Week Six Final Exam Brian D. Harvey CMIS-1002-3 Information Technology Infrastructure Walden University August 27, 2010 / Week Six Professor Mark Cohen FINAL EXAM 2 Index Index ........................................................................................................................................ 2 Abstract .................................................................................................................................... 3 Item One: Decision Making Technologies .............................................................................. 5 Item Two: Freedom Of Speech ............................................................................................... 7 Item Three: Blacklists .............................................................................................................. 9 Item Four: Software Risks? ................................................................................................... 10 Item Five: Cloud and Grid Computing .................................................................................. 12 Item Six: Government Control and Citizens Rights .............................................................. 14 References: ............................................................................................................................ 16 FINAL EXAM Abstract A question and answer discussion of the subjects required to be covered from the Walden University Week Six Final Exam. Subjects to be addressed: 1. Many organizations try to improve their decision making with technology. Which of the technological approaches mentioned in the textbook do you believe is the most promising? How important is it to keep people involved in decision making? 2. Science and technology frequently raise difficult and unanticipated social, ethical, and legal issues. The textbook cites the tension between expectations of privacy and the freedom of information, freedom of speech, and freedom of the press (p. 476). Suppose that person “A” is posting derogatory information about person “B” on the Internet. Do you believe that A’s privacy or B’s freedom of speech is more important? In other words, should A be able to stop B’s postings? Why? Would your answer be different if the information being posted were not public knowledge? How about if it were untrue? Suppose B is posting anonymously. Should A be able to compel disclosure of B’s identity? Justify your responses. 3. Organizations like Spamhaus attempt to “blacklist” Internet addresses that have been or could be used for spamming, phishing, or other antisocial Internet behavior. Blacklists are far from perfect. Innocent users may be blacklisted, and some spammers are overlooked. Compare the benefits and drawbacks of blacklist filters. What other ways can you or an organization lessen the harmful effects of hackers, scammers, or other hostile entities? You may include a personal experience or that of someone you know. 4. It has been claimed that "If builders built houses the way programmers built programs, the first woodpecker to come along would destroy civilization" (Gerald M. Weinberg, Weinberg’s Second Law). If this is true, then software should be banned where health, safety, or finance are at risk. Discuss. 5. Discuss positive and negative ways in which concepts such as grid or cloud computing and software services, such as salesforce.com, are likely to affect organizational information systems and IT departments. 3 FINAL EXAM 4 6. Activities on the Internet often run counter to governmental policy or law. Identify two recent situations—one in your home country, the other from anywhere else—and analyze what sanctions the government invoked. How successful were they? What was the public reaction at home and abroad? What do you feel would have been the government’s best course of action? FINAL EXAM 5 Item One: Decision Making Technologies The first question we are asked to discuss in our final exam is that “many organizations try to improve their decision making with technology. Which of the technological approaches mentioned in the textbook do you believe is the most promising? How important is it to keep people involved in decision making?” My answer to this question is, to question the validity of the question. Why must we choose one approach over another? All have validity and important input and possible solutions. For example, a company with computer experts on staff who know the software language and program, make it easy for a company to change or expand a custom-made information system, Should those same companies desire, there are many ready-made programs that can fulfill some or all of a company’s needs. An example of this is “QuickMeasure from San Diegobased Tally Systems, build on what is already known about a mainstream program, such as Excel. This program links the input from a roll-up vinyl digitizer and pen directly to the Excel spreadsheet.” (Klemens & Reband, 2010) Health technologies are another example where various technology solutions can coexist. For hospitals such as Baptist Healthcare, they utilize PIXIS to control dispensing of medication. They also use a program called PHAMIS to control patient data and information retrieval. A report from EOCD even states in its executive summary that “health-care systems play an important role in determining how decision makers use the information provided through FINAL EXAM 6 health technology assessment. This chapter looks at how three OECD health-care systems (Canada, Mexico and Australia) are dealing with the challenge of effectively adapting and incorporating HTA into their respective decision-making structures. Whilst the approaches differ markedly, each country’s efforts are anchored to the institutional, organizational and cultural features of the health-care system.” In conclusion to Part One I would submit that the most effective technological approaches are those that do not overburden a company or service with unneeded components, do not attempt to force the service to adapt applications or hardware to their existing services or needs simply to increase profitability. For reference I submit Microsoft and its Office product which have, and do force users to find either compatibility products, or attempt to integrate their existing data sources to fit into its product. FINAL EXAM 7 Item Two: Freedom of Speech Another question posed by Walden University for our final exam is that “science and technology frequently raise difficult and unanticipated social, ethical, and legal issues. The textbook cites the tension between expectations of privacy and the freedom of information, freedom of speech, and freedom of the press (p. 476)”. We are then provided with a scenario where one person is posting derogatory information about another person on the Internet. We are asked to decide whether person A’s privacy is more important than person B’s freedom of speech is more important and if A should have the right and power to stop B from posting their comments. The question further deepens the question by adding in such factors as; what if the information being posted were not public knowledge; what if it were false? If person B is posting anonymously does A have the right to demand the release via legal or non legal methods? Through research into current and previous law, I’ve found that there is a great deal of precedence to address both sides’ rights. For example the Administrative Office of the Judiciary referenced a case Hazelwood v. Kuhlmeier (1983) which indicates that there is a right for a school to edit content of school newspapers. If Person B were a student or staff member working as an authorized member of the journalism staff they would be required to ensure that what is being posted is accurate or it could be open to editing or censure. The essential facts were that the “principal of Hazelwood East High School edited two articles in the school paper The Spectrum that he deemed inappropriate. The student authors argued that this violated their First Amendment right to freedom of speech. The Supreme Court disagreed, stating that administrators can edit materials that reflect school values.” (US Judiciary) FINAL EXAM 8 While the above does not deal specifically with the Internet, it does show a general leaning of the legal system towards control of what is allowed to be published. I also ran across information that there is an initiative which would even further protect Person B and their anonymity. The rule under consideration would close down access to Pacer and other Federal Court databases. The result of this would force attorneys and information seekers to perform a great deal more research to gain the same information provided by Pacer. One of the premier watchdogs of the Internet is the Electronic Frontier Foundation. They regularly support and provide information and counseling in any aspect of privacy or user rights via electronics means. . My personal feeling is that our freedom of speech, and the active expression of that right are of paramount importance to keep situations such as the National socialist Movement of the 1940’s (the Nazis), and even the McCarthyism of the 1940’s and 1950’s here in the U.S. IT is rather easy to locate and produce evidence of fraud or of lying when required and Person A might actually have something they wish to keep hidden that needs to be known. Consider the old axiom “There is always a grain of truth in any lie”. FINAL EXAM 9 Item Three: Blacklists Item Three states”organizations like Spamhaus attempt to “blacklist” Internet addresses that have been or could be used for spamming, phishing, or other antisocial Internet behavior. Blacklists are far from perfect. Innocent users may be blacklisted, and some spammers are overlooked. Compare the benefits and drawbacks of blacklist filters. What other ways can you or an organization lessen the harmful effects of hackers, scammers, or other hostile entities? You may include a personal experience or that of someone you know”. Some of the simplest methods for reducing security risks within a company are to implement security policies such as not allowing attachments to e-mails or if allowed they must conform to such patterns as PDF documents which historically have been safe from viruses and provide a secured document that can be protected from modification. Also requiring complex passwords of at least 8 characters, multiple letters and numbers or symbols etc.. The most important deterrent is to educate employees and clearly state the expectations and potential consequences for failure to comply. FINAL EXAM 10 Item Four: Software Risks? It has been claimed that "If builders built houses the way programmers built programs, the first woodpecker to come along would destroy civilization" (Gerald M. Weinberg, Weinberg’s Second Law). If this is true, then software should be banned where health, safety, or finance are at risk. Discuss. I disagree with this statement. Current programming standards and guidelines have changed the old ways of writing circuitous programs that only the programmer could figure out. The original reasoning was that if only “I” knew how a program was constructed or compiled, then I would then have a way to either obtain or keep a job, OR I would have the ability to hold a company hostage in order to recover or access their data. In fact in my school district we still have a program called PFIS which is used by the athletics department to track medical information of the players. We have began to force them to switch to an Access based system that is user friendly and will allow us to remove this obsolete program. As a side note, the company that designed the software has not existed since 1988. Additionally there are many new Federal and State laws that ensure that programmers provide documentation and in some cases even the source code used to compile their programs. In addition there are specific regulations to combat many different forms of computer fraud theft, etc. Among these are the 1994 Computer Fraud and Abuse Act which helps address how a computer is used for the crime rather than the actual hardware used. Another is the National Information Infrastructure Act (NIIA) of 1996 to encompass unauthorized access to a protected computer system without authorization. After NIIA was passed, it became illegal to even view FINAL EXAM 11 information on a computer without authorization. There is also the Economic Espionage Act of 1996 and was created to stop to trade secret theft. Thus I restate that this “belief” is archaic and has no true bearing on how computer software operates in this day and age. FINAL EXAM 12 Item Five: Cloud and Grid Computing Discuss positive and negative ways in which concepts such as grid or cloud computing and software services, such as salesforce.com, are likely to affect organizational information systems and IT departments. Cloud computing refers to the use of a third party network space that is rented for a prearranged fee for the express purpose of storing critical information that needs full time access. The supplier owns the hardware, such as servers, storage arrays and routers and you own the intellectual property also known as the data. This has many positive and negative effects. Positives include your company not having to invest in expensive servers and storage arrays such as EMC’s Clarion. The typical savings on the hardware is usually in the fifty to two hundred thousand dollar range or higher. For software, licenses and backup routines this can grow to millions of dollars. Negative aspects include an inability to control server maintenance and system shutdowns caused by or in part by, the hosting company. Using a third party company to host your data also leaves issues of security as we have seen repeatedly as credit card companies report user records being stolen by hackers.. There is also the issue of local control and security. While many companies have been licensed and bonded, this is of little comfort if you have a prototype design stolen that has taken years to develop. Given a choice of using a Cloud based network or not; I would choose to host and operate my own network, even at a higher cost in money or labor. FINAL EXAM 13 Grid computing is essentially nothing more complex than a group of computers or servers working together to provide the same or greater processing power as often found in modern super computers. This is one of the main positive factors of this type of computing. A negative aspect of using Grid based computing is the potential for violation of international or territorial laws or import / export restrictions. This can usually be avoided by the use of explicit rules and regulations and governance by an oversight committee from the country(s) to be operated from. There is also the need for having the proper licensing across the whole network / domain. The overall impact of these types of systems on IT staffing can be overwhelming in both a fiscal manner as well as an emotional / morale mode. Consider that through the use of Cloud computing you may end up reducing staffing needs which will eliminate jobs. This can result in morale issues among remaining employees. Such thoughts as “Will I be next” or, “Is my job safe?” become common concerns. The use of Grid based computer systems can increase the number of employees and drive the overall business costs higher. This can cause unrest or concern among stock holders and investors which can result in a loss of potential operational capital. FINAL EXAM 14 Item Six: Government Control and Citizens Rights Activities on the Internet often run counter to governmental policy or law. Identify two recent situations—one in your home country, the other from anywhere else—and analyze what sanctions the government invoked. How successful were they? What was the public reaction at home and abroad? What do you feel would have been the government’s best course of action? As several fellow students have pointed out, one of the greatest examples of failure to follow government law and policy has to be the Patriot Act. The bill effectively gave our government a “carte blanche” in many ways to circumvent our laws. Examples are the use of wiretaps without having to obtain court authority first, or rather; there is a specialized “review“to determine the legality. There is also the ability to detain a person simply because they have a name that is on a “target list” or because of ethnicity. There is also the “right” to detain and deport immigrants purely on grounds of suspicion. It also has allowed the expansion of the definition of what domestic terrorism is. In several cases in the news recently the fact a group protested a decision by a state government was considered a potential terrorist act because some fringe members looted a business and the group did not have a permit to assemble. There have also been many changes in holding requirements and interrogation techniques. Which brings me to the second example of how laws have been circumvented; Torture is considered illegal and is banned by most civilized countries. In order to get around this the United States had members of its Foreign Service relocate suspects and then used techniques such as water boarding which are illegal. The justification was that they got a lot of effective FINAL EXAM 15 information from the prisoners that resulted in stopping several plans to create terror acts. At what point do we exchange our humanity and social responsibility and do as we wish. If one follows this line of thinking then anarchy is not far off. The publics opinion on both of these items was mixed with some still feeling the shock of September 11. Overall there was a feeling of discontent for the use of torture, and a rising unpopularity of many of the sections of the Patriot Act. FINAL EXAM 16 References: O’Brien, James A. and Marakas, George M. (2008). Introduction to Information Systems. McGraw-Hill: Boston, New York. Klemens, Tom & Reband, Pat (2004) Masonry Construction, Retrieved August 27, 2010, from http://findarticles.com/p/articles/mi_m0NTA/is_2_17/ai_n6079928/ The OECD Health Project (2005) Health Technologies and Decision Making. OECD Publishing, Retrieved from http://www.oecd.org/document/55/0,3343,en_2649_34537_35589431_1_1_1_1,00.html Administrative Office of the U.S. Courts on behalf of the Federal Judiciary. Retrieved from http://www.uscourts.gov/EducationalResources/ConstitutionResources/LegalLandmarks/Lan dmarkSupremeCourtCasesAboutStudents.aspx