Also, as the internet is accessed by millions and possibly billions of people every day the information that is exchanged can be accessed by people who know how to, this information can be protected with the use of certain software and the advice of people who are experienced in this field, but this costs money and more than often small companies who have tight profit margins do not always give the customers the protection that they should be entitled to. This leads to millions of pounds of credit card fraud and putting of potential customers from using e-commerce.
Some disadvantages include the shipping fee that is associated with everything that is purchased on the Internet and the assurance that the customer must place with the product. For example, most customers like to see and test their product before they make a purchase.
First, customers feel unsafe about giving their details over the Internet. This is a big constraint as many people do feel unsafe about giving their credit card number and therefore do not bother to buy any products.
Also, some customers may not be able to access the Internet, therefore not seeing your product.
Another reason customers may not buy the product over the internet is that they won't be able to see or test out the product. Some customers will want to see the product before they buy it, such as in other cosmetic shops such as Boots, the customers are allowed to try on the product by using testers. On the Internet this is not possible and therefore could repel customers
In conclusion ECommerce is and huge subject and many aspects of it are yet to be looked at. Many facets of it are debatable and for nearly every advantage there is a disadvantages to cancel it out but overall if a system can be introduced that speeds up shopping and makes lives easier then it is a step forward. Because people have moved on from small town shops to huge supermarkets that supply products
Critically evaluate the security issues associated with E-Commerce.
Transaction security is critical to bolstering consumer confidence in a particular e-commerce site. Transaction security depends on the organization’s ability to ensure privacy, authenticity, integrity, availability and the blocking of unwanted intrusions. Transaction privacy can be threatened by unauthorized network monitoring by software devices.
Consumer information integrity is the clearly a problem if sites fail to secure the customer data at the server or the client. It is just as easy to modify customer data, as it is to publish it. This ability to instantly rewrite a consumer’s history with a particular business is quite possible and certainly easy to do with the BO2K style Trojan horse programs installed on an unsuspecting client.
Viruses are the most publicized threat to client systems. They are effective because of the built-in insecurity of client systems
Trojan horse programs launched against client systems pose the greatest threat to e-commerce because they can bypass or subvert most of the authentication and authorization mechanisms used in an e-commerce transaction. These programs can be installed on a remote computer by the simplest of means: email attachments.
The abuse of consumer privacy is becoming a concern at the consumer, business and government level. There will be resistance to participating in certain types of ecommerce transactions if the assurance of privacy is low or non-existent. However, most businesses do not treat the information security cycle as a high priority until an event happens. They consider a firewall to be the best line of defense and pay not enough attention to securing the internal net.
2 (a) explain the term ‘end user computing’. Outline its adv and risks, giving consideration to its place in integrated systems.
Using a computer at the application level. The term end-user is used to distinguish the person for whom the product was designed from the person who programs, services, or installs the product. Developers working on a in a professional capacity, for example, are not considered end-users.
End-user computing confers many benefits on an org. among those most commonly identified are the following:
First, end users are now able to satisfy their own requirements in many cases. This cuts the waiting period resulting from the backlog of applications awaiting development the computer centre.
Furthermore, innovation and control over one’s own information provision stimulated by end-user computing encourages autonomy and responsibility in users.
In addition, end users are able to translate their information requirements into application without the need to transfer these via an analyst or programmer, who will not in general be an expert in the application area. This reduces one of the main difficulties in systems development – that of designing a system that meets user requirements.
Also, end users are able to adapt their systems to their needs as they evolve.
However, there are risks that can easily remove corporate advantages or create problems. The following are the most important:
First, quality assurance may be diminished in end-user applications development as compared with centralized systems analysis and design. This may be revealed in a number of ways:
- poor development methodologies, which yield error-prone applications
- incomplete testing
Besides, at the later stages of mature growth, when end- user applications involve the manipulation of shared data, the absence of controls on data may yield data integrity problems.
Moreover, costs of hardware and software need to be monitored. If the growth of end-user computing does not precede in parallel with central policies on purchase standardization and bulk purchase discounts then the benefits will be jeopardised.
Fourth, end-user applications are likely to service local needs and objectives. This is only beneficial to the organization if these are congruent with and support global corporate objectives.
Finally, there is a risk that users produce private and informal information systems that run counter to company policy or against the law. Compliance with data protection legislation is one known area of difficulty.
(b) discuss the value of expert systems in providing support for decision makers. Give an example of such a system explaining how it can improve decision making for the user.
Expert systems are sometimes known as ‘knowledge-based systems’ or ‘intelligent knowledge- based systems’. It is a computerized system that performs the role of an expert or carries out a task that requires expertise.
The expert system has the features of performing text, processing, and reasoning. Reasoning is the movement from details of a particular case and knowledge of the general subject area surrounding that case to the derivation of conclusions. Expert systems incorporate this reasoning by applying general rules in a knowledge base to aspects of a particular case under consideration.
With this, the solicitor advises the client on the likely outcome of litigation based on the facts of the particular case, an expert understanding of the law and knowledge of the way the court works and interprets this law in practice.
3 (a) explain the concept of feed back and feed-forward control methods, supporting your explanation by using a specific business process for each method.
The feedforward control method also requires action on the part of the system, to suppress or compensate the effect of the fluctuation. For example, a thermostat will counteract a drop in temperature by switching on the heating. Feedforward control will suppress the disturbance before it has had the chance to affect the system's essential variables. This requires the capacity to anticipate the effect of perturbations on the system's goal. Otherwise the system would not know which external fluctuations to consider as perturbations, or how to effectively compensate their influence before it affects the system. This requires that the control system be able to gather early information about these fluctuations.
For example, feedforward control might be applied to the thermostatically controlled room by installing a temperature sensor outside of the room, which would warn the thermostat about a drop in the outside temperature, so that it could start heating before this would affect the inside temperature. In many cases, such advance warning is difficult to implement, or simply unreliable. For example, the thermostat might start heating the room, anticipating the effect of outside cooling, without being aware that at the same time someone in the room switched on the oven, producing more than enough heat to offset the drop in outside temperature. No sensor or anticipation can ever provide complete information about the future effects of an infinite of possible perturbations, and therefore feedforward control is bound to make mistakes. With a good control system, the resulting errors may be few, but the problem is that they will accumulate in the long run, eventually destroying the system.
The only way to avoid this accumulation is to use , that is, compensate an error or deviation from the goal after it has happened. Thus feedback control is also called error-controlled regulation, since the error is used to determine the control action, as with the thermostat which samples the temperature inside the room, switching on the heating whenever that temperature reading drops lower than a certain reference point from the goal temperature. The disadvantage of feedback control is that it first must allow a deviation or error to appear before it can take action, since otherwise it would not know which action to take. Therefore, feedback control is by definition imperfect, whereas feedforward could in principle, but not in practice, be made error-free.
The reason feedback control can still be very effective is continuity: deviations from the goal usually do not appear at once, they tend to increase slowly, giving the controller the chance to intervene at an early stage when the deviation is still small. For example, a sensitive thermostat may start heating as soon as the temperature has dropped one tenth of a degree below the goal temperature. As soon as the temperature has again reached the goal, the thermostat switches off the heating, thus keeping the temperature within a very limited range. This very precise adaptation explains why thermostats in general do not need outside sensors, and can work purely in feedback mode. Feedforward is still necessary in those cases where perturbations are either discontinuous, or develop so quickly that any feedback reaction would come too late. For example, if you see someone pointing a gun in your direction, you would better move out of the line of fire immediately, instead of waiting until you feel the bullet making contact with your skin.
(b) Discuss the issues associated with preventative control that can help to make information systems more effective.
Contrast with feedback and feedforward control, preventive controls reside within a process, their function being to prevent an undesired state of affairs occurring. They are an integral part of manual and computerized information systems. In business information systems, these controls are broadly aimed at protecting assets, often by ensuring that incorrect recording of assets does not occur and by preventing inaccurate processing of information. They fall into a number of issues.
First, careful design of documentation will aid the prevention of unintentional errors in recording and processing.
Besides, the accurate processing of a transaction document requires those responsible to carry out the organisation’s procedures correctly. These should be specified in a procedures manual.
Furthermore, separation of functions is aimed at preventing fraud. If a single member of staff were to be in charge of carrying out all the procedures connected with a transaction then it would be possible, and might be tempting, for that person to create fraudulent transactions. When these functions are separated and placed in the hands of different individuals, fraud may still be tempting but will be less possible.
A business relies on its personnel. So, personnel must be selected and trained effectively to ensure that they are competent to carry out the tasks required of them.
Also, physical controls may be used as a preventive measure; avoiding illegal loss of assets such as cash is to exclude staff from unnecessary access to these assets. A range of physical controls may be used to prevent access – locks, safes, and stout doors are obvious methods.