1|Page
Table of Contents
MANAGING DATA ........................................................................................................................................ 4
Security techniques for the management of data .................................................................................. 4
Disaster recovery plan .......................................................................................................................... 4
Audit trails ............................................................................................................................................. 6
Types of backup techniques and archiving of data ................................................................................. 6
Snapshot imaging .................................................................................................................................. 7
Full back up ........................................................................................................................................... 7
Incremental back up ............................................................................................................................. 7
Differential back up............................................................................................................................... 8
Online data storage methods .................................................................................................................. 8
Data Warehouses .................................................................................................................................. 8
Data Mart .............................................................................................................................................. 9
Data in the Cloud .................................................................................................................................. 9
Purpose of data mining ....................................................................................................................... 10
Processing of data considering security of data through the use of .................................................... 10
Passwords ........................................................................................................................................... 10
Firewalls .............................................................................................................................................. 10
Biometrics ........................................................................................................................................... 11
Anti-virus software.............................................................................................................................. 11
Digital signatures................................................................................................................................. 11
Digital certificates ............................................................................................................................... 12
Encryption ........................................................................................................................................... 12
Concept of User generated content. ...................................................................................................... 13
Advantages and disadvantages of UGC .................................................................................................. 13
Purpose of worldwide consortium.......................................................................................................... 17
Purpose of W3C conventions ............................................................................................................... 17
HTML and CSS.................................................................................................................................... 17
Graphics ............................................................................................................................................. 18
AUDIO AND VIDEO ............................................................................................................................ 18
ACCESSIBILITY W3C GUIDELINES ................................................................................................... 19
INTERNATIONALIZATION ................................................................................................................ 19
MOBILE WEB ..................................................................................................................................... 19
2|Page
Validation techniques for online forms ............................................................................................... 20
NETWORKS ................................................................................................................................................ 20
Types and characteristics of communication protocols ......................................................................... 20
Transmission Control Protocol/Internet Protocol (TCP/IP) ......................................................... 21
Hyper Text Transfer Protocol (HTTP): ............................................................................................ 21
Hyper Text Transfer Protocol Secure (HTTPS)............................................................................... 21
Wireless Application Protocol (WAP).............................................................................................. 21
Types and Characteristics of Communication Standards .................................................................. 22
802.11x (wireless)............................................................................................................................. 22
802.3 (Ethernet) .................................................................................................................................. 22
Types of Network Security Measures .................................................................................................. 22
Physical Network Security ................................................................................................................... 22
Password Protection ........................................................................................................................... 22
Firewall ................................................................................................................................................ 23
IMPACTS OF TECHNOLOGY ...................................................................................................................... 23
Data and information security ............................................................................................................. 23
Purpose of code of conduct .................................................................................................................... 24
Elements of code of conduct .................................................................................................................. 24
EMPLOYEE WORK HOURS ................................................................................................................... 24
WORK HOURS ..................................................................................................................................... 24
EMPLOYEE EMAIL USE ........................................................................................................................ 24
EMPLOYEE INTERNET USE ................................................................................................................... 24
EMPLOYEE PRIVACY ............................................................................................................................ 25
EMPLOYER'S RIGHT TO MONITOR WORK EMAILS, INTERNET ACCESS AND PERSONAL USE ............. 25
Online censorship in a global context ..................................................................................................... 25
Issus with the use of cloud computing ................................................................................................... 27
Availability of Online Applications ...................................................................................................... 27
Level of Accessibility ........................................................................................................................... 27
Confidentiality of Data ........................................................................................................................ 28
Sensitivity of Documents .................................................................................................................... 28
Impacts of Digital Technologies and global markets on; ........................................................................ 28
Productivity: ........................................................................................................................................ 28
Outsourcing:........................................................................................................................................ 30
3|Page
PROJECT MANAGEMENT .......................................................................................................................... 30
Concept of service level agreement ....................................................................................................... 30
Features of SLA ....................................................................................................................................... 31
Availability of services ......................................................................................................................... 31
Types of services ................................................................................................................................. 31
Advantages of local and global outsourcing compared with in-house................................................... 32
Purpose of Outsourcing data management ............................................................................................ 34
4|Page
MANAGING DATA
Security techniques for the management of data
Disaster recovery plan
Disaster recovery plan is a detailed, step-by-step course of action for getting a
business back on its feet -- and quickly -- after a natural or manmade disaster.
A disaster recovery plan should be in such a manner that it should offer continuous
network monitoring, complete data backup and many more.
It means that it should support in different aspects and provide complete protection.
1. Is a set of steps to protect data in the event of a disaster
2. Usually it is in writing
3. It is to minimise data loss
4. It is to minimise down time
5. It includes storing data off-site
A disaster recovery plan contains four major components:
 the emergency plan
 the backup plan
 the recovery plan
 the test plan.
The Emergency Plan
An emergency plan specifies the steps to be taken immediately after a disaster
strikes. The emergency plan usually is organized by type of disaster, such as fire,
flood, or earthquake. Depending on the nature and extent of the disaster, the
procedures that are followed in an emergency will differ.
All emergency plans should contain the following information:
1. Names and telephone numbers of people and organizations to notify (e.g.,
management, fire department, police department)
2. Procedures to follow with the computer equipment (e.g., equipment shutdown,
power shutoff, file removal)
3. Employee evacuation procedures
4. Return procedures; that is, who can reenter the facility and what actions they are
to perform
5|Page
The Backup Plan
Once the procedures in the emergency plan have been executed, the next step is to
follow the backup plan. The backup plan specifies how an organization uses backup
files and equipment to resume information processing. The backup plan should
specify the location of an alternate computer facility in the event the organization’s
normal location is destroyed or unusable. The backup plan identifies these items:
1. The location of backup data, supplies, and equipment
2. The personnel responsible for gathering backup resources and transporting them
to the alternate computer facility
3. A schedule indicating the order in which, and approximate time by which, each
application should be up and running.
The Recovery Plan
The recovery plan specifies the actions to be taken to restore full information
processing operations. As with the emergency plan, the recovery plan differs for
each type of disaster. To prepare for disaster recovery, an organization should
establish planning committees, with each one responsible for different forms of
recovery.
For example, one committee is in charge of hardware replacement. Another is
responsible for software replacement.
RECOVERY PLAN 1 - HOT SITE
•this is a duplicate of the existing site in every way, servers, rooming, real time
synchronisation so data is the same
•following a disaster, this new site would be up and running in a short time frame
e.g. 2 hours
•advantage is it is ready to go and is the best recovery solution
•disadvantage is it is very expensive to setup
RECOVERY PLAN 2 - WARM SITE
•this is a site that has computers set up, but not exact duplicates
•following a disaster, this new site would be up and running in a longer time frame
e.g. a week
•advantage is it is not as expensive as the hot site
•disadvantage is down time to get site operational
6|Page
RECOVERY PLAN 3 - COLD SITE
•this is a site that is not configured with computers and other hardware, some may
be more setup than others
•advantage is it is much cheaper than the hot or warm site
•disadvantage is it is more down time, more time needed to get up and running
The Test Plan
To provide assurance that the disaster plan is complete, it should be tested. A
disaster recovery test plan contains information for simulating various levels of
disasters and recording an organization’s ability to recover. In a simulation, all
personnel follow the steps in the disaster recovery plan. Any needed recovery
actions that are not specified in the plan should be added. Although simulations can
be scheduled, the best test of the plan is to simulate a disaster without advance
notice.
Audit trails
Audit trails maintain a record of system activity both by system and application
processes and by user activity of systems and applications. They can offer data
security from cyber attacks. In conjunction with appropriate tools and procedures,
audit trails can assist in detecting security violations, performance problems, and
flaws in applications. They document the who, what, when, where, and why of all
users’ behavior in an application. Audit trail entries capture access and changes
made to electronic records, so all electronic alterations and views are noted, along
with the user information of the employees who view or altered them An audit trail
is a series of records of computer events, about an operating system, an application,
or user activities. I.E




when the data was accessed
who accessed it
what was accessed
In most cases, it does not show why the data was accessed. Sometimes very
secure systems may ask for a reason before asking sensitive data.
 allow administrators to review who has been accessing data and identify any
unusual behaviour which can be investigated further. When files are moved
or modified, audit trails can be used to identify who was responsible for such
actions.
Types of backup techniques and archiving of data
Backup is the activity of copying/saving files or databases in another location so
that they will be preserved in case of equipment failure or other catastrophe.
7|Page
Backup is usually a routine part of the operation of large businesses with
mainframes as well as the administrators of smaller business computers. For
personal computer users, backup is also necessary but often neglected. The retrieval
of files you backed up is called restoring them. Personal computer users can
consider both local backup and Internet backup.
Snapshot imaging
In computer systems, a snapshot is the state of a system at a particular point in time.
Used in online and local image backups
Advantages:
 The computer system stays active and available for read and write operations
during the back up.
 It allows you to take an image of your computers current state and put it on
an external drive.
 It backs up your files, settings, data, registry, etc.
 When you restore to the image it will restore your computer to the exact
state it was in when you created the backup image.
Disadvantages:
 Requires additional software to be installed.
 Very large file sizes
Full back up
It's a backup of everything. A full backup of "your system" might include the entire
contents of all the drives connected to your system.
Advantages:
 All files from the selected drives and folders are backed up to one backup set.
 In the event you need to restore files, they are easily restored from the single
backup set.
Disadvantages:
 A full backup is more time consuming than other backup options.
 Full backups require more disk, tape, or network drive space.
Incremental back up
Includes only those things that have changed since the previous backup and saves
those things into a separate, additional, backup file or location.
1. The first incremental backup is a full backup
2. The second incremental backup backs up only those files that have changed
since the previous backup was taken
3. perform a monthly full backup and then a daily incremental
8|Page
ADVANTAGES:
 Backup time is faster than full backups.
 Incremental backups require less disk, tape, or network drive space.
 You can keep several versions of the same files on different backup sets.
DISADVANTAGES:
 In order to restore all the files, you must have all of the incremental backups
available.
 It may take longer to restore a specific file since you must search more than
one backup set to find the latest version of a file.
Differential back up
Includes only those things that have changed since the previous FULL backup and
saves those things into a separate, additional, backup file or location.
1. The first differential backup is a full backup
2. The second differential backup backs up only those files that have changed
since the previous full backup was taken
3. Perform a monthly full backup, weekly differential backup, and then a daily
incremental.
ADVANTAGES:
 Backup time is faster than full backups.
 Differential backups require less disk, tape, or network drive space.
 You can keep several versions of the same files on different backup sets.
 Safer than incremental backups – if one differential image becomes
corrupted, the other differential images are not reliant on it.
DISADVANTAGES:
 Larger files sizes than incremental
 Slower than incremental
Online data storage methods
Data Warehouses
Data warehouses are the facilities that hold all data for the business. Data
warehouses are comprised of hundreds of servers connected to provide users their
specific data and the business a summary of that historical transaction data. This is
to do analysis on that data (data mining) for financial or other gain. Often inside a
data warehouse you will find a large bank of very modern, high end computers with
a large database (Relational DataBase Management System RDBMS), and software
called Online Analytical Processing (OLAP) database. Users need this data and can
get it from the central data warehouse, or from smaller collection points called data
marts
9|Page
For example, an online store would store all of the customer's information on severs
in a data warehouse. The data warehouse provides customers individual data such
as transaction history and watch-lists. Business managers would receive a summary
of that information such as total sales, level of inventory and popular items bought.
Data Mart
Data marts are a subsection of a data warehouse that hold data relating to a specific
function or department of a business.
For example, a manufacturer could have a data mart dedicated to each product line
it manufactures.
Data in the Cloud
Data in the cloud refers to online cloud storage, where data is stored offsite of
business premises, onto internet connected servers located around the world.
Security and privacy of the data is surrendered to the cloud storage provider and
what they can or cannot do with the data is outlined in their license agreements. In
addition, data stored around the world is subject to different privacy laws.
Storing data in the cloud requires 3 things.
 an internet connection
 a username and password
 accepting a user agreement
The cloud is actually a collection of servers that store and transmit data, you can;
 Upload - you can upload your files,
 Download - you can download your files
Advantages:
 advantage - no need to buy the software
 advantage - can be used from any device with an internet connection
 advantage - compatible with most devices and operating systems
 advantage - updates transfer automatically across devices eg calendar, email,
notes, messages
Disadvantages:
 disadvantage - security problems
 disadvantage - privacy issues
 disadvantage - ownership of your data
For example, cloud storage provider, Dropbox, will release information upon
request by authorities.
10 | P a g e
Purpose of data mining
Data mining is the process of finding information in a data mart or data warehouse
to extract useful patterns, trends or information. This is done by businesses for their
business to gain financially from it and is a source of business intelligence. The idea
is that once marketers know who you are, they can better promote products and
services based on your interests and personal attributes. Marketers use algorithms
to detect and identify certain patterns in online activity to build a customer profile.
Common uses:
 A human resource department, for example, can use data mining to explore a
large pool of applicants and extract the best candidates for the job. Where
previously HR professionals would spend hours pouring over resumes, data
mining now uses keyword targeting and other methods to cull down the
candidate pool.
 When it comes to making the decision on whether or not to approve a line of
credit, predictive modeling, a form of data mining, allows banks to determine
the likelihood of an applicant following the terms of the loan.
 In the education field, college admissions offices are using data mining to
predict whether an applicant will accept an admissions offer.
Processing of data considering security of data through the use of
Data security is hiding your data from other people. It is protecting your data so
only authorised people can see it.
Passwords
A password is used to protect data. Data that is not important, may not even need a
password, however, important data needs strong passwords. A combination of
characters, linked to a username (often an email), used to unlock access to certain
computer resources.
Firewalls
A firewall is a barrier to prevent harmful programs getting to a computer, a simple
firewall is software on the computer which is turned on to prevent access to the
computer from the internet. A firewall can also be hardware which filters
information from the internet, again to protect the computer. E.g a proxy server in a
computing network
11 | P a g e
Biometrics
Unique human characteristics, used to verify the user to unlock access to certain
computer resources. Biometrics can include:





Fingerprints
facial recognition
(eye) iris recognition
hand geometry (the shape of hand/length of fingers)
voice recognition
Anti-virus software
Software installed on a device with the purpose of monitoring and removing
malware. Malware is checked against a list of regularly updated virus definitions.
Each time a new intruder program (or virus) is found, it is added to the server,
individuals also use anti-malware software to protect data.
Digital signatures
An electronic code, embedded in a document via public key infrastructure, with the
purpose of verifying the contents of the document and the sender's identity. Used to
make sure that a document hasn't been touched or altered while emailed or
transferred. If someone tries to alter a document with a digital signature, they can't
re-create a valid digital signature, the reason for this is because the intruder cannot
know the private key made at document creation, for it to be successful the public
and private keys must be matched.
A digital signature helps in establishing the following:
1. Authenticity: ensure that the contents of the document to which it is attached is
not tampered with by the recipient.
2. Integrity: Ensure that both the sender and the receiver receive the same
document containing the same data with integrity.
3. Non-Denial: Prevent the signer from denying of signing the document at a later
stage.
12 | P a g e
Digital certificates
An electronic passport that uses public key infrastructure, to secure transmit data
between a website and a user's device (this is basically that little lock next to the
URL). These are kept on your computer and when you link to the location (e.g.
Woolworths online), the digital certificate is matched to the online version. If it
matches you can connect. Digital certificates use public keys and digital signatures
A digital certificate helps in establishing the following:
1. Trustworthiness of a person or organization is verified by a Certificate Authority
2. The recipient can check for legitimacy of the information by looking up the
ownership of the sender.
3. Holds public keys that can be used to encrypt data.
Encryption
Encryption is the process of encoding data, through algorithms, so it can only be
read by the sender and its intended recipient. Encryption uses public key
infrastructure, which consists of two keys, a public key that anyone can obtain off
the web, and a private key known only by the sender and the intended recipient.
It is the translation of a file or document into a secret code, the only way to read the
file or document is to have the secret code. Putting it into the secret code is called
encryption, reading it from the secret code is called decryption. If encrypted, it is
called cypher text, if not encrypted, it is called plain text. Encryption can be used
when transferring a file, it can also be used when storing a file. It is becoming
popular with more people worried about data security, you can use encryption
software to protect your data, but it can slow down your work procedures quite a
lot.
Encryption helps in establishing the following:
1. Ensures end to end obscuration of information sent/received
2. Ensures that what is sent is what is received
3. Only those who have keys can encrypt/decrypt
13 | P a g e
Concept of User generated content.
User-generated content (UGC), alternatively known as user-created content (UCC),
is any form of content created by users of a system or service and made available
publicly on that system. UGC most often appears as supplements to online
platforms, such as social media websites, and may include such content types as
blog posts, wikis, videos, photos, comments or ecommerce. It is the act of users
promoting a brand rather than the brand itself.
Advantages and disadvantages of UGC
Advantages
1. Take Advantage of Content Curation





Build brand awareness
Establish credibility as a thought leader
Streamline lead nurturing
Boost social media metrics
Support lead generation
2. Boost Social Media Reach and Growth










Strategies that encourage user-generated content on social include:
Create a custom hashtag or photo contest on Instagram
Ask a question or create a challenge on Twitter or Facebook
Launch a video contest
Additionally, designing a social media based UGC campaign increases social
traffic, which results in:
A higher follower base
Extended reach
Increased brand awareness
Boosted social metrics such as likes, shares, comments, retweets
Greater web traffic/page views
3. Get SEO Perks
If your users are publishing content on their own blogs, backlinks to your website
can also improve its SEO ranking. And analyzing the most frequently used words
and phrases your audience uses can improve your keyword optimization research.
14 | P a g e
4. Gain Audience Insights




User-generated content is a gold mine of data
Better understand your audience and what they find engaging. ]
help generate leads and increase sales
If they're writing reviews, notice what customers are complaining about, and
improve on it.
 B2B companies will probably find a Twitter chat or online suggestion box
work better than an Instagram photo contest.
5. Find Unique Content
 Audience will produce different content from your marketing team.
 Take advantage of this "outsider" perspective
 These photos, videos, reviews, blog posts and more offer a fresh take and a
varying point of view.
 Encourages new audiences to join the fun and loyal users to stay engaged.
6. Increase Personalization
 Develop an online community that strengthens the customer/brand
relationship.
 To get your target audience to notice and engage with content is to
understand what resonates with them.
Disadvantages
1. Negative feedback, obscene or rude feedback. Flaming can occur if someone
disagrees with comments by another person.
2. Bias - users often hold strong opinions about a topic and often don't contribute a
balanced perspective
3. Lack of reliability and creditability - anyone can publish content from a 5-year-old
to a University professor, therefore, user generated content must be taken with a
pinch of salt. There's no guarantee that information presented in user generated
content is factual and is why Wikipedia has a poor reputation and often avoided
in referencing
4. Online Defamation risk - users can publish false, offensive or inappropriate
content, which could pose a legal liability towards the website owner. In February
2016, an online user on TripAdvisor, wrote a defaming review of Gold Coast hotel
- Paradise Resort. Such comments could negatively impact the business by
deterring future guests from staying at the hotel.
15 | P a g e
5. Confusion over Intellectual Property - who owns user generated content? There is
often confusion over who owns user generated content and how it can be used?
Concept of web 2.0 and web 3.0
WEB 1.0 - INFORMATION WEB
 It is first generation of web, it allows only read the information from web.
 It has only limited interaction between sites and web users.
 It is simply an information portal where users passively receive information
without being given the opportunity to post reviews, comments, and feedback
 It is era of static websites and representation of static content.
Web 2.0 – SOCIAL WEB
Web 2.0 is a new-age web application, which encourages interactivity, information
sharing, and collaboration on the Internet. It is quite opposite of a website, where
users can take a passive view of the content. Web 2.0 is based on user interaction.
All social networking sites, video sharing sites, blogs, forums, wikis etc. are
examples of web 2.0 application.
Major features of Web 2.0 –
 Free sorting of information permits users to retrieve and classify the
information collectively.
 Dynamic content that is responsive to user input.
 Information flows between site owner and site users by means of evaluation
& online commenting.
 Developed APIs (Application Programming Interface) to allow self-usage,
such as by a software application.
 Web access leads to concern different, from the traditional Internet user base
to a wider variety of users.
Web 3.0 – SEMANTIC WEB
Web 3.0 is based on semantic web. This is a technology, where information and data
are stored in such a way that the computer systems understand them. It may give
birth to a next-gen artificial intelligence. It can lead to a virtual web. With the advent
16 | P a g e
of web 3.0 and virtual games, it is clearly evident that it will discover a new web,
based on a virtual world.
Web 3.0 brings the concept of personal desktop. It gives you the option to save your
data and access it from anywhere in the world. You just need to login to your
account from same browser. It is assumed that web 3.0 allows users to drag and
drop files from their desktop to the internet browser. Several features such as 3D,
seamless animation, high-definition graphics, audio, and video are expected to be
embedded in web 3.0.
Main features that can help us define Web 3.0:
 Semantic Web
The succeeding evolution of the Web involves the Semantic Web. The
semantic web improves web technologies in demand to create, share and
connect content through search and analysis based on the capability to
comprehend the meaning of words, rather than on keywords or numbers.
 Artificial Intelligence
Combining this capability with natural language processing, in Web 3.0,
computers can distinguish information like humans in order to provide faster
and more relevant results. They become more intelligent to fulfil the
requirements of users.
 3D Graphics
The three-dimensional design is being used widely in websites and services in
Web 3.0. Museum guides, computer games, ecommerce, geospatial contexts,
etc. are all examples that use 3D graphics.
 Connectivity
With Web 3.0, information is more connected thanks to semantic metadata.
As a result, the user experience evolves to another level of connectivity that
leverages all the available information.
 Ubiquity
Content is accessible by multiple applications, every device is connected to
the web, the services can be used everywhere.
WEB 4.0 -INTELLIGENT WEB
 It is fourth generation of web
 It is “intelligent”
17 | P a g e




Self -learning
Self-organizing
Connects all devices in the real and virtual world in real time
IoT - IoT encompasses everything connected to the internet, but it is
increasingly being used to define objects that "talk" to each other. "Simply, the
Internet of Things is made up of devices – from simple sensors to
smartphones and wearables – connected together,"
Purpose of worldwide consortium
The W3C (World Wide Web *Consortium) is an international community consisting
of member organisations, full time staff and the public who work together to
develop web standards.
They develop web standards to ensure web accessibility and to ensure that the web
evolves in one direction rather than being split amongst multiple directions by rival
groups.
(*Consortium = an association of two or more individuals, companies, organizations
or governments.)
Purpose of W3C conventions
Web standards are a set of rules that web developers should follow when
developing and choosing file formats for their websites. Of course, anyone can do
anything on the web, but the rules act as a guide to ensure accessibility and
compatibility for all users.
The W3C standards aim to ensure accessibility and compatibility for all users, using
all browsers on all devices.
The Web is fundamentally designed to work for all people, whatever their hardware,
software, language, location, or ability. When the Web meets this goal, it is
accessible to people with a diverse range of hearing, movement, sight, and cognitive
ability.
HTML and CSS
What is HTML?
Hypertext Markup Language (HTML) is the standard markup language used for the
creation, structuring and presentation of web pages, websites and web
applications. Hypertext means machine readable text and markup means to
structure it in a specific format. So, HTML is called hypertext markup language
because it is a language that allows users to organize, improve the appearance of,
and link text with data on the internet. HTML consists of plain text and HTML tags.
The tags instruct the browser how to render (display) the text.
18 | P a g e
W3C sets the standard for the structure and language for a website as HTML, that
means that the web standard for markup languages for websites is HTML. Other
formats are not preferred to ensure web comparability.
What is CSS?
Cascading Style Sheets (CSS) is a style sheet language used for describing the
presentation (e.g. layout, colours, fonts) of a document written in a markup
language like HTML. It describes the style of a HTML document and how HTML
elements should be displayed.CSS is a cornerstone technology of the World Wide
Web, alongside HTML and JavaScript. CSS enables multiple web pages to share
formatting by specifying the relevant CSS in a separate .css file and reduce
complexity and repetition in the structural content. Multiple web pages in a website
will usually by linked to one CSS file controlling the layout, design, colour etc. of
those pages. The CSS standards are maintained by the World Wide Web Consortium
(W3C) and CSS3 is the current standard.
(easy way to remember it for me is, HTML is the structure of the website and the
overall layout, CSS the style of the website)
Graphics
Web graphics are visual representations used on a Web site to enhance or enable
the representation of an idea or feeling. Graphics may Entertain, educate or
emotionally impact the user. Graphics are crucial to strength of branding, clarity of
illustration and ease of use of interface. The use of graphics on Web sites enhances
the experience for users. Different use cases for graphics demand different
solutions:
 Photographs are best represented with PNG – lossless, portable well-compressed
storage, rich color control. PNG is designed for web.
 Line art, data visualization, and even user interfaces need the power of SVG vector
images and Canvas API.
 CSS exists to enhance other formats like HTML or SVG.
 WebCGM meets the needs for technical illustration and documentation in many
industries.
AUDIO AND VIDEO
The terms audio and video commonly refer to the time-based media storage format
for sound/music and moving pictures information. Use of video and audio on
Web sites enhance the experience for users
 Only MP3, WAV, and Ogg audio are supported by the HTML standard.
 The MP4 format is recommended by YouTube
19 | P a g e
ACCESSIBILITY W3C GUIDELINES
Guidelines and resources to help make the Web accessible to people with
auditory, cognitive, neurological, physical, speech, and visual disabilities
Examples of Web Accessibility Guidelines include:
 Alternative Text for Images
 Keyboard Input as an alternative to mouse input
 Transcripts for Audio
INTERNATIONALIZATION
W3C working groups liaise with other organizations to make it possible to use Web
technologies with different languages, scripts, and cultures. Internationalization
comes under the remit of W3C commitment to accessibility and inclusion. You
design or develop your content, application, specification, and so on, in a way that
ensures it will work well for, or can be easily adapted for, users from any
culture, region, or language.
Examples include
 Language options for websites
 Use of Unicode encoded fonts such as Arial, Times New Roman
 Translation options built in that uses translation engines rather than alternative
versions of websites.
 Currency options
 Payment options
MOBILE WEB
Responsive web design takes into account the screen size of web enabled devices.
Over the past years, W3C has developed a number of Web technologies
that explicitly take into account the specificities of mobile devices:
 CSS Mobile, a profile of the cascading style sheet language that matches the need
of mobile Web authors
 SVG Tiny, a profile of the Web’s scalable vector graphics format well-suited to the
capabilities of mobile devices
 XHTML For Mobile, which defines a subset of XHTML for mobile
 The latest generation of mobile browsers are capable of using more advanced
Web technologies, including features from HTML5, CSS 2.1 and 3, a number of rich
JavaScript APIs, opening the way for Web-based mobile applications (including
widgets).
20 | P a g e
Validation techniques for online forms
SERVER-SIDE VALIDATION
Server-side validation is validation which occurs on the server, after the data has
been submitted. Used to validate the data before it is saved into the database. If the
data fails authentication, a response is sent back to the client to tell the user what
corrections to make. Server-side validation is not as user-friendly as client-side
validation, as it does not provide errors until the entire form has been submitted.
However, it is last line of defense against incorrect or even malicious data. All
popular server-side frameworks have features for validating and sanitizing data
(making it safe).
CLIENT-SIDE VALIDATION
Client-side validation is validation that occurs in the browser, before the data has
been submitted to the server. This is more user-friendly than server-side validation
as it gives an instant response. This can be further subdivided: JavaScript validation
is coded using JavaScript. It is completely customizable.
REAL-TIME VALIDATION
Real-time validation is where JavaScript can be used to provide an instant response
to a user action. So rather than having to fill out the entire form and pressing submit,
the user gets an instant response as they are typing so that they can make
immediate corrections if necessary.
One example of real-time validation would be a password strength indicator where
each key stroke triggers the validation and sends a response to indicate to a user
how weak or strong that website thinks the password they have chosen is.
NETWORKS
Types and characteristics of communication protocols
For a network to work correctly it needs to have rules to make the system work.
These rules are called protocols, for example when you type in a web address, it is
the HTTP protocol that is working. A protocol is a set of rules that allow a computing
device to communicate with another computing device. A network standard is an
industry agreed upon standard for the rules that make up protocols
21 | P a g e
A protocol can also be a standard because there is an industry agreed upon set of
rules to use to communicate.
Transmission Control Protocol/Internet Protocol (TCP/IP)
TCP is a popular communication protocol which is used for communicating over a
network. It divides any message into series of packets that are sent from source to
destination and there it gets reassembled at the destination. IP is designed explicitly
as addressing protocol. It is mostly used with TCP. The IP addresses in packets help
in routing them through different nodes in a network until it reaches the destination
system. TCP/IP is the most popular protocol connecting the networks.
Hyper Text Transfer Protocol (HTTP):
It is the standard to transfer hypertext, HTTP is the request, response protocol. A
client requests, yes via typing http... into the web address bar, if the web server can
proceed with the request, ie the web address is correct, it will send the page. If the
server cannot proceed with the request, ie the web address is wrong, it will send an
error page 404 page not found.
Hyper Text Transfer Protocol Secure (HTTPS)
It is the standard to transfer hypertext, but with a secure connection. It is secure
because data passes within a connection encrypted by SSL (secure socket layer). A
web server will authenticate to see if the password, called a digital certificate
public/private key matches, if this key setup matches, it remains secure and you can
get into the webpage.
Wireless Application Protocol (WAP)
WAP is the set of rules governing the transmission and reception of data by
computer applications on or via wireless devices like mobile phones. WAP allows
wireless devices to view specifically designed pages from the Internet using only
plain text and very simple black-and-white pictures.
Some of the advantages of WAP includes:
 simplifies the receipt of internet content to wireless devices
 standardises the way that wireless/mobile devices, such as cellular
telephones and radio transceivers, can be used for internet access, including
email, the World Wide Web, newsgroups, and instant messaging
 enhances wireless specification interoperability
 supported by all operating systems.
22 | P a g e
Types and Characteristics of Communication Standards
802.11x (wireless)
802.11 (sometimes called 802.11x, but not 802.11X) is the generic name of a family
of standards for wireless networking related to Wi-Fi. They form wireless local-area
networks (WLANs). An access point acts as a central transmitter and receiver of
wireless radio signals. Wireless 802.11.x is the Wireless standard to how two
wireless devices use radio waves to communicate with one another.
802.3 (Ethernet)
802.3 is a standard specification for Ethernet, a method of packet-based physical
communication in a local area network (LAN), a LAN is a network of computers and
other electronic devices that covers a small area such as a room, office, or building.
Which is maintained by the Institute of Electrical and Electronics Engineers (IEEE).
In general, 802.3 specifies the physical media and the working characteristics of
Ethernet. Ethernet uses cables to connect devices.
Types of Network Security Measures
Physical Network Security
Protecting your hardware devices from theft and physical intrusion - Corporations
spend large sums to lock their network servers, network switches, and other core
network components in well-guarded facilities.





Lock your servers in a separate room
Use surveillance
Secure the devices within the room
Ensure you have proper ventilation and cooling
Back it up
Password Protection
If applied properly, passwords are extremely effective in improving network
security. A few other best practices in password management go a long way toward
network and device security, too:
 Set strong passwords or passcodes on all devices that join the network.
 Change the default administrator password of network routers.
 Don't share passwords with others unless absolutely necessary.
23 | P a g e
Firewall
A firewall is a network security device/software that monitors incoming and
outgoing network traffic and permits or blocks data packets based on a set of
security rules. Its purpose is to establish a barrier between your internal
network and incoming traffic from external sources (such as the internet) in order
to block malicious traffic like viruses and hackers. Firewalls carefully analyze
incoming traffic based on pre-established rules and filter traffic coming
from unsecured or suspicious sources to prevent attacks. Firewalls can either
be software or hardware, though it’s best to have both. A software firewall is a
program installed on each computer and regulates traffic through port numbers and
applications, while a physical firewall is a piece of equipment installed between your
network and gateway.
IMPACTS OF TECHNOLOGY
Data and information security
Personal Information - Personal information is any information that can be used to
identify you. Personal information could be characterised as belonging to you.
Examples of Personal Information





Address
Date of Birth
Name
Email Address
Phone Number
Sensitive Information - Sensitive information is information that is protected and
should not be disclosed unless under specific circumstances. The Privacy Act defines
sensitive information as "information or an opinion about an individual’s:







racial or ethnic origin;
political opinions;
membership of a political association;
religious beliefs or affiliations;
philosophical beliefs;
membership of a professional or trade association;
criminal record"
24 | P a g e
Purpose of code of conduct
A code of a conduct is a written document that establishes the expected behavior
and standards of employees and acts as grounds for disciplinary action and in
extreme cases, termination where codes have been breached.
Elements of code of conduct
EMPLOYEE WORK HOURS
> Under the Code of Conduct, an employer’s expectation in terms of work hours may
be stated
> At AIC, teachers are expected to be on campus between 8:15am to 3:45 pm
>This would include work breaks
WORK HOURS
> Under the Code of Conduct, work hours accepts a degree of flexibility with ICT
systems.
> ICT can enable workers to work offsite business premises with remote access to
work files and programs.
EMPLOYEE EMAIL USE
> Under the Code of Conduct, email sent using an official company email address is
regarded as official company policy.
> Employees should be careful when sending emails as it gives the receiver written
evidence which could be used to legally enforce contracts or conditions.
>Employees are also refrained from sending inappropriate emails, including but not
limited to offensive emails or defamatory emails about another person.
>Personal emails are allowed to be sent using the business email address as long as
it does not have a significant impact on the productivity of the employee.
>Employees have the right to monitor all communications on business email
addresses.
EMPLOYEE INTERNET USE
> Employees can only use business internet resources for business purposes.
> Employees must not visit websites that could diminish their level of productivity,
websites such as social media, pornography, gambling or online games.
> Employees must also not visit illegal websites.
25 | P a g e
> Employers have the right to monitor all traffic on business internet resources.
> Employees should limit their use of social media to official breaks and it should
never affect their workplace performance
EMPLOYEE PRIVACY
> Employees are allowed a degree of privacy with the right to be trusted when using
business equipment and resources.
> Employees are allowed privacy of confidential and personal information.
> While employers have the right to monitor traffic and activities on ICT systems,
they must also respect the privacy of confidential and personal information.
EMPLOYER'S RIGHT TO MONITOR WORK EMAILS, INTERNET ACCESS AND
PERSONAL USE
> Employers own the business and ICT business resources, including the right to
monitor work emails, internet access and personal use.
> While they have the right to monitor these systems, they should respect the
privacy of personal and confidential information.
> (For example, an employer should avoid opening personal emails and only
checking work related emails).
> Employers have the right to monitor ICT systems as they have the right to:
>Protect the business from legal threats
>Ensure the business reflects a positive reputation
>Ensure workers remain productive
>Protect ICT systems from malware
> Employers however, must consider employee's rights to:
> Be trusted
> Take regular breaks
>Confidentiality of own data
Online censorship in a global context
Internet censorship puts restrictions on what information can be publicized or
viewed on the Internet. Governments and other organizations commonly use
internet censorship to block access to copyrighted information as well as to harmful
or sensitive content. However, internet censorship can also be used as a propaganda
method to promote specific religions and political agendas.
26 | P a g e
Internet censorship is used for protection by
> Preventing individuals accessing copyrighted information.
> Stopping people from viewing harmful or sensitive content.
> Control Internet-related and Internet-communicated crime.
> Monitoring the billions of people on the Internet with varying opinions and
preferences.
> Promote particular religions and political ideas
Forms of online censorship of information
DNS Tampering/filtering: In countries where authorities have control over
domain name servers, officials can “deregister” a domain that is hosting nefarious
content. This makes the website invisible to the browsers of users seeking to access
the site because it prevents the translation of domain names to site IP addresses.
IP Blocking: Governments with control over internet service providers can blacklist
certain IP addresses of websites they do not like. When you request access to a site,
your request is monitored by surveillance computers, which check your request
against a list of blacklisted IP addresses. If you are trying to reach one of these
forbidden sites, the internet service provider will drop the connection, causing it to
fail.
Keyword filtering: IP address filtering only blocks websites that are explicitly
blacklisted. However, there are billions of websites, and new ones are created all the
time, making it nearly impossible to create a fully updated list of sites of forbidden
content. Keyword filtering will inspect website on a per visit basis and scan for
“suspect” keywords.
URL filtering. This mechanism scans the requested Uniform Resource Locator
(URL) string. If the URL includes forbidden terms, the connection will be reset.
Packet filtering/IP address filtering: Packet filters analyze incoming and outgoing
packets and let them pass or not based on the IP addresses of the source and
destination. It can only block communication on the basis of where packets are
going to or coming from – that is, their address – not the actual material of their
contents.
Deep packet filtering: Examines packet contents for banned keywords.
Communication identified as containing forbidden content can be disrupted by
dropping the connection. Users may receive one of a number of error message on
their browsers, none indicating explicitly that they are being censored.
27 | P a g e
Negative impacts of online censorship
> It restricts too much information. It’s entirely possible that real info is blocked
along with fake info, which opens up what you should and shouldn’t restrict/access.
> Who’s to define what is censored and what is not? Are there checks and balances
in place to ensure that what is censored is done so in the best interest of the
community being censored.
> Censors free speech. Internet censorship not only limits the content you can
access but potentially the content you post as well.
> There is a cost. There are human and electronic resources , required to control and
survey Internet users. And this is ultimately at the expense of taxpayers.
Positive impacts of online censorship
> Stop fake news. If more content was closely monitored, it could cut down on the
mass amounts of fraudulent information including false advertising.
> Curb access to harmful activities. The dark web is unchartered territory to the
majority of Internet users, but there are sites that are shockingly easy to find that
are dedicated to illegal acts
Issus with the use of cloud computing
“Cloud computing is the delivery of computing services – servers, storage,
databases, networking, software, analytics and more – over the Internet“
Availability of Online Applications
> The more online applications we have, the more online data we have.
> 10 years ago there were hardly any online applications. Now we have 1000s to
choose from.
> We can use online applications such as social networking to keep in touch with
family and friends.
> Business can choose from 100s of online storage applications.
> The more that data is stored online, the more opportunity for criminal activity
such as theft and fraud.
Level of Accessibility
> Access to the data, means who can get to the data.
> Is it a matter of going to a website and collecting the information.
> Do you need to log in to get the information?
> Google docs uses the login method. So does Facebook, Twitter and many more.
> The more valuable the data is, the more care needs to be taken to keep it safe.
28 | P a g e
> We need to train people to have secure passwords, and to consider unauthorised
access as a way of cloud life.
> Businesses need to consider reliable and secure cloud computing services, if they
were to go down this road.
Confidentiality of Data
> If your data is saved on your home computer, you know it is relatively safe.
> If your data is saved in the cloud, you don’t know if it is safe or not.
> It is the same with business. If stored locally, they know it is mostly safe.
> If business store in the cloud, then there are many questions that can be asked.
> Is the data safe from unauthorised people looking at it and possibly using it?
> The Cloud Service Provider (CSP) may analyse client data.
> Hackers may get into the data and analyse it for business secrets and the like.
> People need to consider where they place confidential or secret data.
>Businesses need to consider if the cloud storage solution they are using is secure
or not.
Sensitivity of Documents
> Data stored in the cloud is important.
> Some are more important than others.
> For example the secret business plans for Holden’s latest model car.
> Patient records for hospital systems are sensitive and their storage needs to be
different from that of a blog post for kid writing about his BMX race on the
weekend.
> The more sensitive the document, the more care needs to be taken to keep it safe.
Impacts of Digital Technologies and global markets on;
Productivity:
> Global markets provides more opportunities for consumers.
> Technological improvements in farm machinery, mean that farmers can buy
tractors that can be driven remotely to seed or plough a paddock.
> Improvements in educational opportunities via online learning improves the
productivity of graduates from universities.
> Improvements in medical diagnosis equipment such as a MRI, means improved
productivity for the health industry.
29 | P a g e
> Digital analysis of business statistics can point out areas where costs can be made
and where cutbacks should occur.
> Computer analysis of production samples can assist purity for minerals such as
gold and iron ore assisting productivity.
> Computer analysis of DNA in police forensics is advancing so that criminals can be
caught and bodies identified which has improved policing productivity
Access to Knowledge or Resources
Access to learning:
> 24/7 access to university and courses online, cheaper method of getting a degree,
less travel,
> 24/7 access to students in schools via school extranets, improved results with
constant feedback for improvement opportunities
> 24/7 access to information on a plethora of topics. We now have access to all past
and present knowledge at our fingertips.
> This makes for a more informed society
> There is also a devaluation of knowledge
Access to entertainment:
> 24/7 access to movies on demand, is there uncontrolled viewing for young kids
watching the wrong thing
> Can lead to indolence
> 24//7 access to online games. Will this lead to lack of concentration in class
Access to work
> 24/7 access to work extranets
> 24/7 access to work cloud storage is convenient, but there are privacy concerns
> 24/7 access to emails and work from home may affect work/life balance
Access to online purchasing:
> 24/7 access to ebay and gumtree style of websites
> 24/7 access to a plethora of items for purchase.
> The long tale with more niche products
> Harder to return items.
Access to family and friends:
> 24/7 access to social networking to share news and events.
> Improved communication for families
> Cyber bullying and social media addiction are issues
30 | P a g e
Outsourcing:
> Outsourcing is getting other companies to do some of a company’s normal
business activity.
> Improvements in digital technologies and availability of global markets assist this
to happen.
> For example, Telstra, Optus and many other companies have outsourced a lot
of customer support off shore.
> An impact of this is that local jobs in Australia are lost.
> Security of company details could be lost off shore.
> Privacy laws in Australia are not relevant in other countries so privacy is a
large issue.
> Quality control of services is up to the whim of the company conducting the
outsourcing.
> Company projects could be copied and sold on as their own causing copyright and
licensing issues.
> The reputation of the company is in the hands of a different company
PROJECT MANAGEMENT
Concept of service level agreement
Service Level Agreements are a contract between a service provider and a user of
the service (ie the customer), that defines the expected quality of services to be
provided by the service provider.
> The SLA may address several areas including the availability of the service, the
performance of the service, how it will operate, priorities, responsibilities of
involved parties, guarantees and warranties.
> As well as defining key areas, the Service Level Agreement may also specify a level
of service, including targets and a minimum level that can be reached.
SLA – PURPOSE:
It is as important to have an SLA as it is to have a contract for business
arrangements of all types as it constitutes a single document that contains the terms
of the agreement as understood by both parties.
> Defines the customer’s needs and wants
> Provides a framework of understanding between the supplier and consumer
> Simplifies complex issues with supply of the service
31 | P a g e
> Reduce areas of conflict between supplier and consumer
> Encourages dialogue in the event of disputes
> Eliminates any unrealistic expectations from either party.
Features of SLA
Availability of services
This section of the Service Level Agreement outlines the period of time the services
will be provided and the quality of service to be provided, including outlining any
downtimes such as those from routine maintenance, planned outages or unplanned
outages. This indicates the amount of time/window of time that the services
managed by the outsourcer are available, ranging from online application
availability to delivery of reports by a specified time of day. Measures can be
reported positively or negatively and usually incorporate some level of tolerance
(for example, online application availability 99 percent of the time between the
hours of 8:00 am and 6:00 pm).
Types of services
Customer Service Level Agreement
A customer service level agreement is a contract between a service provider and an
external customer. An external customer is someone who receives services in
exchange for money.
Customer Service Level Agreements often outlines support services to be provided
to the customer such as help desks, email/phone/online support.
Internal Service Level Agreement
An internal service level agreement is a contract for an internal customer, that is
someone who works in a different department of the same organisation.
An Internal Service Level Agreement outlines the expected quality of services to be
received by an internal service provider and outlines items such as response times.
Vendor Service Level Agreement
A vendor service level agreement is a contact between a service provider and a
vendor. A vendor is someone who provides service to the company.
For example, you could hire someone to provide ICT support and guarantees uptime
of ICT services.
32 | P a g e
Advantages of local and global outsourcing compared with in-house
WHAT IS OUTSOURCING
> Outsourcing is an arrangement in which one party provides services for another
> Traditionally these services may have been provided in-house (within the
company).
In-house (sometimes called insourcing)






If a company is to make a product (or service) it will need employees to do it.
Employees need to be paid a minimum wage.
Employees need holiday pay.
Employees need long service leave (in Australia)
Employees need sick leave.
All of these costs add up, so some companies don't produce things in-house
anymore. They outsource.
OUTSOURCING VS. IN-HOUSE:
Local
> Outsourcing locally can be beneficial to both the business and the local economy.
> By outsourcing services the company will get expertise whilst also fostering
employment locally
Global
> Outsourcing globally can mean that you get a wider range of expertise.
> It can also be cheaper to outsource a job/service overseas as wages are lower in
those countries.
Advantages of Local Outsourcing
 Cost efficiencies - Outsourcing producers could have significantly larger
production facilities or more specialised equipment to lower the unit cost of
production
 Mass production - Outsourcing can produce large output demanded by
businesses. Producing large outputs reduce the unit costs of production.
33 | P a g e
 Greater focus on core business areas - eliminating focus on manufacturing
aspects of their business, businesses can dedicate more resources to
increasing client relationships, marketing and research and development.
 Eliminates required investment in infrastructure and technology - in addition,
businesses do not need to constantly upgrade equipment and can get access
to the latest manufacturing equipment
 Access to skilled workers - eliminates the need for businesses to recruit and
train employees
Advantages of Global Outsourcing
In addition to the above benefits of local outsourcing, global outsourcing also offers
additional benefits including:
 Lower company tax rates - businesses may be able to save money by
producing elsewhere to take advantage of lower company tax rates such as
Ireland at 12.5%, Germany at 15%, Cambodia at 20% while Australia's
company tax rate is 30%
 Lower regulation and red tape - other countries can have significant less
barriers to production. For example, outsourcing can avoid strict
environmental, planning and employee regulation.
 Lower wage costs - Australia has relatively high minimum wages.
Outsourcing can take advantage of lower wage costs in developing countries.
DRAWBACKS OF OUTSOURCING
> Risk that outsourcing supplier will fail to meet quality standards or otherwise not
deliver
> Potential loss of expertise from the business
> No guarantee that costs will be lower
Advantages of In-House Production
 Greater quality control - the business is able to examine the quality of the
manufacture of goods or providing of service.
 Easier customisation - the business is able to easily modify production to suit
special orders or request by customers. Outsourcers may have difficulty
understanding the client requirements of special orders.
34 | P a g e
 Greater volume production control - the business can easily adjust its volume
of production in accordance to demand. If there is low demand for a product,
the business can easily decrease production whereas outsourcing could be
contracted to a fixed volume.
 May be cost effective at small volumes
 No transportation delays - businesses have to wait for outsourced production
to arrive at the business which is especially long for global outsourcers
 Lower shipping and distribution costs
Purpose of Outsourcing data management
Data management consists of the entry and policies of the storage of valuable data.
Why do Businesses Outsource Data Management?
 Save on costs - global outsourcing of data management leads to lower costs
but achieves the same purpose.
 Eliminate investment on infrastructure and technology - businesses will not
need to invest in data management technologies and eliminates the need to
constantly increase expenditure on acquiring latest data management
systems. Outsourcing provides access to the latest data management systems.
 Saves on ICT costs in managing data in-house - eliminates cost for support,
hardware and software of data management
 Saves on physical space
Evaluating Digital Solutions for Usability
How can you evaluate a digital product?
 Surveys - ask for user's opinions about the use of an ICT product by filling out
a survey. The survey can be used to gather analytics about areas of ICT
product that are liked and disliked and any comments or recommendations.
The survey results can then be used to refine an ICT product to meet the
needs of its users.
 Self Reflection - the creator of an ICT product could critically evaluate aspects
of an ICT product for usability, noting down any areas that could be refined
and improved.
35 | P a g e
 Client Feedback - the creator of an ICT product could ask the client to
evaluate the product, noting down any areas where features can be added or
removed. The ICT product can then be refined to suit the client's needs.