CASE STUDY CHAPTER 8

MWEB BUSINESS HACKED

Q1: What technology issues led to the security breach at MWEB?

The technology issues are protects customers againts junk email and viruses that are sent via email. Despite the multitude of security services offered by MWEB, a number of MWEB business subcibers account details were compromised when their logo and password details were published on the internet hackers. Beside that, technology issues it appears that hackers gained access to the internet solutions' self service management system that MWEB business uses provide and manage business accounts that have not yet been migrated to the MWEB network.

Q2:What the possible business impact of this security breach for both MWEB and its

 customers?

They have to work together with Internet Solution to solve this issue, so it can helps companies integrate existing systems with the Internet so as to close the gap between technology, strategy, and the organization’s bottom line. Besides that, they will lost trust of customers and takes time to gain back their trust and they need to immediately implement proper policies and controls of their systems. So, it can helps to develop, manage and maintain solution that include all aspects of Internet connectivity, Website development and hosting, broadband and wireless applications, e-commerce, and consultancy services.They need to prepare for legal action and financial risks and this is threat to customer retention andreputation. The possible impact for MWEB customer are they need for explanation from MWEB and they need for behaviour recommendations. Besides that, they loss of personal information (privacy ), data lost or inaccurate, and additional compromising of related accounts. Lastly, inconvenience, they have to change password or could not access the service and lost trust in the company.

Q 3:If you were an MWEB customer, would you consider MWEB’s response to the security

 breach to be acceptable? Why or why not?

It is acceptable. Because MWEB responded quickly to the hacking incident. MWEB migrate from the old server which was attacked by hackers to the new server. MWEB also contact those customer whose has been hacked to reset their password as an added security measure. MWEB advise them to take immediate action. General manager of MWEB also ask for apologize for any inconvenience the breach have caused to MWEB’s customer. MWEB also took immediate action to evaluate the extent of the breach and to limit any damage.Lastly, MWEB was working closely to investigate the nature and source of the breach to ensure it does not happen again.

QUESTION 4: What should MWEB do in the future to avoid similar incidents ?

To avoid similar incidents, MWEB should implement up to date security system or device or protocol to their network such as digital certificates, intrusion defection system, Management Information System update and auditing regular and through testing and improvement identity management. Besides that, MWEB should advise their customer to authentication usernames and promised and vigilant regarding customer online data and security. MWEB should work closely with Internet Solutions to investigate the nature and source of the breach to ensure it does not happen again.

CASE STUDY CHAPTER 5

The Pleasures and Pitfalls of BYOD

QUESTION 1

What are the advantages and disadvantages of allowing employees to use their personal smart phones for work? 

Advantages:
Employees can use their own smart phones would allow companies to enjoy all of the same benefits of a mobile workforce without spending their own money on these devices. The companies are easier to keep track of each mobile device and to roll out software upgrades or fixes, because all employees were using the similar devices.


Disadvantage:
›Because the employee work with more than one type of mobile device and operating system, companied will need to quickly and flexibly confirm that their employees are still able to remain performance. Companies providing adequate technical support for every employee could be difficult with the variety of phones and operating systems available. Mobility puts assets and data at greater risk compare to if they were only located within company wall on company machines. ›A number of software products have emerged to help companies manage diverse mobile platforms. These software products have capabilities for configuring devices remotely, enforcing different set of policies for different user and devices, and managing applications running on all of them.

QUESTION 2

What people, organization, and technology factors should be adressed when
deciding whether to allow employees to use their personel smart phones for
work?

›The security, inventory management, support, integrating mobile devices into pre existing IT functions and
systems, and measuring return on investment should be addressed when deciding whether to allow
employees to use their personal smart phones for work.

TECHNOLOGY
›The corporate IT resources are important for managing and maintaining a large number of devices in an
organization. The company`s networks must be configured to receive connections from the employees
mobile devices and operating systems to access the company`s information.

ORGANIZATION
›When employees make changes to their personal phones, companies need to quickly and flexibly ensure
that their employees are still able to remain productive. Firms need and efficient inventory management
system that keeps track of which devices employees are using, where the device is located, whether it is
being used, and what software it is equipped with company needs to provide adequate technical support
for every employee who is using a variety of phones and operating systems. When employees are not able
to access critical data or encounter other problems with their mobile devices, they will need assistance from
the information systems department.

PEOPLE
›A firm`s software development teams need to have one professional focused on ensuring that new
applications will be easily usable and useful on smart phones. The applications and software need to be
used on mobile devices to connect to the firm`s existing IT platform and company-wide CRM, SCM, and
ERP systems. The mobility experts can help company leverage mobility more effectively. Companies need
to ensure that sensitive or confidential information is secured by using technologies that allow them to wipe
data from devices remotely or encrypt data when a device is stolen or missing so that it cannot be used.


QUESTION 3 
Compare the BYOD experiences of IBM and Intel. Why did BYOD at Intel work so well?
BYOD experience of IBM.
›-BYOD is not saving IBM any money and just creating new challenges for the IT department because
employees devices are full of software that IBM
›-IBM equips the mobile devices of the latter category of employees with additional software, such as
programmes that encrypt information as it travels to and from corporate networks.
›-BYOD improve employee job satisfaction and productivity and it also can cause a number of problem if
not managed properly.

BYOD experiences of Intel.
›-Intel approached BYOD in a positive manner, trying to find ways to make it work rather than to defeat it.
-Intel hammered out a BYOD strategy and created an end-user service-level agreement that clarified that
end users were voluntarily using BYOD rather than being mandated by Intel.
›-Intel program offers 40 proprietary applications, including travel tools to help schedule a flight and
conference room finders.

Why did BYOD at Intel work so well?
›-Intel goal for BYOD is not to save money but to make employees happier and more productive.
Employees like being able to use their own devices and apps alongside specialized Intel apps.
›-BYOD at Intel work so well because Intel’s company developed different policies, rules and access limits
for each type of devices such as smart phones, tablets, or laptop with multiple levels of control in place.


Q4: Allowing employees to use their own smart phones for work will save the company
money. Do you agree? Why or why not?

Yes, I agree that they can save money from the aspect of transport expenses, such like using mobile
payment and no need to go for some payment by purposely. ›The mobile apps can also be the replacement
tools for office works. They can even open a PDF file using or just send the file through the email or
Bluetooth by the smart phones. This can make those workers getting less on using some stationary items
such as pen drive or SD card, so their stationary expenses can be lower. Through the apps of the smart
phone, they can also easily to contact each other and it is free of charge, by the way this will help the
company to save money from the aspect of telecommunication fees. ›Cost of buying device is low. When
employees used their own device so companies can save money from that because companies do not need
to buy device for the employees but company just paid average for their device and the necessary data
plans. From this way , the companies money can be save.

CASE STUDY CHAPTER 1
CASE 3
A New Look at EMR

QUESTION 1
Identify and describe the problem in this case.

First problem is there are likely to be many issues with the sharing of medical data between different system. While the majority of EMR system will satisfy the specified criteria of reporting data electronically to governmental agencies, they may not be able to report the same data to one another, a key requirement for a nationwide system. Many different type of EMR system being developed and implemented right now will be compatible with one another 2015 and beyond. No nation wide software standards for organizing and exchanging medical information have been put in place. This means that if you go to one medical practice for a diagnosis, and then go to another hospital to receive treatment, these provides generally will not be able shared the medical records electronically.


The second problem is that there is a potential conflict of interest for the insurance companies involved in the creation of health record system. Insurers are often accused of seeking ways to avoid or delay paying health care claims. Unfortunately, it is not in their interest to have electronics systems that can process payment to smoothly and efficiently.


QUESTION 2
What people, organization and technology factors are responsible for the difficulties in building electronic medical record system. Explain.
Organization - Answering patient phone calls, examining patients and writing prescriptions will need to incorporate procedures for accessing and updating electronic medical records. Paper-based records will have to be converted into electronic form.

People – training can take-up to 20 hours of a doctor’s time and doctors are extremely time-passed. Doctor may be spending a considerable of time entering the previous medical history to an EMR. EMR needs and require many different kind of skills and people.

Technology – people worried about the security of electronic record s converted from paper to electric, mostly worried about the security of electronic record, the potential for misuse of personal information and inability of physician to access patient records during a power or computer outage.


QUESTION 3
What is the business , political , and social impact of not digitizing medical records (for individual physicians , hospital, insurers ,patients , and the U.S government)?

The business , political , and social impact of not digitizing medical records are that doctors will not be able to have instant access to a patient’s medical records. And without digitizing medical records means that there will be the need for more paperwork. Politically the 2015 goal set by the U.S government would also be impacted. Socially people would expect little error to this EMR system like correct dosages. And by not digitizing medical records has a greater risk of errors.

QUESTION 4
What are the business and social benefits of digitizing medical record keeping?

The business and social benefits of digitizing medical record keeping are when taken from paper and filing them to the EMR patient’s records will be easier accessed. And unlike filling cabinets a computer has extensive memory to store them all. And these medical records accessed by any other facility that is using EMR as well. Patient information can be accessed much easier and that could mean life of death.

QUESTION 5
Are electronic medical record systems a good solution to the problem of rising health care costs in the US? Explain your answer.
Electronic medical records system is a good solution for the problem of rising health care cost in the US. Administrative costs and record keeping costs are 13% of the US. So that, it can health care spending, improving medical record keeping systems has been targeted as a major path to cost savings and even higher health care quality.Then, enter electronic medical record (EMR) systems. Besides that, an electronic medical record system contains all of a persons vital medical data, including personal information, a full medical history, test results, diagnosis, treatments, prescription medications and the effect of those treatments.