We use cookies and other similar technologies (Cookies) to enhance your experience and to provide you with relevant content and ads. By using our website, you are agreeing to the use of Cookies. You can change your settings at any time. Cookie Policy.


Blog: Dan Power Subscribe to this blog's RSS feed!

Dan Power

Greetings to all of my friends who work in the area of computerized decision support. This blog is a way for me to share stories from my encounters related to decision support, to comment on industry events, and to comment on other blogger's comments, especially those of my friends on the Business Intelligence Network. I'll try to state my opinions clearly and provide an old professor's perspective on how computers and information technology are changing the world. Decision making has always been my focus, and it will be in this blog as well. Your comments, feedback and questions are welcomed.

About the author >

Daniel J. "Dan" Power is a Professor of Information Systems and Management at the College of Business Administration at the University of Northern Iowa and the editor of DSSResources.com, the Web-based knowledge repository about computerized systems that support decision making; the editor of PlanningSkills.com; and the editor of DSS News, a bi-weekly e-newsletter. Dr. Power's research interests include the design and development of decision support systems and how these systems impact individual and organizational decision behavior.

Editor's Note: More articles and resources are available in Dan's BeyeNETWORK Expert Channel. Be sure to visit today!

Decision support data and systems, including pricing and forecasting models, usually are very important and must be secured against inappropriate use and theft. What are potential sources of risk?

Recently, Michael Hickins had an article in eWeek.com (May 29, 2008) titled "10 Ways Your Employees Pose a Security Risk for Your Organization." When I got the email what caught my attention was the teaser line "From using unauthorized wireless devices to frolicking around in virtual worlds, workers can unwittingly unleash havoc on their company's IT infrastructure." I was and am unsure how frolicking around in a virtual world can unleash havoc for IT.

The 10 risks cited include: 1) USB Flash Drives, 2) Laptops, 3) P2P, 4) Web Mail, 5) Wi-Fi, 6) Smart Phones, 7) Collaboration Tools, 8) Social Networks, 9) Unauthorized Software Updates and 10) Virtual Worlds. Hickins has misidentified the risks.

Why? 1) Clearly flash drives are a problem for data theft but they have little impact on IT infrastructure. 2) Laptops again create data theft and model-driven DSS risks, but won't impact IT infrastructure. 3) Peer to peer (P2P) does create some load problems and risks for decision support. 4) Web mail is valuable even though data theft risks are real. Any external email capability can facilitate data theft. 5) Wi-Fi properly configured should present no threat. 6) Smart phones pose the same risk as laptops. 7) Collaboration tools have almost zero risk. 8) A social network can create professional connections. The risk to IT infrastructure is limited. 9) Yes, clearly any unauthorized IT software update activity is a major problem. 10) Virtual worlds can distract people from work, but virtual world can support decision making.

What do you think? What about risks like hacking and unauthorized use? Do physical risks pose an equal danger? Does IT infrastructure fail more from ineptness of IT staff or actions of disgruntled staff?

Reference

Hickins, M., "10 Ways Your Employees Pose a Security Risk for Your Organization," eWeek.com, May 29, 2008, URL: http://www.eweek.com/c/a/Security/10-Ways-Your-Employees-Pose-a-Security-Risk-for-Your-Organization/?kc=EWKNLEDP052908A .

Technorati Tags: DSS security, Business Intelligence, decision support

Add to Technorati Favorites


Posted May 31, 2008 5:50 PM
Permalink | No Comments |