100%(12)12 out of 12 people found this document helpful
This preview shows page 4 - 7 out of 7 pages.
oMissing data oInconsistent data oSee fig. 9-14 •Reporting applications oRFM OLAP §Recent, Frequent, Money §How recently a customer has ordered, how frequently a customer places an order, and how much money a customer has spent •Data mining applications oDiscovering patterns in existing data used for classification and predictions •Supervised and unsupervised data mining. oSupervised: data scientists build a data model and form a hypothesis oUnsupervised: no model is built, hypothesis formed after results •Big data applications. oNoSQL (MapReduct, Hadoop, Mongo) •BI server oA web server application that is purpose built for publishing of business intelligence. •KM, CMS and Expert systems. oKnowledge management oContent Management Systems oWays of documenting and making knowledge available Chapter 10 •Understand the security threat/loss scenario oThreat: An entity that seeks to gain access to unauthorized systems oVulnerability: An opportunity for threats to gain access oSafeguard: A measure that organizations take to block unauthorized access oTarget: The system/asset that is desired by the threat oSee fig 10-1 •Sources of threats oHuman error oComputer Crime oNatural events and disasters •Types of security losses oUnauthorized data disclosure §Phishing, Spoofing, Sniffing, Wardrivers
§Hacking: breaking into systems oIncorrect data modification §Data corruption oFaulty service §Incorrect system operation §Usurpation: replacing legitimate programs with malicious ones oDenial of service §DoS §DDoS oLoss of infrastructure §Disgruntled ex-employee walks away with laptop §APT: advanced persistent threat •Goal of IS security oTo find the appropriate tradeoff between risk of loss and cost of implementing safeguards •How should you respond to security threats? How should organizations respond to security threats? oTake security seriously oIntrusion detection systems logs when other systems are attempting to access the system oCreate and use strong passwords oEstablish company-wide security policies oManage risk: risk cannot be eliminated; proactively manage the tradeoff between risk and cost oCreate an inventory of the data and hardware you want to protect oSee fig 10-7 •Technical safeguards oIdentification/Authentication §Username/password §Biometrics oEncryption §Transforming clear text into unintelligible text oFirewalls §Perimeter §Internal §Packet-filtering oMalware protection §Viruses: replicates itself, but caused by human interaction §Worms: self-propagate, do not require human interaction §Trojan horses: viruses that look like legitimate programs or files
•SQL injection oOccurs when a user enters a SQL statement into a form where a SQL statement is not expected •