SIT Exam 3

4G released in

2010

4G was

Mobile disruption!!!



§2010 Facetime, Netflix, 2013 Uber



§Travis Kalanick – CEO Uber (Red Swoosh, no 100 times a day)



§Uber raised $307 M – Google Ventures, Amazon



§“Owning a car is completely unnecessary”

5G in 2023

will be able to have 152,000 IoT devices connected to your phone per second - AI, ML, VR

Zara is

the fastest network business in the world

Customer needs met quickly through IT networks

Data = most important asset

Continuous flow of new products – 12 days – stores to designers, 0 inventory

Design closely linked to customers.  (30,000 designs/year)

The speed of information sharing is the source of value

Use IT networks to differentiate

what you want in a network

fastest network at the lowest cost

local area network (LAN)

Connects a group of computers in close proximity, such as in an office building, home, library (Radio Signals)

about 200 feet

wide area network (WAN)

Spans a large geographic area  - state, country, (best example is Internet)

– Cellular vs Satellite phones -

metropolitan area network (MAN)

A large computer network usually spanning a city, college campus, SAP campus – not successful, but WiMAX NYC? Sprint?

about the size of a college campus

national service providers (NSPs)

Private companies that own and maintain the worldwide backbone that supports the Internet – AT&T, Verizon, T-Mobile

regional service providers (RSPs)

Offer Internet service by connecting to NSPs, - Local cable providers

internet service provider (ISP)

management, support – AOL, Comcast, NetZero, Download faster???

bandwidth

The maximum amount of data that can pass from one point to another in a unit of time – water hose

called a Broadband if > 25 Mbps/sec download, 3 Mbps/sec upload

•**Bit – 0, 1**

•**Bit rate – bps, Bps**

•**Gigabyte = 1 billion bytes**

•**Modem – transmit/receive data**

•**Attenuation- signal slows down as it goes through the air**

**Repeater- take signal and amplify it**

iot devices- sensors

§**Tennis – Sony – game play data, ball, racket**



§**Golf – Swingbyte – sensor clip on club speed, acceleration, arc…**



§**Hockey – Fwd. Powershot – Stick handle – swing speed, angle, acceleration**



§**Basketball – 94Fifty Smart Sensor – shot speed, arc, backspin, dribble speed, force**



§**Baseball Zepp – knob of the bat – tracks speed, plane of a swing, angle of impact**

5G is ___ faster than 4G

100x

5G is (outside/inside?) wifi 6 is (outside/inside?)

OUTSIDE, INSIDE

broadband

A high-speed Internet connection - always connected – Cisco Linksys

•**DSL is private, Internet Cable is shared – neighborhood shares bandwidth – video downloads?**



•**Lease T1 line from AT&T - expensive**



•**Broadband over power line - BPL**

DSL

•**Digital subscriber line**

**telephone line, Internet + TV**

dedicated private line (ex. Verizon Fios)

**Internet cable connection**

**Cable TV, Internet, Comcast**

2 data hogs at night (7pm ish)

YouTube and Netflix

•**Telecommuting**

– virtual workforce - IBM (nicknamed “im by myself” because only 40% of workers have an office)

Standard Data Format

**Different networks all use TCP/IP**

***transmission control protocol/Internet protocol***

4 numbers separated by periods (range from 0 to 255)

•If there is one flaw in TCP/IP, it is

the complexity of IP addresses.

unique IP addresses got complex, switched to

**Internet Domain Name System (DNS)**

.com, .org, .gov etc

**.pro = accountants, lawyers**

**Network convergence -**

The efficient coexistence of telephone, video, and data communication within a single network, offering convenience and flexibility not possible with separate infrastructures

Networks offer many advantages for a business including

•Sharing resources – disk now 3D printers



•Providing opportunities – share data



•Reducing travel - IBM

The primary resources for sharing include

•Intranet – within a company, SAPnet portal



•Extranet – customers, partners, suppliers



•Virtual private network – private access

acts like a “tunnel”

countries without open internet

China, Russia, Syria dont have one-→ need to use VPN to access things like facebook

5 biometrics of 3 factor authentication

biometrics- ID that includes stuff that’s part of you

fingerprint, face, eyeball, voice, and signature ID

4 untrustworthy sites

**Beenverified, Peoplesmart, Ussearch, Instantcheckmate**

(keep SSN, address, etc)

how many americans get their identity stolen each year

1 in 10 americans

**SSL Certificate  -**

**single socket layer**

An electronic document that confirms the identity of a website or server – Verisign issues most

S in HTTPS means

a site is secure and encypted

**Hard wired**

= Ethernet, Cat5, RJ45, RJ11

faster than wireless

actors

when checking into hotels, good actors and bad actors exist

bad actors may try to steal your credit card

war driving

look for businesses and homes with open wifi

war chalking

once house/business with open wifi is found, will write info on sidewalk with chalk

digital divide

a worldwide gap giving advantage to those with access to technology

**Wireless LAN (WLAN)**

 A local area network that uses radio signals to transmit and receive data = 100 to 300 feet – Wi-Fi 6 = 9.6 Gbps (Home, Office) 5G = (Outside)

**Wireless fidelity (Wi-Fi 6) -**

A means by which portable devices can connect wirelessly to a local area network, using access points that send and receive data via radio waves – Hotspots = higher frequency than cell phones

**Personal area networks (PAN)**  -

Provide communication over a short distance (30 feet) that is intended for use with devices that are owned and operated by a single user - wireless mouse

**Bluetooth** 

Wireless PAN technology that transmits signals over short distances between cell phones, computers, and other devices – 8 simultaneously, airpods, King?

WWAN

A wide area network that uses radio signals to transmit and receive data 4G = audio, video, text 5G = 5-Ghz,100X faster, Wearable AI

**Satellite**

A space station that orbits the Earth receiving and transmitting signals from Earth-based stations over a wide area – Outdated? Remote?

**22,000 miles above earth**

Telstar 1964 first one

Areas experiencing tremendous growth using wireless technologies include

radio frequency identification (RFID)

global positioning system (GPS)

geographic information systems (GIS)

**Radio frequency identification (RFID)  -**

Uses electronic tags and labels to identify objects wirelessly over short distances – ex. ZARA clothing RFID tags are low cost, Magic Band at disney

passive bc it doesnt have a battery

**Global positioning system (GPS) -** 

A satellite-based navigation system (24) providing extremely accurate??? position, time, and speed information

active bc it has a battery

**Automatic vehicle location (AVL)** –

Uses GPS tracking (3 satellites) to track vehicles

5 to 50 feet accuracy. Military (can send bombs to afghanistan within half an inch but dont give us that same tech)

**Latitude** ***-*** north/south

**Longitude -** east/west

**Geographic information system (GIS) -**  

Consists of hardware, software that provide location information for display on a multidimensional map – Vehicles, People

OnStar, Foursquare?

Navigation = GPS + GIS = LBS (location based services)

•**Intellectual property -**

•**Copyright -**

•**Fair use doctrine -**

•**Pirated software -**

•**Counterfeit software -**

* Intangible creative work that is embodied in physical form
* The legal protection afforded an expression of an idea, such as a song, video game, and book
* In certain situations, it is legal to use copyrighted material
* The unauthorized use, duplication, distribution, or sale of copyrighted software
* Software that is manufactured to look like the real thing and sold as such

Clicking “I Agree” -→ Facebook got hacked for

533M cell #, emails scraped by bad actors

Rule 41

seize digital evidence – 2016 Gov’t hack/gain remote access to digital device?

if they get a search warrant in one state they can go to other states

3 credit unions

equifax, transunion, and experian

AT&T used Equifax to find customers with credit scores over 720 to give free phones → went to court (data scraping)

only law in the us about data protection

if you store data, you have to keep it secure

(doesnt actually happen bc of hackers)

Digital Trust –

consumer, employee, in an organization to protect data?

privacy

the right to be left alone when you want to be

major ethical issue

**Confidentiality** –

the assurance that messages and information are available only to those who are authorized to view them

**Acceptable use policy (AUP)** – 

Requires a user to agree to follow it to be provided access to corporate email, information systems, and the Internet



§**Do not use service to violate law**



§**Do not attempt to break security**



§**No posting of commercial messages**



§**Nonrepudiation – do not deny online actions**

quadrants of ethics

quadrant I- legal and ethical

quadrant II- illegal but ethical

quadrant III- legal but unethical (ex. apple using child labor)

quadrant IV- illegal and unethical

E**thical computer use policy** – **EUP**

Contains general principles to guide computer user behavior (umbrella)



* all users are **informed** of the rules and **consent** to abide by the rules
* AbsolutePoker.com employee could see opponents’ cards
* FanDuel – Draft Kings – employees played on each others sites and used BI to cheat
* Click-Fraud, Cyberbullying, Threat

**Information privacy policy** -

Contains general principles regarding information privacy

US’s is nothing close to Europe’s

* EU has a GDPR – 2018 – personal info. (general data protection regulations)

Visa bans customer information for anything beside billing. Google fined $50M EUR

right to be forgotten

European law that allows you to get things removed from the internet

**Email privacy policy** –

Details the extent to which email messages may be read by others

* Sent email is stored on at least 4 computers (both peoples computers and servers)
* No privacy like U.S. first-class mail
* Organization that owns email system can do as it wishes, read, analyze users email

**Spam** –

Unsolicited email – opt in and opt out – Mail Bomb and Teergrubing (return attack)

* **Anti-spam policy** – Simply states that email users will not send unsolicited emails (or spam)

**Social media monitoring** –

monitor what is said about a company

* Domino’s Pizza – employees abusing food and posting it on YouTube, Twitter→ sales went dramatically down

2 tools

* Trackur.com – dashboard
* Hootsuite.com

workplace monitoring policy

Workplace monitoring is a concern for many employees – usually informed

* Organizations can be held financially responsible for their employees’ actions
* Employers monitor employees phones, computers
* Michael Soden – CEO Bank of Ireland mandated no illicit websites – then HP found them on his computer

**Information security** –

The protection of information from accidental or intentional misuse

**Downtime** –

Refers to a period of time when a system is unavailable

* Uptime is money! Ebay crashed for 22 hours = cost $5.7B, Equifax hacked in 2017 = scraped data from146 million customers

2 concerning sources of unplanned downtime

hackers and viruses

how downtime will cost your business

financial performance

revenue

damaged reputation

other expenses

**Hacker –**

Experts in technology who use their knowledge to break into computers and computer networks, either for profit or just motivated by the challenge

•Bug Bounty Programs, pay 3K (firefox), 20K (facebook), 100K (microsoft), 200K (apple) if you find a bug in their system

**White-hat hackers**

work at the request of the system owners to find system vulnerabilities and plug the holes

GOOD

•**Black-hat hackers**—

break into other people’s computer systems and may just look around or may steal and destroy information

BAD

•**Hactivists**—

have philosophical and political reasons for breaking into systems and will often deface the website as a protest

•**Script kiddies** or **script bunnies**—

find hacking code on the Internet and click-and-point their way into systems to cause damage or spread viruses

•**Cracker**—

a hacker with criminal intent

•**Cyberterrorists**—

seek to cause harm to people or to destroy critical systems or information and use the Internet as a weapon of mass destruction

can do 420B tries to get your password in a minute

**Virus** -

Software written with malicious intent to cause annoyance or damage

* must attach itself to something = .EXE file
* ex. Details.zip, UPS_document.zip, Report.zip, Scan.zip
* Trojan-horse virus- hides in other software
* Ransomeware – infects then $$$
* Simplelocker – encrypts files

Worm –

file to file – tunnel themselves

diff from viruses bc they do not need to attach to anything to spread and can tunnel themselves into computers.

THE FIRST LINE OF DEFENSE -

PEOPLE

* Organizations must enable employees, customers, and partners to access information electronically
* The biggest issue surrounding information security is not a technical issue, but a people issue



•**Insiders – accidentally misuse info.**



•**Social engineering – trick people to reveal password**



•**Pretexting – lie to obtain confidential data**

phishing, spear phishing, vishing

* a technique to gain personal information for the purpose of identity theft, fraudulent email – verify password? 1 / 5 villanova freshmen gave up passwords to “IT”


* phishing that goes after executives


* calling you to try to get other peoples info

The first line of defense an organization should follow to help combat insider issues is to develop

information security policies and an information security plan

Mega-Breaches – tens of millions

THE SECOND LINE OF DEFENSE -

TECHNOLOGY

three primary information technology security areas

people- authentication and authorization

data- prevention and resistance

attacks- detection and response

**Pharming** –

Reroutes requests for legitimate websites to false or bogus websites

S**ock puppet or Catfish** –

positive reviews

**Authentication** – A method for confirming users’ identities

A method for confirming users’ identities

Single-factor, two-factor, multi-factor authentication involves:



1\.Something the user knows



2\.Something the user has



3\.Something that is part of the user

**Authorization –**

The process of giving someone permission to do or have something

Something the User Knows

This is the most common way to identify individual users and typically contains a user ID and a password

This is also the most *ineffective* form of authentication

Over 50 percent of help-desk calls are password related

____ are more effective than a user ID and a password

Smart cards and tokens



•**Tokens** – Small electronic devices that change user passwords automatically



vSecurID token



•**Smart card** – A device that is around the same size as a credit card, containing embedded technologies, stores information & software

Something That Is Part Of The User

Such As a Fingerprint or Voice Signature

This is by far the best and most effective way to manage authentication



•**Biometrics** – The identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting



Unfortunately, this method can be costly and intrusive

Technologies available to help prevent and build resistance to attacks include

1\.Content filtering



2\.Encryption – switch characters



3\.Firewalls (goes between internet and your servers)

**Content filtering** -

Prevents emails containing sensitive information from transmitting and stops spam and viruses from spreading – Cyber - War, Terrorism, Espionage, Vigilantes – (WikiLeaks)



**July 5, 2015 Cyber Attack:**



§United Airlines



§NYSE



§Wall Street Journal

examples of encryption

§Text – WhatsApp, Telegram



§E-mail – PGP



§Phone calls – Signal



§Video – FaceTime



Self destructing messages – Wickr

THE SYSTEMS DEVELOPMENT LIFE CYCLE (SDLC)

The overall 7 step process for developing information systems from planning through implementation

Software that is built correctly can transform as the organization and its business transforms - Valero

Software that effectively meets employee needs will help an organization become more productive and enhance decision making (amazon go stores)

\
SAP- replaces legacy systems (conversion of info)

100 activities each

Nike spent $400 million on SCM systems

chose between 2 companies (i2, Ariba)→ picked i2

failure

Valero Energy- goals

Hypergrowth the past 10 years



Goal #1: To integrate acquisitions



Goal #2: Single face to customers



§Revenue growth from $29 billion to $139 billion



§Mixture of different IT systems and applications



§Not easy to integrate into corporate ERP system (SAP)



§Wanted a self-service model for business units



§IT architecture needed a redesign!

Valero Energy- new SOA

New SOA (service-oriented architecture)



§Applications available as components



§Linked, repeatable services



§New set of **90 services** built on SAP



§For example – Order management service is a component



§Keeps application development costs down



§Ex. Customers can view accounts over Internet

Valero Energy- results

Dramatic cost savings – New Architecture (SOA)



§More efficient (reusable services)



§Do not have to build interfaces for acquired systems



§New SOA applications available



§One application saved $500K

Tanker ships don’t sit idle at docks

As organizations’ reliance on software grows, so do the business-related consequences of software successes and failures including:

•Increase or decrease revenue

Nike’s poorly designed SCM software that delayed orders, increased excess inventories, and caused third quarter earnings to fall 24% below expectations

**Nike, Hershey = failures**

•Repair or damage brand reputation

H&R Block customers were furious when the company accidentally posted passwords and social security numbers to its Web site

\
•Increase liabilities

FoxMeyer sued SAP for $500 million for an ERP failure

\
•Decrease productivity

Defective software accounts for 45% of computer downtime and cost U.S. businesses $100 billion

phases of SDLC

1\.**Planning phase** – Establishes a high-level plan of the intended project and determines project goals (scope = business need/problem)

2\.**Analysis phase** – Involves analyzing end-user business requirements and refining project goals into defined functions and operations of the intended system

e.g. Business requirement = Business request #1

CRM tracks all customer enquiries

3\.**Design phase** – Establishes descriptions of the desired features and operations of the system including screen layouts, business rules, process diagrams, technical architecture4.**Development phase** – Involves taking all of the detailed design documents from the design phase and transforming them into the actual system – Programming language 3GL = C+ Java             4GL = similar to human language, 5GL = AI

FIND ALL RECORDS WHERE NAME IS “SMITH”

5\.**Testing phase** – Involves bringing all the project pieces together into a special testing environment to eliminate errors and bugs, and verify that the system meets all of the business requirements defined in the analysis phase – 1,000+ test conditions

6\.**Implementation phase** – Involves placing the system into production so users can begin to perform actual business operations with it – user documentation, training

7\.**Maintenance phase –** Involves performing changes, corrections, additions, and upgrades to ensure the system continues to meet its business goals – new reports