking the first letter of each word, mixing cases, substituting numbers for letters, and adding special characters.

Password Managers

Tools to help manage complex passwords securely.

Have I Been Pwned

A website to check if your email or phone number has been involved in a data breach.

Stolen Device Protection

Features or strategies to protect data if a device (like an iPhone) is stolen, especially considering how thieves might obtain passwords and access accounts.

Be Cybersafe Actions

Update software regularly for security patches. Use strong passphrases. Be aware of phishing scams. Review privacy settings and enable multi factor authentication.

Shields Up (CISA)

An initiative by America's Cyber Defense Agency (CISA) promoting cybersecurity awareness and defense.

Cybersecurity Best Practices

Use strong, unique passwords and two-factor authentication. Think before clicking links or opening attachments. Regularly back up data. Keep systems updated.

Data Governance (Analogy)

Similar to the three branches of the US government: creation of rules, execution of those rules, and adjudication of rule violations.

Data Governance (Definition)

The execution of rules and the adjudication of any violation of those rules. In essence, involves Creation of Rules, Execution of Rules, and Adjudication of Violations.