STUDENT GUIDE

INFORMATION AND TECHNOLOGY INFORMATION SYSTEM AND DATABASES

INFORMATION SYSTEM 511

Table of Contents
Chapter 1: Overview of Networking ................................................................................................................ 7
1.1 What is an information system? ..................................................................................................... 8
1.2 COMPUTER SOFTWARE .................................................................................................................. 12
1.3 Input, output, processing, and storage devices ......................................................................... 19
1.4 Categories of Computers ................................................................................................................ 25
1.5 Internet, World Wide Web, Web Browsing and search Engine. ............................................. 28
1.6 Web Searching and Search Engines.............................................................................................. 30
1.7 Online Social Networks. ................................................................................................................. 31
1.8 Types of Software License or software availabilities ................................................................ 34
Chapter 2: Organizational Strategy, Competitive Advantage, and Information Systems..................... 38
2.1 Opening Case .................................................................................................................................... 38
2.2 Introduction ...................................................................................................................................... 45
2.3 Business Process .............................................................................................................................. 46
2.4 Business Process Improvement, Business Process Reengineering, and Business Process
Management ................................................................................................................................................. 49
2.5 Business Pressures, Organizational Responses, and Information Technology Support ..... 52
2.6 Competitive Advantage and Strategic Information Systems .................................................. 57
Chapter 3: Ethics and Privacy .......................................................................................................................... 67
3.1 Navigating ethics and privacy in the digital workplace ............................................................ 67
3.2 Understanding ethical decision-making ...................................................................................... 68
3.3 Privacy ............................................................................................................................................... 77
Chapter 4: Computer Security ........................................................................................................................ 92
4.1 Digital Security Risks ....................................................................................................................... 93
4.2 Types of Cybercriminals ................................................................................................................. 93
4.3 Internet and network...................................................................................................................... 94
4.4 General Safeguarding Measures ................................................................................................... 96
4.5 Software manufacturers employ several strategies to protect against software piracy. .. 97
4.6 Solution to protect computers from system failure ................................................................. 98
Chapter 5: Data and Knowledge Management ......................................................................................... 106
5.1 Introduction .................................................................................................................................... 106
5.2 Managing Data ............................................................................................................................... 107
5.3 The Database Approach ............................................................................................................... 109
5.4 Big Data ........................................................................................................................................... 112
5.5 Data Warehouses and Data Marts ............................................................................................. 115
5.6 Knowledge Management ............................................................................................................. 118
5.7 Appendix: Fundamentals of Relational Database Operations .............................................. 121
Chapter 6: Telecommunications & Networking ........................................................................................ 126
6.1 Introduction .................................................................................................................................... 126
6.2 What Is a Computer Network?.................................................................................................... 128
6.3 Network Fundamentals ................................................................................................................ 131
6.4 Communications Media and Channels ...................................................................................... 132
6.5 The Internet and the World Wide Web ..................................................................................... 136
6.6 Network Applications: Discovery ............................................................................................... 141
6.7 Network Applications: Communication .................................................................................... 143
6.8 Network Applications: Educational ............................................................................................ 148
Diploma in Information Technology (DIT)

The Diploma in Information Technology (DIT) at Richfield College is a dynamic and future-focused
program designed to equip students with advanced technical, analytical, and problem-solving skills.
At the core of the qualification is a commitment to academic excellence, industry alignment, and
innovation, fostering graduates who are proficient in addressing modern technological challenges.
This qualification strategically integrates theoretical knowledge with practical applications, preparing
students for key roles in the IT sector.

The DIT program is structured to address the growing complexity of the evolving technological
landscape. Through carefully curated modules, students gain comprehensive knowledge in essential
information systems areas including:

• Database Design and Management

• Business Information Systems

• Systems Analysis and Design

• Enterprise Resource Planning

• Data Analytics and Business Intelligence

• Information Security Management

• Cloud Computing Technologies

• IT Project Management

The curriculum bridges the gap between academic learning and real-world applications, fostering
innovation and an entrepreneurial mindset. Students engage with modern information systems
concepts through practical projects that emphasize how organizations use technology to achieve
business objectives. The program includes hands-on experience with industry-standard business
applications, database management systems, and enterprise software platforms. Additionally,
students develop skills in requirements analysis, system documentation, and IT service management.

Their final project demonstrates their ability to analyze business requirements, design appropriate
information system solutions, and implement these solutions effectively. This comprehensive
approach ensures graduates are well-prepared to support and enhance organizational information
systems in various business contexts.
Information Systems 511

The Information Systems module is a cornerstone component of the diploma in Information

Technology (DIT) program, providing students with a comprehensive understanding of how
organizations leverage technology for business success. The module begins with fundamental
concepts of information systems architecture, database design, and system integration, progressively
advancing to more complex topics such as enterprise resource planning (ERP), business intelligence,
and digital transformation strategies.

Students explore the entire information systems lifecycle, from requirements gathering and analysis
to design, implementation, and maintenance. This includes hands-on experience with industry-
standard tools and methodologies for system development, such as Agile and DevOps practices. The
module emphasizes the critical relationship between business processes and information technology,
teaching students how to align IT solutions with organizational objectives and stakeholder needs.

The curriculum incorporates practical case studies and real-world projects that challenge students to
apply theoretical knowledge to solve business problems. Students learn to evaluate and implement
various information systems, including transaction processing, management, decision support, and
executive information systems. Special attention is given to data management and analytics,
preparing students to work with big data technologies and derive meaningful insights from
organizational data.

Security and risk management are integrated throughout the module, ensuring students understand
the importance of protecting information assets while maintaining system availability and reliability.
The module also covers IT governance frameworks and compliance requirements, preparing students
to develop and manage information systems that meet regulatory standards and industry best
practices.

The Information Systems module directly supports the BSc IT program's overall objectives by
developing professionals who can bridge the gap between technical implementation and business
strategy. It equips graduates with the skills to design and manage complex information systems that
drive organizational efficiency, innovation, and competitive advantage. Through this comprehensive
approach, students become well-rounded IT professionals capable of leading digital initiatives and
supporting business transformation in various industries.
PRESCRIBED OR RECOMMENDED BOOK

Introduction to Information Systems

9TH Edition

• Author(s): R. Kelly Rainer; Brad Prince

• Publisher: Wiley
• Format: Reflowable Layout. What's This?
• Print ISBN: 9781119761464, 1119761468
• eText ISBN: 9781119767503, 1119767504
• Edition: 9th 2022

Chapter 1: Introduction to Information Systems

Chapter 2: Organizational Strategy, Competitive Advantage, and Information
Systems
Chapter 3: Ethics and Privacy
Chapter 4: Information Security
Chapter 5: Data and Knowledge Management
Chapter 6: Telecommunications and Networking
 Chapter 1: Overview of Networking

LEARNING OUTCOMES
After reading this Section of the guide, the learner should be able to:

o Define what an information system is and explain its significance in

supporting organizational decision-making and daily operations.
o Identify and describe the key components of an information system,
including hardware, software, data, people, and processes, and analyze
their interrelationships.
o Understand and illustrate the stages of the information processing life
cycle (input, processing, output, and storage) and how they contribute to
transforming data into meaningful information.
o Defining the role of computers in information systems and explaining
their basic functionalities, including input, processing, and output
operations.
o Differentiate between information literacy and computer literacy,
demonstrating the importance of both effectively navigating and
managing information in digital environments.
o Describe the difference between hardware and software, identify
various types of hardware and software, and explain how they work
together in a computer system.
o Identify and categorize different types of computer software, including
system software, application software, and development tools, and
discuss their relevance in various fields.
o Explain the role and functions of operating systems, identify different
types (e.g., Windows, macOS, Linux), and their significance in managing
computer resources.
o Identify and describe various input, output, and storage devices,
explaining their roles in the information processing cycle and providing
examples of their usage.
o Define cloud storage and evaluate its importance in modern computing,
including the benefits and risks associated with data management in the
cloud.
o Describe various communication technologies, including wireless
communication methods, and their impact on information transfer and
 1.1 What is an information system? An information system is not only the technology that an
organization uses, but also the way in which the organization interacts with the technology
and the way in which the technology works with the organization’s process such as gathering
raw data, storing it, processing this data and making information available to the user or to
an organization. The primary function of an information system is to support decision-
making, coordination, and control within an organization. Computers play a crucial role in this
system as the backbone of the technology infrastructure

An information system (IS) functions through the interaction of its core components—people,
software, hardware, data, procedures, and communication networks—to efficiently manage and
process information.

Components of an information system

• People: End users who interact with the system. They are critical of the system’s success
because the goal is to help them work more effectively and productively.
• Software: programs or sets of instructions that control how hardware operates, processes
data, and provides outputs.
• Hardware: The physical devices like computers, servers, and networking equipment that
run the software and store/process data.
• Data: Raw, unorganized facts that the system gathers. When processed, this data turns
into information, which is structured and meaningful, aiding decision-making.
• Procedures: The established guidelines and instructions that define how users and
systems interact to complete tasks, ensuring smooth operation.
• Communication Networks: The systems that allow data and information to be transferred
across various locations or departments, ensuring connectivity within the organization

What is a computer

A computer is an electronic device that processes, stores, and retrieves data, transforming raw facts
and figures into meaningful information through a combination of hardware and software. This
transformation is the essence of computing, where unprocessed data becomes organized and useful
information.
 Figure 1.1 Desktop Computer (Adapted from Rainer and Prince, 2022).

The computer accomplishes this through five basic operations: input, where it captures data from
users or other sources; processing, where it converts this input into output; output, where it displays
or produces the results; storage, where it retains data, information, or instructions for future use; and
control, which directs the sequence of all these operations within the system. These functions work
in concert to make computers powerful tools for handling and manipulating data, enabling them to
perform a wide range of tasks and solve complex problems in our increasingly data-driven world.

Information processing life cycle

Figure 1.2: Information processing life cycle (Adapted from Rainer and Prince, 2022).

Using a computer offers various advantages, such as enhanced efficiency and speed in data
processing, vast storage capacity for managing information, and internet connectivity for
communication and access to resources. They also facilitate automation, multimedia creation, data
analysis, remote work, and online education. However, notable disadvantages include overreliance
leading to decreased problem-solving skills, health issues like eye strain, and security risks from viruses
and hacking. Increased computer usage can also result in social isolation, high acquisition and
maintenance costs, distractions, and environmental concerns related to electronic waste. In summary,
while computers significantly improve productivity and connectivity, users should be mindful of the
associated challenges

Information literacy and computer literacy

Information literacy is the ability to identify, locate, evaluate, and use information effectively,
requiring critical thinking to assess the reliability and relevance of various sources. It enables
individuals to recognize their information needs, search for data efficiently, and organize it
responsibly. Meanwhile, computer literacy refers to the ability to operate computers and related
technologies, including understanding software, hardware, and safe internet practices. Both literacies
are essential in today's digital world, allowing individuals to navigate professional and personal
environments, make informed decisions, and function as responsible digital citizens. In the context of
information systems, these skills facilitate the transformation of raw data into meaningful
information, driving better decision-making and operational efficiency.

Please see link below for more information : https://www.youtube.com/watch?v=P4HWuRRUMBs

Hardware and software

A computer processes data by utilizing both hardware and software, working together to perform
tasks efficiently. Hardware refers to the physical components of a computer system that you can
touch and see. These components work together to perform various functions necessary for
processing data, Software refers to the collection of programs and instructions that tell the hardware
what to do. It cannot be physically touched but is essential for the operation of a computer system.
Hardware serves as the foundation of a computer system, enabling data processing, while software
acts as the brain, providing the necessary instructions for that processing to occur. Together, they
allow computers to perform a wide range of tasks effectively.
https://www.youtube.com/watch?v=vG_qmtdBPTU

System Unit and Computer Hardware

The system unit is the main body of a computer, typically housed in a case that contains most of the
essential hardware components. It serves as the central hub for processing data and facilitating
communication among the various hardware components. Understanding the components within the
system unit is crucial for anyone looking to build, upgrade, or troubleshoot a computer.

Computer hardware refers to the physical components of a computer system that enable it to operate
and perform tasks. Key hardware components include:

1. Central Processing Unit (CPU): Often referred to as the "brain" of the computer, the CPU
processes instructions and manages tasks, executing calculations and controlling other
components.

2. Motherboard: The main circuit board that serves as the backbone of the system unit. It
connects CPU, memory, storage devices, and other peripherals, allowing communication
among all hardware components.

3. Memory (RAM): Random Access Memory is a type of temporary storage that holds data and
instructions for quick access by the CPU. It is essential for multitasking and overall system
performance.

4. Storage Devices: Hardware like hard disk drives (HDD) and solid-state drives (SSD) provide
permanent data storage. HDDs use magnetic storage to read and write data, while SSDs use
flash memory for faster access and reliability.

5. Power Supply Unit (PSU): This component converts electrical power from an outlet into
usable power for the internal components of the computer, ensuring that all parts receive the
correct voltage and current.

6. Graphics Processing Unit (GPU): A specialized processor that renders images and graphics,
making it essential for gaming, video editing, and graphic design tasks. Some systems may
have integrated graphics, while others include dedicated GPUs.

7. Input Devices: Tools such as keyboards, mice, and scanners that allow users to interact with
the computer. These devices enable data entry and user commands.

8. Output Devices: Components like monitors, printers, and speakers that display or output
information from the computer, converting digital signals into visual or auditory formats.

9. Cooling Systems: These components, including fans and heat sinks, help dissipate heat
generated by the CPU and other hardware. Effective cooling is vital for maintaining optimal
operating temperatures and preventing damage.
 10. Network Interface Card (NIC): This hardware component enables the computer to connect to
a network, facilitating communication with other devices and access to the internet.

11. Ports and connectors are essential for enabling communication between a computer and
external devices like printers, keyboards, monitors, and storage. Common ports include USB
for data transfer, HDMI for video and audio, Ethernet for network connections, and audio
jacks for sound. Connectors ensure stable connections between devices. Proper use of ports
and connectors enhances a computer's functionality, improves data transfer, and supports
user experience. Understanding their types is key for efficient setup and troubleshooting.

https://www.youtube.com/watch?v=BWEEw-_BE8g

System Unit and Computer Hardware

Figure 1.3 System Unit and Computer Hardware (Adapted from Rainer and Prince, 2022).

1.2 COMPUTER SOFTWARE

Computer software is a collection of programs and instructions that enable a computer to perform
specific tasks. It is categorized into system software, application software, and programming software.

Types of computer software

i) Application software is designed to help users accomplish specific tasks on a computer,

whether for personal, academic, or professional use. It includes a wide range of programs
created for various purposes, enabling users to perform activities efficiently. For example,
word processors like Microsoft Word allow users to write, edit, and format documents,
making them essential for tasks like report writing or essay creation. Web browsers such as
 Google Chrome and Firefox provide access to the internet, enabling users to search for
information, stream media, and communicate online. Database management systems
(DBMS) like Microsoft Access or MySQL help users organize, store, and manage large amounts
of data, making it easier to retrieve and analyze information.

In particular, the Microsoft Office suite includes a set of popular tools designed to streamline a variety
of tasks:

• Microsoft Word: A word processor that allows users to create, edit, and format documents.
It is widely used for reports, essays, letters, and other text-heavy tasks.
• Microsoft Excel: A powerful spreadsheet application that enables users to organize, analyze,
and visualize data using tools like formulas, charts, and pivot tables. It is commonly used for
financial analysis, data management, and reporting.
• Microsoft PowerPoint: A presentation software that helps users create visually engaging
slideshows. It offers tools for inserting text, images, animations, and transitions, making it
ideal for lectures, business pitches, and meetings.
• Microsoft Outlook: An email client and personal information manager that helps users send
and receive emails, manage calendars, schedule appointments, and organize contacts.
• Microsoft Access: A database management system that allows users to create and manage
databases, design forms, generate reports, and perform data queries. It is often used for small
to medium-sized business databases.
• Microsoft OneNote: A digital note-taking application that helps users organize notes, ideas,
and research in one place. It supports various input formats like images, links, and handwritten
notes.
• Microsoft Teams: A collaboration platform that integrates chat, video conferencing, and file
sharing, allowing teams to work together remotely and communicate in real-time.
https://www.youtube.com/watch?v=JwhnU47brtc

ii) Programming software, including compilers, debuggers, and integrated development

environments (IDEs), is essential for developers in the process of creating, testing, and
improving computer programs. A compiler is a tool that translates high-level programming
code written by developers into machine code that a computer can understand and execute.
This makes it possible for the code to run on hardware. Debuggers assist developers by
detecting and diagnosing errors (known as bugs) in the code, providing insights that help
correct these issues, ensuring the program runs smoothly. IDEs, like Visual Studio, Eclipse, or
 IntelliJ IDEA, provide developers with a complete environment where they can write, compile,
and debug their code in one place, streamlining the development process.
In the field of programming, there are various types of programming languages, each suited for
different kinds of tasks:

1. High-level languages: These are closer to human language and easier to read and write.
Examples include:
o Python: Known for its simplicity and versatility, widely used in web development, data
science, and automation.
o Java: A popular, object-oriented language used for building large-scale applications
and Android development.
o C++: A powerful language often used in game development, system software, and
high-performance applications.
o JavaScript: Primarily used for web development, enabling interactivity in websites.
2. Low-level languages: These are closer to machine code and offer more control over hardware.
Examples include:
o Assembly language: Used for tasks requiring direct hardware control and efficient
resource management.
o C: A foundational programming language used in system programming, operating
systems, and embedded systems.

People in the programming field come from various specializations:

• Software Developers: Create applications, from desktop to web and mobile, using
programming languages to meet users' needs.
• System Programmers: Work on low-level system software, developing and maintaining
operating systems or hardware drivers.
• Front-end Developers: Specialize in creating the visual and interactive aspects of websites and
applications, often using languages like HTML, CSS, and JavaScript.
• Back-end Developers: Focus on server-side development, working with databases, APIs, and
ensuring smooth communication between front-end and server, often using languages like
Python, Java, or PHP.
• Full-stack Developers: Have knowledge of both front-end and back-end development,
creating complete web applications.
 • Data Scientists and Analysts: Use programming languages like Python, R, and SQL to analyze
data, build algorithms, and make data-driven decisions.
• DevOps Engineers: Bridge the gap between development and operations, automating
processes and ensuring continuous integration and delivery using scripting languages and
tools.

iii) System software is a type of computer software designed to manage and control the
hardware components of a computer and provide a platform for other software to run. It acts
as a bridge between hardware and user applications, ensuring the efficient operation of the
system. The key types of system software include:

1. Operating Systems (OS): These are the most critical components of system software,
responsible for managing hardware resources and providing an environment where
applications can run. Examples include Windows, macOS, Linux, and Android.
2. Device Drivers: These are specialized programs that allow the operating system to
communicate with hardware devices, such as printers, graphic cards, and network adapters,
ensuring they work correctly with the computer.
3. Utility Software: These are programs that perform maintenance tasks or provide system
management tools, such as antivirus software, disk cleanup tools, and file management
utilities.

Operating Systems (OS)

An operating system (OS) is essential software that manages computer hardware and software
resources while providing services and an interface for users and applications. It acts as a bridge
between the user and the hardware, enabling smooth execution of tasks and efficient use of system
resources.
 Figure 1.4 Functions of the operating system (Adapted from Rainer and Prince, 2022).

Operating System Functions

1. Process Management: The OS manages processes, which are programs in execution, by

handling process creation, scheduling, and termination. It ensures multiple processes can run
simultaneously through multitasking.
2. Memory Management: It controls and allocates memory to processes, ensuring optimal
usage and preventing conflicts. The OS handles both physical and virtual memory, managing
storage and swapping data between RAM and disk as needed.
3. File System Management: The OS organizes, stores, retrieves, and manages files on storage
devices. It provides directories and file handling services, ensuring users and applications can
read/write files efficiently and securely.
4. Device Management: The OS manages input/output devices like keyboards, printers, and
storage drives through device drivers. It ensures smooth communication between hardware
and software components.
5. Security and Access Control: It enforces security by protecting data and resources through
authentication (e.g., login systems) and access controls, preventing unauthorized access and
protecting user privacy.
6. User Interface (UI): The OS provides a user interface, either graphical (GUI) or command-line
(CLI), enabling users to interact with the system. Popular examples include Windows GUI and
Linux CLI.
7. Networking: Modern operating systems provide networking capabilities that enable
communication between computers over a network, managing tasks such as IP address
assignments, data transfer, and security protocols.

Types of Operating Systems

1. Batch Operating Systems:

o These systems execute batches of jobs without user interaction during execution.
Tasks are collected and processed one by one.
o Example: IBM Mainframe OS.
2. Time-Sharing Operating Systems:
 o Also known as multi-user OS, it allows multiple users to access the system
simultaneously by giving each user a time slice.
o Example: UNIX.
3. Distributed Operating Systems:
o This OS manages a group of independent computers and makes them appear as a
single unified system. It allows resource sharing and parallel processing across the
network.
o Example: Microsoft Azure, Amoeba.
4. Real-Time Operating Systems (RTOS):
o These systems process data in real time with minimal delays, ensuring timely task
execution, critical in environments like embedded systems, industrial machines, and
medical devices.
o Example: VxWorks, QNX.
5. Embedded Operating Systems:
o Designed to operate on embedded devices like ATMs, smartwatches, or IoT devices,
they are optimized for specific hardware and perform limited functions.
o Example: Embedded Linux, Windows CE.
6. Mobile Operating Systems:
o These OS are designed specifically for smartphones, tablets, and other handheld
devices, offering optimized performance and user interfaces for mobile use.
o Example: Android, iOS.
7. Network Operating Systems:
o These systems manage network resources and provide functionalities like file sharing,
communication, and security across networked computers.
o Example: Novell NetWare, Windows Server.
8. Multiprocessing Operating Systems:
o They use multiple processors to perform different tasks simultaneously, improving
performance in complex, high-demand environments.
o Example: UNIX, Linux.
 Group Activity: "OS Feature Face-Off"
Topic: Operating Systems Comparison Duration: 30 minutes Total Marks: 10

Instructions to Students: "Welcome to OS Feature Face-Off! Let's explore different

operating systems through this fun activity."
STEP 1: Getting Started "Form your teams of 3-4 members and pick your OS champion!

Choose one: Windows, macOS, or Linux (Pick one envelope from the front desk containing
your OS card)

STEP 2: Mission Brief "Your mission: Become experts of your chosen OS!" Investigation:
• How users interact with it
• How it keeps information safe
• How it organizes files
STEP 3: Create Your Battle Card "Design your OS Champion Card!" Draw and fill out:
• OS Name
• Three Superpowers (Strengths)
• One Secret Weapon (Unique Feature)
• One Weakness (Limitation)
STEP 4: Show and Tell "Time to showcase your OS Champion!" Share with the class:
• Show one cool thing your OS can do
• Tell us where it works best
• Convince us why users love it
Remember: "Have fun! Everyone's input counts!" "Be creative!" "Keep it simple and
clear!"
Ready? Let's begin! 🚀
Applications

Applications are crucial components of information systems, designed to facilitate specific tasks and
enhance user experiences. These systems collect, store, and process data to support decision-making
and operations within organizations. Applications are user-centric, ensuring they are efficient and easy
to use across desktop, web, and mobile platforms.

• Desktop applications leverage a computer's power for tasks like word processing and data
analysis.
• Web applications provide remote access through browsers, promoting collaboration and
efficient data management.
• Mobile applications offer on-the-go functionality for tasks such as data entry and
communication. Additionally, applications enable automatic task execution, with underlying
programs managing data processing and system operations, exemplified by web applications
that interact with databases to display information while handling back-end processes.

1.3 Input, output, processing, and storage devices

Computers and information systems operate on the Input-Process-Output-Storage model. Data is

entered via input devices (e.g., keyboards, mice), processed by the CPU, and temporarily stored in
RAM. The results are displayed through output devices like monitors or printers, while long-term
storage devices (HDDs, SSDs) retain data permanently. This system ensures efficient data handling,
processing, and information management.

Input, output, processing, and storage devices are key components of a computer system. Here's a
breakdown of each:

https://www.computerhope.com/jargon/i/inputdev.htm

Input Devices
These are used to enter data and instructions into a computer system.

• Examples:
o Keyboard: For typing text and commands.
o Mouse: For pointing and selecting objects on a screen.
o Scanner: For converting physical documents into digital form.
 o Microphone: For audio input.
o Camera: For capturing images or video input.

Output Devices
These devices receive data from the computer and present it to the user.
https://www.oreilly.com/library/view/computing-fundamentals-
introduction/9781119039716/14_chapter-03.html

• Examples:
o Monitor: Displays text, images, and videos.
o Printer: Produces physical copies of digital documents.
o Speakers: Output sound.
o Projector: Projects visual content onto larger surfaces.

Processing Devices

Processing devices perform calculations and execute instructions. The Central Processing Unit (CPU)
is the primary processing device.

• Examples:
o CPU: Processes data and runs programs.
o Graphics Processing Unit (GPU): Specialized in rendering images and video.

Storage Devices

Storage devices are used to save data for future use, both temporarily (short-term) or permanently
(long-term).

• Examples:
• Hard Disk Drives (HDDs): HDDs are a traditional form of storage media that use spinning
magnetic disks to store data. They are commonly found in desktop computers, laptops, and
external drives. HDDs offer high capacity and relatively low cost per gigabyte.

• Solid State Drives (SSDs): SSDs are a newer type of storage media that use flash memory to
store data. They are faster and more durable than HDDs because they have no moving parts.
SSDs are commonly used in laptops, desktops, servers, and increasingly in portable devices
like smartphones and tablets.
 • USB Flash Drives: Also known as thumb drives or USB sticks, these are small, portable storage
devices that use flash memory to store data. USB flash drives are widely used for transferring
files between computers, backing up important data, and storing portable applications.

• Memory Cards: Memory cards are small, removable storage devices commonly used in digital
cameras, smartphones, tablets, and other portable devices. They come in various formats
such as Secure Digital (SD), microSD, CompactFlash (CF), and Memory Stick. Memory cards
offer high capacity and are often used for storing photos, videos, and other multimedia files.

• Optical Discs: Optical discs, such as CDs, DVDs, and Blu-ray discs, use optical technology to
store data. They are commonly used for distributing software, movies, music, and archival
purposes. While optical discs have been largely replaced by other storage media for everyday
use, they are still used in certain applications where long-term data retention is important.

• Tape storage: Used for long-term archival of large amounts of data, often in enterprise
settings.
• Network Attached Storage (NAS): NAS devices are specialized storage devices that are
connected to a network and provide centralized storage and file sharing services to multiple
users and devices. NAS devices are often used in homes and businesses for data backup, file
storage, and media streaming.

https://www.tutorialspoint.com/computer_fundamentals/computer_input_devices.htm

Output devices and display devices are closely related, but they serve distinct purposes in a computer
system. An output device is any hardware that conveys processed data from the computer to the user,
which can be in various formats such as visual, audio, or physical form. Examples include printers that
produce physical copies of documents, and speakers that output sound. A display device, on the other
hand, is a specific type of output device that presents visual information, such as text, images, and
videos, directly to the user. Common display devices include monitors, projectors, and touchscreens,
which show visual content generated by the computer. While all display devices are output devices,
not all output devices are display devices, as some output data in other formats, such as sound or
printed media.

Cloud storage has transformed data management practices in the digital era by enabling users to store
and access data remotely via the internet. This technology offers significant flexibility and
convenience, allowing for efficient data handling without the constraints of physical storage devices.
Prominent cloud storage services, such as Dropbox, Google Drive, and Microsoft OneDrive, provide
online storage spaces that can be accessed from any location with an internet connection. These
platforms enable users to upload, store, and share files, thereby streamlining data management
processes and enhancing collaborative opportunities. Cloud storage offer the below services:

▪ Data Backup and Recovery: Cloud storage offers a secure way to backup important files and
data, ensuring they are protected in case of device failure, theft, or other disasters.

▪ Accessibility: Cloud storage allows users to access their files from any device with an internet
connection. This level of accessibility is particularly useful for people who work across multiple
devices or locations.

▪ Collaboration: Cloud storage services often include features that facilitate collaboration, such
as file sharing and simultaneous editing. This is beneficial for teams working on projects
together, as it allows for seamless communication and file management.

▪ Scalability: Cloud storage services typically offer flexible storage plans that can be easily scaled
up or down based on the user's needs. This makes it suitable for individuals and businesses of
all sizes.

▪ Cost-Effectiveness: Many cloud storage providers offer subscription plans that are more cost-
effective than investing in on-premises storage solutions. Users can pay for only the storage
they need, without the additional costs of hardware maintenance and upgrades.

▪ Security: Cloud storage providers invest heavily in security measures to protect users' data
from unauthorized access, such as encryption, firewalls, and multi-factor authentication. This
can provide users with greater peace of mind regarding the safety of their files.
https://www.youtube.com/watch?v=lyS22Xf_PV0

▪ Automatic Syncing: Cloud storage services often include automatic syncing features, ensuring
that files are always up to date across all devices. This eliminates the need for manual file
transfers and reduces the risk of version conflicts.
HTTPs://www.youtube.com/watch?v=P7wQcrp4oe8

▪
 Figure 1.5 Cloud Storage (Adapted from Rainer and Prince, 2022).

1.3.2 The Central Processing Unit (CPU) is often referred to as the "brain" of a computer. It is a crucial
component responsible for executing instructions from programs, performing calculations, and
managing data processing tasks. The CPU carries out the following primary functions:

1. Instruction Execution: The CPU retrieves instructions from the computer's memory and
executes them sequentially. These instructions can include arithmetic operations, logical
comparisons, and data manipulation tasks.
2. Data Processing: It processes data by performing mathematical calculations and logical
operations, enabling the computer to carry out tasks such as running applications and
manipulating files.
3. Control Unit: The CPU includes a control unit that manages the flow of data within the system.
It directs how data moves between the CPU, memory, and other hardware components,
ensuring that each part operates in harmony.
4. Registers: The CPU contains small, high-speed storage locations called registers, which
temporarily hold data and instructions that are currently being processed. This allows for
quick access and execution.
5. Clock Speed: The performance of a CPU is often measured in terms of its clock speed, typically
expressed in gigahertz (GHz). A higher clock speed indicates that the CPU can execute more
instructions per second, enhancing overall performance.
 6. Multicore Architecture: Modern CPUs often feature multiple cores, allowing them to perform
multiple tasks simultaneously (multithreading). This improves multitasking capabilities and
overall efficiency.

The machine cycle, also known as the instruction cycle, refers to the fundamental operational process
that a CPU follows to execute instructions. It consists of a series of steps that enable the CPU to
perform tasks efficiently. The machine cycle typically includes the following stages:

1. Fetch: In this initial stage, the CPU retrieves an instruction from memory. The address of the
instruction is stored in the program counter (PC), which keeps track of the sequence of
instructions. The instructions are then loaded into the instruction register (IR).
2. Decode: Once the instruction is fetched, the CPU decodes it to determine what action is
required. This involves interpreting the instructions to understand the operation to be
performed and identifying any operands (data) needed for the operation.
3. Execute: During the execution stage, the CPU performs the operation specified by the
instruction. This could involve arithmetic calculations, data transfer, or logic operations. The
relevant data is processed using the arithmetic logic unit (ALU) or other functional units within
the CPU.
4. Store: After executing the instruction, the CPU may need to store the result back into memory
or a register. This stage involves writing the processed data to its designated location for
future reference or use.

Figure 1.7 Cloud Storage (Adapted from Rainer and Prince, 2022).
Input and output devices are crucial components of a computer system, enabling interaction between
the user and the machine. They facilitate the entry of data into the computer and the presentation of
processed information back to the user.

1. Motion Input Devices: These devices capture user movements and gestures to control the
computer. Examples include motion sensors and gaming controllers, which allow for more
immersive interactions, particularly in gaming and virtual reality applications.
2. Voice Input Devices: Voice recognition technology enables users to interact with computers
through spoken commands. Devices such as microphones and smart speakers allow for hands-
free operation and facilitate tasks like voice dictation and virtual assistant commands.
3. Video Input Devices: These devices capture video and images for processing by computer.
Webcams and digital cameras are common examples, often used for video conferencing,
streaming, and content creation.
4. Scanners and Reading Devices: Scanners convert physical documents and images into digital
formats, allowing for easy storage and editing. Optical character recognition (OCR) scanners
can read text from printed materials and convert it into editable digital text.
5. Displays: Output devices, such as monitors and projectors, present visual information to the
user. They vary in size and resolution, with modern displays offering high-definition and 4K
options for enhanced clarity.
6. Assistive Technology: These specialized input and output devices cater to individuals with
disabilities, ensuring accessibility and usability. Examples include screen readers, adaptive
keyboards, and switch devices, which help users interact with computers in ways that suit
their needs. https://reciteme.com/us/news/assistive-technology-for-physical-
disabilities/
7. Printers: Output devices that produce physical copies of digital documents and images.
Printers come in various types, including inkjet, laser, and dot matrix, each serving different
printing needs and quality requirements.

1.4 Categories of Computers

Computers can be classified into various categories based on their design, processing power, and
intended use. This classification includes personal computers, mobile game computers, server
computers, mobile devices, internet appliances, and specialized systems like supercomputers.

1. Personal Computers (PCs)

Personal computers are general-purpose computers designed for individual use. They can be further
categorized into:

• Laptops: Portable computers with integrated screens, keyboards, and batteries, making them
suitable for on-the-go use.
• Desktops: Stationary computers typically consist of separate components such as a monitor,
CPU, keyboard, and mouse. They offer more power and upgradeability compared to laptops.
• Tablets: Lightweight and portable touchscreen devices that combine features of both laptops
and smartphones.
•
2. Mobile Game Computers

Mobile game computers are specialized devices optimized for gaming on the go. They often feature
powerful processors, high-quality graphics, and dedicated gaming functionalities. This category
includes:

• Gaming Laptops: High-performance laptops specifically designed for gaming, equipped with
enhanced graphics and advanced cooling systems.
• Handheld Consoles: Portable gaming devices like the Nintendo Switch or Steam Deck,
designed for gaming with built-in controls.
• Smartphones: Mobile phones that support gaming applications and are equipped with robust
hardware to provide quality gaming experience.
•
3. Types of Server Computers

Server computers are designed to manage network resources and provide various services. They
include:

• File Servers: These stores and manage files for multiple users over a network, enabling
centralized access to data.
• Database Servers: Responsible for managing databases and providing database services to
client applications, facilitating data storage, retrieval, and management.
• Web Servers: Host websites and deliver web content to users over the internet, processing
requests from web browsers.
• Application Servers: Provide software applications to client devices, managing business logic
and processing user requests.
 • Virtual Servers: Created by virtualization software, allowing multiple server environments to
run on a single physical server.

4. Types of Mobile Devices

Mobile devices serve various functions and include:

• Smartphones: Multi-functional devices that combine communication, internet browsing, and

application support.
• Tablets: Larger than smartphones, tablets offer touchscreen interfaces and are used for media
consumption, browsing, and productivity tasks.
• Wearable Devices: Smartwatches and fitness trackers that provide health monitoring,
notifications, and connectivity features.
• E-readers: Dedicated devices for reading digital books and documents, featuring e-ink displays
that facilitate easy reading.
5. Internet Appliances

Internet appliances are devices designed for internet connectivity and smart functionalities, including:

• Smart TVs: Internet-enabled televisions that allow streaming of content and direct access to
applications.
• Smart Speakers: Voice-activated devices that connect to the internet, enabling music
playback, smart home control, and answering questions.
• Digital Media Players: Devices such as Roku or Apple TV that stream online content to
televisions.
• Home Automation Devices: Internet-connected devices like smart thermostats, lights, and
security systems that can be controlled remotely.
•
6. Supercomputers

Supercomputers are high-performance systems specifically designed to perform highly complex

calculations at exceptionally fast speeds. They are used primarily for tasks that require significant
computational power, such as scientific research, weather modelling, and advanced simulations. Key
characteristics include:
 • High Performance: Capable of executing millions of instructions per second, suitable for rapid
data processing.
• Parallel Processing: Utilize multiple processors to work on different parts of a problem
simultaneously, significantly reducing computation time.
• Large Memory Capacity: Equipped with vast amounts of memory and storage for handling
extensive datasets and performing large-scale simulations.
https://www.geeksforgeeks.org/types-of-computers/

1.5 Internet, World Wide Web, Web Browsing and search Engine.

The Internet serves as a vast network connecting millions of devices, enabling access to the World
Wide Web, where users can engage in web browsing to explore various types of websites, including
informative, e-commerce, social media, and educational platforms, while online social networks
facilitate connections and interactions among users within these digital spaces. This
interconnectedness allows for the seamless sharing of information and resources across geographical
boundaries. From an information systems perspective, the Internet serves as the backbone for various
applications and services, including:

Email: A fundamental communication tool that enables the exchange of messages and files between
users.

File Sharing: Systems that facilitate the transfer of files and documents between users or systems,
enhancing collaboration.

Online Gaming: A form of interactive entertainment that relies on real-time data exchange between
players and servers. https://edu.gcfglobal.org/en/internetbasics/what-is-the-internet/1/
 Figure 1.9 The internet (Adapted from Rainer and Prince, 2022).

The World Wide Web (WWW) represents a significant aspect of the Internet, functioning as a system
of interlinked hypertext documents and multimedia content. The Web operates using HTTP (Hypertext
Transfer Protocol), which allows users to retrieve web pages from servers. This system of interlinked
documents provides a rich source of information and resources, making it a vital component of
modern information systems. The WWW can be understood through several key concepts:

• Interactivity: Users can interact with web content, allowing for dynamic exchanges of
information, such as filling out forms or participating in discussions.
• Content Management: Organizations can manage and update their web content to provide
users with current and relevant information, supporting decision-making processes.
• Accessibility: The Web enables access to information from anywhere in the world, enhancing
the ability of individuals and organizations to gather data and share knowledge.

Web Browsing is the process of navigating the World Wide Web using a web browser, a software
application designed to access and display web content. Popular web browsers, such as Google
Chrome and Mozilla Firefox, act as interfaces between users and the vast resources of the Web. Web
browsing involves several critical functions:
 • Information Retrieval: Users can search for specific information quickly, enhancing the
efficiency of data access.
• User Experience: Browsers provide features like bookmarking and history, improving user
interaction with information systems.
• Data Visualization: Web browsers interpret HTML (Hypertext Markup Language) to render
content visually, making complex data more understandable.
Websites are collections of interconnected web pages hosted on the Internet, accessible through web
browsers. They serve various purposes and can be categorized into different types based on their
functionality and content. Websites can be categorized into various types, each serving distinct
purposes:

• Informational Websites: Provide news, blogs, and educational content.

• E-commerce Websites: Enable online buying and selling, like Amazon and eBay.
• Social Media Websites: Facilitate interaction and content sharing (e.g., Facebook, Twitter).
• Portfolio Websites: Showcase individual work and skills.
• Community Forums: Allow discussions and advice sharing, such as Reddit and Quora.
• Entertainment Websites: Offer leisure activities like videos and games (e.g., YouTube, Netflix).
• Government Websites: Provide information and services from government agencies.
https://www.britannica.com/topic/World-Wide-Web

1.6 Web Searching and Search Engines

Web Searching is a key function within information systems that allows users to find specific
information online using search engines. Search engines index content from various websites and
employ algorithms to rank results based on relevance and authority. This indexing system is critical
for effective information retrieval. https://www.techtarget.com/whatis/definition/search-
 Figure 1.10 Search Engines (Adapted from Rainer and Prince, 2022).

1.7 Online Social Networks.

Online social networks are platforms that allow users to create profiles, share content, and connect
with others based on shared interests, with examples including Facebook, Twitter, Instagram,
LinkedIn, and TikTok.

Malware, or malicious software, refers to harmful programs designed to damage, disrupt, or gain
unauthorized access to computer systems. Here are the common types of malwares:

1. Viruses: Attach to legitimate files and spread through shared infected files, potentially
corrupting or deleting data.

2. Worms: Standalone malware that replicates itself across networks without attaching to other
files, consuming bandwidth and exploiting vulnerabilities.

3. Trojan Horses: Disguise themselves as legitimate software, tricking users into installation, and
can create backdoors for unauthorized access.

4. Ransomware: Encrypts files and demands ransom for restoration, posing significant risks to
individuals and organizations.

5. Spyware: Monitors user activities and collects sensitive information like passwords and
browsing habits, compromising privacy.

6. Adware: Displays unwanted advertisements and may track browsing habits, affecting system
performance.
 7. Rootkits: Gain unauthorized control over systems while remaining hidden, modifying
operating system functionality.

8. Keyloggers: Record keystrokes to capture sensitive information, such as passwords and credit
card numbers.

9. Bots and Botnets: Automated programs for repetitive tasks; botnets consist of networks of
infected devices used for attacks or spam.

Viruses, a type of malware, come in various forms, each with distinct characteristics and behaviors.

• File Infector Viruses attach themselves to executable files and spread when the infected files
are executed.
• Macro Viruses exploit macros in applications like Microsoft Word and Excel, executing
malicious code when a document is opened.
• Polymorphic Viruses change their code each time they infect a new file, making them difficult
to detect by traditional antivirus software.
• Metamorphic Viruses go a step further by rewriting their own code with each infection,
presenting an even greater challenge for detection systems.
• Boot Sector Viruses infect the master boot record of a storage device, executing code before
the operating system loads, which can severely compromise the system
Resident Viruses embed themselves in the computer's memory, allowing them to infect other
files without the need for an executable file. Each type of virus poses unique risks and
challenges, emphasizing the importance of robust security measures to protect against their
harmful effects. https://hightouchtechnologies.com/9-common-types-of-computer-
viruses/

Information Privacy

Information privacy is the right of individuals to manage access to their personal data and how it is
collected, stored, and used. As digital technologies evolve, protecting personal information is vital to
prevent identity theft and unauthorized access. Organizations must adhere to regulations like the
General Data Protection Regulation (GDPR), while individuals can safeguard their privacy by utilizing
strong passwords and privacy settings. https://study.com/academy/lesson/information-privacy-laws-
examples-quiz.html
Health Concerns

Technological advancements, while beneficial, also pose health risks. Extended screen time can lead
to digital eye strain, causing blurred vision and discomfort. Additionally, excessive use of technology
can contribute to a sedentary lifestyle, increasing the risk of obesity and cardiovascular issues. There
are also ongoing concerns about the effects of electromagnetic fields from devices. Encouraging
healthy technology habits and ergonomic practices can mitigate these health issues.
https://www.who.int/news/item/13-09-2018-public-health-implications-of-excessive-use-of-
the-internet-and-other-communication-and-gaming-platforms

Environmental Issues and Green Computing

The environmental impact of technology is a growing concern due to pollution and resource depletion
from the production and disposal of electronic devices. E-waste contains toxic materials that pose
significant risks. Green computing addresses these challenges by promoting energy-efficient practices,
recycling, and sustainable manufacturing, helping individuals and organizations reduce their carbon
footprint and support a more sustainable tech industry.

Communication Technologies

refer to the various tools, systems, and platforms that enable the transmission of information between
individuals, organizations, or devices. These technologies are fundamental to modern communication,
supporting everything from personal interactions to business operations and global information
exchange

Communication Technologies

encompass the tools, systems, and platforms that facilitate the transfer of information between
individuals, organizations, or devices. They are essential in modern communication, enabling personal,
business, and global information exchange. These technologies include wired and wireless methods,
mobile communication, internet-based communication, and satellite systems.
Examples of Wireless Communication Technologies:

• Wi-Fi: Enables wireless internet connectivity for devices within a certain range.
• Bluetooth: Short-range wireless communication for devices like headphones, keyboards, and
smartphones.
• Cellular Networks (3G, 4G, 5G): Provide mobile data and voice services over long distances.
• Satellite Communication: Enables communication in remote areas via satellites.
• NFC (Near Field Communication): Allows for short-range communication, often used in
contactless payments.

1.8 Types of Software License or software availabilities

Software licenses and availabilities are vital in the information systems (IS) world, regulating how
software is used, distributed, and modified. They influence legal compliance, cost management,
customization, scalability, and security within IS operations. Organizations must adhere to license
terms to avoid legal risks and ensure governance, risk, and compliance (GRC) standards.

In terms of software availability, organizations have access to various types:

• Proprietary software: Commercially developed, often requiring purchase or subscription,

with limited modification rights.
• Open-source software: Free to use and modify, allowing customization to meet specific IS
needs.
• Freeware: Available at no cost but often lacks source code for modification.
• SaaS (Software as a Service): Subscription-based cloud software, enabling access from
anywhere without installation.

https://www.youtube.com/watch?v=20QUNgFIrK0

IT Offers Career Opportunities

Because IT is vital to the operation of modern businesses, it offers many employment opportunities.
The demand for traditional IT staff—programmers, business analysts, systems analysts, and
designers—is substantial. In addition, many well-paid jobs exist in areas such as the Internet and
electronic commerce (e-commerce),mobile commerce (m-commerce), network security,
telecommunications, and multimedia design.
The IS field includes the people in various organizations who design and build information systems,
the people who use those systems, and the people responsible for managing those systems. At the
top of the list is the chief information officer (CIO).
The CIO is the executive who is in charge of the IS function. In most modern organizations, the CIO
works with the chief executive officer (CEO), the chief financial officer (CFO), and other senior
executives. Therefore, he or she actively participates in the organization’s strategic
planning process. In today’s digital environment, the IS function has become increasingly strategic
within organizations. As a result, although most CIOs still rise from the IS department, a growth
numbers are coming up through the ranks in the business units (e.g., marketing, finance). Regardless
of your major, you could become the CIO of your organization one day. This is another reason to be
an informed user of information systems!
BLE 1.1
Information Technology Jobs
USE CASE: Standard Bank Information System Implementation

Standard Bank, a leading financial institution, demonstrates an exemplary implementation of a

comprehensive information system that revolutionized its banking operations. The bank's information
system consists of interconnected components working harmoniously to process financial
transactions, manage customer data, and ensure secure banking services. At its core, the system
utilizes high-performance computers - from powerful mainframes handling millions of transactions to
desktop computers at teller stations. These computers form part of a sophisticated hardware
infrastructure that includes ATMs, card readers, and security devices.
The information processing life cycle at Standard Bank follows a structured flow: customer data is
input through various channels (ATMs, mobile apps, teller stations), processed through secure servers,
and output as transaction receipts, account statements, and financial reports. This data is then stored
in encrypted databases for future reference and compliance requirements. The bank's employees,
from tellers to financial advisors, must possess both information literacy (understanding how to
interpret and use financial data) and computer literacy (proficiency in using banking software and
systems) to effectively serve customers.
The hardware components of Standard Bank's system include a robust network of servers,
workstations, and peripheral devices, while the software infrastructure comprises both system
software (operating systems, security protocols) and application software (banking applications,
customer relationship management systems). The system unit at each workstation contains high-
speed processors, adequate RAM, and secure storage devices, all protected by multiple security
layers.
Standard Bank employs various types of software applications, including specialized banking software
for transaction processing, investment management, and loan processing, alongside general
applications for office productivity. This comprehensive information system has significantly enhanced
the bank's operational efficiency, improved customer service delivery, and strengthened security
measures. Regular updates and maintenance ensure the system remains current with evolving
banking technologies and security requirements. The success of this implementation showcases how
a well-designed information system can transform a traditional banking institution into a modern,
efficient, and customer-centric organization.
Through this case, we can observe how each component - from hardware to software, from data
processing to information literacy - plays a crucial role in creating a robust and effective banking
information system. The integration of these elements enables Standard Bank to provide reliable,
secure, and efficient banking services while maintaining competitive advantage in the financial sector.
The system's success is measured not only in terms of technological advancement but also in improved
customer satisfaction, enhanced operational efficiency, and strengthened security protocols.
Questions

1. ANALYTICAL QUESTION

• Evaluate how Standard Bank's information system components work together to

ensure efficient banking operations. In your answer, discuss at least three key
components and their interdependence."

2. PRACTICAL APPLICATION QUESTI

• "A customer reports unauthorized transactions on their account. Explain step by step
how Standard Bank's information system would be used to:
a) Investigating the incident
b) Preventing similar occurrences in the future

3. CRITICAL THINKING QUESTION

• "Compare and contrast information literacy and computer literacy in the context of
Standard Bank. Why are both types of literacy crucial for bank employees to provide
effective customer service?"

4. TECHNICAL UNDERSTANDING QUESTION

• "Describe the information processing life cycle at Standard Bank by:

 a) Explaining each stage of the
b) Providing specific banking examples for each stage

5. PROBLEM-SOLVING QUESTION

• "Standard Bank is experiencing system slowdown during month-end peak periods. As

an IT consultant:
a) Identify three possible causes of this problem
b) Propose a comprehensive solution addressing each cause

Short Questions

1. What is the difference between the Internet and the World Wide Web?
2. How do search engines rank websites, and what factors influence their search algorithms?
3. What privacy concerns arise from the use of online social networks?
4. How can organizations adopt green computing practices to reduce environmental impact?
5. What are the main types of software licenses, and how do they differ?

References:

1. Boudreau, M. and Slaughter, S. (2024) 'Understanding Modern Computer Architecture',

Journal of Computer Engineering, 12(2), pp. 78-92.
2. ComputerHope (2024) Input Devices. Available at:
https://www.computerhope.com/jargon/i/inputdev.htm (Accessed: 11 December 2024).
3. GeeksforGeeks (2024) Types of Computers. Available at:
https://www.geeksforgeeks.org/types-of-computers/ (Accessed: 11 December 2024).
4. Hayes, A. (2024) 'Information Systems and Data Management', Information Technology
Review, 15(3), pp. 112-126.
5. IBM (2024) What is Quantum Computing? Available at:
https://www.ibm.com/topics/quantum-computing (Accessed: 11 December 2024).
6. Jabil (2024) Future of 3D Printing & Additive Manufacturing. Available at:
https://www.jabil.com/blog/future-of-3d-printing-additive-manufacturing-looks-bright.html
(Accessed: 11 December 2024).
 7. McKinsey & Company (2024) What is Quantum Computing? Available at:
https://www.mckinsey.com/featured-insights/mckinsey-explainers/what-is-quantum-
computing (Accessed: 11 December 2024).
8. Simplilearn (2024) AI and Machine Learning Trends. Available at:
https://www.simplilearn.com/artificial-intelligence-ai-and-machine-learning-trends-article
(Accessed: 11 December 2024).
9. TDK Corporation (2024) Impact of Blockchain Technology on Business. Available at:
https://www.tdk.com/en/tech-mag/past-present-future-tech/impact-of-blockchain-
technology-on-business (Accessed: 11 December 2024).
10. TutorialsPoint (2024) Computer Input Devices. Available at:
https://www.tutorialspoint.com/computer_fundamentals/computer_input_devices.htm
(Accessed: 11 December 2024).

Chapter 2: Organizational Strategy, Competitive Advantage, and Information Systems

2.1 Opening Case

LEARNING OUTCOMES
After reading this Section of the guide, the learner should be able to:

• Discuss ways in which information systems enable business processes for a single functional
area and cross-functional processes.
• Differentiate among business process reengineering, business process improvement, and
business process management.
• Identify effective IT responses to different kinds of business pressures.
• Describe the strategies that organizations typically adopt to counter Porter’s five
competitive forces

The Coronavirus Pandemic Magnifies the Digital Divide

Background
The United States has a long history of bringing utility access to all Americans. To illustrate this point,
let’s consider three government actions: the Rural Electrification Administration (REA), the
Communications Act of 1934, and the Telecommunications Act of 1996.

In the early 1930s, when President Franklin D. Roosevelt established the REA, 90 percent of U.S.
farmers lived without electricity. The cost of installing electric lines to the country’s most remote areas
was prohibitive for profit-seeking businesses. Therefore, the REA provided loans to rural electric
cooperatives to construct their electric networks. By the end of the 1940s, most farms in the United
States had electricity. In hindsight, it is clear that Americans should have access to electricity. The
country’s economic and social well-being depend on it.

With the Communications Act of 1934, the U.S. government provided a universal service guarantee
that mandates that every resident have a baseline level of telecommunications services. The
government recognized that telephone services provide a vital link to emergency services, government
services, and surrounding communities. Because of the universal service guarantee, providers
frequently must offer and maintain—even at a loss—expensive copper twisted-pair phone lines in rural
areas to support small populations. The carriers are compensated for these costs through a tax on
customers’ phone bills, called the Universal Service Fund. Again, in hindsight it is clear that universal
access to telecommunications service—today, broadband access to the Internet—is essential to the
nation’s prosperity. Advocates of universal broadband Internet access contend that broadband
Internet is not a luxury but a right of all 21st century Americans.

The overall objective of the Telecommunications Act of 1996 was to provide higher-quality services for
consumers. The act wanted to ensure that all Americans are connected to the Internet, regardless of
their income.

The 1996 act recognized that broadband Internet access provides many significant benefits, in the
areas of public health, telework, and education. The coronavirus pandemic has magnified the
importance of the digital divide, particularly in these areas. Digital divide refers to the gap between
people who have access to modern information and communications technologies, and those who
have restricted access, limited access, or no access.

Public health: Rural areas suffer from a shortage of physicians and hospitals. Being able to conduct a
video conference with a physician, nurse practitioner, or nurse without having to drive miles to an
office or a hospital can literally save lives.

Teleworking: Being able to work from home provides flexibility to workers. Teleworking has received
far more attention during the COVID-19 pandemic.
For example, an unemployed person who has Internet access at home will be employed seven weeks
faster than a person who does not. In addition, he or she will earn more than $5,000 in additional
income annually, according to an analysis of data from the Bureau of Labor Statistics (BLS;
www.bls.gov).

Education: Before the coronavirus pandemic, 70 percent of primary and secondary school teachers
assigned homework online. The homework gap, referring to children who cannot do online homework
because they do not have reliable broadband access, is now extending to higher education.

Significantly, students are 7 percent more likely to earn a high school diploma and attend college when
they are connected to the Internet at home. Furthermore, these students will earn more than $2
million more over their lifetimes.

The Problem

As of May 2020 the United States still had a persistent digital divide. The divide was once only a
problem of Internet access. Today, it encompasses access speed and connection quality.

To effectively use modern Internet, people must have a broadband connection, which the FCC defines
as the ability to download data at 25 megabits per second (Mbps) and to upload data at 3 Mbps. In
addition, consumers must have a consistent Internet connection; that is, a connection that does not
fluctuate unpredictably.

Let’s consider two questions:

(1) How big is the digital divide?

(2) Whom does the digital divide impact the most?

Question 1: In 2020 the FCC reported that approximately 16 million Americans did not have consistent
broadband Internet access. Further, many people could not obtain broadband service because they
lived in an area where it was not cost effective for providers to provide such access.

However, industry analysts contend that the number of Americans without reliable broadband service
is much higher than what the FCC reports. For example, a 2019 Microsoft study found that almost 163
million Americans were not using the Internet at broadband speeds. Two serious problems in the way
the FCC gathers its data account for the large disparity in these statistics.

First, the FCC asks Internet providers if they are “providing or could provide, without an extraordinary
commitment of resources, broadband service to an area.” If the answer is yes to either (providing or
could provide), then the FCC considers that area to have broadband access. As a result, many places
are counted as having broadband access when they not only have no such access, but providers have
no plans to provide it anytime soon.

Second, the FCC bases its data on census blocks, which are the smallest units used by the U.S. Census
Bureau. A census block is a statistical area bounded by visible features such as roads, streams, and
railroad tracks, and by nonvisible boundaries such as streets, roads, transmission lines, property lines,
city, township, school district, county limits, and line-of-sight extensions of roads. In rural areas, these
blocks can be very large. If broadband access is delivered to a single customer in that block, then the
FCC counts the entire block as having access.

For example, in 2019 the FCC stated that 100 percent of Ferry County, Washington, residents had
broadband Internet access. However, local officials contended that very few residents of the rural
county had broadband access and that those who did were using broadband in their businesses. In
fact, Microsoft data indicated that only 2 percent of Ferry County residents were using broadband
Internet.

Question #2: The problem with the digital divide is that Americans who live in rural areas are more
likely than Americans who live in urban areas to lack reliable broadband Internet access. The Rural
Broadband Association (www.ntca.org) cites a 2016 study from the Hudson Institute that found that
nearly 70 percent of the economic impact of broadband Internet access went to urban rather than
rural economies.

Consider workers, veterans, and retirees who face economic and health challenges. The pandemic
caused the closing of government benefits offices that assist these people at the same time that
government websites were crashing due to surges in traffic. Even if government websites could meet
the challenge, few agencies have established online or remote options for citizens who must meet with
civil servants for hearings and other official proceedings.

For example, although some states have enacted measures to make unemployment insurance readily
available by allowing people to apply online without going to an office, this process requires reliable
Internet access. People must be able to access and fill out forms online, sign the forms online, and
submit them online.

Covid’s Impact on the Digital Divide

Although the Internet has provided the opportunity for many people to experience some sort of
normalcy during the pandemic, millions of Americans do not have reliable broadband Internet access.
Unfortunately, underserved areas and communities have not been able to access health care or
transition to an online workplace or school environment. We now examine the impact of the digital
divide during the coronavirus pandemic in the areas of telehealth, telework, and distance education.

Telehealth

Telehealth is the distribution of health-related services and information via electronic information and
telecommunications technologies. Telehealth enables long-distance patient and health-care
professional contact, care, advice, reminders, intervention, monitoring, and education.

Jane Fox, a social worker in a rural town, uses telehealth technology to help psychiatrists evaluate their
patients. Unfortunately, she cannot work from home because her broadband Internet connection is
too unreliable. She cannot afford to lose her connection in the middle of a telehealth videoconference.
As a result, she must drive 35 miles to the closest hospital to videoconference with patients and
psychiatrists.

During the pandemic, people seeking medical care were cautioned to avoid hospitals and physicians’
offices in favor of video or phone calls with their healthcare professionals. However, conducting video
sessions with these professionals requires broadband Internet access.

The Centers for Disease Control and Prevention (CDC) estimates that 60 percent of Americans have
chronic health conditions and cannot simply stop seeing their physicians. Telehealth is the obvious
solution, especially for older adults who face the greatest risk from the coronavirus. Unfortunately,
many of these individuals do not have broadband Internet access at home.

The federal government took some steps to accelerate access to telehealth services by expanding
Medicare coverage to phone and video consultations and modifying the rules that prevent health-care
workers in one state from practicing in another. One coronavirus stimulus package also included $200
million to increase connectivity for rural health-care providers and improve telehealth options for
veterans. However, physicians will have to start using such technology to make it widely available for
patients

Telework

Telework is the practice of performing your job away from the office. During the coronavirus pandemic,
telework came to mean working from home while socially distancing. To be able to telework effectively,
employees must have a computer, laptop, or phone, and, most importantly, a consistent broadband
connection. Without these technologies, telework is very difficult, if not impossible.

According to the BLS, under normal circumstances about 7 percent of U.S. employees have a flexible
workplace, meaning that they have the option of working part-time or full-time from home. White-
collar workers are much more likely to have a telework option. Roughly 22 percent of employees with
jobs in management, business, or finance can telework, compared to only 1 percent of service workers

When we take race and ethnicity into account, 37 percent of Asian employee and 30 percent of
Caucasian employees have a telework option, compared with 20 percent of Black employees and 16
percent of Hispanic employees, according to the BLS. In June 2020 the U.S. unemployment rate had
reached 11.1 percent and was highest among the Black and Hispanic populations.

Distance Education

As of May 2020 many school districts and universities had closed for physical classes through the end
of the school year. These institutions implemented distance learning policies so that students could
continue their lessons via the Internet. Unfortunately, the shift to distance education was not smooth,
and it highlighted the problems stemming from the digital divide.

As an example, one rural school in California switched to distance learning and discovered that 42 of
its 168 students—that is, 25 percent—did not have any Internet connection at home. As a result,
teachers lost touch with some of those students. Furthermore, some areas did not have a reliable
cellular signal, meaning that students could not go online using free Internet services offered by their
schools during the pandemic

To enable students to access the Internet, education officials in South Carolina and Texas dispatched
school buses equipped as Wi-Fi hotspots to rural and low-income neighborhoods. Another school in
Texas set up a stationary Wi-Fi hotspot in the parking lot of its football stadium where students could
park and connect. In Prince George County in Virginia, the school district distributed laptops to
students who did not have a computer at home and paid for Internet access for students who did not
have it.

In South Dakota, one district printed out hard copies of work for students who did not have broadband
Internet access. Families picked up and dropped off students’ work at the school. After families turned
in completed work, teachers waited 72 hours to grade it to ensure that any coronavirus on the
schoolwork had died.

Stopgap “Solutions”

Many libraries, schools, and other municipal buildings are leaving their Wi-Fi connections on overnight
because they are the only source of connectivity in their towns. Also, in April 2020 Google announced
it would provide free Wi-Fi to 100,000 rural California families through the end of the school year, plus
4,000 Chromebook laptops for students.
Eight of the nation’s major Internet service providers (ISPs) have announced various steps to improve
broadband access and connectivity during the pandemic. Providers are raising caps on data bandwidth
or offering two months of free broadband to households with students.

The FCC stated that more than 650 broadband Internet providers, telephone companies, and trade
associations signed its Keep Americans Connected pledge not to terminate internet service over
pandemic-related financial troubles, to waive late fees, and to allow free access to Wi-Fi services.
Offers from ISPs are available only in locations where those companies already provided service.

In 2017, Microsoft began its Airband Initiative, a five-year commitment to bring broadband access to
underserved Americans by using TV white space devices and other low-cost wireless technologies.
These devices detect the presence of existing but unused areas of airwaves and utilize them to transmit
wireless internet signals. By mid-2020, the Airband Initiative reached people in 25 states.

Closing the digital divide is a step toward shrinking the persistent gaps in economic opportunity,
educational achievement, and health outcomes in the United States. According to Deloitte Consulting,
it would take a $150 billion investment in fiber-optics infrastructure to modernize rural broadband
across the country. Improving broadband Internet access requires political will and incentives for
private telecommunications companies to build broadband networks in remote communities that
offer minimal profit.

One possible “benefit” of the pandemic is a broader recognition of how central to our society
broadband Internet access has become. Policymakers must realize that normal supply-and-demand
economics do not work with critical infrastructure. (Recall our discussion earlier in this case about U.S.
policy for providing electricity, telephone service, and Internet access to all Americans.)

Sources: Compiled from A. Gilreath, “Without In-Person Classes, Many Students Have Essentially Gone
Missing, Teachers Say,” USA Today, May 4, 2020; G. Sohn, “During the Pandemic, the FCC Must Provide
Internet for All,” Wired, April 28, 2020; Y. Baig, “Digital Divide Leaves Rural and Poor Sonoma County
Students with No Internet Connection,” The Press Democrat, April 13, 2020; A. Holpuch, “U.S.’s Digital
Divide ‘Is Going to Kill People’ as Covid-19 Exposes Inequalities,” The Guardian, April 13, 2020; K. Finley,
“When School Is Online, the Digital Divide Grows Greater,” Wired, April 9, 2020; D. Goldstein, A.
Popescu, and N. Hannah-Jones, “As School Moves Online, Many Students Stay Logged Out,” New York
Times, April 8, 2020; E. Mansfield and S. Conlon, “Coronavirus for Kids without Internet: Quarantined
Worksheets, Learning in Parking Lots,” USA Today, April 4, 2020; D. Castro, “Coronavirus Pandemic
Exposes Why America’s Digital Divide Is Dangerous,” USA Today, April 1, 2020; C. Merrefield, “Rural
Broadband in the Time of Coronavirus,” Journalist’s Resource, March 30, 2020; V. Bekiempis,
“Pandemic Response Lays Bare America’s Digital Divide,” The Guardian, March 21, 2020; L. Poon,
“Coronavirus Exposes How Bad America’s Homework Gap Really Is,” CityLab, March 20, 2020; D.
Truong, “As Classes Move Online, What Happens to Students without Internet or Computers?” WAMU
Radio Station, March 18, 2020; N. Turner-Lee, “What the Coronavirus Reveals about the Digital Divide
between Schools and Communities,” Brookings.edu, March 17, 2020; M. Vasquez, “Trump
Administration Lays out New Health, Economic Steps to Combat Virus,” CNN, March 17, 2020; D.
Truong, “D.C. Is Spending Millions to Get Tablets in the Hands of All Students,” WAMU Radio Station,
March 6, 2020; J. Busby and J. Tanberk, “FCC Reports Broadband Unavailable to 21.3 Million
Americans, BroadbandNow Study Indicates 42 Million Do Not

2.2 Introduction

Organizations operate in the incredible complexity of the modern high-tech world. As a result, they
are subject to myriad business pressures. Information systems are critically important in helping
organizations respond to business pressures and in supporting organizations’ global strategies.
Information system can be strategic, meaning it can provide a competitive advantage if it is used
properly. The chapter-opening case, illustrate how information technology (IT) can provide a
competitive advantage to organizations.

Competitive Advantage

Competitive advantage refers to any assets that give organizations an edge over competitors in areas
like cost, quality, or speed, enabling them to dominate the market and achieve above-average profits.
Both strategy and competitive advantage can take various forms, and understanding how to leverage
technology is crucial for entrepreneurs. Local businesses that creatively use technologies like Twitter,
Facebook, and Zoom can identify potential benefits for those that haven't yet adopted these tools.

This chapter is significant as it addresses business pressures impacting both organizations and
individuals, highlighting the role of information systems in responding to these challenges. Gaining a
competitive advantage is vital for survival, often hinging on employee contributions, making
knowledge of strategy and information systems essential for career growth.

Readers are encouraged to familiarize themselves with their organization's strategy, mission, and
financial dynamics, as well as the role of information technology in shaping these elements.
Participation in business or IT committees will require understanding how to optimize technology use
effectively.
The chapter also covers diverse business processes and the support information systems provide. It
discusses initiatives like business process improvement (BPI), business process reengineering (BPR),
and business process management (BPM), emphasizing the importance of these efforts and the
integral role of information systems in facilitating them. Ultimately, the chapter outlines how
information systems enable organizations to tackle business pressures and gain competitive
advantages in the marketplace.

2.3 Business Process

A business process is an ongoing collection of related activities that create a product or a service of
value to the organization, its business partners, and its customers. The process involves these
fundamental elements:

Inputs: Materials, services, and information that flow through and are transformed as a result of
process activities

Resources: People and equipment that perform process activities

Outputs: The product or a service created by the process

Process customers can be internal (e.g., managers receiving reports) or external (e.g., product buyers).
Organizations measure process performance using two key metrics:

Efficiency: How well activities are executed, minimizing delays and waste.

Effectiveness: How well the process creates valuable outputs for customers.

These metrics help organizations assess and improve their processes.

The procurement process involves acquiring materials from external vendors and consists of five steps
across three functional areas: warehouse, purchasing, and accounting.

• Need Identification: The warehouse identifies the need for materials due to low inventory and
documents this with a purchase requisition, sending it to the purchasing department.

• Vendor Selection: The purchasing department finds a suitable vendor, creates a purchase
order based on the requisition, and sends it to the vendor.

• Receiving Materials: The vendor ships the materials, which are received by the warehouse.

• Invoice Processing: The vendor sends an invoice to the accounting department.

 • Payment: Accounting processes the payment to the vendor, completing the procurement
process.

The fulfilment process involves handling customer orders, starting with the sales department receiving
and validating a purchase order. This leads to the creation of a sales order, which shares order details
with other departments and monitors progress. The warehouse then prepares and ships the order.
After shipment, accounting generates an invoice for the customer, who makes a payment that is
recorded by accounting.

An organization's business processes can provide a competitive advantage by enabling innovation and
efficient execution, but they can also hinder responsiveness and productivity. In the airline industry,
having an effective website for electronic ticket purchases is essential. A responsive, user-friendly site
with accurate information attracts customers and boosts revenue, while a poorly designed site can
damage business. To assess the effectiveness of their processes, organizations should document each
process, including its steps, inputs, outputs, and resources, and then analyze and modify it as needed
to enhance performance.

Figure 2.1: Business process for ordering an e-ticket from an airline website. (Adapted from Rainer
and Prince, 2022).

According to the above figure: Business process for ordering in an airline industry.
 ➢ Competitive necessity: Offering electronic ticket purchases

➢ Competitive advantage: Fast, accurate, user-friendly sites

➢ Potential liability: Slow, inaccurate, or outdated sites

Information Systems and Business Process

An information system (IS) is a critical enabler of an organization’s business processes. Information
systems facilitate communication and coordination among different functional areas, and allow easy
exchange of, and access to, data across processes. Specifically, ISs play a vital role in three areas:

➢ Executing the process: Information Systems (IS) are essential for organizations to execute
processes efficiently and effectively, as they are typically integrated into these processes. An
IS informs individuals when tasks need to be completed, provides necessary data, and
sometimes facilitates task completion. For instance, in the procurement process, the IS
generates purchase requisitions and alerts the purchasing department to take action. It also
allows accountants to match received shipments with supplier invoices for accuracy. Without
the IS, critical steps in the process cannot be completed, such as informing the warehouse
about which orders are ready for packing and shipping. In the fulfilment process, the
Information System (IS) notifies warehouse personnel when orders are ready for shipment. It
also provides a list of required materials for each order and indicates where those materials
can be found in the warehouse.

➢ Capturing and storing process data: Processes generate various types of data, such as dates,
product numbers, quantities, and customer information. Information Systems (IS) capture and
store this data, often automatically, while some data must be manually entered or captured
using methods like bar codes and RFID tags. In the fulfilment process, when a customer order
is received, data such as the customer's name and order details can be entered manually or
automatically through the website. The IS records information about who entered the data,
when, and where, and updates this information as the order progresses. A key advantage of
using an IS is that data only needs to be entered once, allowing easy access for all involved in
the process without the need for re-entry. The data captured can also provide immediate
feedback, enabling the creation of receipts or product recommendations.

➢ Monitoring process performance: A third contribution of IS is to help monitor the state of the
various business processes. That is, the IS indicates how well a process is executing. The IS
performs this role by evaluating information about a process. This information can be created
 at either the instance level (i.e., a specific task or activity) or at the process level (i.e., the
process as a whole).

Robotic Process Automation

Robotic Process Automation (RPA) allows companies to automate business processes and tasks
traditionally performed by employees using software "robots" or bots. Here are some applications of
RPA:

➢ Customer Service: Automated bots can quickly handle customer queries and route them to
the appropriate agents, providing initial responses without human intervention.

➢ Invoice Processing: RPA can automate the entire invoicing process, from receiving invoices to
data entry, verification, and payment generation, reducing human involvement.

➢ Sales Orders: RPA bots streamline tasks like generating sales quotes, monitoring orders, issuing
invoices, and processing returns and refunds, enhancing customer experience.

➢ Payroll: Bots can verify employee data, validate timesheets, calculate payments, create pay
checks, and manage benefits.

➢ Price Comparison: RPA bots compare vendor prices and product attributes, aiding informed
purchasing decisions.

➢ Customer Information Management: For instance, Takeda Pharmaceuticals used RPA to

expedite the recruitment process for a clinical trial, reducing paperwork time from weeks to
days.

➢ HR Processing: RPA can collect and organize extensive employee data, including history,
payroll, and training records.

➢ Recruitment: Bots can source resumes, assess qualifications, and filter out unqualified
applications from various platforms like LinkedIn.

Overall, RPA significantly enhances efficiency and accuracy across multiple business functions.

2.4 Business Process Improvement, Business Process Reengineering, and Business Process
Management

Excellence in executing business processes is widely recognized as the underlying basis for all
significant measures of competitive performance in an organization. A process refers to a series of
tasks completed to achieve a goal, and a business process specifically focuses on reaching objectives
for a business. Effective processes are essential for daily operations and can enhance a company's
competitiveness. Unique processes that achieve goals efficiently can differentiate a business,
potentially lowering costs and allowing for more competitive pricing or higher profits. In any work
environment, individuals engage in various business processes, from simple tasks like making a
sandwich to complex projects like building a space shuttle. Within the realm of information systems, a
business process consists of activities carried out by human actors and/or the information system to
achieve a specific outcome.

Figure 2.2: Diagram of an example business process. (Adapted from Rainer and Prince, 2022).

2.3.1 Business Process Re-engineering (BPR)

Business Process Reengineering (BPR) is a strategy aimed at enhancing an organization’s productivity

and profitability by fundamentally rethinking its business processes. The approach encourages
companies to examine their processes from a "clean sheet" perspective and to redesign them for
better efficiency. BPR gained traction due to advancements in information technology, which enabled
automation, standardization, and improved communication, reducing errors across organizational
silos.

https://www.youtube.com/watch?v=o5lUEwQN-Rs

However, while some organizations have successfully adopted BPR, many have struggled with its
implementation, finding it too radical, complex, and time-consuming. The potential impacts on
employees, facilities, existing information systems, and organizational culture often proved
overwhelming.
2.3.2 Business Process Improvement (BPI)

Despite challenges in implementing Business Process Reengineering (BPR), businesses began to focus
on organizing work around processes rather than individual tasks, leading to a more gradual approach
known as Business Process Improvement (BPI).

BPI aims to reduce variation in process outputs by identifying root causes of inconsistencies, whether
within the process itself (like a broken machine) or among inputs (such as declining quality from a
supplier). It typically involves teams that include a process expert, such as the process owner, and
other stakeholders, including both direct participants and customers. Six Sigma is a widely adopted
methodology for BPI, aiming to limit defects to 3.4 per million outputs through statistical analysis.
Originally developed by Motorola in the 1980s, Six Sigma has been embraced globally, particularly in
manufacturing, and has evolved to emphasize customer value, making it applicable to services as well.
It is commonly used in sectors like finance and healthcare. Successful BPI initiatives generally follow
five phases: define, measure, analyze, improve, and control (DMAIC).

While Business Process Improvement (BPI) initiatives may not achieve the dramatic performance gains
of Business Process Reengineering (BPR), many organizations prefer BPI because it is less risky and
more cost-effective. BPI emphasizes delivering measurable results; if a viable business case cannot be
established, the project is not pursued. BPI encourages all employees to apply improvement
techniques in their roles, leading to more bottom-up initiatives, unlike the top-down mandates typical
of BPR. BPI projects typically require less time and organizational resources, making them easier to
manage. However, if incremental improvements become unfeasible or if significant changes in the
business environment occur, organizations may need to consider BPR. A potential downside is that if
a company undertakes too many BPI projects without proper management, employees may feel
overwhelmed or lose interest in the initiatives.

2.3.3 Business Process Management (BPM)

To maintain Business Process Improvement (BPI) efforts over time, organizations can implement
Business Process Management (BPM), a management system designed to support the design, analysis,
implementation, management, and ongoing optimization of core business processes. BPM integrates
various BPI initiatives to ensure consistent execution of strategies.

https://www.youtube.com/watch?v=dRKk6jdO0Vg
Key components of BPM include process modeling and business activity monitoring. Process modeling
involves creating a graphical representation of all steps in a process, helping employees understand
the interactions and dependencies among participants, the information systems they use, and the data
they need to perform their tasks effectively. Specialized process modeling software can facilitate this
activity.

Business Activity Monitoring (BAM) is a real-time method for measuring and managing business
processes, allowing companies to monitor operations, identify failures, and address issues as they
arise. By tracking process performance, BAM generates valuable records that can inform process
improvements.

Business Process Management (BPM) activities are often supported by Business Process Management
Suites (BPMS), which are integrated applications that provide a repository for process information,
modeling tools, execution capabilities, and monitoring functions to adapt to changing business needs

Gartner emphasizes the importance of developing BPM skills across organizations, noting that high-
performing companies leverage BPM technologies—such as real-time monitoring, visualization, and
intelligent decision-making—to enhance their operations.

An emerging trend is social BPM, which enables collaboration using social media tools, facilitating
knowledge exchange among employees and external stakeholders to improve process execution.

Initially, BPM can boost profitability by reducing costs and increasing revenues, but over time, it can
also provide a competitive advantage by enhancing organizational flexibility, improving customer
satisfaction, and ensuring regulatory compliance. Ultimately, the company’s strategy should guide
BPM efforts.

2.5 Business Pressures, Organizational Responses, and Information Technology Support

Modern organizations compete in a challenging environment. To remain competitive, they must react
rapidly to problems and opportunities that arise from extremely dynamic conditions.

➢ Business Pressure

The business environment encompasses the social, legal, economic, physical, and political factors that
influence how businesses operate. Notable shifts in any of these areas can exert pressure on
organizations. In response, businesses often engage in activities bolstered by information technology.
 Figure 2.3: Business pressures, organizational performance and responses, and IT support. (Adapted
from Rainer and Prince, 2022).

Business pressures, organizational performance and responses, and IT support.

The three major types of business pressures are market, technology, and societal pressures.

Market Pressures

Market pressures arise from the global economy, fierce competition, evolving workforce dynamics,
and empowered customers.

• Globalization: Globalization refers to the integration and interdependence of various aspects

of life, facilitated by advancements in information technology. This allows individuals and
organizations to connect, communicate, and compete globally, accessing vast information and
resources without geographical or linguistic barriers. Consequently, globalization significantly
heightens competition. In essence, understanding these market pressures is crucial, as you
and the organizations you work with will be competing on a global scale.

Read more from the textbook: Introduction to Information Systems by R.Kelly Reiner and Brad Prince
• Changing Nature of the Workforce: The workforce in developed countries is becoming more
diverse, with increasing numbers of women, single parents, minorities, and individuals with
disabilities employed across various roles. Information technology (IT) is facilitating the
integration of these diverse groups and enabling remote work, which benefits parents and
those facing mobility or transportation challenges.

• Powerful Customers: As customers grow more knowledgeable about products and services,
their expectations and sophistication rise. The internet allows them to access detailed
 information, compare prices, and shop through electronic auctions. Organizations recognize
the importance of understanding and retaining customers, leading to efforts aimed at fostering
customer intimacy. This approach is a key element of customer relationship management
(CRM), which focuses on enhancing the overall customer experience.

Technology Pressure

The second category of business pressures involves technology-related challenges, primarily driven by
two factors: technological innovation and information overload.

• Technological Innovation and Obsolescence: Technological innovation quickly leads to the

creation of substitutes for products and services, often resulting in rapid obsolescence of
current offerings. For instance, the frequent release of new smartphone models and the shift
from print to electronic versions of books, magazines, and newspapers illustrate how swiftly
technology evolves. These changes compel businesses to stay aligned with consumer
demands. An example is the rapid technological innovation of the Apple iPad highlights the
fast-paced evolution of devices since its initial release in April 2010, with subsequent versions
including the iPad Mini, iPad Air, and iPad Pro introduced over the years. A notable trend
associated with this innovation is "bring your own device" (BYOD), which allows employees to
use personal mobile devices at work. While BYOD has boosted employee productivity and
satisfaction—often leading to longer working hours without extra pay—it poses significant
challenges for IT departments. These include diminished control over devices and increased
security risks, such as the spread of malware and the potential loss of sensitive information
stored on personal devices.

• Information Overload: Information overload is a significant challenge, as the volume of

information available online doubles roughly every year, much of it at no cost. This surge in
information presents managers with a deluge of data they must navigate to make effective
decisions. To manage this effectively, managers rely on information technologies like search
engines and data mining, which help them access and utilize the vast amounts of data,
information, and knowledge available.

Societal, Political, and Legal Pressures.

The third category of business pressures encompasses social responsibility, government regulation and
deregulation, spending on social programs, anti-terrorism expenditures, and ethics. This section will
explore how these factors influence modern businesses, beginning with the concept of social
responsibility.
 • Social Responsibility: Social responsibility encompasses various issues that affect businesses
and individuals, including environmental concerns, philanthropy, and education. Organizations
and individuals engage in efforts to address social problems, referred to as organizational or
individual social responsibility. A key focus is the state of the physical environment, with
initiatives like "green IT" addressing significant environmental challenges. IT plays a crucial role
in three main areas:

1. Facilities Design and Management: Companies are creating sustainable work

environments and pursuing LEED certification to promote eco-friendly building
practices, requiring IT professionals to contribute to these green facilities.

2. Carbon Management: As organizations aim to reduce their carbon footprints, IT

executives are tasked with developing systems to monitor carbon emissions across
the organization and its global supply chain. This requires knowledge of
embedded carbon and measurement techniques.

3. Environmental Laws: IT executives must navigate federal, state, and international

regulations that affect IT products, disposal practices, and overall carbon
management

These efforts reflect a growing commitment to social responsibility in addressing environmental issues.

The digital divide is a significant social issue affecting modern business, highlighting the gap between
individuals who have access to information and communications technologies and those who do not.
This disparity exists both within and between countries and has been exacerbated by the coronavirus
pandemic. One initiative aimed at narrowing this divide is the One Laptop per Child (OLPC) project, a
nonprofit organization focused on providing affordable laptops to enhance education for children
globally. As of 2020, the OLPC laptop was priced around $230, including educational software, but
additional costs such as shipping, solar chargers, maintenance, and training can raise the total to
approximately $450 for international users.

• Compliance with Government Regulations: Compliance with government regulations is a

significant source of pressure for businesses, covering areas like health, safety, environmental
protection, and equal opportunity. While businesses often view these regulations as costly
constraints, government deregulation can increase competition. In response to corporate
scandals, the U.S. government enacted laws such as the Sarbanes-Oxley Act and HIPAA,
 requiring organizations to comply, which is often an expensive and time-consuming process
that relies heavily on IT support for necessary controls and information.

• Protection against Terrorist Attacks: Additionally, since September 11, 2001, there has been
heightened pressure on organizations to safeguard against terrorist threats, including physical
and cyberattacks. The activation of military reservists has also created personnel challenges.
Information technology aids in these security efforts by providing systems that can identify
patterns related to terrorist activities. An example is the Department of Homeland Security’s
Office of Biometric Identity Management, which uses biometric screening systems to verify
identities against government databases at over 300 entry points into the U.S.

• Ethical Issues: Ethics encompasses general standards of right and wrong, while information
ethics focuses on ethical standards in information processing practices. Addressing ethical
issues is crucial, as poor handling can harm an organization’s reputation and employee morale.
The use of IT raises various ethical concerns, such as email monitoring and privacy violations
related to customer data stored in databases. Despite the importance of ethical practices, not
all organizations utilize information technology ethically.
https://www.youtube.com/watch?v=XVvEZXjKZMM

Clearly, then, the pressures on organizations are increasing, and organizations must be prepared to
respond appropriately if they are to succeed.

➢ Organizational Responses

Organizations are addressing various pressures by adopting IT solutions, including strategic systems,
customer-focused initiatives, make-to-order and mass customization strategies, and e-business
practices.

• Strategic Systems: These systems offer organizations competitive advantages that

help increase market share, enhance profitability, improve supplier negotiations,
and deter competitors. Many information systems are critically important; if they
are inadequate or fail, the organization itself may face significant risks.

• Customer Focus: Organizations strive to deliver exceptional customer service to

attract and retain customers, preventing them from turning to competitors.
Various IT tools and business processes are implemented to enhance customer
satisfaction. For instance, Amazon personalizes the shopping experience by
greeting returning customers by name and recommending items based on
 previous purchases. Similarly, Dell supports customers in purchasing decisions by
offering relevant information and choices during the buying process.

• Make-to-Order and Mass Customization: Make-to-order is a strategy focused on

producing customized products to individual specifications, aiming to
manufacture these goods efficiently and cost-effectively. This approach shifts from
traditional mass production, where identical items are produced in bulk, to mass
customization, which combines large-scale production with customization.
Historically, companies like Ford offered limited options, but the market evolved
toward consumer segmentation, providing standard products in various sizes and
colors. The next phase was configured mass customization, where consumers
could choose features for products like cars or computers. Currently, mass
customization allows companies to produce large quantities while tailoring
products to individual customer preferences. Examples include NikeID for
personalized footwear, My M&M for customized candies, and Dell and HP, which
let customers specify computer features to meet their needs.

• E-Business and E-Commerce: In today's competitive landscape, conducting

business electronically is vital. E-commerce (EC) involves buying, selling,
transferring, or exchanging products, services, or information over computer
networks like the Internet. E-business is a broader concept that includes not only
transactions but also customer service, collaboration with partners, and internal
electronic transactions. As companies face various pressures in the business
environment, they develop strategies to respond effectively, often relying on
information technology and strategic information systems. This approach is
further explored in subsequent sections of the text.

2.6 Competitive Advantage and Strategic Information Systems

A competitive strategy is a statement that identifies a business’s approach to compete, its goals, and
the plans and policies that will be required to carry out those goals (Porter, 1985). A strategy generally
aims for a desired outcome, such as increasing market share. In contrast, a competitive strategy
specifically targets achieving that outcome despite competitors' efforts to block you. This involves not
only planning your own actions but also anticipating and countering the strategies of your competitors.
An organization aims to achieve a competitive advantage in its industry through its competitive
strategy, focusing on outperforming rivals in areas like cost, quality, and time-to-market. This
advantage enables profitable operations and higher-than-average profits. While the core business
remains consistent, information technologies enhance traditional competitive advantages, such as low
costs and superior customer service. Strategic information systems (SISs) play a crucial role in this by
helping organizations implement their strategic goals and improve performance. Any information
system that aids in gaining or maintaining a competitive edge is considered a strategic information
system.

Porter’s Competitive Forces Model

Michael Porter’s competitive forces model is a key framework for analyzing competitiveness, helping
companies develop strategies to enhance their competitive edge. The model identifies five major
forces that can impact a company's position within an industry. Despite changes brought by the Web,
these fundamental forces have remained consistent over time and continue to drive competition
across all types of organizations, including non-profits and local governments, which compete for
resources and funding. This enduring relevance makes Porter’s model a valuable analytical tool for
assessing competition.

Figure 2.4: Porter’s competitive forces model. (Adapted from Rainer and Prince, 2022).

https://www.youtube.com/watch?v=mYF2_FBCvXw&pp=ygUGI3ZzaGJz

1. Threat of New Entrants: The threat of new competitors entering a market is influenced by the
ease of entry, with significant barriers reducing this threat. Barriers can include legal
requirements, customer expectations, or IT features essential for survival, such as pay-at-the-
pump services at gas stations. While the Web often lowers traditional barriers, making it easier
 for new competitors to emerge—especially in digital and intermediation industries—it can
also raise barriers when companies offer essential capabilities that set customer expectations,
like web-based package tracking. Thus, the Web can simultaneously increase competition and
create new challenges for potential entrants.
2. Bargaining power of suppliers: The bargaining power of suppliers is high when buyers have
limited options and low when there are many choices. Organizations prefer multiple suppliers
to strengthen their negotiating position regarding price, quality, and delivery. The Internet can
reduce supplier power by allowing buyers to easily find alternatives and compare prices, but
it can also benefit suppliers who integrate into supply chains and lock in customers.
3. Bargaining power of Buyer: Conversely, buyer power is high when consumers have many
purchasing options and low when choices are few. For example, the Internet has significantly
increased students' buyer power for textbooks by providing access to various suppliers and
detailed information. However, loyalty programs can reduce buyer power by incentivizing
customers to remain loyal to a specific organization, as IT helps track customer activity and
rewards frequent business, making customers less likely to switch to competitors.
4. The threat of substitute products or services: The threat of substitute products or services is
high when there are many alternatives available and low when alternatives are few. Rapid
technological advancements lead to the quick emergence of substitutes, such as wireless
phones replacing landlines and streaming services replacing CDs. Information-based industries
face significant threats from substitutes since digitized content can be easily shared online. To
mitigate the threat of substitutes, companies can increase switching costs, which are the
financial and time-related costs incurred when customers choose to switch to a competitor.
For example, smartphone contracts often include penalties for early termination, while
platforms like Amazon create personalized shopping experiences that take time for
competitors to replicate. This reliance on personalized service adds a time-based switching
cost for customers considering a move to another vendor.
5. The rivalry among existing firms in the industry: The rivalry among existing firms in an
industry is intense when many companies compete closely, leading to high competition. This
rivalry is heightened by the visibility of online systems, making it difficult for firms to maintain
proprietary advantages. As a result, competitors quickly replicate features, reducing
differentiation and increasing competitive pressure. For instance, in the grocery industry,
companies like Walmart and Kroger compete primarily on price, leveraging IT-enabled loyalty
programs to gain insights into customer preferences. Technologies such as RFID are used to
enhance efficiency and customer experience, further intensifying competition. Additionally,
 established firms can gain an edge by providing data-driven insights to customers. For
example, Babolat's tennis rackets offer performance feedback through a connected app. The
digital nature of products also contributes to fierce competition, as the variable cost of
producing additional digital units is very low. This allows companies to consider giving away
products or lowering costs significantly, such as potential zero-commission online stock
trading, making traditional brokerage services less relevant.
Porter’s Value Chain Model

Organizations use Porter’s competitive forces model to develop general strategies and the value chain
model to identify specific activities for implementing competitive strategies effectively. A value chain
is a series of activities that transform inputs into more valuable outputs, highlighting areas where
information technology can provide a competitive advantage.

https://www.youtube.com/watch?v=tT60_TofYf4

According to Porter’s value chain model, activities are divided into two categories: primary activities
and support activities. Primary activities involve the production and distribution of products and
services, directly creating value for customers. In contrast, support activities, while not adding direct
value, enhance the effectiveness of primary activities and contribute to overall competitive advantage.
Each type of organization—be it manufacturing, transportation, healthcare, or retail—has its unique
value chain, but the concept applies universally across different sectors.

Figure 2.5: Porter’s value chain model. (Adapted from Rainer and Prince, 2022).
In a manufacturing company, primary activities involve purchasing materials, processing the materials
into products, and delivering the products to customers. Manufacturing companies typically perform
five primary activities in the following sequence:

• Inbound Logistics: Processing incoming materials (receiving, storage)

• Operations: Adding value by transforming raw materials into products
• Outbound Logistics: Preparing products for delivery (packaging, storing, shipping)
• Marketing and Sales: Selling products and creating demand, increasing product value
• After-Sales Service: Providing additional value through warranty service, upgrades, etc.
Each step in this sequence adds value to the product as it moves through the chain from raw materials
to customer service.

As noted earlier, these primary activities are buttressed by support activities. Support activities consist
of the following:

• The firm’s infrastructure (accounting, finance, management)

• Human resources management
• Product and technology development (R&D)
• Procurement
Support activities can enhance any or all primary activities and can also interrelate with one another.
A firm’s value chain is part of a broader concept called a value system, which encompasses the
suppliers providing necessary inputs and their respective value chains. After a firm produces its
products, they move through the value chains of distributors to reach customers, forming a
comprehensive value system. To achieve and maintain a competitive advantage, organizations must
understand all components of this value system and how information technologies can support it.

Strategies for Competitive Advantage

Organizations aim to develop strategies to address Porter’s five competitive forces, but choosing a
strategy involves trade-offs. For instance, a focus on cost leadership may limit resources for research
and development, hindering innovation, while investing in customer satisfaction can raise costs.
Companies must commit to a clear strategy, as a confused approach will likely fail. This choice
influences how they utilize information systems. For example, a high-end retailer like Nordstrom may
embrace systems that enhance customer service despite increased costs, whereas a discount store like
Walmart would not. https://www.youtube.com/watch?v=6TgZQ9kFZNc
 Figure 2.6: Strategies for competitive advantage. (Adapted from Rainer and Prince, 2022).

Cost Leadership Strategy: Focus on producing the lowest-cost products and services in the industry.
For example, Walmart employs an automatic inventory replenishment system to minimize inventory
storage costs, maximizing sales floor space.

Differentiation Strategy: Offer unique products, services, or features that set a company apart from
competitors. Southwest Airlines has successfully positioned itself as a low-cost, short-haul express
airline, effectively competing in the airline industry.

Innovation Strategy: Introduce new products and services or enhance existing ones. Citibank’s
introduction of ATMs revolutionized banking by providing convenience and reducing costs, making
ATMs a necessity for banks. Apple exemplifies this through its rapid innovation.

Operational Effectiveness Strategy: Enhance internal processes to perform better than rivals, boosting
quality, productivity, and customer satisfaction while reducing time to market.

Customer Orientation Strategy: Prioritize customer satisfaction by creating personalized experiences.

Companies like Amazon, Apple, and Starbucks excel in cultivating strong customer relationships
through web-based systems.

Business–Information Technology Alignment

Business–Information Technology Alignment is crucial for maximizing the strategic value of IT within
organizations. This alignment, or strategic alignment, integrates the IT function directly with the
organization's strategy, mission, and goals, ensuring that IT supports business objectives. Six
characteristics of effective alignment include:

• Viewing IT as a catalyst for innovation and new revenue streams.

 • Prioritizing internal and external customer service.
• Rotating business and IT professionals across departments.
• Establishing clear overarching goals for all employees.
• Ensuring IT staff understand the financial implications of the business.
• Fostering a vibrant and inclusive company culture.
However, many organizations struggle to achieve this alignment. A McKinsey and Company survey
revealed that only 27% of executives felt their organizations had adequate alignment. Major barriers
include differing objectives between business and IT managers, lack of awareness of each other's
expertise, and poor communication. To improve alignment, fostering a collaborative environment is
essential, enabling business and IT executives to communicate and learn from one another.
Additionally, using enterprise architecture can enhance alignment by providing a framework that
integrates both technical specifications (IT systems) and business specifications (core processes and
management activities).

https://www.youtube.com/watch?v=Rrn1szu_Ft4

Unit Review Questions

1. Discuss ways in which information systems enable cross-functional business processes and
processes for a single functional area.
2. Compare and contrast business process reengineering and business process management to
determine the different advantages and disadvantages of each.
3. Identify effective IT responses to different kinds of business pressures.
4. Describe the strategies that organizations typically adopt to counter Porter’s five competitive
forces.

CASE STUDY
Digital Transformation at Global Foods: A Case Study in Business Process and Competitive Advantage
Background

Global Foods, a mid-sized grocery chain with 200 stores across the Midwest, has been facing increasing
pressure from larger competitors and online grocery services. The company's traditional business
processes and aging information systems have made it difficult to compete effectively in the modern
retail landscape.

In 2023, Global Foods' market share dropped by 15%, primarily due to customers switching to
competitors offering online ordering, home delivery, and more personalized shopping experiences.
The company's manual inventory management system resulted in frequent stockouts and overstock
situations, while its limited customer data collection meant it couldn't effectively target promotions
or optimize product offerings.

The Challenge

CEO Sarah Martinez recognized that Global Foods needed to undergo a digital transformation to
remain competitive. The company faced several key challenges:

1. Inefficient Supply Chain: The manual procurement process often resulted in delayed orders
and miscommunication with suppliers.
2. Poor Inventory Management: Store managers couldn't accurately track stock levels in real-
time.
3. Limited Customer Insights: The company had no systematic way to collect and analyze
customer purchasing patterns.
4. Competitive Pressure: Both traditional competitors and online grocery services were gaining
market share.
5. Employee Resistance: Many long-term employees were resistant to technological change.

The Solution

Global Foods initiated a comprehensive digital transformation strategy:

1. Implemented an integrated Enterprise Resource Planning (ERP) system to streamline

procurement and inventory management
2. Developed a mobile app and e-commerce platform for online ordering and delivery
3. Introduced a customer loyalty program with personalized promotions
4. Deployed RFID technology for real-time inventory tracking
5. Established a data analytics team to optimize pricing and product placement

Results

After 18 months:

• Online sales grew to 25% of total revenue

• Inventory costs reduced by 30%
• Customer satisfaction scores improved by 40%
• Market share began to stabilize
• Employee productivity increased by 25%
However, the transformation wasn't without challenges. The company faced initial resistance from
employees, technical integration issues, and temporary disruptions to store operations during the
implementation phase.

Case Study Questions

1. Business Process Analysis

o Identify the key business processes that were transformed in this case.
o How did the new information systems enable both single-functional and cross-
functional processes?
o What role did Business Process Management (BPM) play in this transformation?
2. Competitive Forces and Strategy
o Using Porter's Five Forces model, analyze the competitive environment facing Global
Foods.
o Which competitive strategies (cost leadership, differentiation, innovation, etc.) did
Global Foods adopt?
o How did the new information systems support these strategies?
3. Technology and Change Management
o What were the main technological pressures facing Global Foods?
o How did the company address employee resistance to change?
o What role did IT-business alignment play in the success of this transformation?
4. Results and Recommendations
o Evaluate the effectiveness of Global Foods' digital transformation.
o What additional steps should the company take to maintain its competitive
advantage?
o How can Global Foods ensure continuous improvement of its new business
processes?
5. Strategic Impact
o How did the new information systems provide strategic advantage?
o What risks might Global Foods face in maintaining this advantage?
o How can the company ensure its IT investments continue to support its business
strategy?

References:
1. Bureau of Labor Statistics (2024) 'Employment Situation Summary', U.S. Department of Labor.
Available at: www.bls.gov (Accessed: 11 December 2024).
2. Centers for Disease Control and Prevention (2024) 'Chronic Disease Data', CDC Health
Statistics. Available at: www.cdc.gov (Accessed: 11 December 2024).
3. Deloitte Consulting (2024) 'Rural Broadband Infrastructure Report', Digital Infrastructure
Analysis, 8(2), pp. 45-60.
4. Federal Communications Commission (2024) 'Broadband Deployment Report', FCC Digital
Access Survey. Available at: www.fcc.gov (Accessed: 11 December 2024).
5. Gartner (2024) 'Business Process Management Suites Analysis', Technology Research Report
Series, 15(4), pp. 112-128.
6. Hudson Institute (2024) 'Economic Impact of Rural Broadband', Digital Economy Research,
6(3), pp. 76-89.
7. Microsoft Corporation (2024) 'Airband Initiative Impact Report', Digital Inclusion Studies,
10(1), pp. 23-38.
8. Porter, M.E. (1985) Competitive Advantage: Creating and Sustaining Superior Performance.
New York: Free Press.
9. Rural Broadband Association (2024) Digital Access Survey Results. Available at: www.ntca.org
(Accessed: 11 December 2024).
Chapter 3: Ethics and Privacy

LEARNING OUTCOMES
After reading this Section of the guide, the learner should be able to:

• Define ethics and explain its three fundamental tenets and the four
categories of ethical issues related to information technology.
• Discuss at least one potential threat to the privacy of the data stored in
each of three places that store personal data.

3.1 Navigating ethics and privacy in the digital workplace

Throughout your professional career, you'll face various ethical and privacy challenges, particularly in
relation to information technology. These interconnected issues have become increasingly complex in
the digital era, with technology often making ethical decisions more complicated rather than simpler.

Take for example the Boston Red Sox case, where technology enabled unethical behavior, or consider
how implementing social computing tools for product development raises new privacy and ethical
concerns.

This material aims to:

1. Guide you in handling ethical and privacy challenges

2. Help you contribute to developing corporate ethics codes

3. Enable you to assess how information systems impact people both inside and outside your
organization
A particular challenge exists for small businesses and startups: while they must protect sensitive
customer data, they often lack established ethical frameworks. The key lies in finding the right balance
between necessary information access and appropriate information use. While hiring trustworthy
employees who follow ethical guidelines helps, a fundamental question remains: do smaller
organizations have proper ethical guidelines in place to begin with?

The essence is that all organizations, regardless of size, must prioritize ethical considerations in their
operations, especially regarding information handling and privacy protection.

3.2 Understanding ethical decision-making

Defining Ethics

Ethics can be understood as the moral guidelines people follow when making decisions about what's
right and what's wrong. Making these moral choices isn't always straightforward or obvious. However,
we have access to various decision-making frameworks that can assist us in navigating these ethical
choices.

The core idea remains the same - ethics helps guide human behavior through established principles,
even though determining the right course of action can be challenging. The existence of various ethical
frameworks provides helpful structure for tackling complex moral decisions.

Five Major Ethical Frameworks

While many ethical frameworks exist, five key approaches stand out:

1. Utilitarian Approach

• Focuses on achieving maximum benefit with minimum harm

• Considers impact on all stakeholders including customers, employees, shareholders,

community, and environment

2. Rights Approach

• Prioritizes protecting fundamental moral rights

• Includes personal freedom, truthfulness, safety, and privacy

• Applies to all parties involved, though specific rights remain debatable

• Seeks to protect rights of every stakeholder, including competitors

3. Fairness Approach
 • Advocates equal treatment unless unequal treatment can be justified

• Example: Higher pay for more work is considered fair

• Questions extreme inequalities, like vastly disproportionate CEO salaries

• Examines whether differences stem from justified standards or power imbalances

4. Common Good Approach

• Emphasizes society's interconnected nature

• Based on respect and compassion for all

• Focuses on shared benefits like public services, healthcare, education

• Considers what benefits society as a whole

5. Deontology Approach

• Judges actions based on inherent rightness or wrongness

• Focuses on rules rather than consequences

• Example: Views killing as wrong regardless of circumstances (even self-defense)

A Comprehensive Ethics Decision Framework

Step 1: Identify Ethical Issues

• Assess potential harm to individuals or groups

• Consider good versus bad outcomes

• Look beyond legal aspects to moral implications

Step 2: Research and Gather Information

• Collect all relevant facts

• Ensure information is complete

• Identify all stakeholders

• Consult with affected parties

Step 3: Analyze Options Using Multiple Perspectives

 • Utilitarian view: Consider maximum benefit vs. harm

• Rights view: Evaluate protection of stakeholder rights

• Fairness view: Assess equal treatment

• Common good view: Consider community-wide impact

Step 4: Choose and Validate Decision

• Select best option after considering all approaches

• Test decision against ethical standards

Step 5: Implement and Learn

• Execute decision with stakeholder sensitivity

• Evaluate outcomes

• Extract lessons for future decisions

This systematic approach helps transform abstract ethical principles into practical decision-making
tools, particularly valuable in business settings. https://www.youtube.com/watch?v=XXXXX

Ethics in the Corporate Environment

In the business world, organizations establish unique ethical guidelines to direct their members'
professional conduct. These ethical codes serve as foundational frameworks for decision-making
within organizations. A notable example is the Association for Computing Machinery (ACM), which
maintains comprehensive ethical standards for its computing professionals.

However, ethical guidelines often present complex challenges. Members of multiple professional
organizations may encounter conflicting ethical requirements - for instance, one organization might
demand strict adherence to all laws, while another might encourage resistance to laws deemed unjust.
This highlights the potential complexity in navigating different ethical standards simultaneously.

Three fundamental ethical principles guide professional conduct:

1. Responsibility: Accepting the outcomes of one's choices

2. Accountability: Identifying who bears responsibility

3. Liability: Legal framework for seeking compensation for damages

Importantly, a distinction exists between ethical and legal considerations. Actions can be legally
compliant yet ethically questionable. Consider the case of bank foreclosures: while legally permissible,
they often raise significant ethical concerns. This demonstrates how ethical decision-making extends
beyond mere legal compliance.

The implications of ethical choices ripple through society, affecting not just individuals but entire
organizations and communities. This underscores the importance of careful ethical consideration in
corporate decision-making, even when actions fall within legal boundaries.

Corporate Ethical Failures and Their Consequences

The early 2000s witnessed several major corporate scandals highlighting severe ethical breaches in
financial reporting. Enron, WorldCom, and Tyco became notorious examples of corporate fraud
through illegal accounting practices. These scandals prompted the 2002 Sarbanes-Oxley Act, requiring
stricter financial controls and personal executive accountability for financial reports.

The financial sector continued to face ethical challenges. The subprime mortgage crisis revealed
widespread unethical lending practices, exposing regulatory weaknesses in both U.S. and global
financial systems, ultimately triggering a global recession. The Bernie Madoff Ponzi scheme in 2009,
resulting in a 150-year prison sentence, further exemplified financial sector misconduct.

Wells Fargo represents a more recent case of ethical failures. In 2016, the bank faced scandal when
employees, pressured by aggressive sales quotas, created approximately 2 million fraudulent accounts.
This resulted in:

• $1.5 million in unauthorized customer fees

• Damaged customer credit scores

• Termination of 5,300 employees

• $185 million in fines (minimal compared to their $5.6 billion quarterly earnings)

• CEO John Stumpf's resignation

Further misconduct emerged in 2018 when the SEC found Wells Fargo improperly encouraging high-
fee trading, resulting in additional penalties and client reimbursements.

https://www.youtube.com/watch?v=VAzyHkbwbVw

Technological Advancement and New Ethical Challenges

The rapid advancement of information technology has introduced new ethical complexities:
 • Computing power doubles approximately every 18 months

• Organizations increasingly depend on information systems

• Data storage costs continue to decrease

• Enhanced ability to collect and analyze personal data

• Expanded capacity for information distribution through computer networks

These technological capabilities raise significant concerns about

• Appropriate data collection methods

• Customer information usage

• Personal privacy protection

• Intellectual property rights

The case of Google analyzing credit card data to track offline purchases exemplifies these emerging
ethical challenges in the digital age.

Google's Integration of Online and Offline Consumer Data

Market Context and Challenge: In 2019, retail sales data revealed a significant pattern: 90% of
purchases occurred in physical stores, with only 10% through e-commerce. This distribution posed
a challenge for digital advertising platforms like Google and Facebook in proving their advertising
effectiveness. Facebook's partnership with Square and Marketo to track in-store visits intensified
competition, responding to Google's existing AdWords store visit metrics.
Data Collection Strategy: Google implemented a multi-faceted approach to track consumer
behavior:
1. Location Tracking: Using Google Maps to monitor physical store visits
2. Digital Footprint Analysis: Collecting data from various Google services (YouTube, Gmail,
Google Play)
3. Website Monitoring: Princeton research revealed Google's tracking presence on 70% of
popular websites through Google Analytics and 50% through DoubleClick
Advanced Data Integration: Google enhanced its tracking capabilities by:
• Integrating credit card transaction data with online behavior
 • Developing Google Attribution to link ad views to actual purchases
• Monitoring purchase patterns even when location tracking is disabled
Privacy Measures and Concerns: Google claims to protect user privacy through:
• Custom encryption technology
• "Double-blind" encryption process for purchase matching
• Patent-pending mathematical formulas for data anonymization
However, privacy advocates raise concerns:
• Marc Rotenberg (Electronic Privacy Information Centre) warns about increasing data
collection secrecy
• Paul Stephens (Privacy Rights Clearinghouse) questions data anonymity effectiveness
• Limited transparency about third-party partnerships handling 70% of U.S. card transactions
Consent and Transparency Issues:
• Google maintains users consent through service agreements
• Questions remain about merchant consent for credit card data sharing
• Limited disclosure about data handling processes and partnerships
• Historical reliance on loyalty program data with explicit consumer consent
The case highlights the ongoing tension between advanced marketing capabilities and privacy
concerns in the digital age.

Questions

1. Explain how Google utilizes information technology in combining and analyzing customers'
online search behavior with their real-world purchasing patterns. What technological tools
and systems enable this integration?
2. Evaluate Google's data integration practices through the lens of the three core ethical
principles: responsibility (accepting consequences), accountability (determining who is
answerable), and liability (legal obligations). How does each principle apply to Google's
handling of consumer data across digital and physical platforms?

These questions aim to examine both the technical implementation and ethical implications of
Google's comprehensive consumer tracking system.
Information Technology Ethics in the Workplace

In today's digital workplace, employees must promote responsible use of information technology.
Common ethical dilemmas in business often center around technology use, such as:

• The appropriateness of monitoring employee internet and email usage

• The ethics of selling customer data

• The legitimacy of auditing employee devices for unauthorized content

The growing complexity of IT applications has generated four main categories of ethical concerns:

1. Privacy Management How organizations collect, store, and share personal information

2. Data Accuracy Ensuring information authenticity, reliability, and correctness in collection and
processing

3. Information Property Rights Determining ownership and value of information assets

4. Information Access Deciding who gets access to what information and whether access should
involve fees

These categories encompass various ethical challenges faced by modern organizations. Understanding
these issues helps professionals navigate complex situations where the line between ethical and
unethical behavior may not be immediately clear. The practical scenarios provided in WileyPLUS
further illustrate these ethical challenges through real-world examples, offering context for
understanding ethical decision-making in technology-related situations.

This framework helps organizations and individuals make informed decisions about technology use
while maintaining ethical standards in the digital age.
Figure 3.1: A framework for ethical Issues (Adapted from Rainer and Prince, 2022).
CASE STUDY: QUIZLET - DIGITAL LEARNING TOOLS AND ACADEMIC INTEGRITY IN MODERN
EDUCATION

Background: Quizlet, a digital study platform, serves over 30 million users worldwide through web
and mobile applications. The platform's free learning tools reach half of U.S. high school students
and one-third of college students, generating revenue through advertising and premium
subscriptions.
Platform Ethics and Controls:
• Honor code implementation
• Anti-cheating guidelines
• Copyright protection measures
• Test material detection systems
• User-based violation reporting
The Cheating Controversy: Digital transformation of learning materials has raised new academic
integrity concerns. While most use the platform legitimately, some students have:
• Used Quizlet during online tests
• Accessed actual exam questions through the platform
Texas Christian University (TCU) Case 2018: Challenge:
• 12 students faced suspension for alleged cheating
• Students claimed inadvertent use of exam content
• University-employed tutors allegedly recommended the platform
Response:
• Initial yearlong suspensions
• Student appeals and legal challenges
• Debate over digital learning responsibility
Resolution:
• Some suspensions overturned
• Academic penalties maintained
• Ongoing appeals for other sanctions
Key Issues and Implications:
 1. Educational Evolution
• Need for updated teaching methods
• Question reuse practices
• Digital resource management
2. Academic Integrity
• Defining cheating in digital age
• Student responsibility
• Faculty adaptation
3. Platform Growth
• 300 million study sets
• 50 million monthly users
• Multi-language availability
Lessons Learned: The case demonstrates the complex challenges educational institutions face in
balancing digital learning tools with academic integrity, highlighting the need for clear policies and
adapted teaching methods in the modern educational landscape.

Questions

1. Evaluate the ethical implications of using digital study platforms like Quizlet for exam preparation.
What are the moral boundaries between legitimate study aid usage and academic dishonesty?
2. Assess whether students have an ethical obligation to report when they discover actual exam
questions on digital learning platforms. Does their silence on finding current test material constitute
a form of academic misconduct?

These questions explore the intersection of digital learning tools, academic integrity, and ethical
student behavior in modern education.

3.3 Privacy

Understanding Modern Privacy Rights

In today's digital age, privacy has evolved into a complex concept encompassing both personal and
informational dimensions. While personal privacy protects individuals from unwanted intrusion,
information privacy focuses on controlling how personal data is collected and shared. These rights,
though protected by state and federal laws, face increasing challenges in the modern technological
landscape. Courts have established that privacy rights must be balanced against broader societal
needs, sometimes yielding to public interest. The digital revolution has dramatically expanded data
collection capabilities, with personal information now constantly generated through surveillance
systems, financial transactions, communications, internet activities, and government records. This has
given rise to a sophisticated digital profiling industry, where companies like LexisNexis and Acxiom
aggregate data from various sources to create comprehensive "digital dossiers." These detailed
electronic profiles are then marketed to law enforcement agencies, employers conducting background
checks, and businesses seeking deeper customer insights, highlighting the growing tension between
privacy rights and the commodification of personal information in our increasingly connected world.

Modern Electronic Surveillance: A Growing Privacy Concern

The ACLU has identified technology-enabled tracking as a major privacy threat, with surveillance
technologies creating unprecedented monitoring capabilities across multiple sectors. These
ubiquitous monitoring systems now span public spaces like airports, subways, and banks; digital
sensors in webcams, gaming devices, and smartphones; street-level surveillance through traffic
cameras and toll systems; aerial photography from mapping services; and personal identification
through passports and employee badges.

The rapid evolution of surveillance technology has been driven by several key factors: decreasing costs
of digital equipment, improved sensor technology, reduced data storage expenses, and enhanced
processing capabilities. Modern smartphones exemplify this advancement, serving as powerful
surveillance tools with processing power that has increased 13,000% since 2000, along with multi-
functional capabilities including video, photos, email, and GPS tracking.

GPS-enabled devices present unique privacy challenges through automatic geotagging of photos and
videos, location data embedded in shared images, and potential exploitation by criminals through
social media posts, photo-sharing platforms, and location metadata. This comprehensive surveillance
ecosystem represents a significant shift in privacy expectations, creating new vulnerabilities in our
connected world.

Facial recognition technology has evolved from limited checkpoint use to widespread application, with
companies like IBM and Microsoft developing smart billboards that track consumer behavior and
enable personalized in-store experiences. China's Social Credit System (SCS) represents an extreme
application of surveillance technology, monitoring citizen behavior across spending patterns, bill
payment history, and social interactions, with scores impacting access to employment, mortgages, and
education opportunities.

Social media platforms have integrated sophisticated facial recognition features, with Google and Meta
employing automated photo tagging systems, facial feature indexing, and cross-reference capabilities
that often operate without user awareness. These systems create significant privacy implications, as
photos can be matched across internet databases and potentially misused for commercial profiling,
unauthorized information gathering, and loss of public anonymity.

The emergence of affordable drone technology has introduced new surveillance challenges, with
complex legal implications as the FAA's authority extends to ground level, making privacy violations
difficult to prove within an unclear liability framework. The convergence of these various surveillance
technologies creates unprecedented privacy challenges, fundamentally altering how personal
information can be collected and used in modern society.

IT'S ABOUT BUSINESS: LICENSE PLATE READER TECHNOLOGY AND PRIVACY

License Plate Recognition (LPR) technology has evolved significantly from its original purpose of
tracking stolen vehicles by law enforcement. Today, private companies in the repossession and
towing industries widely utilize this technology, with major players like Digital Recognition Network,
Vigilant Solutions, and MVTrac maintaining extensive databases that have accumulated over 3
billion license plate photos since 2009.
The data collection process and business model involves scanners capturing plate numbers, GPS
location, date, and time. Private companies then sell this data to law enforcement and businesses.
Notably, Vigilant Solutions offers free database access to police departments in exchange for
warrant information, a 25% fee from violation collections, and the agreement to meet minimum
monthly enforcement quotas.
Privacy and legal implications surrounding LPR technology are complex. The Driver Privacy
Protection Act of 1994 restricts access to DMV data, limiting vehicle owner identification to law
enforcement and repo companies. The regulatory landscape varies significantly by state, with most
lacking specific LPR regulations. New Hampshire has taken the strongest stance by banning LPRs
except for tolls and bridge security, while privacy concerns have led to program suspensions in some
cities.
Law enforcement applications have shown positive outcomes, including successful vehicle recovery
(such as 15 vehicles in Danville, CA) and criminal arrests (31 arrests in 9 months). The technology
 enables real-time alerts for violations and verification through dispatch centers. However, significant
concerns persist regarding data retention periods, limited warrant requirements, potential misuse
for debt collection, and the broader privacy implications of mass surveillance.
Looking to the future, technological advancement continues to outpace legislation. New
developments include smaller cameras, smartphone applications, integration with facial recognition
technology, and potential connections to DMV databases. This ongoing evolution highlights the
persistent tension between law enforcement effectiveness and privacy rights in the digital age,
demonstrating both the benefits and risks inherent in automated surveillance technology.

Questions

1.Evaluate both ethical considerations and legal frameworks surrounding the use of automated
license plate reading technology. How do these systems align with current laws and moral
standards?
2. Assess the ethical implications and legal considerations of Vigilant Solutions' business model -
specifically their practice of providing free LPR technology to law enforcement in exchange for
access to enforcement data and collection fees. What are the potential conflicts of interest?
3. What privacy concerns arise from the systematic collection and analysis of license plate data?
Consider both immediate and long-term implications of this data gathering and processing
capability

WORKPLACE ELECTRONIC SURVEILLANCE: MODERN REALITIES

The legal framework surrounding workplace surveillance heavily favors employer interests, providing
minimal protection for employee privacy. Courts consistently support employer rights to monitor email
communications, review electronic documents, and track internet usage patterns. This has led to
widespread adoption of monitoring practices, with over 75% of organizations tracking employee
internet activity and two-thirds implementing URL filtering to block inappropriate sites. Organizations
typically justify this surveillance as necessary for enhanced security against malware, improved
productivity, and network protection. A telling case example involved a CIO's monitoring initiative that
tracked 13,000 employees over three months, sharing findings with CEO, HR, and Legal departments.
The results revealed questionable website visits and significant time spent on non-work activities,
ultimately leading to the implementation of URL filtering. These surveillance concerns extend beyond
the workplace, as multiple entities—including corporate organizations, government agencies, and
criminal actors—engage in various forms of monitoring. The United States continues to grapple with
finding an appropriate balance between privacy and security, determining surveillance limitations, and
addressing national security considerations, highlighting the persistent tension between organizational
security needs and individual privacy rights in the modern workplace.

PERSONAL DATA IN THE DIGITAL AGE

In today's digital world, numerous institutions maintain vast databases of personal information. Credit
reporting agencies represent the most visible of these data custodians, but they are just one part of a
complex network of information holders. This network includes financial institutions, utility
companies, healthcare providers, educational institutions, retailers, and various government agencies,
all maintaining detailed records of individual information.

Key Concerns About Personal Data Management:

• Do you know where the records are?

• Are the records accurate?

• Can you change inaccurate data?

• How long will it take to make a change?

• Under what circumstances will the personal data be released?

• How are the data used?

• To whom are the data given or sold?

• How secure are the data against access by unauthorized people?

Beyond basic data management issues, deeper concerns exist about how organizations use and share
personal information. The scope of institutional data collection becomes evident when considering
examples like India's Aadhaar system, which stands as the world's largest biometric database. This
system exemplifies both the potential benefits and privacy challenges inherent in large-scale personal
data management systems.

These concerns reflect a growing awareness of the value and vulnerability of personal information in
our increasingly connected world. The challenge lies in balancing the practical needs of institutions to
maintain accurate records with the individual's right to privacy and data security. This balance becomes
more critical as organizations continue to collect and store expanding volumes of personal information.
ONLINE INFORMATION SHARING AND PRIVACY CHALLENGES

The Digital Communication Landscape The internet hosts an ever-expanding array of communication
platforms, including electronic bulletin boards, newsgroups, chat rooms, and social networking sites.
These platforms exist across public internet spaces, corporate intranets, and personal blogs - online
journals regularly updated for public consumption.

The Freedom of Speech vs. Privacy Dilemma A fundamental challenge emerges in regulating content
on these platforms. Society faces the complex task of balancing two crucial rights: freedom of
expression and individual privacy. This tension creates particular difficulties in controlling potentially
offensive or false information while preserving free speech principles.

Impact on Personal Reputation The internet has become a powerful medium where anonymous users
can post derogatory content about individuals, often leaving the targeted persons with limited options
for recourse. This situation becomes especially problematic in the employment context, as most
American companies now routinely:

• Research job candidates online

• Review social media profiles

• Search for candidate information through Google

• Examine various internet platforms

Professional Consequences Negative online information can significantly impact career opportunities.
The widespread corporate practice of internet-based background checking means that unfavorable
online content, whether true or false, can seriously diminish an individual's employment prospects.

This situation highlights how the internet's role in information sharing creates new challenges for
protecting individual privacy while maintaining open communication platforms.
https://www.youtube.com/watch?v=0ZoRrTXc2i4

ORGANIZATIONAL PRIVACY FRAMEWORKS AND PROTECTION MEASURES

Corporate Privacy Guidelines Organizations increasingly recognize their responsibility to protect the
vast amounts of personal data they collect. These protections take the form of formal privacy policies
and codes that outline how customer, client, and employee information is safeguarded.
Consent Models for Data Collection: Two primary approaches exist for managing user consent:

1. Opt-out Model Currently common practice where companies collect data until customers
explicitly request them to stop. This approach automatically includes customers in data
collection.

2. Opt-in Model Preferred by privacy advocates, requiring explicit customer authorization before
any data collection begins. This approach prioritizes customer choice from the outset.

Technological Privacy Tools The Platform for Privacy Preferences (P3P) represents a significant
advancement in privacy protection. This protocol:

• Facilitates automatic privacy policy communication between websites and users

• Helps users understand what personal data websites may collect

• Enables comparison of site policies with:

o Individual preferences

o FTC Fair Information Practices

o European privacy standards

Security Implementation Privacy policies, while essential, must be backed by robust security measures.
Even the most comprehensive privacy guidelines prove ineffective without proper security
enforcement mechanisms. This critical connection between privacy and security highlights the need
for both policy development and practical protection measures.

This framework demonstrates how organizations balance data collection needs with privacy
protection, emphasizing the importance of both policy creation and practical implementation.

.
Figure 3.2: Privacy policy guidelines (Adapted from Rainer and Prince, 2022).

GLOBAL PRIVACY REGULATIONS AND CHALLENGES

Current Global Privacy Landscape The expansion of internet usage globally has led to diverse and often
conflicting privacy regulations. About 50 countries maintain various forms of data protection laws,
while others have none. This inconsistency creates significant challenges for international businesses
navigating multiple regulatory frameworks.

The European Union's GDPR Framework

The General Data Protection Regulation (GDPR), implemented in May 2018, represents the world's
most comprehensive data protection law. This regulation modernized the 1995 Data Protection
Directive to address rapid technological advancement, establishing a robust framework for data
protection and privacy rights.

The regulation defines crucial distinctions between data categories, separating basic personal
identifying information from more sensitive data such as genetic, racial, religious, and political
information. It also establishes key roles within the data protection framework: data controllers who
manage user relationships, data processors who handle data for controllers, and data subjects whose
information is being processed.

Individual rights under GDPR are extensive and include information access and transparency, data copy
requests, understanding data retention policies, correction of inaccurate information, and the "right
to be forgotten" through data deletion. These rights represent a significant advancement in personal
data protection and control.

Organizations face substantial compliance challenges, including high implementation costs averaging
$10 million for many companies, the required appointment of data protection officers, significant fines
for violations, and complex security requirements. These challenges are further complicated by
transborder data flow issues, including jurisdictional challenges in international data transfer,
questions of legal authority across borders, and the complexity of multi-country data transmission.

U.S.-EU privacy relations present particular challenges due to different approaches to privacy
protection. This has led to the development of "safe harbor" frameworks and specific regulations
governing U.S. companies handling European data. Looking to the future, the increasing complexity of
international data transfer and privacy protection necessitates continued development of
international standards, enhanced cooperation between nations, adaptation to technological changes,
and a careful balance between business needs and privacy rights.

This comprehensive framework demonstrates the ongoing challenge of protecting individual privacy
in an increasingly interconnected global digital environment, highlighting the need for continued
evolution and adaptation of privacy protection measures..

PROFESSIONAL IMPLICATIONS OF ETHICS AND PRIVACY

ACCOUNTING
• Heightened ethical responsibilities in public companies
• Personal accountability for transaction transparency
• Strict compliance with GAAP required
• Oversight from SEC and PCAOB regulations
FINANCE
• Global regulatory compliance requirements
• Sarbanes-Oxley Act compliance
• Responsibility for accurate and timely financial reporting
• Adherence to governmental regulations
MARKETING
• Data collection opportunities through e-commerce
• Privacy protection responsibilities
• Risk management of customer data
• Customer relationship management ethics
• Balance between data utilization and privacy protection
PRODUCTION/OPERATIONS MANAGEMENT
• Ethical considerations in outsourcing decisions
• Labor rights in international operations
• Balancing cost reduction with ethical labor practices
• Responsibility for working conditions globally
HUMAN RESOURCES
• Policy development for workplace technology use
• Employee monitoring ethics
• Privacy rights in the workplace
• Balance between oversight and trust
• Technology usage guidelines
MANAGEMENT INFORMATION SYSTEMS
• Critical role in information asset control
• Responsibility for employee personal data
• Highest ethical standards required
• Information security management
• Privacy protection implementation
 Each business discipline faces unique ethical challenges in the digital age, requiring specific attention
to privacy, security, and ethical considerations. The common thread across all fields is the need to
balance operational efficiency with ethical responsibilities and privacy protection.

SUMMARY

3.1 FUNDAMENTALS OF ETHICS IN IT

Definition and Core Principles Ethics comprises principles guiding right/wrong choices in human
behavior. Three fundamental tenets:

1. Responsibility: Accepting consequences of actions

2. Accountability: Identifying who bears responsibility

3. Liability: Legal framework for damage recovery

Four Major IT Ethical Categories:

1. Privacy: Protection of personal data

2. Accuracy: Information correctness

3. Property: Ownership rights, including intellectual property

4. Access: Information availability and control

Organizations can mitigate legal risks through comprehensive privacy policies addressing:

• Data collection practices

• Information accuracy

• Confidentiality measures

3.2 PRIVACY THREATS IN DATA STORAGE

Ethics comprises principles guiding right/wrong choices in human behavior, founded on three
fundamental tenets: responsibility (accepting consequences of actions), accountability (identifying
who bears responsibility), and liability (legal framework for damage recovery). In the context of IT, four
major ethical categories emerge: privacy (protection of personal data), accuracy (information
correctness), property (ownership rights, including intellectual property), and access (information
availability and control).
Organizations can mitigate legal risks through comprehensive privacy policies that address data
collection practices, information accuracy, and confidentiality measures. These policies become
increasingly important as technology advances and creates new challenges for privacy protection.

Privacy, defined as the individual right to avoid unreasonable intrusion and maintain personal space,
faces several primary threats in today's digital landscape. Technological advancement presents the first
major challenge through improved data collection capabilities, enhanced surveillance methods, and
increased storage capacity. Electronic surveillance constitutes another significant threat, manifesting
through workplace monitoring, public space observation, and digital tracking systems.

Database security represents a third critical concern, encompassing personal information storage, data
aggregation risks, and unauthorized access concerns. Online platforms present the fourth major
threat, where social media exposure, information oversharing, and public accessibility of personal data
create additional vulnerabilities.

This comprehensive overview emphasizes how modern technology creates both new ethical
challenges and privacy vulnerabilities, requiring careful consideration of protection measures and
proper data management. The intersection of these various threats highlights the complex nature of
privacy protection in our increasingly digital world.This summary emphasizes how modern technology
creates both new ethical challenges and privacy vulnerabilities, requiring careful consideration of
protection measures and proper data management.

Problem-Solving Activities

1. Workplace Monitoring Case:

a) What are the ethical implications of managers monitoring employee web activity, even
though it's legal?

b) How should we evaluate employees accessing inappropriate "sinful six" websites from an
ethical standpoint?

c) Was the security manager's decision to report browsing histories to management ethically
sound?

d) Is it ethically justified to punish employees for inappropriate web browsing? What

constitutes appropriate punishment?
 e) What are the best approaches for companies to handle this type of situation?

2. How might the Computer Ethics Institute's "Ten Commandments" be improved or expanded?

3. Evaluate the ACM's code of ethics - is it comprehensive enough for today's technology landscape?
Explain your reasoning.

4. What practical privacy protection measures does the Electronic Frontier Foundation recommend for
individual users?

5. Examine your university's computer use policies:

a. What content restrictions exist?

b. What are the rules for software modification?

c. What are the guidelines for downloads and personal use?

6. Does the netiquette code provide adequate ethical guidance? Should it be more specific or broader?

7. How effectively do cookie-management resources help protect individual privacy?

8. Should universities have the right to monitor institutional email systems? Defend your position.
Reference

Babylon Health (2019) Available at: www.babylonhealth.com (Accessed: 15 July 2019).

Biomeme (2019) Available at: www.biomeme.com (Accessed: 15 July 2019).

Cisco (2019) Available at: www.cisco.com (Accessed: 15 July 2019).

Davis, J. (2018) '1.4 Million Patient Records Breached in UnityPoint Health Phishing Attack',
HealthcareIT News, 31 July.

Davis, J. (2018) 'Hackers Breach 1.5 Million Singapore Patient Records, Including the Prime Minister's',
HealthcareIT News, 20 July.

First Orion (2019) Available at: www.firstorion.com (Accessed: 15 July 2019).

GasBuddy (2019) 'GasBuddy Debuts New Consumer Ranking for Fuel and Convenience Brands with
4,000+ Locations', News Release, 9 July.

Hartmans, A. (2017) 'An App for Finding Nearby Gas Stations Is No. 2 in the App Store as Florida
Prepares for Hurricane Irma', Business Insider, 8 September.

Mearian, L. (2018) 'Smartphones Becoming Primary Device for Physician and Patient Communications',
Computerworld, 4 April.

RTI International (2019) Available at: www.rti.org (Accessed: 15 July 2019).

Sider, A. (2017) 'A Fuel App Scores Big During Shortage', Wall Street Journal, 11 September.

Tangermann, V. (2017) 'Five Ways Cell Phones Are Literally Changing Global Health', Futurism, 25
October.

Tuttle, B. (2017) 'Florida Is Running out of Gasoline. This App Is Helping People Find It', Time, 7
September.

Wattles, J. (2017) 'Dallas' Gas Panic Was Totally Preventable. Here's Why', CNN, 1 September.

Wethe, D. (2017) 'As Florida Fuel Grew Scarce, GasBuddy App Change Filled Gap', Bloomberg, 12
September.

Wireless Technologies and Mobile Computing: Altaeros (2019) Available at: www.altaeros.com
(Accessed: July 2019).

Cellular and Network Services: AT&T (2019) Available at: www.att.com (Accessed: July 2019). Huawei
(2019) Available at: www.huawei.com (Accessed: July 2019). Motorola (2019) Available at:
www.motorola.com (Accessed: July 2019). Samsung (2019) Available at: www.samsung.com
(Accessed: July 2019). Verizon (2019) Available at: www.verizon.com (Accessed: July 2019).

Satellite and GPS Services: Globalstar (2019) Available at: www.globalstar.com (Accessed: July 2019).
Iridium (2019) Available at: www.iridium.com (Accessed: July 2019). Planet Labs (2019) Available at:
www.planet.com (Accessed: July 2019). SpaceX (2019) Available at: www.spacex.com (Accessed: July
2019).

Mobile Payment and Commerce: Alipay (2019) Available at: www.intl.alipay.com (Accessed: July 2019).
Ant Financial Services Group (2019) Available at: www.antfin.com (Accessed: July 2019). WeChat
(2019) Available at: www.web.wechat.com (Accessed: July 2019).

Healthcare Technology: AliveCor (2019) Available at: www.alivecor.com (Accessed: July 2019). Cupris
Health (2019) Available at: www.cupris.com (Accessed: July 2019). UnityPoint Health (2019) Available
at: www.unitypoint.org (Accessed: July 2019).

Environmental and Resource Monitoring: Global Fishing Watch (2019) Available at:
www.globalfishingwatch.org (Accessed: July 2019). Imazon (2019) Available at:
www.imazon.org.br/en/ (Accessed: July 2019). Orbital Insight (2019) Available at:
www.orbitalinsight.com (Accessed: July 2019).

IoT and Smart Technology: Nest Labs (2019) Available at: www.nest.com (Accessed: July 2019). General
Electric (2019) Available at: www.ge.com (Accessed: July 2019). Humatics (2019) Available at:
www.humatics.com (Accessed: July 2019).

Research Reports: First Orion (2019) 'Mobile Traffic Report', First Orion Research Report, July 2019. RTI
International (2019) 'Global GPS Impact Study', RTI Research Report, 2019.

News Sources: Bloomberg BusinessWeek (2017) 'Digging Deep to Find the Future of Mobile', 5
November. Computerworld (2018) 'Smartphones Becoming Primary Device for Physician and Patient
Communications', 4 April. Wall Street Journal (2017) 'A Fuel App Scores Big During Shortage', 11
September
Chapter 4: Computer Security

LEARNING OUTCOMES
After reading this Section of the guide, the learner should be able to:

• Define the term, digital (computer), security risks, and briefly describe the types of
cybercriminals.
• Describe various types of Internets and network attacks and explain ways to safeguard
against these attacks.
• Discuss techniques to prevent unauthorized computer access and use.
• Discuss the types of devices available that protect computers from system failure.
• Explain the ways that software manufacturers protect against software piracy.
• Discuss how encryption, digital signatures, and digital certificates work.
• Explain the option available for backing up computer resources.
• Identify safeguards against hardware theft, vandalism, and failure.
 4.1 Digital Security Risks

Digital Security Risks denote the possible risks and vulnerabilities that may jeopardize the
confidentiality, integrity, and availability of information and systems within the digital realm. These
dangers originate from multiple sources, including malware, phishing attempts, data breaches, and
others. They can impact individuals, businesses, and governments, resulting in financial losses,
reputational harm, and legal repercussions.

4.2 Types of Cybercriminals

• Hackers: Often categorized into white-hat (ethical hackers), black-hat (malicious hackers), and
gray-hat (in between). Black-hat hackers exploit vulnerabilities for personal gain, while white-hat
hackers work to improve security.
• Cybercriminals: Individuals or groups engaged in illegal activities through the internet. They may
steal personal information, financial data, or intellectual property.
• Phishers: These attackers use deceptive emails or websites to trick individuals into providing
sensitive information, such as login credentials or credit card numbers.
• Ransomware Attackers: Cybercriminals who deploy malware that encrypts a victim’s files,
demanding a ransom for the decryption key. This has become a prevalent threat in recent years.
• Insider Threats: Employees or contractors who exploit their access to systems and data for
malicious purposes, whether for personal gain or due to negligence.
• State-Sponsored Hackers: Cybercriminals employed by government agencies to conduct
espionage or sabotage against other nations or organizations.

https://www.youtube.com/watch?v=bAO_ur8CJvY
 Figure 4.1 Types of Cybercrime Diagram (Adopted from Rainer and Prince, 2022)

As of 2023, cybercrime has continued to evolve with the advancement of technology. Trends
include:

• Increased Ransomware Attacks: Ransomware-as-a-service (RaaS) models have emerged,

making it easier for less technically skilled criminals to launch attacks (Zhang et al., 2023).
• Social Engineering Techniques: Attackers increasingly leverage social engineering to
manipulate individuals into revealing sensitive information (Brown, 2023).
• IoT Vulnerabilities: With the rise of the Internet of Things (IoT), devices are often poorly
secured, making them attractive targets for cybercriminals (Nguyen et al., 2023).

4.3 Internet and network

Internet and network assaults denote malicious actions aimed at computer systems, networks, and
data, intending to disrupt, damage, or obtain unauthorized access.

Types of Internet and Network Attacks

Malware Attacks: Malware encompasses viruses, worms, trojans, and ransomware that can infiltrate
systems to exfiltrate information or corrupt data (Symantec, 2023).
Implement safeguards by utilizing reliable antivirus software, ensuring frequent updates, and
maintaining current patches for the operating system and apps.

Phishing: Attackers disseminate deceptive emails to manipulate users into disclosing personal
information, including passwords and credit card data (Verizon, 2024).
Implement safeguards by educating users on identifying phishing efforts, utilizing email filters, and
adopting multi-factor authentication (MFA).
DDoS (Distributed Denial of Service) Attacks: Attackers inundate a target with traffic from numerous
sources, making it inaccessible to genuine users (Cloudflare, 2024).
Implement traffic monitoring and filtering, utilize load balancers, and consider DDoS mitigation
services as safeguards.

Man-in-the-Middle (MitM) Attacks: Attackers intercept and may modify communication between
two parties without their awareness (Zhang et al., 2023).
Implement safeguards by utilizing encryption protocols such as SSL/TLS, securing Wi-Fi networks with
WPA3, and employing VPNs for secure communication.

SQL Injection: Attackers exploit vulnerabilities in web applications by injecting malicious SQL code into
input fields (OWASP, 2024).
Implement safeguards such as parameterized queries, input validation, and routine security
assessments to identify vulnerabilities.

Credential Stuffing: Attackers exploit compromised usernames and passwords from one breach to
illicitly access accounts on different services (Akamai, 2023).
Implement safeguards by promoting the utilization of distinct passwords for various services and
enforcing multi-factor authentication (MFA).
Malicious Software: Malicious software that masquerades as genuine while undermining system
security (McAfee, 2023).

Safeguards: Acquire software exclusively from official sources, ensure security software is regularly
updated, and inform users about the risks associated with malicious software.

Insider Threats: Employees or contractors exploit their access to adversely affect the organization,
whether deliberately or inadvertently (IBM, 2024).
Implement stringent access controls, monitor user activities, and provide frequent security awareness
training.
https://www.youtube.com/watch?v=NVqz76OD-hs
 Figure 4.2 Cybersecurity Diagram (Adopted from Rainer and Prince, 2022)

4.4 General Safeguarding Measures

• Firewalls: Employ both hardware and software firewalls to oversee and regulate incoming and
outgoing network traffic (Cisco, 2024).
• Encryption: Secure sensitive data with encryption during transmission and storage to prevent
unwanted access (NIST, 2023).
• Periodic Audits: Perform systematic security audits and vulnerability assessments to detect and
address deficiencies (SANS Institute, 2023).
• Patch Management: Maintain all software and systems current to safeguard against identified
vulnerabilities (Microsoft, 2024).
• Incident Response strategy: Formulate and consistently revise an incident response strategy to
promptly and efficiently manage possible breaches (CIS, 2024).

Preventing unauthorized computer access and use is crucial for maintaining the security and integrity
of information systems. Here are several effective techniques:
 • Strong Password Policies: Implementing strong password requirements can significantly reduce
the risk of unauthorized access. Passwords should be complex, with a mix of letters, numbers, and
special characters, and users should be encouraged to change their passwords regularly
(Mansfield-Devine, 2020).
• Multi-Factor Authentication (MFA): MFA adds an extra layer of security by requiring users to
provide two or more verification factors to gain access. This could include something they know
(password), something they have (a smartphone or token), or something they are (biometric
verification) (Cheng et al., 2021).
• User Access Controls: Limiting user access based on roles within the organization can prevent
unauthorized use. Implementing the principle of least privilege ensures that users have only the
access necessary for their job functions (Tso et al., 2021).
• Firewalls and Intrusion Detection Systems (IDS): Firewalls act as barriers between trusted internal
networks and untrusted external networks, while IDS can monitor network traffic for suspicious
activities and alert administrators to potential breaches (Bertino & Islam, 2021).
• Regular Software Updates: Keeping operating systems and applications up to date is vital for
security. Many updates include patches for vulnerabilities that could be exploited by unauthorized
users (Kumar et al., 2020).
• Employee Training: Conducting regular training sessions for employees on security best practices
can reduce the likelihood of human errors that lead to unauthorized access. This includes educating
them about phishing attacks and safe browsing habits (Furnell, 2020).
• Data Encryption: Encrypting sensitive data ensures that even if unauthorized individuals gain
access to the data, they cannot read it without the proper decryption keys (Wang & Li, 2022).

4.5 Software manufacturers employ several strategies to protect against software piracy.

Licensing Agreements: Manufacturers often use End User License Agreements (EULAs) that legally
bind users to terms of use. This includes restrictions on copying, sharing, or modifying the software.

• Activation Keys and Serial Numbers: Many software products require users to enter a unique
activation key or serial number during installation. This key is verified against a database, and its use
can be limited to a specific number of installations.

• Digital Rights Management (DRM): DRM technologies restrict how software can be used and
shared. They may limit the number of devices on which the software can be installed, require
 periodic online verification, or restrict access to certain features if the software is deemed
unlicensed.
• Obfuscation Techniques: Software developers use code obfuscation to make it difficult for
unauthorized users to understand or modify the software. This involves transforming the code into
a version that is harder to read while maintaining its functionality.
• Software Updates and Patches: Regular updates can help prevent piracy by improving security and
introducing features that may require a valid license. If users have to keep updating their software,
it creates a stronger incentive to purchase legitimate versions.
• Cloud-Based Software Models: Increasingly, manufacturers are moving to cloud-based software
solutions (Software as a Service, or SaaS), where the software is accessed online rather than installed
locally. This model reduces piracy opportunities since users need to authenticate with a server to
access the software.
• Fingerprinting and Tracking: Some software uses fingerprinting technology to identify unique
hardware configurations or usage patterns. This allows manufacturers to detect unusual activity that
may indicate unauthorized use.
• Legal Action and Education: Manufacturers often pursue legal action against major offenders and
invest in education campaigns to inform users about the risks and consequences of using pirated
software.
• Community Reporting Tools: Some companies encourage their user communities to report piracy.
This helps them identify and take action against unauthorized users or distributors.

4.6 Solution to protect computers from system failure

❖ Uninterruptible Power Supply (UPS): A UPS provides backup power during outages, allowing
computers to continue operating temporarily and safely shut down to prevent data loss or
corruption (Khan et al., 2020).
❖ Surge Protectors: These devices protect computers from voltage spikes and surges that can
occur due to lightning strikes or power fluctuations, which can damage hardware components
(Johnson & Smith, 2021).
❖ RAID (Redundant Array of Independent Disks): RAID systems use multiple hard drives to store
data redundantly. If one drive fails, the data can still be accessed from the remaining drives,
minimizing the risk of data loss (Patel et al., 2022).
❖ Backup Drives and NAS (Network Attached Storage): Regularly backing up data to external
drives or NAS systems ensures that critical information can be recovered in case of a system
failure (Lee & Chen, 2023).
 ❖ Cooling Systems: Proper cooling devices, such as fans or liquid cooling systems, help prevent
overheating, which can lead to system failures (Nguyen, 2024).
❖ Redundant Power Supplies: Some servers come with redundant power supplies, which means
that if one power supply fails, the other can take over without interrupting the system
(Anderson, 2021).
❖ Disk Imaging Software: This software creates a complete image of the system's hard drive,
allowing for quick recovery in the event of a system failure (O'Brien, 2023).
❖ Cloud Backup Services: Utilizing cloud-based solutions for data backup provides an offsite
recovery option, ensuring that data is safe even if local hardware fails (Williams & Patel, 2022).
❖ Firewalls and Security Software: Protecting systems from malware and cyber threats helps
prevent failures caused by malicious attacks (Miller, 2024).
❖ System Monitoring Tools: These tools provide alerts about potential hardware issues or
system performance problems, allowing for proactive maintenance before failures occur
(Davis, 2023).

Software manufacturers use a variety of methods to protect against software piracy, including:

1. Licensing Agreements: Manufacturers often require users to agree to licensing agreements

that specify the terms of use. These agreements can include restrictions on copying,
distribution, and installation (Koch, 2021).
2. Product Keys and Activation: Many software products require users to enter a unique product
key or activate the software online. This key is often tied to the user’s hardware or account,
making it difficult to share or duplicate (Smith & Jones, 2022).
3. Digital Rights Management (DRM): DRM technologies limit the ways users can access and use
the software. For example, DRM may restrict copying, sharing, or modifying the software
(Doe, 2023).
4. Code Obfuscation: This technique involves making the software's source code difficult to
understand, which helps deter reverse engineering and tampering (Lee, 2020).
5. Watermarking: Some manufacturers embed unique identifiers or watermarks in their
software to trace unauthorized copies back to the original purchaser (Nguyen, 2021).
6. Freemium Models: Offering a basic version for free while charging for premium features can
reduce piracy by providing legitimate alternatives that meet users' needs without requiring
illegal copies (Patel & Brown, 2024).
 7. Regular Updates and Support: Providing ongoing updates and customer support can
encourage users to purchase legitimate copies, as pirated versions may not receive these
benefits (Turner, 2023).
8. Anti-Piracy Campaigns: Manufacturers may engage in awareness campaigns to educate users
about the risks and legal consequences of using pirated software (Harris, 2022).

Encryption

Encryption is the process of converting plain text into ciphertext to prevent unauthorized access to
the information. It ensures that only authorized users can read the data. There are two main types of
encryptions:

1. Symmetric Encryption: This method uses the same key for both encryption and decryption.
It’s efficient for large amounts of data but requires secure key management to prevent
unauthorized access. Common algorithms include AES (Advanced Encryption Standard) and
DES (Data Encryption Standard) (Rivest, 2021).
2. Asymmetric Encryption: This method uses a pair of keys: a public key for encryption and a
private key for decryption. The public key can be shared openly, while the private key is kept
secret. This approach is often used for secure communications and digital signatures. RSA
(Rivest-Shamir-Adleman) is a widely used asymmetric encryption algorithm (Kumar & Singh,
2023).

Digital Signatures

Digital signatures provide a way to verify the authenticity and integrity of a message or document. The
process involves:

1. Hashing: The sender generates a hash (a fixed-size string of characters) from the message
using a hash function, which converts the original data into a unique representation (Zhang,
2022).
2. Signing: The sender encrypts the hash with their private key to create the digital signature.
This signature is unique to both the message and the sender.
3. Verification: The recipient decrypts the digital signature using the sender's public key to
retrieve the hash. They also generate a new hash from the received message. If both hashes
match, it confirms that the message is authentic and has not been altered (Patel et al., 2024).

https://m.youtube.com/watch?v=s22eJ1eVLTU&t=4m00s
 Digital Certificates

Digital certificates are electronic documents used to prove the ownership of a public key. They are
issued by trusted entities known as Certificate Authorities (CAs) and contain the following information:

1. Public Key: The public key of the entity to whom the certificate is issued.
2. Identity Information: Details about the entity, such as name, organization, and address.
3. Expiration Date: The date when the certificate will no longer be valid.
4. Signature of the CA: The CA’s digital signature, which verifies that the certificate has not been
tampered with and is legitimate (Smith & Johnson, 2023).
https://www.youtube.com/watch?v=5rT6fZUwhG8

Backing up computer resources is crucial for safeguarding data and facilitating recovery in the event
of hardware malfunctions, data corruption, or cyberattacks. A variety of options exist for backing up
computer resources:

• Local Backups: This approach entails storing data copies on tangible devices, like external hard
drives, USB flash drives, or network-attached storage (NAS). Local backups are readily
accessible and efficient but may be susceptible to physical damage or theft (Klein & Schneider,
2020).

• Cloud Backups: Cloud-based solutions let customers to store data on remote servers managed
by third-party suppliers. This approach provides scalability, distant accessibility, and
safeguards against local calamities. Nonetheless, it necessitates a reliable internet connection
and may incur recurring membership fees (Jones & Smith, 2021).

• Incremental Backups: This method exclusively preserves alterations made since the
preceding backup, hence reducing storage requirements and backup duration. It is frequently
utilized alongside full backups, in which a comprehensive copy is created regularly, succeeded
by routine incremental backups (Brown et al., 2022).
 • Full Backups: A full backup generates a comprehensive duplicate of all designated data at a
particular moment in time. This method is thorough and facilitates restoration, but it
necessitates considerable storage capacity and time to execute (Lee, 2023).
• Snapshot Backups: This feature records the condition of a system at a particular instant,
facilitating rapid recovery of data and system configurations. Snapshots are especially
beneficial in virtualized settings (Garcia, 2024).

• Disaster Recovery Solutions: These are holistic strategies that integrate many backup
methodologies and encompass preparations for data restoration after a major incident. They
are crucial for enterprises to guarantee company continuity (Anderson & Peters, 2022).

Safeguard Measures

• Physical Security Measures: Utilize locks, security cameras, and access control systems to prevent
unauthorized access to hardware (Higgins, 2020). This includes securing server rooms and using
cable locks for laptops and other portable devices.
• Environmental Controls: Ensure that hardware is protected from environmental factors such as
extreme temperatures, humidity, and dust. This can be achieved through proper HVAC systems and
regular maintenance (Smith, 2021).
• Data Encryption and Backup: Implement encryption for sensitive data stored on hardware to
prevent data breaches in case of theft. Regular backups can also protect against data loss due to
hardware failure (Jones, 2022).
• Asset Management: Maintain an inventory of all hardware assets, which helps in tracking and
recovering stolen items. Regular audits can also help identify any discrepancies (Lee, 2023).
• Insurance: Investing in insurance policies that cover hardware theft and damage can provide
financial protection and facilitate recovery (Taylor, 2022).

Case study
Phishing Attack on a Financial Institution

Scenario: In 2019, a major bank reported that thousands of its customers had fallen victim to phishing
attacks. Cybercriminals sent fake emails that appeared to come from the bank, prompting recipients
to click on malicious links. Once clicked, users were redirected to a fake login page, where their
account credentials were stolen.
Risk: Phishing is a form of social engineering that targets individuals by tricking them into providing
sensitive information, such as usernames, passwords, and credit card details. Once attackers gain
access to the accounts, they can siphon funds or commit identity fraud.

Impact: The bank had to reimburse customers for stolen funds and invest in further security measures,
such as multifactor authentication, to prevent future incidents.

Ransomware Attack on a Healthcare Facility

Scenario: In 2021, a ransomware attack hit a hospital system in Ireland, encrypting critical data,
including patient records. The attackers demanded a large ransom to unlock the data. The hospital's
operations were severely disrupted, causing delays in surgeries and treatments.

Risk: Ransomware attacks involve malware that encrypts a victim's data, making it inaccessible.
Attackers demand a ransom to restore access, and often target healthcare institutions because their
services are critical, and they may be more likely to pay.

Impact: The hospital faced operational downtime, loss of critical patient data, and the risk of
compromised patient privacy. Some patients had to be transferred to other facilities, and the hospital
incurred significant recovery costs.

Data Breach at a Social Media Company

Scenario: In 2018, Facebook experienced a major data breach where the personal information of 50
million users was compromised. Hackers exploited a vulnerability in the "View As" feature, allowing
them to take over user accounts and access private messages, photos, and posts.

Risk: A data breach occurs when unauthorized individuals access confidential information. In this case,
hackers exploited a software vulnerability, gaining access to sensitive user data.

Impact: Facebook faced legal and reputational consequences, with the breach leading to public
outrage, governmental scrutiny, and hefty fines under data protection laws. The company also had to
address security vulnerabilities and improve user privacy controls.

Supply Chain Attack on Software Providers

Scenario: The SolarWinds attack in 2020 affected multiple organizations, including government
agencies and private companies. Hackers compromised SolarWinds' software update system,
inserting malicious code that was then distributed to thousands of customers via a legitimate software
update.

Risk: A supply chain attack targets third-party suppliers or service providers to infiltrate organizations
indirectly. In this case, the malicious code allowed attackers to spy on targeted organizations, gaining
access to sensitive data and communications.

Impact: The attack compromised several high-profile U.S. government agencies and private firms,
leading to a significant national security incident. The financial costs of remediation and reputational
damage were enormous, and the breach raised awareness about the need for tighter security across
the supply chain.

Insider Threat in a Corporate Environment

Scenario: In 2019, an employee at a financial firm stole sensitive client data and sold it on the dark
web. The employee had legitimate access to the information as part of their role but abused their
access for personal gain.

Risk: An insider threat arises when someone within an organization, such as an employee or
contractor, intentionally or unintentionally compromises security. In this case, the threat was
intentional.

Impact: The breach resulted in financial losses for clients, legal consequences for the employee, and
a tarnished reputation for the firm. It also highlighted the importance of implementing robust internal
security measures like monitoring, data access controls, and employee training.

IoT Device Hacking in a Smart Home

Scenario: In 2020, a hacker accessed a family's smart home devices, including security cameras and
thermostats. The hacker gained access by exploiting weak passwords, causing distress for the family
as the hacker took control of the devices remotely and spied on their activities.

Risk: IoT (Internet of Things) devices, such as smart cameras, thermostats, and voice assistants, are
vulnerable to hacking if they are not properly secured. Often, these devices lack robust security
measures, making them easy targets for cybercriminals.
Impact: The family experienced a violation of privacy and had to replace or update the compromised
devices. This incident raised awareness about the need for stronger password protection and network
security for smart home devices.

Key Takeaways

• Phishing and ransomware attacks are common, particularly in sectors like finance and
healthcare.
• Data breaches can result in significant financial and reputational damage, especially for
companies that handle large amounts of user data.
• Supply chain attacks highlight the importance of securing not just internal systems, but also
third-party partners.
• Insider threats remain a significant challenge, emphasizing the need for internal security
measures.
• IoT vulnerabilities show that even personal devices in homes can be targeted, stressing the
need for vigilance across all digital platforms.

Class activity

• Define the term, digital (computer) security risks, and briefly describe the types of
cybercriminals.
• Describe various types of Internet and network attacks and explain ways to safeguard against
these attacks.
• Discuss techniques to prevent unauthorized computer access and use.
• Discuss the types of devices available that protect computers from system failure.
• Explain the ways that software manufacturers protect against software piracy.
• Discuss how encryption, digital signatures, and digital certificates work.
• Explain the options available for backing up computer resources.
• Identify safeguards against hardware theft, vandalism, and failure.
Chapter 5: Data and Knowledge Management

LEARNING OUTCOMES
After reading this Section of the guide, the learner should be able to:

5.1 Discuss ways that common challenges in managing data can be addressed using data
governance.
5.2 Identify and assess the advantages and disadvantages of relational databases.
5.3 Define Big Data and explain its basic characteristics.
5.4 Explain the elements necessary to successfully implement and maintain data warehouses.
5.5 Describe the benefits and challenges of implementing knowledge management systems in
organizations.
5.6 Understand the processes of querying a relational database, entity-relationship modeling, and
normalization and joins.

5.1 Introduction

In today's digital age, every click, transaction, and interaction generate data, making the ability to
manage and leverage this information crucial for modern organizations. Think of data management
like organizing a vast digital library - it's not just about storing books (or in this case, data), but making
sure you can find exactly what you need when you need it.

Organizations worldwide are investing heavily in data management - and for good reason. Just as a
well-organized library helps students find resources efficiently, effective data management helps
businesses make smarter decisions, serve customers better, and stay ahead of competitors. However,
this comes with its challenges: imagine trying to organize and make sense of a library that grows by
thousands of volumes every second!

Modern businesses are like learning organisms, constantly absorbing and processing information
through sophisticated database systems and knowledge management tools. These systems help
transform raw data into useful insights, much like how a skilled researcher synthesizes information
from multiple sources to form valuable conclusions.

Whether you're planning to work in technology, marketing, finance, or any other field, understanding
data management is no longer optional - it's as fundamental as knowing how to read and write. Poor
data management can be as problematic as a disorganized filing system, while good practices can give
organizations a powerful competitive edge.

This chapter will walk you through the essential concepts of data and knowledge management,
helping you understand how organizations capture, organize, and use information in today's digital
world. We'll explore database design, knowledge management systems, and how businesses turn vast
amounts of data into actionable insights.

5.2 Managing Data

Data management encompasses the comprehensive practices and procedures organizations employ
to handle their information assets. This involves not just storing data, but ensuring its accessibility,
accuracy, and security throughout its entire lifecycle. The impact of poor data management can be
severe and far-reaching, affecting everything from daily operations to strategic planning.

Consider a hospital's patient records system. Every aspect of patient care depends on accurate,
accessible data. When a patient arrives in the emergency room, medical staff need immediate access
to their medical history, allergies, and current medications. Any delay or inaccuracy in this data could
have life-threatening consequences. This exemplifies why data quality must be measured across
multiple dimensions:

Accuracy refers to the correctness of stored information. In financial systems, even a small decimal
point error could result in significant monetary discrepancies. Banks employ sophisticated validation
systems to ensure transaction amounts are recorded correctly across all systems.

Completeness ensures all necessary information is present. A customer order isn't truly complete
without shipping address, payment information, and product details. Missing any of these elements
could halt the entire fulfillment process.

Timeliness relates to how current the information is and how quickly it's available when needed. Stock
trading systems require microsecond-level timeliness, as even slight delays can result in significant
financial losses.
Consistency means that data remains uniform across different systems and locations. When a
customer updates their address, this change should reflect across all relevant databases and
applications simultaneously.

The Difficulties of Managing Data

One of the primary challenges of data management is the sheer volume of data that organizations
must handle. Major corporations, like Google and Facebook, deal with exabytes of data daily,
necessitating robust data storage and processing solutions. This overwhelming volume requires
organizations to implement scalable technologies that can accommodate growth while ensuring
efficient data retrieval. https://www.youtube.com/watch?v=Jlm4oqW41vY

Another challenge is data scattering, which occurs when data is distributed across multiple systems
and locations. This fragmentation can hinder an organization’s ability to access and analyze
comprehensive datasets, thereby impacting decision-making processes.

Organizations also contend with multiple data sources, which may include internal records such as
customer databases and external sources such as social media. New data sources, such as Internet of
Things (IoT) devices, further complicate the data landscape by generating real-time data streams that
need immediate processing.

The concept of data rot refers to the degradation of storage media over time and the obsolescence of
formats and systems, posing a significant risk to data integrity. Furthermore, organizations must
establish robust data security protocols to safeguard data quality and integrity across global
operations.

For instance, a bank that loses critical customer data due to a lack of proper data governance policies
can face severe repercussions, including loss of customer trust and regulatory fines.

Data Governance

Data governance is defined as a formal approach to managing data across an organization, ensuring
its accuracy, security, and accessibility. Effective data governance involves the establishment of
policies, procedures, and standards that guide how data is managed and utilized. It ensures that data
is reliable and meets regulatory requirements.

For example, pharmaceutical companies must adhere to stringent data governance protocols to
comply with regulations such as the Health Insurance Portability and Accountability Act (HIPAA). By
implementing effective data governance practices, organizations can mitigate risks associated with
data mismanagement and enhance data quality.
Master data management is a process that spans allof an organization’s business processes and
applications. It provides companies with the ability to store, maintain, exchange, and synchronize a
consistent, accurate, and timely “single version of the truth” for the company’s master data.

Master data are a set of core data, such as customer, product,employee, vendor, geographic location,
and so on, that span the enterprise’s information systems. It is important to distinguish between
master data and transactional data. Transactional data,which are generated and captured by
operational systems, describe thebusiness’s activities, or transactions. In contrast, master data are
applied to multiple transactions, and they are used to categorize,aggregate, and evaluate the
transactional data.

5.3 The Database Approach

From the mid-1950s, when businesses first adopted computer applications, until the early 1970s,
organizations managed their data in a file management environment. This environment evolved
because organizations typically automated their functions one application at a time. Therefore, the
various automated systems developed independently from one another, without any overall planning.
Each application required its own data, which were organized in a data file.
https://www.youtube.com/watch?v=tYgQ-pObbFY

A data file is a collection of logically related records. In a file management environment, each
application has a specific data file related to it. This file contains all of the data records the application
requires. Over time, organizations developed numerous applications, each with an associated,
application-specific data file.

For example, imagine that most of your information is stored in your university’s central database. In
addition, however, a club to which you belong maintains its own files, the athletics department has
separate files for student athletes, and your instructors maintain grade data on their personal
computers. It is easy for your name to be misspelled in one of these databases or files. Similarly, if you
move, then your address might be updated correctly in one database or file but not in

the others.

Using databases eliminates many problems that arose from previous methods of storing and accessing
data, such as file management systems. Databases are arranged so that one set of software
programs—the database management system—provides all users with access to all of the data.
Database systems minimize the following problems:

Data redundancy: The same data are stored in multiple locations.

Data isolation: Applications cannot access data associated with other applications.

Data inconsistency: Various copies of the data do not agree.

Database systems also maximize the following:

Data security: Because data are “put in one place” in databases, there is a risk of losing a lot of data
at one time. Therefore, databases must have extremely high security measures in place to minimize
mistakes and deter attacks.

Data integrity: Data meet certain constraints; for example, there are no alphabetic characters in a
Social Security number field.

Data independence: Applications and data are independent of one another; that is, applications and
data are not linked to each other, so all applications are able to access the same data.

The Data Hierarchy

The data hierarchy refers to the organized structure of data within a database, ranging from the
smallest units of data, such as bits and bytes, to larger collections, such as databases. Understanding
this hierarchy is essential for effective data management.

At the base level, bits and bytes represent the fundamental building blocks of data. Moving up the
hierarchy, bytes group into fields (individual data elements), which form records (complete sets of
related data). Records are then grouped into files (related records), and multiple files comprise a
database, which is a comprehensive collection of related data organized for easy access and
management.

For example, in a hospital setting, each patient’s medical record can be broken down into fields like
patient ID, name, and medical history. These fields are grouped into records representing each
patient, and all patient records are stored within the hospital’s central database.

The Relational Database Model

A database management system (DBMS) is a set of programs that provide users with tools to create
and manage a database. Managing a database refers to the processes of adding, deleting, accessing,
modifying, and analysing data that are stored in a database. An organization can access these data by
using query and reporting tools that are part of the DBMS or by utilizing application programs
specifically written to perform this function. DBMSs also provide the mechanisms for maintaining the
integrity of stored data, managing security and user access, and recovering information if the system
fails. Because databases and DBMSs are essential to all areas of business, they must be carefully
managed. There are a number of different database architectures, but we focus on the relational
database model because it is popular and easy to use. Other database models—for example, the
hierarchical and network models—are the responsibility of the MIS function and are not used by
organizational employees. Popular examples of relational databases are Microsoft Access and Oracle.
Most business data—especially accounting and financial data— traditionally were organized into
simple tables consisting of columns and rows. Tables enable people to compare information quickly
by row or column. Users can also retrieve items rather easily by locating the point of intersection of a
particular row and column. https://www.youtube.com/watch?v=Q45sr5p_NmQ

The relational database model is based on the concept of two dimensional tables. A relational
database generally is not one big table usually called a flat file that contains all of the records and
attributes. Such a design would entail far too much data redundancy. Instead, a relational database is
usually designed with a number of related tables. Each of these tables contains records (listed in rows)
and attributes (listed in columns).

To be valuable, a relational database must be organized so that users can retrieve, analyze, and
understand the data they need. A key to designing an effective database is the data model. A data
model is a diagram that represents entities in the database and their relationships. An entity is a
person, a place, a thing, or an event such as a customer, an employee, or a product about which an
organization maintains information. Entities can typically be identified in the user’s work environment.
A record generally describes an entity. An instance of an entity refers to each row in a relational table,
which is a specific, unique representation of the entity. For example, your university’s student
database contains an entity called “student.” An instance of the student entity would be a particular
student. Thus, you are an instance of the student entity in your university’s student database.

Each characteristic or quality of a particular entity is called an attribute. For example, if our entities
were a customer, an employee, and a product, entity attributes would include customer name,
employee number, and product colour.

Every record in the database must contain at least one field that uniquely identifies that record so that
it can be retrieved, updated, and sorted. This identifier field (or attribute) is called the primary key.
For example, a student record in a U.S. university would use a unique student number as its primary
key. (Note: In the past, your Social Security number served as the primary key for your student record.
However, for security reasons, this practice has been discontinued.)

In some cases, locating a particular record requires the use of secondary keys. A secondary key is
another field that has some identifying information but typically does not identify the record with
complete accuracy. For example, the student’s major might be a secondary key if a user wanted to
identify all of the students majoring in a particular field of study. It should not be the primary key,
however, because many students can have the same major. Therefore, it cannot uniquely identify an
individual student. A foreign key is a field (or group of fields) in one table that uniquely identifies a
row of another table. A foreign key is used to establish and enforce a link between two tables.

Organizations implement databases to efficiently and effectively manage their data. There are a
variety of operations that can be performed on databases. As we noted earlier in this chapter,
organizations must manage huge quantities of data. Such data consist of structured and unstructured
data and are called Big Data. Structured data is highly organized in fixed fields in a data repository such
as a relational database. Structured data must be defined in terms of field name and type (e.g.,
alphanumeric, numeric, and currency).

Unstructured data is data that does not reside in a traditional relational database. Examples of
unstructured data are e-mail messages, word processing documents, videos, images, audio files,
PowerPoint presentations, Facebook posts, tweets, snaps, ratings and recommendations, and Web
pages. Industry analysts estimate that 80 to 90 percent of the data in an organization is unstructured.
To manage Big Data, many organizations are using special types of databases, which we also discuss
in the next section. Because databases typically process data in real time (or near real time), it is not
practical to allow users access to the databases. After all, the data will change while the user is looking
at them! As a result, data warehouses have been developed to allow users to access data for decision
making.

5.4 Big Data

Organizations today are collecting data from an increasing number of diverse sources at an
unprecedented rate. This includes data from events that were once not considered measurable, such
as a person’s location, engine temperatures, and even the stress levels on a bridge. Modern data
collection has evolved to capture almost everything for analysis.

According to IDC, more than a zettabyte of data is generated globally each year, and this amount is
increasing by 50% annually. In 2000, only 25% of the world’s stored information was in digital form,
while by 2019, more than 98% of stored data was digital.

Defining Big Data

Big Data refers to collections of data that are so vast and complex that they cannot be managed with
traditional database systems. It’s not only the amount of data that matters but also how this data
can be used to make predictions. For example, Big Data helps determine whether an email is spam,
corrects typing mistakes such as “teh” to “the,” and can even predict if a pedestrian will cross a street
safely, allowing a self-driving car to adjust accordingly.

Big Data systems excel because they handle vast amounts of data, improving over time by identifying
key patterns as more data is fed into the system. According to Gartner, Big Data is defined as diverse,
high-volume, and high-velocity information that requires innovative processing techniques to
support decision-making, uncover insights, and optimize business processes. The Big Data Institute
adds that Big Data is made up of structured, unstructured, and semi-structured data, which is
generated at a rapid pace and does not fit neatly into traditional relational databases.

Types of Big Data

Big Data is composed of several types of information, which include:

Traditional enterprise data: This consists of customer information from customer relationship
management (CRM) systems, transactional data from enterprise resource planning (ERP) systems,
web store transactions, operations data, and general ledger data.

Machine-generated or sensor data: Examples include data from smart meters, sensors in
smartphones, airplane engines, and industrial machinery.

Social data: This includes feedback from customers, microblog posts (such as those on Twitter), and
content from social media platforms such as Facebook, YouTube, and LinkedIn.

Images and video: Collected by billions of devices worldwide, including digital cameras, camera
phones, medical scanners, and security cameras.

For example, Facebook’s 2.4 billion users upload more than 350 million photos every day. Twitter
users send approximately 550 million tweets each day, and YouTube receives over 300 hours of video
uploads per minute from its 1.3 billion users.

Characteristics of Big Data

Big Data can be identified by three main characteristics: volume, velocity, and variety. Volume refers
to the sheer scale of data being generated, such as the vast amount of data produced by sensors in
a single jet engine—up to 10 terabytes in just 30 minutes. Velocity describes the speed at which data
flows into organizations, which has increased dramatically, allowing companies to quickly analyse
customer interactions and offer real-time recommendations. Variety refers to the multiple forms that
data can take, ranging from structured financial records to unstructured content like satellite images,
audio streams, and social media posts.

Even if some forms of data may not seem immediately valuable, they can provide deep insights when
properly analysed. A good example is Google's decision to harness satellite imagery and street views;
although their potential wasn’t immediately recognized, they have since proven to be invaluable data
sources.

Issues with Big Data

While Big Data offers immense value, it also presents several challenges:

Data from untrusted sources: Since Big Data can come from many diverse sources, including social
media and external websites, not all data is reliable. For example, tweets or user-generated content
may come from unverified or inaccurate sources.

Dirty data: Dirty data refers to incomplete, incorrect, or duplicate data. This can include typographical
errors, duplicate information from press releases or social media shares, or even incorrect data from
user input. These inaccuracies can distort the analysis and lead to incorrect conclusions.

Rapid changes in data: Data streams can change rapidly, which presents a challenge when trying to
maintain data quality. For example, a utility company analyzing smart-meter data may encounter
incomplete data in real-time, complicating predictions about power usage.

Managing Big Data

Organizations are now developing strategies to manage Big Data effectively and extract valuable
insights. Traditional relational databases are often insufficient for handling the complexities of Big
Data, which has led to the adoption of NoSQL databases. Unlike relational databases, which organize
data into rows and columns, NoSQL databases can handle structured and unstructured data without
requiring a rigid schema. This flexibility makes them particularly useful for handling Big Data.

An example of this is Hadoop, a collection of open-source programs that enables the storage and
processing of large datasets using massively parallel processing. MapReduce is another tool that
helps by distributing large analyses across multiple servers and then collecting and integrating the
results into a single report.
Another significant development is Google’s Cloud Spanner, a globally distributed database that
provides consistency and high availability across multiple regions. It offers organizations the benefits
of a traditional relational database combined with the scalability of NoSQL systems, making it a
powerful tool for managing Big Data at a global scale.

Putting Big Data to Use

Organizations can extract significant value from Big Data by making it accessible to stakeholders,
conducting experiments, micro segmenting customers, creating new business models, and analysing
more data. Making Big Data available to the public, for example, has led to innovations in sectors
such as healthcare, urban planning, and environmental protection.

Micro segmentation is another application, where companies divide their customer base into smaller
groups based on specific characteristics or behaviours, allowing for more personalized marketing
strategies. This approach helps companies like Paytronix Systems create tailored loyalty programs
based on customer data from multiple sources.

Lastly, analysing all available data, rather than relying on random sampling, can lead to more accurate
insights. This method of processing entire datasets, known as real-time analytics, provides better
precision compared to traditional sampling techniques, where biases and errors can skew results.

Big Data in the Functional Areas of an Organization

Big Data is transforming various functions within organizations, including:

Human Resources: Companies like Caesars Entertainment use Big Data to manage healthcare costs
by analysing employee health claims. Similarly, Catalyse uses Big Data in recruitment to better assess
job candidates based on online assessments that gather data points about their responses and
behaviours.

Big Data has also impacted hiring practices, where companies can now analyse data about how
candidates answer questions, rather than just what they answer, allowing for more accurate
predictions of job performance and fit.

5.5 Data Warehouses and Data Marts

In today’s fast-paced business environment, successful organizations are those that can respond
quickly and flexibly to changes in the market. The key to such agility is how effectively analysts and
managers use data to make informed decisions. A crucial part of this process is providing users with
access to the right corporate data so they can analyze it efficiently. For instance, if the manager of a
bookstore wanted to know the profit margin on used books in her store, she could retrieve this
information from her database using SQL or a query-by-example (QBE). However, determining the
trend in profit margins for used books over the past decade would require a more complex query,
highlighting the need for more sophisticated tools such as data warehouses and data marts.

Describing Data Warehouses and Data Marts

Data warehouses and data marts are critical components of business analytics. They support decision-
making by providing a repository of historical data that is organized by subject. A data warehouse
stores large volumes of historical data, supporting decision-makers across the organization, while data
marts are smaller, department-specific versions of data warehouses. Due to the high costs of data
warehouses, they are primarily used by large companies. On the other hand, data marts, which are
quicker and cheaper to implement, are often used in specific business units or departments. Data
marts can be created in less than 90 days and are designed to meet the needs of a smaller group of
users. https://www.youtube.com/watch?v=OGjrtkrOzWI

Characteristics of Data Warehouses and Data Marts

Organized by business dimension or subject: Data in warehouses and marts are organized by subjects
such as customer, product, and region, making it easier for users to query and analyze data.

Use of online analytical processing (OLAP): Unlike online transaction processing (OLTP) systems that
handle daily transactions, OLAP systems in data warehouses are designed to support analysis by end
users. This type of processing is critical for decision-making purposes.

Integrated data: Data warehouses integrate data from multiple sources into a unified format, creating
a comprehensive view of each business dimension. For example, customer data may be collected from
various systems and then integrated to form a single view of the customer.

Time-variant: Warehouses maintain historical data, making it possible to analyze trends over time.
Unlike transactional systems, which store only current data, a warehouse can store data for years,
enabling long-term analysis.

Nonvolatile: Once data is loaded into the warehouse, it cannot be updated by users. This ensures that
the data reflects a historical record and is used only for analysis.
https://www.youtube.com/watch?v=IEMCFTHT-ro
Multidimensional structure: Data in warehouses is stored in a multidimensional format, often
represented as data cubes. This structure allows users to view data from different business
dimensions, such as product, region, and time.

A Generic Data Warehouse Environment

The data warehouse environment consists of several components:

Source systems: These systems provide the raw data that is stored in the warehouse. Source systems
can range from transactional databases to ERP systems, and they often include external sources such
as demographic data from third-party providers.

Data integration technologies: The process of extracting, transforming, and loading (ETL) data into the
warehouse is a key part of this environment. Data from different systems may require transformation
to ensure consistency.

Data storage architectures: Organizations must choose how to store their decision-support data,
whether through a centralized warehouse or multiple independent data marts. Some organizations
use a "hub-and-spoke" architecture, where a central warehouse stores data for multiple dependent
marts.

Metadata and data governance: Metadata, which describes the data in the warehouse, is critical for
both IT staff and users. Data governance ensures that the data warehouse meets the organization’s
needs in terms of quality and compliance.

Data Integration

Data integration is essential for creating a unified view of the data stored in a warehouse. The ETL
process ensures that data from different systems is standardized and transformed into a usable
format. This may involve changing formats, aggregating data, or cleansing the data to remove
duplicates.

Storing the Data

Organizations can choose from different architectures for storing data in the warehouse. Some
organizations use a centralized warehouse, while others may implement independent data marts for
specific departments. However, independent data marts can lead to inconsistencies in data,
prompting many companies to move toward integrated data warehouse solutions.

Metadata and Data Quality

Maintaining metadata is essential for ensuring that data in the warehouse is well-documented and
usable. Data quality is another crucial aspect, as poor-quality data can lead to inaccurate analysis.
Organizations may use data-cleansing tools to improve the quality of their data before it is loaded into
the warehouse.

Real-Time Data Warehousing

Some organizations are moving toward real-time data warehousing, where data is loaded into the
warehouse almost instantly after being captured by source systems. This allows for up-to-date
analysis, as seen in companies like Walmart, where sales data is available for analysis within minutes
of a transaction.

Governance

Data governance involves ensuring that the data warehouse is used effectively. Organizations often
create governance structures, such as senior-level committees, to align business and BI strategies,
prioritize projects, and allocate resources.

Users of Data Warehouses and Marts

There are many types of users for data warehouses, ranging from IT developers to executives. Some
users are responsible for producing reports and analyses, while others use the data for decision-
making purposes. The key benefit of data warehouses is that they provide users with fast access to
consolidated, high-quality data that can improve decision-making and provide a competitive
advantage.

5.6 Knowledge Management

As we have noted throughout this text, data and information are vital organizational assets.
Knowledge is a vital asset as well. Successful managers have always valued and used intellectual
assets. These efforts were not systematic, however, and they did not ensure that knowledge was
shared and dispersed in a way that benefited the overall organization. Moreover, industry analysts
estimate that most of a company’s knowledge assets are not housed in relational databases. Instead,
they are dispersed in e-mail, word processing documents, spreadsheets, presentations on individual
computers, and in people’s heads. This arrangement makes it extremely difficult for companies to
access and integrate this knowledge. The result frequently is less-effective decision making.

Concepts and Definitions

Knowledge management (KM) is a process that helps organizations manipulate important knowledge
that comprises part of the organization’s memory, usually in an unstructured format. For an
organization to be successful, knowledge, as a form of capital, must exist in a format that can be
exchanged among persons. It must also be able to grow. Knowledge differs from data and information
in IT contexts. While data consists of raw facts and measurements, and information is processed data
that's timely and accurate, knowledge represents information that can be applied in context. It's
essentially information in action, also known as intellectual capital.

There are two main types of knowledge in organizations. Explicit knowledge is objective and
technical, including documented items like policies, manuals, reports, and strategies that can be easily
shared. In contrast, tacit knowledge is subjective and based on experience, encompassing things like
insights, expertise, skills, and organizational culture. Unlike explicit knowledge, tacit knowledge is
difficult to document and transfer.

Knowledge Management Systems (KMS) use modern technology like intranets, extranets, and
databases to organize and share knowledge within organizations. These systems help companies
preserve expertise, especially when facing challenges like employee turnover or downsizing. KMS
make best practices available throughout the organization, improving performance and customer
service while supporting better product development.

However, implementing KMS comes with several challenges. Organizations must create a culture
where employees willingly share their tacit knowledge, maintain and update the knowledge base
regularly, and commit necessary resources to the system. Success requires both technological
infrastructure and organizational commitment to knowledge sharing.

The KMS Cycle

A functioning KMS follows a cycle that consists of six steps. The reason the system is cyclical is that
knowledge is dynamically refined over time. The knowledge in an effective KMS is never finalized
because the environment changes over time and knowledge must be updated to reflect these
changes.
 Figure 5.2 Six steps of the KMS Cycle (Adopted from Rainer and Prince, 2022)

6 Steps of KMS Cycle

Create knowledge Knowledge is created as people determine new
ways of doing things or develop know-how.
Sometimes external knowledge is brought in.
Capture knowledge New knowledge must be identified as valuable
and be presented in a reasonable way.
Refine knowledge New knowledge must be placed in context so
that it is actionable. This is where tacit qualities
(human insights) must be captured along with
explicit facts.
Store knowledge Useful knowledge must then be stored in a
reasonable format in a knowledge repository so
that other people in the organization can access
it.
Manage knowledge Like a library, the knowledge must be kept
current. Therefore, it must be reviewed
regularly to verify that it is relevant and
accurate.
Disseminate knowledge Knowledge must be made available in a useful
format to anyone in the organization who needs
it, anywhere and anytime.
 5.7 Appendix: Fundamentals of Relational Database Operations

Relational databases consist of tables with rows and columns. Each row represents a record, and each
column represents an attribute (or field) of that record. Every record in a relational database must
have a unique identifier called a primary key, which allows it to be retrieved, updated, and sorted. A
foreign key is a field in one table that corresponds to the primary key in another table, creating
relationships between tables.

Query Languages

The most commonly performed database operation is searching for information. Structured query
language (SQL) is the most popular query language used for interacting with a database. SQL allows
people to perform complicated searches by using relatively simple statements or key words. Typical
key words are SELECT (to choose a desired attribute), FROM (to specify the table or tables to be used),
and WHERE (to specify conditions to apply in the query). To understand how SQL works, imagine that
a university wants to know the names of students who will graduate cum laude (but not magna or
summa cum laude) in May 2018. The university IT staff would query the student relational database
with an SQL statement such as the following:

SELECT Student_Name

FROM Student_Database

WHERE Grade_Point_Average > = 3.40 and

Grade_Point_Average < 3.60.

The SQL query would return John Jones and Juan Rodriguez. Another way to find information in a
database is to use query by example (QBE). In QBE, the user fills out a grid or template—also known
as a form—to construct a sample or a description of the data desired. Users can construct a query
quickly and easily by using dragand-drop features in a DBMS such as Microsoft Access. Conducting
queries in this manner is simpler than keying in SQL commands.
Entity-Relationship (ER) Modeling

Designing a relational database involves Entity-Relationship (ER) Modeling, which helps visualize
entities (such as people, places, or things) and the relationships between them. In an ER diagram,
entities are shown as rectangles, relationships as diamonds, and attributes as lists of fields associated
with each entity. The primary key of each entity is underlined in the diagram.

Business rules are used to define relationships between entities. These rules describe the policies or
procedures that dictate how data is managed within the organization. For example, at a university, a
student might register for multiple classes, while a class may have multiple students. ER diagrams
help database designers ensure that all entities and relationships are properly captured and
understood.

Normalization

Normalization is a method used to optimize a database by reducing data redundancy and ensuring
data integrity. The goal is to break down large tables into smaller, related tables so that each piece of
data is stored only once. This process improves the efficiency and performance of the database.

In the normalization process, tables are progressively refined through several stages: First Normal
Form (1NF) eliminates duplicate records; Second Normal Form (2NF) ensures that non-key attributes
are fully dependent on the primary key; and Third Normal Form (3NF) removes transitive
dependencies, meaning non-key attributes cannot define other non-key attributes.

For instance, in a pizza shop database, the order number and customer information may be repeated
for each pizza in the order. By normalizing the data, separate tables for orders, customers, and pizzas
are created, reducing redundancy and making the database more manageable.

Joins

The join operation allows users to combine records from multiple tables based on related fields. For
example, to display a student's name along with their course details, a join between the student and
course tables would be performed. Joins are crucial for retrieving meaningful information from
databases that store data in separate but related tables.

Chapter Questions

Multiple Choice Questions

1. What is data rot primarily referring to?

 a) Corruption of data due to software viruses

b) Problems with storage media and inability to access data due to obsolete technology

c) Natural degradation of data quality over time

d) Loss of data due to human error

2. Which of the following is NOT a characteristic of high-quality data?

a) Accuracy

b) Completeness

c) Complexity

d) Timeliness

3. What is clickstream data?

a) Data about computer clicking devices

b) Data about website traffic patterns and user behavior

c) Data about mouse click speed

d) Data about keyboard inputs

4. Master data management primarily focuses on:

a) Managing only financial data

b) Maintaining a single version of truth for core business data

c) Storing temporary data

d) Managing external data sources only

5. Which of the following is an example of master data?

a) Daily sales transactions

 b) Customer shipping address

c) Time of purchase

d) Individual receipt numbers

6. The Sarbanes-Oxley Act requires:

a) All data to be stored in the cloud

b) Companies to hire external data managers

c) Public companies to evaluate internal financial controls

d) Annual data deletion

Short Answer Questions

1. Explain the difference between master data and transactional data.

2. What are three major challenges organizations face in managing data?
3. How does data governance help organizations manage their data effectively?
4. Describe the role of master data management in an organization.
5. What problems can arise from having inconsistent data across different departments?

6. How has the increase in data sources affected data management?

References

1. Cheng, K.C. et al. (2021) 'Management of Data Quality in Modern Organizations', Journal of
Data Management, 15(3), pp. 78-92.

2. Gartner Research (2024) 'Big Data Analytics Trends', Technology Research Series, 8(2), pp. 45-
60.

3. IDC (2024) 'Global Data Growth Analysis', Digital Storage Review, 12(1), pp. 23-38.

4. Mansfield-Devine, S. (2020) 'Data Security and Privacy Challenges', Computer Fraud &
Security, 2020(4), pp. 12-20.
5. Microsoft Corporation (2024) 'Database Management Systems Guide', Technical
Documentation Series, 5(2), pp. 156-170.

6. Oracle Corporation (2024) 'Enterprise Data Warehousing', Database Technologies Review,

9(4), pp. 89-104.

7. Paytronix Systems (2024) 'Customer Data Analytics Report', Business Intelligence Quarterly,
6(1), pp. 34-49.

8. The Big Data Institute (2024) 'Understanding Big Data Architecture', Data Analytics Review,
11(3), pp. 112-126.

9. Wang, L. and Li, X. (2022) 'Data Encryption in Modern Computing', Journal of Information
Security, 7(2), pp. 67-82.
Chapter 6: Telecommunications & Networking

LEARNING OUTCOMES
After reading this Section of the guide, the learner should be able to:

• Analyse and differentiate the main types of networks.

• Explain the wired communication media and the technologies used for transmission.
• Outline the most common ways to connect to the Internet.
• Discuss how discovery network applications have influenced businesses and daily life.
• Describe the effects of communication network applications on business operations
and everyday activities
• Explain how collaboration network applications have impacted businesses and daily
living.
• Describe the influence of educational network applications on business and everyday
experiences.

6.1 Introduction

In addition to being crucial in our personal lives, there are three key aspects of network computing
to understand. First, in today’s organizations, computers operate collaboratively, continuously
sharing data with one another. Second, this data exchange, enabled by telecommunications
technologies, offers significant advantages to companies. Third, this exchange can occur over any
distance and across networks of various sizes.

Without networks, your desktop computer would merely serve as another productivity tool, much
like a typewriter. However, networks enhance your computer’s capabilities, allowing access to
information from countless sources, thus increasing productivity for both you and your organization.
Regardless of the type of organization—whether for-profit or non-profit, large or small, global or
local—networks, especially the Internet, have transformed and will continue to reshape how we
conduct business.

Networks facilitate innovative business practices in areas such as marketing, supply chain
management, customer service, and human resources. Notably, the Internet and private intranets—
internal networks using Internet software and TCP/IP protocols—significantly impact our
professional and personal lives.

For all organizations, regardless of size, having a telecommunications and networking system is now
essential for survival, not just a competitive edge. Networked systems enhance organizational
flexibility, allowing adaptation to rapid business changes. They enable hardware, applications, and
data sharing within and between organizations. Additionally, networks facilitate collaboration among
geographically dispersed employees and teams, fostering teamwork, innovation, and efficient
interactions. They are also vital links between businesses, partners, and customers.

Clearly, networks are indispensable for modern businesses. Understanding networks is crucial
because if you run or work in a business, you cannot operate without them. Rapid communication
with customers, partners, suppliers, and colleagues is necessary. Until around 1990, businesses relied
on postal services or phone systems for communication. Today, the business pace is nearly real-time,
requiring the use of computers, email, messaging, the Internet, smartphones, and other mobile
devices, all connected through networks for effective global communication and collaboration.

Networking and the Internet are foundational to 21st-century commerce. A key goal of this book is
to help you become an informed user of information systems, and knowledge of networking is vital
for modern business literacy. The Internet's global significance cannot be overstated; it’s often
described as the world's nervous system. Fast broadband access is increasingly crucial for success.
For example, in 2017, New York City sued Verizon for inadequate fibre-optic services, leading to a
2018 agreement to expand high-speed services. Similarly, in 2018, New York's Attorney General sued
Charter Communications (now Spectrum) for failing to deliver promised Internet speeds, resulting in
a $62.5 million payout to affected customers in 2019.

This chapter starts with an introduction to computer networks and the different types that exist.
Next, you’ll explore fundamental concepts related to networks. After that, the focus shifts to the
essentials of the Internet and the World Wide Web. Finally, you’ll look at the various network
applications that benefit both individuals and organizations, highlighting what networks enable you
to accomplish.
 6.2 What Is a Computer Network?

A computer network is a system that links computers and other devices, such as printers, using
communication media to facilitate the transmission of data and information between them. Voice and
data networks are consistently becoming faster and more affordable, meaning their bandwidth is
increasing. Bandwidth refers to a network's transmission capacity, measured in bits per second. It can
vary from narrowband, which has lower capacity, to broadband, which offers higher capacity.

The telecommunications industry finds it challenging to consistently define "broadband." The Federal
Communications Commission (FCC) classifies broadband as a communication medium that offers a
download speed greater than 25 megabits per second (Mbps)—for example, when streaming a Netflix
movie—and an upload speed of 3 Mbps, which applies to data sent to an Internet server, such as a
Facebook post or YouTube video.

Interestingly, some FCC members propose raising the download speed threshold for broadband to
100 Mbps. Nevertheless, this definition is fluid and will likely adapt as transmission capacities improve
over time.

You may be familiar with common broadband connections like Digital Subscriber Line (DSL) and cable,
which are typically found in homes and dormitories. Both DSL and cable fall within the specified
transmission speed range, thus qualifying as broadband.

Computer networks come in various sizes, from small personal networks to expansive global ones.
These include, from smallest to largest: personal area networks (PANs), local area networks (LANs),
metropolitan area networks (MANs), wide area networks (WANs), and the Internet, which is the
largest. PANs are short-range networks, usually covering just a few meters, designed for
communication between nearby devices and can be either wired or wireless. MANs are larger
networks that span a metropolitan area, falling between LANs and WANs in size. WANs generally cover
vast geographic areas, sometimes stretching globally and even reaching from Earth to Mars and
beyond.

Local Area Networks

Networks, regardless of their size, involve a trade-off among three key factors: speed, distance, and
cost. Organizations usually need to prioritize two out of these three objectives. For long-distance
coverage, they can achieve fast communication if they are willing to invest, or they can opt for lower-
cost communication at the expense of speed. Another possible combination is fast, cost-effective
communication with limited distance, which is the concept behind local area networks (LANs).
A local area network (LAN) connects two or more devices within a restricted geographical area,
typically within a single building, enabling all devices on the network to communicate with each other.
Most modern LANs utilize Ethernet technology (which will be discussed later in this chapter). For
example, an Ethernet LAN may consist of four computers, a server, and a printer, all connected
through a shared cable. Each device in the LAN is equipped with a network interface card (NIC) that
facilitates its physical connection to the LAN’s communication medium, which is commonly unshielded
twisted-pair wire (UTP).

Figure 6.1 Ethernet local area (Adopted from Rainer and Prince, 2022)

While not mandatory, many local area networks (LANs) include a file server or network server. This
server usually holds various software and data for the network. Additionally, it contains the LAN's
network operating system, which oversees the server and handles the routing and management of
communications within the network.

Wide Area Networks

When businesses need to transmit and receive data beyond the limits of a local area network (LAN),
they utilize wide area networks (WANs). The term "wide area network" emerged only after local area
networks became common; previously, what we now refer to as a WAN was simply known as a
network.
A wide area network (WAN) spans a large geographical area and typically connects multiple LANs.
These networks are generally provided by common carriers like telephone companies and
international communication service providers. Notable examples include AT&T in the United States,
Deutsche Telekom in Germany, and NTT Communications in Japan.

WANs have substantial capacities and often integrate multiple channels, such as fibre-optic cables,
microwave links, and satellite connections. They also utilize routers, which are communication
processors that direct messages from a LAN to the Internet, across several interconnected LANs, or
across a WAN like the Internet itself, which serves as a prime example of a WAN.

Enterprise Networks
Modern organizations often operate several local area networks (LANs) and may also have multiple
wide area networks (WANs). These various networks are interconnected to create an enterprise
network. For example, Figure 6.2 illustrates a model of enterprise computing. In this model, the
enterprise network features a backbone network, which is a high-speed central network that links
multiple smaller networks, such as LANs and smaller WANs. The LANs that connect to the backbone
WAN are referred to as embedded LANs.

Figure 6.2 Enterprise network (Adopted from Rainer and Prince, 2022)

Unfortunately, traditional networks can be inflexible and unable to adapt quickly to growing business
networking demands. This rigidity arises because the functions of traditional networks are spread
across physical routers and devices (i.e., hardware). As a result, implementing changes requires
individually configuring each network device, and in some cases, this must be done manually.
https://www.youtube.com/watch?v=y6RnSrk_LW8

Software-defined networking (SDN) is an emerging technology gaining traction to help organizations

manage their data flows across enterprise networks. In an SDN, software centrally controls the
decisions governing how network traffic is routed through devices. This software can dynamically
adjust data flows to align with business and application needs.

You can think of traditional networks like a city's road system in 1920. Data packets represent cars
navigating through the city, while traffic officers (physical network devices) manage each intersection,
directing traffic based on turn signals and the types of vehicles passing through. However, these
officers only oversee their specific intersections and lack awareness of overall traffic patterns or
volume across the city, making it challenging to manage traffic effectively during peak hours. When
issues arise, the city must communicate with each officer individually via radio.

In contrast, consider an SDN as the road system of a modern city. Here, traffic officers are replaced by
traffic lights and electronic vehicle counters connected to central monitoring and control software.
This system allows for instant, centralized traffic management. The control software can adjust traffic
patterns at different times of day (such as during rush hour) and continuously monitor traffic flow,
automatically changing the traffic lights to facilitate smoother movement through the city with
minimal disruption.

6.3 Network Fundamentals

In this section, you'll explore the fundamental principles of network operation. You'll start with
wireline communication media, which allow computers in a network to send and receive data. The
section will wrap up with an examination of network protocols and various types of network
processing.

Today, computer networks use digital signals, which are distinct on-off pulses that represent bits (0s
and 1s). This allows digital signals to transmit information in binary form that computers can interpret.
The U.S. public telephone system, known as the "plain old telephone system" (POTS), was initially
designed as an analog network for transmitting voice signals through continuous waves. These analog
signals convey information by varying the amplitude and frequency of the waves. POTS requires dial-
up modems to convert signals between analog and digital formats, but such modems are becoming
rare in most developed regions.
Cable modems, which operate over coaxial cables like those used for cable TV, provide broadband
access to the Internet or corporate intranets. Their speeds can vary significantly, with most providers
offering download speeds between 1 and 6 million bits per second (Mbps) and upload speeds between
128 and 768 thousand bits per second (Kbps). Since cable modem services share bandwidth among
multiple local subscribers, heavy simultaneous usage by neighbours can lead to slower speeds.

DSL modems, on the other hand, use the same lines as voice telephones and dial-up modems. They
maintain a constant connection, allowing for immediate access to the Internet

6.4 Communications Media and Channels

Transmitting data from one location to another requires a pathway or medium, known as a
communications channel. This channel comprises two types of media: cable (such as twisted-pair wire,
coaxial cable, or fibre-optic cable) and broadcast (including microwave, satellite, radio, or infrared).

Wireline media, or cable media, use physical wires or cables to carry data and information. Twisted-
pair and coaxial cables are constructed from copper, while fibre-optic cables are made from glass.
Alternatively, communication can occur through broadcast or wireless media. The cornerstone of
mobile communication in today’s fast-paced society is data transmission over electromagnetic
media—commonly referred to as the “airwaves.” In this section, you will explore the three types of
wireline channels.

Twisted-Pair Wire
Twisted-pair wire is the most common type of communications wiring and is utilized for nearly all
business telephone installations. As its name implies, it consists of pairs of copper wire twisted
together (see Figure 6.3). This type of wire is relatively inexpensive, readily available, and easy to
handle. However, it has notable drawbacks: it has slower data transmission speeds, is susceptible to
interference from other electrical sources, and can be easily intercepted by unauthorized individuals
seeking to access data.

Coaxial Cable
Coaxial cable is made up of insulated copper wire. It is significantly less prone to electrical interference
than twisted-pair wire and can transmit much larger amounts of data. This makes it a popular choice
for high-speed data transmission and television signals, which is why it's often associated with cable
TV. However, coaxial cable is more expensive and more challenging to handle than twisted-pair wire,
and it is also somewhat rigid.

Fiber Optics
Fiber-optic cable is made up of thousands of extremely thin glass filaments that carry information
using light pulses generated by lasers. The cable is encased in cladding, a protective layer that prevents
the light from escaping the fibres.

Fiber-optic cables are much smaller and lighter than traditional cable media. They can transmit
significantly more data and offer enhanced protection against interference and unauthorized tapping.
Typically, fiber-optic cable serves as the backbone of a network, while twisted-pair wire and coaxial
cable connect individual devices to this backbone. In 2016, the FASTER cable, a 5,600-mile undersea
fiber-optic connection between Japan and the United States, became operational, achieving data
transmission speeds of 60 terabits (trillions of bits) per second across the Pacific Ocean. By 2018,
organizations installed more fiber-optic cable than in any other year in the past two decades.

Network Protocols
Devices connected to a network need to access and share the network to send and receive data. These
devices are commonly referred to as network nodes. They collaborate by following a shared set of
rules and procedures, known as a protocol, which allows them to communicate effectively. The two
primary protocols are Ethernet and Transmission Control Protocol/Internet Protocol (TCP/IP).

Ethernet

A widely used LAN protocol is Ethernet. Many organizations utilize 100-gigabit Ethernet, which offers
data transmission speeds of 100 gigabits (100 billion bits) per second. In 2018, 400-gigabit Ethernet
was introduced.

Transmission Control Protocol/Internet Protocol (TCP/IP)

The Transmission Control Protocol/Internet Protocol (TCP/IP) is the foundational protocol of the
Internet. It comprises a suite of protocols, primarily the Transmission Control Protocol (TCP) and the
Internet Protocol (IP). TCP performs three main functions: (1) it manages the flow of data packets by
establishing connections between computers, (2) it sequences the packets for orderly transfer, and
(3) it acknowledges the packets that have been sent. Meanwhile, the Internet Protocol (IP) handles
the disassembly, delivery, and reassembly of data during transmission.
https://www.techtarget.com/whatis/video/An-explanation-of-TCP-IP

Before data are sent over the Internet, they are broken down into small, fixed units called packets.
The technology used to fragment data into packets is known as packet switching. Each packet contains
information necessary for reaching its destination, including the sender's IP address, the recipient's IP
address, the total number of packets in the message, and the sequence number of that particular
packet. Each packet travels independently across the network and can take different routes. Once all
packets arrive at their destination, they are reassembled into the original message.

Packet-switching networks are known for their reliability and fault tolerance. For instance, if a network
path is congested or fails, packets can be dynamically rerouted. Additionally, if any packets are lost in
transit, only those specific packets need to be resent.

Organizations prefer packet switching primarily for its ability to ensure reliable end-to-end message
transmission, even over networks that may experience intermittent issues.

Packets utilize the TCP/IP protocol for data transport, functioning across four layers (see Figure 6.6).
The application layer allows client applications to access the other layers and defines the protocols for
data exchange, such as the Hypertext Transfer Protocol (HTTP), which outlines how messages are
formatted and interpreted by recipients. The transport layer provides communication and packet
services to the application layer, including TCP and other protocols. The Internet layer manages
addressing, routing, and packaging of data packets, with IP being one of its key protocols. Finally, the
network interface layer handles placing packets onto the network medium and receiving them from
various networking technologies.

Two computers can communicate using TCP/IP even if they have different hardware and software.
When data is sent from one computer to another, it passes down through all four layers, starting with
the application layer of the sending computer and proceeding to the network interface layer. Once
the data reach the receiving computer, they move back up through the layers.

TCP/IP allows users to transmit data over sometimes unreliable networks while ensuring that the data
arrives intact and uncorrupted. Its reliability and ability to support intranets and related functions
make TCP/IP a popular choice among business organizations.

Let’s consider an example of packet switching over the Internet. Figure 6.7 shows a message being
sent from New York City to Los Angeles via a packet-switching network. Notice that the packets,
represented in different colours, take various routes to reach their destination in Los Angeles, where
they are then reassembled into the complete message.
 Figure 6.3: Packet switching (Adopted from Rainer and Prince, 2022)

Types of Network Processing

Organizations often utilize multiple computer systems throughout the company. Distributed
processing allocates processing tasks across two or more computers, allowing machines in different
locations to communicate via telecommunications links. A common form of distributed processing is
client/server processing, with a specific variant known as peer-to-peer processing.

Client/Server Computing
Client/server computing connects two or more computers in a setup where certain machines, called
servers, provide computing services to user PCs, referred to as clients. Typically, organizations carry
out most of their processing and data storage on powerful servers that can be accessed by less capable
client machines. Clients request applications, data, or processing from the server, which then fulfils
these requests. https://www.youtube.com/watch?v=SdhzzDHidi4

This setup leads to the concepts of "fat" clients and "thin" clients. As mentioned in Technology Guide
1, fat clients have substantial storage and processing capabilities, allowing them to run local programs
(like Microsoft Office) even if the network goes down. Conversely, thin clients may lack local storage
and have limited processing power, relying on the network to run applications, making them less
useful when the network is unavailable.

Peer-to-Peer Processing
Peer-to-peer (P2P) processing is a type of distributed processing where each computer acts as both a
client and a server. Each machine can access files from all other computers, depending on assigned
security or integrity permissions.

There are three main types of peer-to-peer processing. The first type utilizes unused CPU power from
networked computers. An example of this is SETI@home (www.setiathome.ssl.berkeley.edu), an
open-source project that users can download for free.

The second type involves real-time, person-to-person collaboration, such as Microsoft SharePoint
Workspace (www.office.microsoft.com/en-us/sharepoint-workspace). This tool offers P2P
collaborative applications that use buddy lists for establishing connections and enabling real-time
collaboration.

The third category focuses on advanced search and file sharing, featuring natural language searches
across millions of peer systems. This allows users to find other users in addition to data and web pages.
BitTorrent (www.bittorrent.com) is a notable example of this type. It is an open-source, free peer-to-
peer file-sharing application that simplifies sharing large files by breaking them into smaller pieces, or
"torrents." BitTorrent addresses common file-sharing challenges: (1) downloads slow down when
many users access a file simultaneously, and (2) some users download without sharing. By allowing
users to share small parts of a file simultaneously—a method known as swarming—BitTorrent
alleviates bottlenecks. Additionally, users must upload a file while downloading, preventing leeching.
Thus, popular content travels more efficiently across the network.

6.5 The Internet and the World Wide Web

The Internet, often referred to as "the Net," is a global wide area network (WAN) that links around 1
million organizational computer networks across more than 200 countries on every continent. Its
extensive reach has integrated it into the daily lives of approximately 5 billion people.

Overview of the Internet

The computers and organizational nodes connected to the Internet come in various types and brands,
linked by data communication lines of differing speeds. The main connections and
telecommunications lines that tie these nodes together are known as the Internet backbone, which
primarily consists of a fiber-optic network operated by major telecommunications companies.

Many people mistakenly believe that most Internet traffic occurs wirelessly, but in reality, only about
1 percent of it is transmitted via satellites. So, what does the infrastructure of the Internet actually
look like?
The Internet is quite physical, comprising 300 underwater cables that stretch a total of 550,000 miles.
These cables vary in thickness, from the size of a garden hose to about three inches in diameter, and
they come ashore at cable landing points. From these points, the cables are buried underground and
routed to large data centers (discussed in Technology Guide 3). In the United States alone, there are
542 underground cables connecting 273 different locations, primarily along major roads and railways.
One of the most concentrated hubs of Internet connectivity is in Lower Manhattan, New York City.

As a network of networks, the Internet enables users to access data from other organizations and
facilitates seamless communication, collaboration, and information exchange worldwide, quickly and
affordably. This capability has made the Internet essential for modern businesses.

The Internet originated from an experimental project by the Advanced Research Projects Agency
(ARPA) within the U.S. Department of Defense, which began in 1969 as ARPAnet. Its goal was to
explore the feasibility of a WAN for sharing data, exchanging messages, and transferring files among
researchers, educators, military personnel, and government entities.

Today, Internet technologies are used both within and between organizations. An intranet is a
network that employs Internet protocols, allowing users to utilize familiar applications and work
habits. Intranets facilitate discovery, communication, and collaboration within an organization. In
contrast, an extranet connects portions of different organizations' intranets, enabling secure
communication between business partners over the Internet using virtual private networks (VPNs),
which are explained in Chapter 4. Extranets provide limited access to the intranets of participating
companies and support essential interorganizational communications. They are commonly used in
business-to-business (B2B) electronic commerce and supply chain management.

The Internet is not managed by any central authority; instead, the operational costs are shared among
hundreds of thousands of nodes, resulting in minimal expenses for any single organization.
Organizations only need to pay a small fee to register their names and must install their own hardware
and software to manage their internal networks. They are responsible for transferring any data or
information entering their network, regardless of its source, to the intended destination at no cost to
the senders, who in turn cover the telephone costs associated with using either the backbone or
standard phone lines.

Accessing the Internet

There are several ways to access the Internet. At your workplace or university, you can use the
organization’s local area network (LAN), which connects various LANs and servers to the Internet via
a campus or company backbone. You can also connect from home or while traveling, using either
wireline or wireless connections.

Connecting Through an Online Service

Another option for accessing the Internet is by opening an account with an Internet service provider
(ISP), a company that provides Internet connections for a fee. Major ISPs include Xfinity
(www.xfinity.com), AT&T (www.att.com), Spectrum (www.spectrum.com), and Verizon
(www.verizon.com).

ISPs connect with each other at network access points (NAPs), which serve as exchange points for
Internet traffic and determine how that traffic is routed. NAPs are crucial components of the Internet
backbone. Figure 6.8 illustrates the structure of the Internet, with white links representing the
backbone and brown dots indicating the NAPs where these links intersect.

Figure 6.4: Internet schematic (backbone in white) (Adopted from Rainer and Prince, 2022)

Connecting Through Other Means

Various efforts have been made to make Internet access more affordable, faster, and user-friendly.
For instance, Internet kiosks have been placed in public locations like libraries and airports—and even
in convenience stores in some countries—to provide access for individuals without their own
computers. Additionally, using smartphones and tablets to connect to the Internet has become
widespread, and fiber-to-the-home (FTTH) is experiencing rapid growth. FTTH involves directly
connecting fiber-optic cables to individual homes.
Addresses on the Internet

Every computer connected to the Internet has a unique identifier known as the Internet Protocol (IP)
address, which distinguishes it from other computers. An IP address is made up of four sets of numbers
separated by dots. For example, one computer might have the IP address 135.62.128.91, which can
be entered into a browser's address bar to access a website.

There are currently two IP addressing systems in use. The first, IPv4, is the most prevalent and consists
of 32 bits, allowing for 2^32 potential IP addresses, or 4,294,967,295 unique addresses. The IP address
mentioned earlier (135.62.128.91) is an example of an IPv4 address. When IPv4 was created, the
number of computers needing addresses was far fewer than today, which led to the development of
a new system, IPv6, as we have exhausted the available IPv4 addresses.

IPv6 addresses are composed of 128 bits, providing an enormous number of potential addresses—
2^128 distinct possibilities. This new system is being adopted to meet the growing demand for IP
addresses from an increasing array of devices, including smartphones and those part of the Internet
of Things.

IP addresses need to be unique so that computers can locate each other on the Internet. The Internet
Corporation for Assigned Names and Numbers (ICANN) (www.icann.org) manages these unique
addresses globally. Without this coordination, a unified Internet would not be possible.

Since numeric IP addresses can be hard to remember, computers also have names. ICANN authorizes
certain companies, known as registrars, to register these names, which come from a system called the
domain name system (DNS). Domain names consist of multiple components separated by dots, read
from right to left. For example, in the domain name business.auburn.edu, the rightmost part
represents its top-level domain (TLD).

The Future of the Internet

Researchers warn that without significant improvements to Internet bandwidth, the Internet may
soon operate at much slower speeds. Current bandwidth limitations can hinder data-heavy
applications like full-motion video (movies) and large medical files (such as X-rays). Additionally, the
Internet often lacks reliability and security. In response, many U.S. universities, along with industry
and government partners, have created Internet2. This initiative focuses on developing and
implementing advanced network applications, including remote medical diagnosis, digital libraries,
distance education, online simulations, and virtual laboratories. Internet2 aims to be fast, always
available, intuitive, user-friendly, and secure. It's important to note that Internet2 is not a separate
physical network; rather, it builds upon the existing Internet infrastructure. For more information, visit
www.internet2.edu.

The World Wide Web

Many people mistakenly believe that the Internet and the World Wide Web are the same. However,
they serve different purposes: the Internet is a transport mechanism, while the World Wide Web
(WWW) is an application that utilizes these transport capabilities. Other applications, like email, also
operate on the Internet.

The World Wide Web is built on universally accepted standards for storing, retrieving, formatting, and
displaying information through a client/server model. It accommodates various types of digital
content, including text, hypermedia, graphics, and sound, and features graphical user interfaces (GUIs)
for easy navigation.

The concept of hypertext is fundamental to the Web's structure. Hypertext refers to text displayed on
a device that contains hyperlinks—references to other text that can be accessed instantly or revealed
progressively for more detail. A hyperlink connects a hypertext file to another location or file, typically
activated by clicking on highlighted words or images or by touching the screen.

Organizations that want to share information online need to create a home page, which serves as a
welcome screen displaying basic information about the organization. Usually, the home page links to
additional pages, and all the pages belonging to a specific company or individual together form a
website. Most web pages include contact information for the organization or individual, and the
person managing a website is known as the webmaster (a gender-neutral term).

To visit a website, users must enter a uniform resource locator (URL), which specifies the address of a
particular resource on the Web. For instance, the URL for Microsoft is www.microsoft.com. The
"HTTP" in the URL stands for hypertext transport protocol, while the rest indicates the domain name
that identifies the web server hosting the site.

Users primarily access the Web through software applications called browsers, which offer a graphical
interface that allows them to navigate the Web by pointing and clicking—often referred to as surfing.
Web browsers provide a consistent interface across different operating systems. As of July 2019,
Google Chrome was the most popular browser, followed by Apple Safari, Firefox, Microsoft Internet
Explorer, and Microsoft Edge.
 6.6 Network Applications: Discovery

Now that you understand the basics of networks and how to access them, an important question
arises: How do businesses leverage networks to enhance their operations? In the next four sections
of this chapter, we will examine four network applications: discovery, communication, collaboration,
and education. These applications represent just a small selection of the numerous network
applications currently available. Even if this list were comprehensive today, it would likely change
tomorrow as new applications are developed. Additionally, categorizing network applications can be
challenging due to overlaps; for instance, telecommuting involves both communication and
collaboration.

The Internet allows users to access and discover information stored in databases globally. By browsing
and searching the Web, users can utilize this discovery feature in various fields, including education,
government, entertainment, and commerce. While having access to such a wealth of information is
advantageous, it’s crucial to recognize that the quality of web content is not guaranteed. The Internet
is democratic, meaning anyone can publish information. Thus, the key principle for web users is
"Caution is advised!"

Consider the process of discovery in the 1960s: finding information typically required a trip to the
library to borrow a physical book. In contrast, today’s methods of information discovery have
transformed significantly. Notably:

• In the past, people had to physically go to libraries to find information; now, the Internet
brings information directly to users.
• Previously, only one person could access a book at a time; today, multiple users can access
the same information simultaneously.
• Accessing needed information could be challenging if a book was checked out; now,
information is broadly available to everyone at once.
• In the past, language barriers could complicate access to foreign texts; now, automated
translation tools are rapidly advancing.

However, the vast amount of information available on the Web, which doubles approximately every
year, can be overwhelming. This growing volume makes navigating the Web and finding specific
information increasingly difficult. As a result, many people rely on search engines, directories, and
portals.

Search Engines and Metasearch Engines

A search engine is a program that retrieves specific information based on keywords and presents the
results. These engines maintain extensive indexes of billions of web pages, created and updated by
web crawlers that explore and catalog pages across the Internet. Currently, the four dominant search
engines in the United States are Google, Bing, Yahoo!, and Ask, with Baidu leading the search engine
market in China, holding around 75% of that market.
https://m.youtube.com/watch?v=YC22FJWq5sg&t=9s

For more comprehensive searches, metasearch engines can be utilized. These tools query multiple
search engines simultaneously and combine their results. Examples include Surf-wax, Metacrawler,
Mamma, KartOO, and Dogpile.

Publication of Material in Foreign Languages

The World Bank estimates that around 80% of online content is available in just 10 languages: English,
Chinese, Spanish, Japanese, Arabic, Portuguese, German, French, Russian, and Korean. About 3 billion
people speak one of these languages, yet over half of all online content is in English, which is
understood by only 21% of the global population. For instance, in India, where approximately 425
languages and dialects are spoken, it’s estimated that less than 0.1% of web content is in Hindi, which
is the first language for around 260 million people.

Given the vast array of information online in multiple languages, accessing it often involves using
automatic translation tools. These translations are available for all major languages, and their quality
continues to improve.

In today’s global business environment, companies invest in creating multilingual websites as a

competitive necessity. Ensuring accurate dissemination of information worldwide is crucial. It's not
sufficient for companies to merely translate their web content; they must also localize it, taking into
account the cultural and contextual needs of local markets. Translation services can be costly, often
charging 20 cents or more per word. Companies managing content in 10 languages can spend around
$200,000 annually on localization, plus an additional $50,000 for website maintenance. Major
multinational corporations may have translation budgets that reach millions of dollars.

Portals
Many organizations and their managers face information overload, as data is dispersed across
numerous documents, emails, and databases in various locations and systems. This fragmentation
makes it time-consuming for users to find relevant and accurate information, often requiring them to
navigate multiple systems.

One effective solution to this challenge is the use of portals. A portal serves as a web-based,
personalized gateway to information and knowledge, aggregating relevant data from different IT
systems and the Internet through advanced search and indexing methods. After this section, you'll be
able to identify four types of portals: commercial, affinity, corporate, and industrywide, each catering
to different audiences.

A commercial (public) portal is the most common type found on the Internet. It is designed for a wide
range of users and offers general content, including some real-time information (e.g., stock tickers).
Examples include Lycos and Microsoft Network.

On the other hand, an affinity portal provides a centralized entry point for a specific community of
shared interests, such as a hobby group or political organization. For instance, many universities have
affinity portals for their alumni. Examples of affinity portals include TechWeb and ZDNet.

6.7 Network Applications: Communication

The second primary category of network applications is communication. This encompasses various
communication technologies, such as email, call centers, chat rooms, and voice services. Additionally,
we will explore a noteworthy application of communication: telecommuting.

Electronic Mail
Email is the most widely used application on the Internet. Research indicates that nearly all companies
conduct business transactions via email, and a significant number link it directly to their revenue
generation. However, the volume of emails that managers receive can be overwhelming, potentially
decreasing productivity.

Web-Based Call Centers

Personalized customer interaction has become crucial for online support, often provided through
web-based call centers, or customer care centers. For instance, if you need technical support from a
software vendor, you typically reach out to their web-based call center through email, phone, or a
combined voice and web session. Some of these call centers are located in countries like India, raising
offshoring concerns for U.S. companies. Notably, some U.S. firms are relocating their call centers back
to the States for several reasons: they feel they have less control over overseas operations, face
language barriers that hinder communication, risk compromising customer confidentiality, and often
find that representatives juggle multiple companies, leading to inconsistent service quality.

Electronic Chat Rooms

Electronic chat allows users to exchange messages in real time within a chat room. Chat programs
enable users to send messages to others connected to the same communication channel. While early
chat rooms primarily used text-only Internet Relay Chat (IRC), this method has declined significantly
since the early 2000s. Modern chat rooms, which can be accessed on mobile devices, support
multimedia uploads like images and videos. Users can even create their own chat rooms using services
such as RumbleTalk or Xat. However, the popularity of chat rooms has diminished with the rise of
social media.

Voice Communication
Traditional telephone services have largely been replaced by Internet telephony, or Voice-over-
Internet Protocol (VoIP). This technology digitizes analog voice signals, breaks them into packets, and
transmits them over the Internet. For example, Skype offers various VoIP services for free, including
voice and video calls, instant messaging, and conference calls.

Unified Communications
Previously, organizational networks for voice, data, and video communication operated separately,
managed by the IT department. This fragmented approach led to increased costs and reduced
efficiency. Unified communications (UC) integrates all forms of communication—voice, voicemail, fax,
chat, email, and videoconferencing—onto a single platform. This integration allows for a streamlined
user experience; for instance, a voicemail can be read in an email inbox. UC facilitates seamless
collaboration across different locations, enabling users to easily find and communicate with each
other through various methods in real time.

Telecommuting
Knowledge workers are now part of the distributed workforce, or "digital nomads," able to work from
anywhere at any time, a practice known as telecommuting. These workers often do not have a
permanent office and may work from home, client locations, or other remote spaces. The rise of
telecommuting is fueled by globalization, long commutes, widespread broadband access, and
advanced computing devices.

Telecommuting offers several benefits, such as reduced stress for employees and improved work-life
balance, as well as greater productivity and employee retention for employers. However, it also comes
with drawbacks, including feelings of isolation for employees, potential loss of benefits, and challenges
in supervision and data security for employers. Research has shown that telecommuting workers may
receive fewer promotions due to less visibility with management, and they often face difficulties in
setting boundaries with family members regarding work time.

Collaboration
The third key category of network applications is collaboration. This involves multiple entities—such
as individuals, teams, groups, or organizations—working together to achieve specific tasks. The term
"workgroup" specifically describes two or more individuals collaborating to complete a task.

Workflow and Collaboration

Workflow refers to the flow of information through the various steps that make up an organization’s
processes. Workflow management facilitates the transfer of documents, information, and tasks
among participants, adhering to the organization’s established rules and procedures. Workflow
systems serve as tools for automating business processes.
https://www.youtube.com/watch?v=Mjjn13h0YcQ

When group members are situated in different locations, they form a virtual team. These teams hold
virtual meetings, allowing them to "meet" electronically. Virtual collaboration, or e-collaboration,
involves using digital technologies to enable geographically dispersed individuals or organizations to
collaboratively plan, design, develop, manage, and research products, services, and innovations.
Employees often collaborate virtually, and some organizations extend this collaboration to customers,
suppliers, and business partners to enhance productivity and competitiveness.

Collaboration can occur synchronously, where all team members meet simultaneously, or
asynchronously, where members work together without needing to be online at the same time. Virtual
teams, especially those spread across the globe, typically collaborate asynchronously.

Although various software products support collaboration, many organizations feel overwhelmed by
the number of tools available. They prefer a centralized platform that allows them to track what has
been shared, with whom, and when, along with smarter tools that can anticipate their needs.

Some popular collaborative software includes Google Drive, Microsoft Office 365 Teams, Jive, Glip,
Slack, Atlassian, and Facebook Workplace, among others. These tools generally offer features for
online collaboration, group email, distributed databases, document management, workflow
capabilities, instant virtual meetings, application sharing, instant messaging, and tools for consensus
building and application development.

Two tools that incorporate analytics for better collaboration are IBM’s Verse, which combines email,
social media, calendars, and file sharing into one package aimed at enhancing productivity, and
Microsoft’s Delve, which uses analytics to present the most relevant information to each user.

For example, BNY Mellon, a multinational banking and financial services firm, utilizes its own
enterprise social networking tool, MySource Social, to share ideas and expertise. This tool integrates
with the company’s communication and collaboration systems, including email and instant messaging.
MySource Social serves as an intranet site where users can access business partner groups, blogs, and
special-interest groups. Over 90 percent of BNY Mellon’s 55,000 employees globally have accessed
the site, with 40 percent actively participating.

Crowdsourcing
Crowdsourcing is a form of collaboration where an organization outsources tasks to a large, undefined
group of people through an open call. This approach offers several advantages for organizations. First,
crowds can quickly and cost-effectively explore and often solve problems. Second, it allows access to
a broader talent pool beyond the organization’s employees. Third, by engaging with the crowd,
organizations gain direct insights into customer preferences. Finally, crowdsourcing fosters innovation
by tapping into a global network of ideas. Here are a few examples of crowdsourcing in action:

1. Crowdsourcing Help Desks: IT help desks on college campuses are vital since students rely heavily
on technology for their studies. At Indiana University, the IT help desk utilizes crowdsourcing to
manage the high volume of inquiries. Students and faculty post their IT issues on an online forum,
where fellow students and tech-savvy individuals can provide assistance.

2. Recruitment: Champlain College in Vermont launched the Champlain For Reel program, inviting
students to share their experiences at the college through YouTube videos. This channel serves to
attract prospective students and keeps alumni informed about campus and community events.

3. Scitable: This platform combines social networking with academic collaboration, allowing students,
professors, and researchers to discuss problems, find solutions, and share resources. Scitable is free
to use and encourages individuals to both seek help and assist others through crowdsourcing.

4. Procter & Gamble (P&G): P&G uses InnoCentive, a platform where researchers can post their
challenges and offer cash rewards to those who provide solutions.

5. SAP’s Idea Place: This initiative generates ideas for software improvements. Users can view and
categorize ideas, vote on them, and provide feedback. A team of experts reviews submissions to assess
their feasibility, giving more attention to the most popular ideas.

Despite the numerous success stories associated with crowdsourcing, there are significant questions
and concerns, such as:

• Should participation be limited to experts, and how would that be enforced?

• How can organizations ensure the accuracy of content created by non-experts?
• How will crowd-sourced content be updated to maintain relevance?
• With potentially overwhelming submissions, evaluating all ideas can be costly, as seen during
the 2010 BP oil spill, when over 20,000 suggestions were received.
• Contributors may unintentionally or intentionally violate copyrights.
 • The quality of the output is contingent on the diversity of the crowd, which companies may
not be able to assess beforehand.
https://www.youtube.com/watch?v=1su_Ceqj5E4

Teleconferencing and Video Conferencing

Teleconferencing uses electronic communication technology to enable conferences between people
in different locations. The simplest form is a telephone conference call, allowing multiple participants
to communicate, though it lacks face-to-face interaction and the ability to share visual aids like graphs
or charts. https://study.com/academy/lesson/video/what-is-video-conferencing-definition-
advantages-disadvantages.html

To address these limitations, organizations are increasingly adopting video teleconferencing, or

videoconferencing, which allows participants to see each other and view documents and
presentations remotely. The most advanced version, known as telepresence, enables seamless sharing
of data, voice, images, graphics, and animations. Participants can also transmit data alongside voice
and video, facilitating collaboration on documents and file exchanges.

Telepresence systems vary from high-end, on-premise setups to cloud-based solutions. High-end
systems are expensive, requiring dedicated rooms with large high-definition screens and advanced
audio capabilities to allow simultaneous communication without interference. These systems also
necessitate technical support for operation and maintenance, such as Cisco’s TelePresence system.

E-learning and distance learning are distinct yet overlapping concepts. E-learning involves Web-
supported learning, which can enhance traditional classroom experiences or take place entirely in
virtual settings, where all coursework is done online. In this context, e-learning is a component of
distance learning (DL), which encompasses any educational scenario where instructors and students
do not meet in person. The Web facilitates a multimedia interactive environment for self-study,
making knowledge accessible anytime and anywhere, thus benefiting both formal education and
corporate training.

E-learning offers numerous advantages, such as providing up-to-date, high-quality content created by
experts, and allowing students to learn at their own pace and location. In corporate training settings,
e-learning can shorten learning time, enabling more individuals to be trained efficiently, which reduces
costs and the need for physical training spaces.

However, e-learning has its challenges. Students need to be proficient with computers, and they may
miss out on face-to-face interactions with instructors and peers. Additionally, evaluating students'
work can be difficult, as instructors may not know who has completed assignments. Rather than
replacing traditional classrooms, e-learning complements them by utilizing new content and delivery
technologies. Platforms like Blackboard enhance conventional education in higher learning.

A recent development in distance learning is the emergence of massive open online courses (MOOCs),
which aim to democratize higher education. Their growth is driven by advancements in technology
and rising tuition costs at traditional universities. MOOCs are largely automated and feature
computer-graded assessments. However, they have yet to demonstrate effective teaching for the
large numbers of students who enroll, and they do not generate revenue for universities. MOOCs
attract a diverse student body, including high school students, retirees, faculty, and working
professionals, making it challenging to design courses that cater to everyone's needs. Additionally,
while initial enrollments in MOOCs may exceed 100,000, completion rates often drop below 10%.
Nonetheless, they provide opportunities for many around the world to gain valuable skills and secure
high-paying jobs without incurring tuition costs or obtaining degrees.

As of 2018, the leading MOOC providers included Coursera (U.S.) with 23 million users and 2,329
courses, edX (U.S.) with 10 million users and 1,319 courses, XuetangX (China) with 6 million users and
380 courses, FutureLearn (U.K.) with 5.3 million users and 485 courses, and Udacity (U.S.) with 4
million users and 172 courses.

Virtual universities are online institutions where students attend classes via the Internet from home
or other locations. Many established universities now offer some form of online education.
Institutions like the University of Phoenix, California Virtual Campus, and the University of Maryland
provide a wide range of online courses and degrees globally. Other universities may offer limited
online options while incorporating innovative teaching techniques and multimedia support in
traditional settings.

6.8 Network Applications: Educational

The fourth major category of network applications includes educational applications. This section
covers e-learning, distance learning, and virtual universities.

E-learning and distance learning are related but distinct concepts. E-learning refers to Web-based
learning, which can occur in traditional classrooms as a supplement to in-person teaching or entirely
in virtual classrooms where all coursework is done online. In such cases, e-learning is a subset of
distance learning (DL), which encompasses any educational setting where instructors and students do
not meet face-to-face. The Web now offers a multimedia interactive environment for self-directed
study, making knowledge readily accessible anytime and anywhere, benefiting both formal education
and corporate training.

E-learning has many advantages. Online resources can provide current, high-quality content created
by experts and deliver it consistently. It allows students the flexibility to learn from any location, at
any time, and at their own pace. In corporate training environments, e-learning typically shortens
learning durations, enabling more people to be trained in a given timeframe, which reduces costs and
eliminates the need for physical training spaces.

However, e-learning also has some limitations. Students need to be computer literate, and they may
miss face-to-face interactions with instructors and peers. Additionally, assessing students' work can
be challenging since instructors may not always know who completed the assignments. Rather than
replacing traditional classrooms, e-learning enhances them by utilizing new content and delivery
methods. Platforms like Blackboard add significant value to higher education.

A recent innovation in distance learning is massive open online courses (MOOCs), designed to
democratize access to higher education. The rise of MOOCs has been fueled by advancements in
technology and rising tuition costs at traditional universities. MOOCs are largely automated, featuring
computer-graded assignments and exams. However, they have yet to demonstrate effective teaching
for the large numbers of enrolled students and do not generate revenue for universities. They attract
a diverse mix of participants, including high school students, retirees, faculty, and working
professionals, making course design challenging. Furthermore, while initial MOOC enrollments may
exceed 100,000, completion rates often fall below 10%. Despite these challenges, many students
worldwide who lack access to traditional universities are using MOOCs to gain valuable skills and
pursue high-paying jobs without incurring tuition fees or obtaining degrees.

In 2018, the leading MOOC providers included Coursera (U.S.) with 23 million users and 2,329 courses,
edX (U.S.) with 10 million users and 1,319 courses, XuetangX (China) with 6 million users and 380
courses, FutureLearn (U.K.) with 5.3 million users and 485 courses, and Udacity (U.S.) with 4 million
users and 172 courses.

Virtual universities are institutions where students attend classes online from home or other locations.
Many established universities offer some form of online education. For instance, the University of
Phoenix, California Virtual Campus, and the University of Maryland provide thousands of courses and
degrees entirely online. Other universities may offer a limited selection of online courses but also
incorporate innovative teaching methods and multimedia support in their traditional classrooms.

https://www.youtube.com/watch?v=1SOySp8QJtk

Revision Questions

1. Discuss the four business decisions that companies must make when they acquire new
applications.

2. Enumerate the primary tasks and the importance of each of the six processes involved in the
systems development life cycle.

3. Describe alternative development methods and the tools that augment development
methods

4. Identify the major hardware components of a computer system.

5. Describe the various types of computers in the computer hierarchy.

6. Differentiate the various types of input and output technologies and their uses.

7. Discuss the major software issues that confront modern organizations

8. Describe the general functions of the operating system

9. Differentiate between the two major types of software

10. Describe the key characteristics and advantages of cloud computing

11. Identify a use case scenario for each of the four types of clouds

References

1. Deloitte (2024) 'Network Computing Trends Report', Digital Infrastructure Analysis, 8(2), pp.
45-60.

2. Federal Communications Commission (2024) 'Broadband Speed Guidelines', Technical

Standards Review. Available at: www.fcc.gov (Accessed: 11 December 2024).

3. ICANN (2024) 'Domain Name System Overview', Internet Governance Report. Available at:
www.icann.org (Accessed: 11 December 2024).
4. Internet2 (2024) Advanced Network Applications Research. Available at: www.internet2.edu
(Accessed: 11 December 2024).

5. McKinsey & Company (2024) 'The Future of Network Technologies', Digital Transformation
Review, 12(3), pp. 78-92.

6. Microsoft Corporation (2024) 'Enterprise Network Architecture Guide', Technical

Documentation Series, 15(4), pp. 112-128.

7. Paytronix Systems (2024) 'Customer Loyalty Analytics Report', Business Intelligence Review,
6(1), pp. 34-49.

8. The World Bank (2024) 'Digital Content Language Distribution Analysis', Global Technology
Report, 9(2), pp. 67-81.

9. Verizon (2024) 'VoIP Technology Implementation Guide', Network Communications Review,

11(3), pp. 90-105.

10. World Economic Forum (2024) 'Global Information Technology Report', Digital Infrastructure
Series, 7(1), pp. 23-38.