信息管理专业英语8单元课文翻译.docx

信息管理专业英语8单元课文翻译.docx

《信息管理专业英语8单元课文翻译.docx》由会员分享，可在线阅读，更多相关《信息管理专业英语8单元课文翻译.docx（6页珍藏版）》请在冰豆网上搜索。

信息管理专业英语8单元课文翻译

ThreatstoInformationandWaystoReduce

Bibliography:

GeraldV.Post,DavidL.Aderson.ManagementInformationSystemsBusinessProblemswithInformationTechnology（ThirdEdition）.McGraw-HillEurope,2002,pp.116-120.

Manypotentialthreatsexisttoinformationsystemsandthedatatheyhold.Thecomplicatedaspectisthatthebiggestinformationthreatisfromlegitimateusersanddevelopers.Purelybyaccident,ausermightenterincorrectdataordeleteimportantinformation.Adesignermightmisunderstandanimportantfunctionandthesystemwillproduceerroneousresults.Aninnocentprogrammingmistakecouldresultinincorrectordestroyeddata.Minorchangestoafrailsystemcouldresultinacascadingfailureoftheentiresystem.

Wecandetectandpreventsomeoftheseproblemsthroughcarefuldesign,testing,training,andbackupprovision.However,moderninformationsystemsareextremelycomplex.Wecannotguaranteetheywillworkcorrectlyallofthetime.Plus,theworldposesphysicalthreatsthatcannotbeavoided:

hurricanes,earthquakes,floods,andsoon.Often,thebestwecandoistobuildcontingencyplansthatenablethecompanytorecoverasfastaspossible.Themostimportantaspectofanydisasterplanistomaintainadequatebackupcopies.Withcarefulplanning,organization,andenoughmoney,firmsateabletoprovidevirtuallycontinuousinformationsystemssupport.

Asecondsetofproblemsarisesfromthefactthatastechnologychanges,sodocriminals.Today,onlyadesperatepersonwouldrobabankwithagun.Theprobabilityofbeingcaughtishigh,andtheamountofmoneystolenislow.Notthatwewishtoencourageanyonetobecomeathief,butthecomputeroffersmucheasierwaystosteallargeramountsofmoney.

Itisimportanttodeterminethepotentialthreatstocomputersecurity.SometoolshavemadeiteasierforoutsiderstoattackcompaniesovertheInternet,butbyfarthebiggestissuesremainpeopleinsidethecompanyandviruses.

Disasters:

Fortunately,fires,floods,hurricanes,andotherphysicaldisastersdonothappentoooften.Butwhenadisasterdoeshitacompanyisdatacenter,itcoulddestroythecompany.Withoutadvancepreparations,thelossofadatacenter,couldshutdowntheoperations.Howlongcanamoderncompanysurvivewithouttransactionprocessing?

Today,therearemanywaystoplanforandrecoverfromdisasters.Acommonmethodtodayistocontractwithadisasterrecovery,servicesprovider.ServiceproviderslikeSunGardprovideaccesstotheircommercialrecoveryfacilitiesandprovideseverallevelsofsupportforvariousfees.Onecommonlevelofsupport,calledahotsite,consistsofafullyconfiguredcomputercenter.Specificcomputerequipmentisalreadyinstalledandreadyforimmediateuse.WhentheMISstaffdeclaresadisaster,theyinstallthebackuptapesonthehot-sitecomputersandusetelecommunicationlinestoruntheday-to-dayoperations.Anotheralternativeistocontractforacoldsite,whichprovidesfullyfunctionalcomputerroomspace,withoutthecomputerequipment.Ifadisasteroccurs,eitherthecompanyorthedisasterrecoveryservicesprovidercanarrangeforthenecessaryequipmenttobeshippedtothecoldsite.However,theremightbeadelayofseveraldaysbeforethenowdatacenterwillbeoperational,soacoldsiteisoftenusedinconjunctionwithahotsitecontract.

Forcomputeroperationsthatabsolutelymustneverbeinterrupted,somefirmsutilizeaback-upcomputerthatiscontinuouslyrunningtomaintainacompletecopyofthedailyoperations,Alldataismaintainedsimultaneouslyatbothlocations.Ifproblemsarisewithonemachine,thesecondonetakesoverautomatically.Specialtyfirmsarenowofferingthesedatamirroringfacilities.Theoutsidefirmissentcopiesofallofyourdataasitisgenerated.Thefirmmakesbackupcopiesandprovidesvirtuallyinstantaneousrenewalofserviceifsomethinginterfereswithyourmaincomputer.

EmployeesandConsultants

Employeesaretheheartofanycompany.Companiesfunctionandsucceedbytrustingtheiremployees.Althoughalmostallemployeesarehonestanddiligent,theseisalwaysthechancethatone.Employeewillusethecompanyisknowledge,experience,andtrusttomisappropriateresources.

Itcanbedifficulttoidentifypeoplewhomightcausedamagetothefirm.Manycompaniestodayusepsychologicaltests,backgroundchecks,andrandomdrugteststoindicatepotentialproblems.Mostcompaniesarewaryofemployeeswhoseemploymenthasbeenterminated.Businessesfollowspecificstepswhenemployeesleave,beingparticularlycarefultoremovetheemployeesisaccesstocompanycomputers.

AmorecomplicatedproblemariseswithMISemployees.Programmersandanalysishavetobetrusted.Withoutthem,therewouldbenosoftware.However,itisgenerallybestiftheprogrammersarenottheusersoftheprogram.Companiesenforceaseparationofdutiesamongstaffprogrammersandusers.Thinkaboutwhatmighthappenifabanktellerwasalsoresponsibleforwritingthecomputerprogramusedbytellers.Itwouldbeeasytousethecomputertostealmoneyfromdifferentaccounts.Auditingtransacting-processingsystemsisanimportanttaskforauditors.

Unscrupulousprogrammershavealsobeenknowntoinclude“timebombs”intheirsoftware.Wheneverthesoftwareruns,itchecksahiddenfileforasecretword.Iftheprogrammerleavesthecompany,thesecretworddoesnotgetchanged.Whentheprogramdoesnotfindthecorrectword,itstartsdeletingfiles.Onlargeprojects,thesebombscanbeimpossibletospot（untiltheygooff）.Keepinggoodbackupscanusuallyminimizethedamage.Asarelatedsidenote,thesoftwareindustryispushingstatestoadoptanewsetoflaws（UCITA）thatmakesitlegaltoincludeashutdowntimebombifasoftwarecompanyhasadisputewithabusinessthatusesitssoftware.

Anotherdangerareaisthatprogrammersmightincludeatrapdoororsecretpasswordthatallowsthemtogainaccesstothesoftwareeveniftheyleavethecompany.Sometimesthesetrapdoorsareinstalledinnocently,toenableprogrammerstomakecorrectionsfaster.Theimportantpointistomakesuretheyareremovedwhenthesystemsispermanentlyinstalled.

Aninterestingclassofthreatstosecuringyourdataarisesfromnegligenceinsteadofdeliberateactionsbytheusers.Forinstance,employeesmightaccidentallydeletedata.Or,carryingdisks,tapes,orevenlaptopcomputerspastmagneticfieldscansometimesdamagethefiles.Inthesecases,thebestbetistohavebackupsreadilyavailable.Morecomplicatedproblemsarisewhenlaptopcomputersarelostorevenstolen.Inadditiontothedatastoredonthemachines,thefilesoftenholdpasswordsforcorporatecomputers.Manylaptopsprovidepasswordsandencryptthedatatominimizetheseproblems.Oneotherproblemthatfallsintothiscategoryisawarningtobecarefulabouthowyoudisposeofoldtapes,disks,andcomputerequipment.Businessesrunsimilarrisksthentheysendcomputerequipmentoutforrepairs.

Ingeneral,thebestwaytominimizeproblemsformemployeesstemsfromtypicalmanagementtechniques,Hireworkerscarefully,treatemployeesfairly,haveseparationofjobs,useteamwork,andmaintainconstantchecksontheirwork.Consultantspresentthesamepotentialproblemsasemployees.However,consultantstendtobehiredforashorttime,sothefirmknowsevenlessaboutthemthanaboutregularemployees.Consultantsaregenerallyusedforspecializedjobs,sotheremaynotbeanyinternalemployeeswhocanadequatelymonitortheirwork.

Businesspartnerships

Ascomputersspreadthroughouteveryaspectofbusiness,manycompaniessharetheirdata.Forexample,GeneralMotorsasksitssupplierstoprovideallinformationelectronically.Thiselectronicdatainterchange（EDI）meansthatbusinessinformationisprocessedfasterandwithfewererrors.Theproblemisthatinmanycases,itmeansGMgivesothercompaniesconsiderableaccesstoGMiscomputerandviceversa.Forinstance,ifGMisthinkingaboutincreasingproduction,themanagersmightwanttochecksupplierproductionschedulestomakesurethesupplierscouldprovideenoughparts.Todoitelectronically,Gmneedsaccesstothesuppliersiscomputers.Toparticipateinbusinesstoday,youmusttrustyourpartners.However,youhavelimitedabilitytoevaluatealloftheiremployees.

TheissueofpartnershipsbecomesmoreimportantinanInternetworldofsoftware.Increasingly,firmsareprovidingservicesovertheInternet-wherethesoftwareandyourdataresideonaserviceprovideriswebsite.AgoodexampleisNetLedger,whichisanapplicationserviceonvider（ASP）thatprocessesallofyouraccountingneedsonitswebsite.ThemainadvantagesofanASPare

（1）expertssetupandrunthesitesoyoudonothavetohirespecialists,

（2）storingthedataontheWebmeansitisaccessibletoyouremployeeswherevertheyhaveWebaccess,and（3）youcanstartandscaleuptoareasonablesizewithouthassles.Apotentialdrawbackisthatallofyourfinancialdataisstoredonasiterunbysomeoneelse.Ofcourse,thereputationoftheASPdependsonprotectingyourdataandmaintainingsecurity,soitprobablysaferthanwhatasmallbusinesscouldhandleindependently:

however,youshouldstillinvestigatetheASPsecurityprocedures.

Outsiders

Thereissomethreatfromoutsiderswhomightdialupyourcomputerandguessapassword.Usingsomecommonsensecanminimizemostofthesethreats.Forexample,inthe1980s,somegroupsgainedaccesstocomputersbecausetheoperatorsneverchangedthedefaultpasswordthatwasshippedwiththecomputer!

Theinternetcausesadditionalproblemsbecauseitwasdesignedtogiveotherpeo