This is Assignment on Information System Managemen

In this Assignment you have to choose one case study and answer the quistion.

Unformatted Attachment Preview

Don't use plagiarized sources. Get Your Custom Essay on
This is Assignment on Information System Managemen
Just from $13/Page
Order Essay

Information System Management (COMP 1006) – Fall – 17 –CW2 (Case Study)-All – QP
In Semester Case Study
and Presentation
Module: Information System Management (COMP1006)
Level: 2
Submission Date: 13 Week
Max. Marks: 100
Learning Outcomes:
1. Formulate the business rationale for an information system.
2. Explain how organizations’ can be managed better by intelligent use of information systems.
3. Understanding information system security and reliability of the organization.
You are given 5 case studies. Choose any one of them and answer questions at the end of the chosen case
study. Each case study has 5 questions, each one carries 15 marks. Every student should submit work
proposal related to his/her case study till the end of 10th week (16th December 2017, 11:59pm). For
more information about marks, please consult marking grid at the end.
1. Wyoming Medical Center, Los Angeles County, and Raymond
James: End-Point Security Gets Complicated
Users say protecting network end points is becoming more difficult as the type of endpoint devices—
desktops, laptops, smartphones—grow, making security a complex moving target. The problem is
compounded by the range of what groups within corporations do on these devices, which translates into
different levels of protection for classes of users on myriad devices. “Deciding the appropriate device
defense becomes the No. 1 job of endpoint security specialists,” says Jennifer Jabbush, CISO of Carolina
Advanced Digital consultancy. Depending on the device and the user’s role, end points need to be locked
down to a greater or lesser degree. For instance, Wyoming Medical Center in Casper, Wyoming, has four
classifications of PCs: “open PCs in hallways for staff use; PCs at nursing stations; PCs in offices; and PCs
on wheels that move between patient rooms and handle very specific, limited applications,” says Rob
Pettigrew, manager of technical systems and help desk for the center.
Comp (1006)
Page 1 of 20
Information System Management (COMP 1006) – Fall – 17 –CW2 (Case Study)-All – QP
Pettigrew is deploying Novell ZenWorks to 850 of the center’s 900 PCs in order to make sure each
class has the right software. With 110 applications and 40 major medical software systems, that makes a
huge matrix of machine types and restrictions to contend with, he says. In addition, physicians in
affiliated clinics can access via SSL VPN (a kind of VPN that is accessible over Web browsers), but they are
limited to reaching Web servers in a physician’s portal, which is protected from the hospital data
network. Some Citrix thin clients are also used to protect data from leaving the network but overall the
strategy for unmanaged machines is a work in progress, Pettigrew says. “We’re hoping to get more help
desk to deal with the external physicians,” he says. One concern that can be addressed by endpoint
security is data privacy, which is paramount for the Los Angeles County Department of Health Services in
California, says Don Zimmer, information security officer for the department. He supports about 18,000
desktops and laptops and operates under the restrictions of Health Insurance Portability and
Accountability Act (HIPAA) regulations. “That means disk encryption,” he says. “If it’s not encrypted and
there is a breach, then we have to start calling people,” he says.
To avoid violating patients’ privacy and a loss of public trust, the department encrypts the drives
of all the PC end points with software from PointSec. Equally important is keeping sensitive information
off movable media that can plug into USB ports. The department uses Safend’s USB Port Protector
product that either denies access to sensitive documents or requires that they be encrypted and
password-protected before being placed on the removable device. Everyone’s talking about the insider
threat. But protecting data can’t supersede the requirement to give users the access they need to do
their jobs—otherwise, soon you’ll have neither business data nor employees to worry about. Striking a
balance between access and protection isn’t easy, however.
In an InformationWeek Analytics/ endpoint security survey of 384 business
technology pros, 43 percent classify their organizations as “trusting,” allowing data to be copied to USB
drives or other devices with no restrictions or protective measures. Still, IT is aware of the need to move
from a stance of securing end points to assuming that laptops and smartphones will be lost, good
employees will go bad, and virtual machines will be compromised. Instead of focusing on end points, let
fortifications follow the data: Decide what must be protected, find out everywhere it lives, and lock it
down against both inside and outside threats, whether via encryption, multitier security suites, or new
technologies like data loss prevention (DLP). DLP suites combine network scanning and host-based tools
to collect, categorize, and protect corporate intellectual property. These products can maintain an archive
of data and documents, along with associated permissions by group, individual, and other policies. They
then actively scan internal networks and external connections looking for anomalies. This takes data
protection beyond perimeter or endpoint protection; DLP facilitates internal safety checks, allowing
“eyes-only” data to remain eyes only and minimizing the risk that sensitive data will be viewed by the
wrong folks, even in-house.
Zimmer says he is looking into DLP software as well that can restrict the access individual devices
have to data. Although the technology can be effective, it also requires that businesses locate and classify
their data so they can set policies surrounding it—a job that can seem insurmountable, depending on
how data have been stored. For Pettigrew, this means finding the 5 percent of sensitive data stored
outside the medical center’s electronic medical records system. Rather than deal with many vendors for
specific endpoint protection products, some businesses opt for endpoint security suites, such as those
that evolved from the antivirus roots of vendors, including McAfee and Symantec.
Sam Ghelfi, chief security officer at financial firm Raymond James, opted for Sophos’s Endpoint
Protection and Data Security Suite, which offers firewall, antivirus, data loss prevention, antispyware,
encryption, and network access control (NAC). The company wants tight control over the Web content
that is available to users to minimize the malware coming in via basic Web browsing. The company uses a
Comp (1006)
Page 2 of 20
Information System Management (COMP 1006) – Fall – 17 –CW2 (Case Study)-All – QP
Sophos Web proxy that filters sites based on reputation, but also the content that sites return. Mobile
devices that could contain confidential company information are disk encrypted, again using Sophos
agents. If a device is lost or stolen, the encryption key is wiped out, making it impossible to decrypt the
contents of the hard drive. Ghelfi says he believes in personal firewalls on individual machines because
they can stop groups of devices from talking to other groups. “Centrally managed, they can reveal
network traffic patterns,” he says. He doesn’t use all of the features of the Sophos suite, though. For
instance, he is just getting around to implementing NAC to let unmanaged guest machines get on the
network but still minimize risk that they are infected. That will clear them based on authentication, access
method and type of machine, but for contractors that require access to the main network, he also insists
that they install the Sophos suite. Other unmanaged machines, such as those of guests, are allowed
access only through a dedicated wireless network that leads to a limited set of servers in a network
segment flanked by firewalls, he says. “Such endpoint security suites can be attractive
financially,” Jabbusch says, “because customers can wind up with reduced agent, license and support fees
and less management overhead.” There may be a certain amount of convenience if customers decide to
layer on more applications within a suite. The newest class of devices—smartphones—is presenting
ongoing challenges as organizations figure out how to deal with them. Particularly dicey is whether to
allow employees to use their personally owned devices for business and to access the business network.
The jury is still out, at least among state government chief information officers. A recent survey by the
National Association of State Chief Information Officers says that of 36 states responding to a survey, 39
percent say they allow personal smartphones if they are protected by state security measures. Twentyseven percent say they don’t allow personal smartphones on their networks, 17 percent say they are
reviewing state policy, and 17 percent say they don’t have statewide control—each agency sets its own
policies. A separate Forrester Research survey says that 73 percent of businesses surveyed are at least
somewhat concerned about smartphones being authorized for business use.
According to DeviceLock, its survey of more than 1000 IT professionals found that fewer than 40
percent of respondents said yes to the question: “Have you taken any steps to secure your business
against the security threat posed by iPhones? “Analyzing the responses by region, researchers found that
only 25 percent of respondents in North America and Western Europe said yes to the question,
suggesting this is a “back burner” security issue, says the endpoint data leak-prevention
specialist. Jabbush says the type of smartphone is a factor. “I can’t imagine allowing an iPhone,” she says.
“A BlackBerry is somewhat better” because BlackBerries have a management infrastructure and the
devices can be locked down to corporate policies. Mobile device security is one of those areas that should
get more attention. However, it is likely that this topic will remain buried—until a lost or stolen iPhone
leads to a visible and costly security breach.
1. Explain why the endpoint security is not so much successful in business organizations. What should be
the option for companies to overcome this issue in order to save their data and information? Describe the
issues and their solutions in detail with appropriate examples. Support your answer with valid points.
2. Due to vulnerable nature of end-point security, the business organizations have adopted alternative
approaches to endpoint security. Identify and explain the most common approaches used by
multinational companies in 2014. Support your answer with at least 3 examples.
Comp (1006)
Page 3 of 20
Information System Management (COMP 1006) – Fall – 17 –CW2 (Case Study)-All – QP
3. The business organizations come across new challenges to implement appropriate security measures
in their information systems. Identify and explain the possible security challenges and their effects which
any business organization may face in 2015. Support your answer with examples.
4. Some analysts argue that employees should be allowed to use mobile phones on organizations’
network while some analysts do not favour this point of view. As a student which point of view you
support, explain your answer with appropriate points.
5. Go online and find out which security technologies will be popular in 2015 for multinational companies.
Explain your answer in terms of advantages, disadvantages, information system security and privacy.
2. DLA Piper, MetLife, PepsiCo, and Others: Telepresence Is Finally
Coming of Age
Sprawling international law firm DLA Piper has upgraded from videoconferencing to telepresence, which
will save the firm nearly $1 million per year in reduced travel costs and lost productivity. The
conferencing gear that simulates across-the-table meetings has “a provable and achievable return on
investment over five years, and may actually pay for itself before then,” says Don Jaycox, CIO of DLA Piper
U.S. This involves an “immersive video experience,” or technology that provides high-end, high-definition
visual and audio communications in a completely integrated environment. The goal is to make anyone
involved in these meetings feel as if they’re actually in the room with the other meeting participants,
regardless of where everyone is physically based. “Rescheduling half the firm’s in-person board meetings
as telepresence conferences and relying on at least two attorneys per week to use telepresence rather
than travel accounts for significant savings when lost productivity for travel time is factored in,”
says Jaycox. “If I look at my total telepresence project cost, which includes equipment, room construction,
implementation services, maintenance contract, financing costs, etc., then amortize that over the
expected five-year life of the system, it works out to be just a hair under $500,000 per year for our six U.S.
sites,” he says. “Our early experience suggests that a more accurate number of avoided trips is closer to
four or five per week, so the $970,000 projection almost certainly underestimates our actual savings,” he
notes. The sites were selected so they put 80 percent of the attorneys within a one-hour drive of
a telepresence room.
Jaycox says he has observed attorneys working together via telepresence conferences, and he was
struck to see two workgroups formed at either end of the telepresence table, just as they might be if they
were all working around the same physical table. “You had the sense all these people were in the same
strategy room,” he says. With the economy in a downturn, it’s no surprise that companies have been
slashing travel budgets. But at MetLife, officials say the focus is also on employees’ quality of life, keeping
them home as much as possible. As a result, the insurance giant has recently made a big push
into telepresence technology.
MetLife is using Cisco Telepresence in three dedicated conference rooms in Chicago, New York,
and New Jersey, and soon plans to expand to other offices nationally and internationally. “Instead of
having to take people away from their families, you walk down to the room and turn on the lights and
have your three-hour meeting and it’s extremely effective,” says Anthony Nugent, executive vice
president of employee benefits sales. He regularly uses telepresence to communicate with his direct
Comp (1006)
Page 4 of 20
Information System Management (COMP 1006) – Fall – 17 –CW2 (Case Study)-All – QP
reports in Chicago and Somerset, New Jersey, and the clarity is so good that he says with a laugh,
“Everyone jokes around that they can reach a Coke across the table” from one location to another.
MetLife has seen a direct cost savings as well as better employee time efficiency and a way to help
the company meet its “green initiative” goal of reducing its carbon emissions by 20 percent this year, says
Nugent. The company finished its initial telepresence rollout a year ago and hasn’t yet determined an
exact savings, but Nugent estimates the use of the systems will provide double-digit ROI in travel savings
alone. At MetLife, the three Cisco telepresence systems cost just under $1 million to install, according to
Paul Galvin, vice president of enterprise services in the information technology group. Nugent says he
uses both videoconferencing and telepresence, depending on his needs. Videoconferencing is a better
choice for one-on-one situations, such as “if someone is going to do a quick presentation to me,” he says,
but telepresence is
participants are
offices. Telepresence gives him face-to-face contact with a broader group, “So it allows me to get to know
people better,” Nugent says. He runs an organization with people based all around the country and used
to require that his direct reports come to New York for quarterly reviews. Now they can stay in their
offices and he can discuss business with a wider range of employees. “Using telepresence allows me to
see and virtually interact with more people on my team instead of just my direct reports,” says Nugent.
“When we use telepresence for meetings, people who wouldn’t normally be asked to travel to New York
have the opportunity to make presentations and get valuable exposure to executive management. It
really facilitates face-to-face interaction with a broader cross-section of employees on an economically
efficient basis.” MetLife is considering putting a telepresence system at a business processing plant in
India to avoid having employees fly over to see it. The company is also looking at ways to
utilize telepresence with salespeople across the country. The idea is to have as many people using the
system as possible, Nugent says. “Flying out of Boston for a meeting when I was 20 sounded great, but
the sales pitch I always give is we’re respecting the time of the employee,” he says. “So if we can give a
person the effectiveness of being there and then be home with his family, it’s two wins.” PepsiCo is
deploying Cisco Telepresence systems in its major offices worldwide. PepsiCo CIO Robert Dixon says that
using telepresence “will reinvent the way we work” while cutting down on travel, which, in turn,
improves productivity and reduces the company’s environmental footprint. “In this day and age, it’s
simply a smarter way of going about our business,” he adds. PepsiCo sells products from 18 different
product lines in 200 countries and employs nearly 200,000 workers. The law firm of Lathrop & Gage, LLP,
is using both high-definition videoconferencing and telepresence. Employees conduct more than 300
meetings every month at the firm’s Kansas City, Missouri, headquarters. “It’s a more meaningful way to
conduct meetings than over the phone,” says CEO Joel Voran, who uses the system about three times a
week. Although he still tries to make it to all of the firm’s offices twice a year, Voran says use of
the Polycom systems has significantly reduced the need for lawyers to fly to Kansas City.
“The clarity has been impressive,” Voran says. “At one of our very first meetings at one of our
offices I could see the brand of the beverage someone was drinking and that made the partner sit up and
take notice.” “This is a billable-hour profession,” notes Ben Weinberger, CIO at Lathrop & Gage, who adds
that one attorney alone can save more than $1,500 in travel expenses and productivity loss by not having
to fly somewhere to attend a meeting. Because many lawyers travel monthly, the Polycom system could
represent a savings of more than $30,000 in annual travel expenses and productivity loss for a single
attorney, he estimates. Weinberger differentiates between high-end videoconferencing
and telepresence by the size of the screens. The rooms that have 50-plus-inch screens and run highquality, high-definition cameras are utilizing telepresence, he says. Making it possible for far-flung
attorneys to work closely together via telepresence helps emphasize that the firm has offices around the
world and should have an international focus—a benefit of the system that can’t be quantified in dollars
Comp (1006)
Page 5 of 20
Information System Management (COMP 1006) – Fall – 17 –CW2 (Case Study)-All – QP
and cents. “When you work in one location, you tend to draw inward. We want people to think globally,”
says Jaycox.
1. The telepresence has many advantages and disadvantages in addition to high installation price. Identify
the possible benefits telepresence can bring for large scale organizations. Discuss your answer in terms of
performance and productivity. Support your answer with valid points.
2. Despite having g …
Purchase answer to see full

Order a unique copy of this paper
(550 words)

Approximate price: $22

Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.

Money-back guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism guarantee

Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.

Read more

Free-revision policy

Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.

Read more

Privacy policy

Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.

Read more

Fair-cooperation guarantee

By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.

Read more

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
The price is based on these factors:
Academic level
Number of pages

Order your essay today and save 15% with the discount code ESSAYHELP