Tag: Information systems

Securing the Unsecured

There are a lot of ways by which Information Systems can be compromised. Aside from the usual viruses that are known to plague computers, there are various more sinister threats sometimes bordering along the lines of action spy movies.

Yet apart from the sophisticated threats that have been discussed in class, for me, the biggest threat might be that of ignorance. It is a threat that I have constantly encountered where I work and which I am grateful for that our operations are fairly limited in their dependency on information systems that errors due to ignorance are easy to trace and repair.

When one is working with people who have lived in a time when technology developed at a leisurely pace, one will see that their level of adaptation to technology is also in a leisurely pace. Hence, when one introduces new systems, they take their time in adapting to them that soon enough a new system has arrived and they haven’t even warmed up to the old one. This then leads to several compromise in the data treated that more often than not results to poor results or below-par performance.

But a bigger threat than ignorance is outright refusal to embrace change. There are people also, who, when faced with systems too far out from their imagination, simply refuses to acknowledge the system thus ignoring it completely to the detriment of the company. It is these people that prevents progress with any kind of IS from being achieved since they flat out refuse to work with the system, stubbornly clinging to the manual processes they have grown accustomed to.

Such challenges faced above are threats in my line of work especially when one tries to convert everyone to adapt to using sophisticated information systems. One might say that those who cannot adapt must be forced to leave but such is not an easy thing to do in real life. Thankfully though, the company is still at that stage when ignorance and stubbornness can still be tolerated.

Perhaps the real actual threat to information in our company will be the fact that the servers we use for information transfer are actually web servers. Our email client is web based and we pass around sensitive company information via this channel. I have raised the alarmingly threat this may pose if the unsecured web server is hacked or if the person in possession of the sensitive files leaves and takes the files with him, but then the hint of the threat has been scoffed at. Like the ignorance and stubbornness prevalent, there is a general lack of acceptance that anything passed around via web servers is unsecured. Generally, the consensus is that, no employee in their right frame of mind would willingly sell out the company by exposing its deep dark secrets. The trust in each and every employee – from the lowest of rank to the topmost manager is absolute when it comes to the data they handle.

Although there have been proposals to migrate from a web-based server to an internal one, the costs connected are what impedes management from making the transition.

Why did I share the above sordid tale? Simply because the reality in our business is I believe true for any other business of our size and scale. The tale presented above can well be the tale of any other company plus or minus some details. Although there is a general consensus of the threats surrounding the data we hold dear to us, the move to secure those data remains elusive and not within the immediate priority. Hence, we remain stuck to our wits end, trying to secure data in a relatively unsecured environment.

Related articles

 

IS Acquisitions: A Suitable Compromise

Given a choice, businesses would rather have their own tailor-made information systems than those they can simply buy from software manufacturers. Tailor-made systems are built to understand how their particular business works and how their processes are in place. Even though businesses follows the same business formats, no two business are exactly alike and no needs are exactly the same. Having a system that is made to fit into one’s existing operational procedures rather than buying a system and adapting existing operational procedures to that is a dream for a lot of companies.

Sadly, the reality is that, because of the high costs involved in employing programmers and systems analysts to actually create information systems for one’s existing operational processes, a majority of small to mid-range business owners are forced to buy from software companies certain systems and merely add or drop some of the existing functionality in a bid to customize it for their operational needs.

Of course these poses a lot of problems for the company. For one, technical support can prove to be a tricky business. Of course, the company can hire IT personnel to learn the various technical aspects of the system but when there are major problems with the system, the company is still forced to go to the official technical support team and pay yet another staggering amount to have the current system fixed. Another issue is the obsolescence of the system. Because of the rapidly changing landscape of technology these days, systems move forward at a very fast pace that one might find the system bought from some years back already becoming obsolete. This means that technical support for it may no longer be available and major upgrades are already needed. This leads to the company spending more.

This is opposed to the idea that if the company simply developed their own systems in the first place, it would be in a better position to troubleshoot it when things go wrong and to upgrade it when things have moved on.

Another difficulty I’ve seen with merely acquiring systems is when one is forced to consider other providers. Like in the case of our company, we decided to try another point of sales system just to see if the existing one we have can be improved any further. Sadly, the result was that we now have 2 very different POS system with no hope of becoming integrated. Hence, our IT staffs have to become acquainted with two different systems. Likewise, we need to maintain the 2 different system.

Yet to a mid-size company like ours, acquiring these systems, although not entirely ideal and perfect, remains to be a better alternative than having one tailor-made for us. The one-time cost it took to buy them and the subsequent costs for maintaining them remains to be significantly lower than if we hired a systems analysts and programmers to create and maintain a fully functioning information system. Although that would have been ideal, it would have been crippling in terms of costs.

Hence, acquisition of off the shelf systems have proved to be a beneficial compromise. Perhaps in the future, when the company has expanded and grown, things would change. But for now, we are forced to remain satisfied with the compromise taken.

Related articles

 

IT Investments: Important But Not Urgent

Businesses invest in a lot of things: infrastructure, product inventory, marketing, people, and so on. Before a businessman can significantly make money, he has to invest first in many things to get his business up and running as well as competitive. In the current technological age, information structure or IT is one of those key investments. Gone were the days when merely having papers and calculators were enough to get a business running. Today, every business, even the small ones, have computers and uses various softwares to help in their daily operational needs.

For small and mid-size range companies, investing in some decent information system is important but not nearly as urgent. The scenario is different from the big multi-national companies where information systems are deeply embedded in their operational procedures that they cannot do without it. For companies which are just starting up and whose operations are not nearly as big, simple softwares to help in their bookkeeping practices or inventory procedures are enough for them to get by.

Although it is ideal and wonderful to have all if not majority of a company’s business processes supported by tailor-made information systems, the cost of investing in such is too big a risk to make. For most start-up companies, the priority is to get the ground running, so to speak. The priority is to have the products sell first, to gain notoriety in the targeted market and to earn back their initial investment. Only then, when the business is up and running, when massive expansion plans have entered the picture, can the company actually consider investing in sophisticated information systems.

Of course there are some exception companies, I suppose, whose initial investment in information systems was what gave them the competitive edge to actually succeed and make it through in the industry they’ve chosen but this is more the exception than the rule.

The same can be said in our company. Even though it has existed for quite a while, the nature of business it is engaged in, requires not the sophisticated information systems, but rather just the simpler ones aided with skillfully made excel systems. Although there are some information systems in place, the cost the company incurred to acquire them has been fairly high. Not to mention that most of them are off-the-shelf products and not entirely tailor-made for us.

There have been proposals to develop an internal information system which would tie-up with the entire operational process thereby increasing efficiency and eliminating some of the hurdles being encountered currently, yet the costs are too staggering for the company to shoulder at this point. Hence, the company makes do with what little programs the IT section can churn up and with what ever excel system the skilled bookkeepers can come up with.

To say the least, this type of compromise has worked for quite a while. It has sustained the company thus far and it generates the results and reports needed to make the right decisions. It might be a painstaking process which everyone agrees will be easier had there been a more sophisticated system, yet that remains to be a dream yet to be fulfilled when the advantages will far outweigh the costs.

 

Related articles

 

On Profits and Shared Systems

The world has come a long way from the time of the cavemen and the time of steam engines. Now we have automated elections and fast food online deliveries. Everything is faster and easier because of various information systems that are in place. The boom of the digital economy in the last 20 years has made life easier for many. And it has seen the rise and fall of many businesses.

Admittedly, technology is a huge part of any business. Any business who fails to recognize the role of technology in their daily operations is bound to fail. The swarm is here and there is no choice but to join in. Digital economy has taken us by storm and it’s something that businesses are forced to embrace. Fail to recognize the value of it and competitors are bound to overtake you. It is for this reason that those who’ve already benefitted are less likely to share with anyone their own developed systems. In this technological age, those who have the information and the most advanced technology to process those information have the clear upper hand. They profit the most and they overtake their competition by leaps and bounds. So who are they to share what they have with their competition? It is an ideal world if we would get businesses collaborating with each other by sharing their technology but more often than not, they don’t. Business after all is mostly about making profit and businessmen are always concerned about their net incomes.

Perhaps that is the reason why for most industries likes ours, information systems are outsourced. I have yet to know of a business in my industry that keeps its own IT section fully dedicated to establishing systems for them. Most of the time, it is easier to outsource these things to the experts and simply avail of the readily available software systems out there. After all, the needed systems are not as complex. Although we would benefit from an information system fully designed and customized for us, the cost of developing such would be too much. Why spend for something that we can already buy off the shelves and serve us the same purpose?

This notion of mine is evident with the huge number of independent I.T. companies out there. Why do they exist independent of business organizations? Because in our country, most businesses are hard pressed to maintain fully functional I.T. sections due to the huge operational costs this will entail them. So for their information system needs, they outsource it. As such, the “collaboration” and “sharing” of business information systems happen. It’s not really the businesses choice to collaborate. Rather they have availed of information systems that are similar with the information systems availed by their competitor. Hence the perception of “shared systems”.

The effects of the digital economy is evident in our society. Who doesn’t have a Facebook account these days? It’s a mere social networking tool for some but for businesses, it’s something worth capitalizing on. After all, people share almost all their information via the social networking site. What a great way to gain insight to your consumers or target market!

Information systems are great ways to advance anyone’s business. The digital economy is something that all businesses have the chance to capitalize on. But this is not for every business nor is it the solution to dispelling the extremely competitive nature in the business arena. It’s not for every business because not everyone has the resources for it. It won’t dispel competition but rather it will spur even more competition among businesses. The trick here then is for all developers to band together, providing similar solutions to businesses but at the same time taking into consideration their individual and unique needs. And if developers can forego the businessman’s obsession with profit then it will be an ideal world indeed.

Information Systems Architecture
A Sample Information Systems Architecture (Photo credit: Wikipedia)
Related articles (automatic suggestions by WP)