Free Essay

Management of Information System

In:

Submitted By aaron1987
Words 708
Pages 3
IBM Zone Trusted Information Channel
(ZTIC) CASE
You may have heard of Man in the Middle attacks, meet Man in the Browser attacks (MitB). The term has been around since 2005, but not used much. That's changing, thanks to current crimeware, considered a form of MitB attack. According to Wikipedia, MitB is:

"A trojan that infects a web browser and has the ability to modify pages, modify transaction content or insert additional transactions, all in a completely covert fashion invisible to both the user and host application.

A MitB attack will be successful irrespective of whether security mechanisms such as SSL/PKI and/or Two or Three Factor Authentication solutions are in place."

I covered an instance where crimeware played a part in stealing almost a half million dollars in this post. In my next article, I discussed Zeus and URLZone, possibly the crimeware used in the half million dollar hoist. In this article, I would like to dig deeper into possible solutions.

Protect ourselves
Since it's our money, we need to take the initiative. Doing everything we can to protect our hard-earned savings. Once we have our personal situations in the best shape possible, we can bug the banks to get their act together.

The obviously solution is to not bank on-line. That's a great idea, but what about our service personnel or anyone who cannot physically get to their bank? Besides, we should not have to succumb to cybercriminals. With that in mind, let's look at some of the solutions, you the members have come up with.

I would be negligent if I did not mention one thing first. No solution is fool-proof, especially since crimeware is ever-evolving. That has to temper everyone's decision about which solution to use or if it is worthwhile to bank on-line. Let me know in the comments which if any solution makes sense for you. Here they are:

Use a dedicated computer running only the operating system (if possible not Windows) and Web browser application, no other applications (especially e-mail) should be installed. Make sure the operating system and Web browser are up-to-date. Finally, this computer should only be used to access the required financial Web portals, no other Web browsing.
Install Linux on a bootable read-only media (LiveCD or lockable flash drive) along with a Web browsing application. Use this setup for any banking, financial, or credit-card transaction.
Use a computer with a pristine, up-to-date host operating system. Have one virtual machine (VM) for normal computer functions and another VM setup exactly like the dedicated computer I described earlier. Use that VM exclusively for financial transactions. iPhone I recently read a blog post by Detective Inspector Bruce van der Graaf from the Computer Crime Investigation Unit of the New South Wales Police Department. He mentions that the iPhone may be immune to existing variants of crimeware. Ironically, it's because of a feature that most users do not like. The iPhone is only capable of running one task at a time. Therefore crimeware cannot run in the background.

What banks need to do
Now that we are protecting ourselves as best we can, let's take a look at what the financial institutions need to do. Two key processes, authentication and verification need to be improved. All involved parties need to be who they say they are. All involved parties also need to know that the transaction taking place is accurate and initiated by one of the authenticated parties.

Authentication
Web sites that deal with finances, money transfer, or credit card transactions need to offer true multi-factor authentication. In the United States, I am not seeing this. If I am wrong, let me know. Is your bank or credit card provider using more than one of the following factors:

Something you know: Such as a password, image, or answers to questions.
Something you have: Such as a one-time password token (SecureID), computer hardware, or a smart-card key.
Something you are: Such as a finger print, retina, DNA, or a verifiable image.
The three factors are listed in order from weakest to the strongest. My bank uses one-factor authentication. First they ask a security question:

Similar Documents

Premium Essay

Management Information System

...Class Lectures of Management Information Systems (MGT: 305) Introduction: System: System means interrelated set of elements. MIS: Management Information System means managing information resources in a systematic way. Chapter: 01 (Managing the Digital Firm) Q#01: Management challenges while building an information system: 1. 2. 3. 4. 5. Designing competitive and efficient system Understanding system requirements of global business environment Creating information architecture Determining business value of information system Designing system in such a way so that people can control, understand and use in a socially ethically responsible manner. Q#02: What is an information system? An information system is a set of interrelated components that collects, process, stores and distribute information to support decision making, coordination and control in an organization. In addition to supporting decision making, coordination and control information system may also help managers and workers analyzing problems, visualizing complex subjects and creating new products. Core Functions of Information System: INPUT PROCESS OUTPUT FEEDDBACK 1. Inputting 2. Processing a) Classify b) Arrange c) Calculate 3. Outputting 4. Feedback Q#03. What are the changes that occurred in the business world in the recent past? 1. Globalization 2. Industrial economies 3. Transformation of the enterprises 01.Globalization: Globalization is the...

Words: 2113 - Pages: 9

Premium Essay

Management Information Systems

...Management Information Systems Unit 5 IP Your name here American Intercontinental University Abstract Management information systems (MIS) is the actual study of technology, people, organizations and the relationships between them. MIS professionals help organizations to discover their maximum benefit from investment through employees, equipment and business processes. . A management information system is a computer-based system that provides the information necessary to manage an organization effectively and should be designed to enhance communication to reach an organization’s strategic goals and directions. Information technology is more than just computers. Advantages of MIS systems are better planning and to help with business decision making. A major disadvantage is constant monitoring. Over the years management information systems have changed the dynamics of running businesses efficiently. One of the biggest advantages is decentralization. Decentralization allows monitoring of operations at low levels, which free up resources so that department managers can dedicate time to strategic activities. In cases such as this, managers can see what exactly the problem is in all departments. Another advantage of MIS is that it minimizes information overload, since that is very common with conventional businesses in the modern era. The way MIS is designed, it ensures better planning and ways to measure performance, manage resources and facilitate compliance...

Words: 705 - Pages: 3

Premium Essay

Management Information System

...of the Currency Administrator of National Banks Management Information Systems Comptroller’s Handbook May 1995 Management M Management Information Systems Introduction Background Risks Associated with MIS Assessing Vulnerability to MIS Risk Achieving Sound MIS MIS Reviews Examination Objectives Examination Procedures Internal Control Questionnaire Purpose MIS Policies or Practices MIS Development User Training and Instructions Communication Audit Conclusion Verification Procedures Table of Contents 1 1 3 4 5 6 9 10 17 17 17 18 19 20 20 21 22 Comptroller's Handbook i Management Information Systems Management Information Systems Background Introduction A management information system (MIS) is a system or process that provides the information necessary to manage an organization effectively. MIS and the information it generates are generally considered essential components of prudent and reasonable business decisions. The importance of maintaining a consistent approach to the development, use, and review of MIS systems within the institution must be an ongoing concern of both bank management and OCC examiners. MIS should have a clearly defined framework of guidelines, policies or practices, standards, and procedures for the organization. These should be followed throughout the institution in the development, maintenance, and use of all MIS. MIS is viewed and used at many levels by management. It should be supportive of the institution's longer...

Words: 5493 - Pages: 22

Premium Essay

Management Information System

...Chapter 1 Information Systems in Global Business Today True-False Questions 1. Internet advertising is growing at a rate of more than 30 percent a year. Answer: True 2. Difficulty: Hard Reference: p. 6 A business model describes how a company produces, delivers, and sells a product or service to create wealth. Answer: True Difficulty: Easy Reference: p. 11 3. Information technology (IT) consists of all the hardware that a firm needs to use in order to achieve its business objectives, whereas information systems consist of all the software and business processes needed. Answer: False Difficulty: Medium Reference: pp. 13–14 4. Computers are only part of an information system. Answer: True Difficulty: Easy Reference: p. 16 5. Information systems literacy describes the behavioral approach to information systems, whereas computer literacy describes the technical approach. Answer: False Difficulty: Easy Reference: p. 16 6. The dimensions of information systems are management, organizations, and information technology. Answer: True Difficulty: Easy Reference: p. 16 7. In order to understand how a specific business firm uses information systems, you need to know something about the hierarchy and culture of the company. Answer: True Difficulty: Easy Reference: pp. 17–18 8. Developing a new product, fulfilling an order, or hiring a new employee are examples of business processes. Answer: True Difficulty: Easy Reference: p. 7 1 9. Business...

Words: 4161 - Pages: 17

Premium Essay

Management Information Systems

...4050 Management Information Systems(3) Home Assignment Two Submitted to Dr. Uchenna EZE From: Major:Management of Human Resource ID Number:1231500046 Name:Yang Jingmiao/Jasmine Date: 2015/04/16 Management Decision Problem: P145 Macy’s Inc. new strategy is to tailor merchandise more to local tastes. From this aspect, Macy’s management can make use of information system to achieve its strategy since information technology plays a critical role in helping organizations perceive environmental change and in helping organizations act on their environment and information systems as the “lens” of the firm, observing external factors and filtering information back in to the firm. First, in the economic impacts, IT affects the cost and quality of information and changes economics of information. Thus, information system helps Macy’s Inc., contract in size because it can reduce transaction costs, which are the cost of participating in markets. In addition, IT also can reduce internal management costs, since Macy operates approximately 800 department stores in US and it also should do a totally new change in its local tastes in each individual stores, which also require a greater number of employees and then the overall management costs also increase. Therefore, IT, by reducing the costs of acquiring and analyzing information, permits Macy to reduce agency costs. Second, the Internet increases the accessibility, storage, and distribution of information and knowledge...

Words: 771 - Pages: 4

Premium Essay

Management Information System

...Management Information Systems is the study of people, technology, organizations and the relationships among them. Today we use information systems at all levels of operation to collect, process and store data. Management aggregates and disseminates this data in the form of information needed to carry out the daily operations of a business. Everyone who works in any business, from someone who pays the bills to the person who makes employment decisions, uses information systems. A car dealership could use a computer database to keep track of which products sell best. A retail store might use a computer-based information system to sell products over the Internet. In fact, many businesses concentrate on the alignment of MIS with business goals to achieve competitive advantage over other businesses. MIS professionals create information systems for data management; examples include storing, searching and analyzing data. In addition, they manage various information systems to meet the needs of managers, staff and customers. Microsoft would be considered a MIS. For example, our textbook might have been created using Word. First, an author writes the content; other contributors and editors change, format, and edit the content, and then the content from a specific chapter can be integrated into the larger work. In this sense, Word is an effective tool in a management information system because it is facilitating the way a business operates. Think of the time and effort saved because...

Words: 251 - Pages: 2

Premium Essay

Management Information System

...SES’s- GOI- FACULTY OF MANAGEMENT Course: MMS, Semester (II) Examination: Final Examination- 2013 Subject: Management Information System Date: 22/04/2013 Time: 2 hrs Maximum Marks: 30 Instructions: 1. Before starting to write the examination, make sure that it is complete and that there are no printing defects. This examination paper consists of 6 pages. There are 5 questions each of 6 marks, for a total of30 marks. 2. Read the questions carefully and answer what is asked, clearly and to the point only. 3. To assist you in answering the examination questions, the following glossary of terms is included. 4. All questions are compulsory and carry 10 marks each. Glossary Compare Examine qualities or characteristics that resemble each other. Emphasize similarities, although differences may be mentioned. Contrast Compare by observing differences. Stress the dissimilarities of qualities or characteristics. (Also Distinguish between) Criticize Express your own judgment concerning the topic or viewpoint in question. Discuss both pros and cons. Define Clearly state the meaning of the word or term. Relate the meaning specifically to the way it is used in the subject area under discussion. Perhaps also show how the item defined differs from items in other classes with an example. Describe Tell the whole story in narrative form. Diagram Give a drawing, chart, plan or graphic answer. Usually you should label a...

Words: 1121 - Pages: 5

Premium Essay

Management Information System

...LQUESTION Describe the strategic role of information in an organization. INFORMATION This script purposely focuses attention on the definition of information, its characteristics, classification, functions and the strategic role it plays in an organization. Information is a data that is accurate and timely, specific and organized for a purpose, presented within a context that gives it meaning and relevance and can lead to an increase in understanding and decrease in uncertainty. The functions and importance of information to an organization cannot be overemphasized. According to Davis and Olson: “Information is a data that has been processed into a form that is meaningful to recipient and is of real or perceived value in the current or the prospective action or decision of recipient.” Information is also described as data that has been processed in some manner into a form that is both usable and meaningful to the end user. Information therefore is data that has been processed, organized, structured or presented in a given context so as to make them useful. The value of information lies solely in its ability to affect a behavior, decision or outcome. A piece of information is considered valueless if, after receiving it, decisions that information is supposed to influence remain unchanged. Information is a most critical resource of the organization. Managing the information means managing future. Information is knowledge that one derives from facts placed in the right...

Words: 2218 - Pages: 9

Premium Essay

Management Information System

...MANAGEMENT INFORMATION SYSTEMS MINI PROJECT SUBMITTED BY D.Muthamizh MANAGEMENT INFORMATION SYSTEMS Management information systems (MIS) is the study of people, technology, organizations, and the relationships among them. This definition, given by Mays Business School, relates specifically to MIS as a course of study. In other words, MIS is commonly used in business schools to refer to the study of how individuals, groups, and organizations evaluate, design, implement, manage, and utilize systems to generate information to improve efficiency and effectiveness of decision making, including systems termed decision support systems, expert systems, and executive information systems. Many business schools (or colleges of business administration within universities) have an MIS department, alongside departments of accounting, finance, management, marketing, and may award degrees (at undergraduate, master, and doctoral levels) in MIS. A good definition of MIS in practice has been given in a journal article: "Establishing and Managing Management Information Systems in Developing Countries" by Dr. Chris Prince Udochukwu Njoku. Dr. Njoku gave the comprehensive definition after a critical assessment of many definitions, some of which he cited, and described them as inadequate. MIS professionals help organizations--big, medium and small--realize maximum benefit from investments in personnel, equipment, and business processes. MIS is people-oriented, with an emphasis on service. Although...

Words: 919 - Pages: 4

Premium Essay

Management Information Systems

...Course Technology’s Management Information Systems Instructor and Student Resources Introduction to IS/MIS Principles of Information Systems, Eighth Edition • Stair, Reynolds Fundamentals of Information Systems, Fourth Edition • Stair, Reynolds Management Information Systems, Sixth Edition • Oz Information Technology in Theory • Aksoy, DeNardis Office Applications in Business Problem-Solving Cases in Microsoft Access & Excel, Sixth Annual Edition • Brady, Monk Succeeding in Business Applications with Microsoft Office 2007 • Bast, Gross, Akaiwa, Flynn, et.al Succeeding in Business with Microsoft Office Excel 2007 • Gross, Akaiwa, Nordquist Succeeding in Business with Microsoft Office Access 2007 • Bast, Cygman, Flynn, Tidwell Databases Database Systems, Eighth Edition • Rob, Coronel Concepts of Database Management, Sixth Edition • Pratt, Adamski Data Modeling and Database Design • Umanath, Scamell A Guide to SQL, Seventh Edition • Pratt A Guide to MySQL • Pratt, Last Guide to Oracle 10g • Morrison, Morrison, Conrad Oracle 10g Titles Oracle9i Titles Enterprise Resource Planning Concepts in Enterprise Resource Planning, Third Edition • Monk, Wagner Data Communications Data Communications and Computer Networks: A Business User’s Approach, Fourth Edition • White Systems Analysis and Design Systems Analysis and Design in a Changing World, Fifth Edition • Satzinger, Jackson, Burd Object-Oriented Analysis and Design with the Unified Process • Satzinger, Jackson, Burd Systems Analysis and Design...

Words: 223685 - Pages: 895

Premium Essay

Management Information Systems

...Management Infotmation System INTRODUCTION OF AIR ASIA [pic] Air Asia is one of the Malaysian Airline, as the second Malaysian National Airline, Air Asia was born in 1993 and started operations on 18 November 1996. It was originally founded by a government-owned conglomerate DRB-Hicom. On 2 December 2001, the heavily-indebted airline was purchased by former Time Warner executive Tony Fernandes's company Tune Air Sdn Bhd for the token sum of one ringgit. Normally low-costs Airline has a lot of differences with traditional Airline. These differences such as ticketless travel, online ticket booking & pay, no international offices, no free food and beverages, use second city airports. These doesn’t make Air Asia hard to survive in Airline industry, whereas became the features of Air Asia. By using a simple but strong slogan “Now Everyone Can Fly”, Air Asia become a successful company in Airline industry. Now in this era Air Asia is one of the succeed low-costs Airline company in the world. Nowadays, Air Asia has put their investment to other areas. Air Asia is not only focus on Airline industry. Tune hotel is one of the good examples. Air Asia boasted total assets worth RM9.52billion in 2008, is the one of growing rapidly company in Malaysia. Nowadays, people use computer to let their life easier. Management information system is systems that use hardware, software, people, procedures and data to help companies work more efficiency. It included...

Words: 319 - Pages: 2

Premium Essay

Management Information Systems

...OUTLINE 1. Fundamentals of Information Systems: • Introduction and definition of terms • System concepts • Information systems components • Drivers of information systems • Influence on MIS design • Problems with MIS 2. Information Requirements and Decision-making • Information as a corporate resource • Management decision making • Management information requirements 3. Organizations and Information Systems • Characteristics of organizations • Impact of information systems on organizations • The Internet – role in the modern business 4. IT infrastructure • Hardware and software platforms 5. Ethical Issues in Information Systems • Ethical & moral issues • Information privacy 6. Securing Information Systems • System vulnerabilities • Technologies and tools for security and control 7. Emerging Trends in MIS • Cloud computing, others. Assessment • Continuous Assessment Tests (CATs): 30% • End of Semester Written Examinations: 70% NOTE: Failure to sit for CATs or to hand in any continous assessment work will lead to disqualification from sitting end-of-semester examination. Recommended Reading Jessup, L. and Valacich, J. Information systems today. New Delhi: Prentice-Hall Laudon, K. and Laudon, J. Management information systems: managing the digital firm. New Delhi: Prentice Long, L. and Long, N. Computers: information technology in perspective. Pearson Education: N.J. Lucey, T. Management information systems. London: Letts Educational...

Words: 254 - Pages: 2

Premium Essay

Management Information System

...MANAGEMENT INFORMATION SYSTEM TO HELP MANAGERS FOR PROVIDING DECISION MAKING IN AN ORGANIZATION 1G.SATYANARAYANA REDDY, 2RALLABANDI SRINIVASU, 3SRIKANTH REDDY RIKKULA, 4VUDA SREENIVASA RAO 1Professor & HOD-MBA in CMR College of Information Technology, Hyderabad, India 2Professor & Director –PG Studies. St. Mary’s Group of Institutions, Hyderabad, India. 3Associate Professor, MCA Dept. St.Mary’s College of Engg. & Technology, Hyderabad ,India. 4Professor & Head CSE, IT Dept. St.Mary’s College of Engg. & Technology, Hyderabad ,India. E-mail: satya3831@yahoo.com, rsrinivasusas@gmail.com, rikkula@gmail.com, vudasrinivasarao@gmail.com ABSTRACT Management Information System (MIS) provides information for the managerial activities in an organization. The main purpose of this research is, MIS provides accurate and timely information necessary to facilitate the decision-making process and enable the organizations planning, control, and operational functions to be carried out effectively. Management Information System (MIS) is basically concerned with processing data into information and is then communicated to the various Departments in an organization for appropriate decision-making. MIS is a subset of the overall planning and control activities covering the application of humans, technologies, and procedures of the organization. . The information system is the mechanism to ensure that information is available to the managers in the form they want it and when they need...

Words: 344 - Pages: 2

Premium Essay

Management Information System

...by Barbara J. Ellestad Chapter 1 Business Information Systems in Your Career Computers continue to change every aspect of our lives from entertainment to shopping, from the work we do and where we do it, to how we communicate with friends, relatives, and business associates. As you can see from the opening vignette in the text, many businesses are remodeling their products and services to take advantage of expanded channel outlets such as the Internet, cell phones, and even iPod devices. This chapter gives you an overview of many of the subjects we’ll touch on in this course. It will help you understand how information technology is being used by many businesses worldwide to increase efficiency, save money, and create better relationships with suppliers and customers. 1.1 The Role of Information Systems in Business Today Ask managers to describe their most important resources and they’ll list money, equipment, materials, and people—not necessarily in that order. It’s very unusual for managers to consider information an important resource, and yet it is. As electronic business and electronic commerce grow in popularity and more firms digitize their operations, having useful information is becoming even more important to the global business community. This chapter will begin to explain why you need to manage your information resources as closely as any other in your organization. How Information Systems Are Transforming Business The next time you’re...

Words: 4875 - Pages: 20

Premium Essay

Management Information System Assignment

...SCHOOL OF BUSINESS ISD 556: management information systems ASSIGNMENT: CASE STUDY: MANAGEMENT INFORMATION SYSTEMS AND E-COMMERCE COURSEWORK (30%) NAME INDEX NUMBER EVELYN BOAITEY PG7600212 PETER BONSU PG8373512 KELVIN KYEI TUFFOUR PG7605212 DATE: 2ND APRIL, 2013 A. All businesses share one common asset, regardless of the type of business. It does not matter if they manufacture goods or provide services. It is a vital part of any business entity, whether a sole proprietorship or a multinational corporation. That common asset is information. Information enables us to determine the need to create new products and services. Information tells us to move into new markets or to withdraw from other markets. Without information, the goods do not get made, the orders are not placed, the materials are not procured, the shipments are not delivered, the customers are not billed, and the business cannot survive. But information has far lesser impact when presented as raw data. In order to maximize the value of information, it must be captured, analyzed, quantified, compiled, manipulated, made accessible, and shared. In order to accomplish those tasks, an information system (IS) must be designed, developed, administered, and maintained. An information system is a computer system that provides management and other personnel within an organization with up-to-date information regarding the organization's performance;...

Words: 2109 - Pages: 9