Applying Information Security and SDLC to Business
A limited time offer! Get a custom sample essay written according to your requirements urgent 3h delivery guaranteedOrder Now
There are several things a manager has to consider when running a business. He or she must ensure that the company does what it needs to meet the needs of the customer, the employees, and protect all personal information. One way is to ensure that there are proper security measures to protect all data by making sure the employees are trained and understand the security protocols. Another way is by using the Systems Development Life Cycle (SDLC) method to help maintain the systems they have or need to conduct business. Businesses that follow the steps in the SDLC method and maintain a good information security system will keep the trust of its customers ensuring it remains profitable.
Use the SDLC method to implement a new technology into the bookstore Systems development life cycle (SDLC) is the traditional process used to develop information systems. There is a five stage process for SDLC and they are as follows: 1.) System definition, 2.) Requirements analysis, 3.) Component design, 4.) Implementation, 5.) Maintenance (Kroenke, 2014). Having an online business can be a lot of work. There are some ways to make it easier to run the business and to get some new customers. One way is to use collaboration tools. There are many different collaboration tools that you could use for a business. One website that I went to talks about four different ones. According to The Four Best Web Collaboration Tools (2012), “Most online collaboration tools are simple, easy to use and inexpensive.”
The first example is Basecamp. It is an extremely powerful and useful online project collaboration system designed for entrepreneurs, small businesses, freelancers and business groups. The most used online project management application in the world. The application allows you to upload, store, edit and share documents and files online. (The Four Best Web Collaboration Tools, 2012).
The second example is Skype. Skype is a type of video conference. Although scores of online video chat services have emerged over the past few years, Skype remains the most widely used and convenient. Apart from the standard face-to-face video conference chat, Skype’s Screen Sharing feature allows users to show others whatever is on their screen, which is perfect for presenting slideshows or making visual presentations. (The Four Best Web Collaboration Tools, 2012).
The third example is Trello. Trello is a simple and free online collaboration tool perfect for individual or smaller groups. Trello’s friendly interface allows users to create a project by adding items and lists, and assigning people to specific tasks. (The Four Best Web Collaboration Tools, 2012). The fourth and final example is Sync.in. Sync.in is a web-based word processor that enables users to view and co-edit the same notes and documents in real time from anywhere in the world. (The Four Best Web Collaboration Tools, 2012).
For Amazon, we need to go through the five stage process for SDLC. The first stage is system definition. The upper management has talked and they have decided that they need to get a new information system. They have all agreed on transaction processing systems. They need to find out how much it is going to cost. According to Cashman (2000), “A transaction processing system (TPS) is an information system that captures and processes data generated during an organization’s day-to-day transactions. A transaction is a business activity such as a deposit, payment, order, or reservation.” Cashman also stated “Transaction processing systems were among the first computerized systems developed to process business data – a function originally called data processing. Usually, the TPS computerized an existing manual system to allow for faster processing, reduced clerical costs and improved customer service.”
The second stage is requirements analysis. We have to conduct user interviews and evaluate existing systems. What errors or problems will the new system have? The third stage is component design. For component design, we have to design the database and determine hardware specifications. The fourth stage is implementation. During this stage you have to build system components and conduct tests to see if it works properly. The fifth and final stage is system maintenance. During this stage, you see if anyone wants to change anything and you fix anything that has problems or that did not work correctly. According to Kroenke (2014), “You may be surprised to learn this, but all commercial software products are shipped with known failures. Usually vendors test their products and remove the most serious problems, but they seldom, if ever, remove all of the defects that they know about.
Shipping with defects is an industry practice” (Chapter 10). How Amazon could use the SDLC method to implement new technology There are several things that businesses use on a daily basis that is vital to its success, one of those is its information system. According to Kroenke (2014), an information system consists of five components (p. 10), of which, three must be maintained and upgraded in order for a business to remain relevant. When managers of a business such as Amazon concludes that it should implement new technology, one way to do this is to use the SDLC method. As previously mentioned, the SDLC has several steps that when followed, would assist a group in planning, designing, using, and maintaining an information system. Through research we have found that Amazon has several different systems and privacy protocols in place to protect the privacy of the company and its customers. However, at some point the company may have to implement new technology to remain current and maintain its standing in the bookstore community.
The SDLC method is important because it is a model used that describes the stages in an information system development project from the initial study through the maintenance of the completed application (Rouse, 2006). The will help guide management decide the right hardware, software, system design, and any problems during the process. There are different SDLC methods that may work for a particular project and can be used in the implementation of new technology. According to the Rouse (2006) website, the different methods are the waterfall model, the rapid application development (RAD), the joint application development (JAD), the fountain model, the spiral model, build to fix, and synchronize-and-stabilize. All are effective methods, however, in a process such as implementing new technology the spiral method would be of better suited this type of project.
The spiral model is a systems development used in information technology (IT) and combines the features of the prototyping model and SDLC (Rouse, 2006). The spiral model will help the project manager and his or her team focus on the IT project. An important part of making changes is ensuring everyone in the working group understands the importance of the proposed changes and remains focused. Some of the things the leadership can do to ensure success are to ensure he or she plans properly to identify the needs and goals of the company, have open communication and collaboration, and reinforce the commitment to the vision and principles at all levels (Rehani, n. d.). These are an important part of the process because implementing new technology would mean a different process than everyone is familiar with and many may be reluctant to change. During this process managers should be able to determine whether the new technology they intend to use would be beneficial to the company.
When implementing new technology, Leonard-Barton and Kraus (1985) recommend that managers serve a dual role as both technician developers and implementers. Leonard-Barton and Kraus also state that managers should have a marketing perspective. As the developer and implementer, an Amazon manager should develop and organize the project and ensure that it meets the needs of the user. The marketing perspective would allow him or her to see the project through and prepare the company for the new technology.
Managers should constantly plan for the future because technology will continue to change and it is necessary for Amazon to make changes to stay competitive with other bookstores. Every effort to implement new technology is not always successful; this is because managers underestimated the scope or importance of preparation (Leonard-Barton and Kraus, 1985). It is a responsibility of the leadership to ensure that everyone understands the importance and if at some point a problem occurs, they should evaluate it and start from the beginning. Proper planning, ensuring everyone understands the goals of management, and making sure that everyone has equal input will give the process a better chance at success.
The Disaster Recovery Plan
Business continuity planning is an essential part of running any modern organization that takes its business and its clients seriously. With so many potential business disasters looming that can befall an organization at any time, it seems unwise not to take actions to prepare for and try to prevent the devastating impact of such catastrophes. Without this type of preparation any unexpected event can severely disrupt the operation, continuity, and effectiveness of your business. Disabling events can come in all shapes and varieties. They can vary from the more common calamities like hard drive corruption. (“Disaster Recovery Planning (DRP) and Business Continuity Plan (BCP) Template,” n.d.).
Each organization should have a comprehensive disaster recovery plan in place to protect their business. (“Small-Business Guide- A Small-Business Guide to Disaster Recovery-NYTimes.com,”n.d.). Amazon is a large corporation that operates online. It is imperative to address all of the likely emergencies that will take place in the business. Encourage your employees to engage in creating the recovery plan by brainstorming scenarios. Test your recovery plan periodically to confirm it will protect your company. The worst case is to ignore having a strategic plan in place. During 911 many companies faced total loss. They were not prepared to face disaster. After the final conclusion of 911, corporations could not survive the damage and was forced to close the business. Companies such as Amazon will address how to develop a successful recovery plan.
The bookstore obtains vital data files including customer’s personal and financial information. Implanting an effective disaster recovery plan could help prevent hackers from using stolen information they obtained. The most common business disaster is data loss, which results from various reason including theft, human error and hardware failure. (“Small-Business Guide- A Small-Business Guide to Disaster Recovery-NYTimes.com,”n.d.). The recovery plan will consist of backup alternatives. If amazon website crashed online backup would be available to assist until the system is repaired. Other available options such as outsourcing our backup needs to provide additional security and monitoring. Management will be held accountable for ensuring backups are internally carried out successfully. Providers will continuously update employee with test recovery procedures per quarter. Communicating with staff
Communication is a key components when developing a disaster recovery plan. The bookstore must consider how to respond in the event of a hurricane, tornado, or flood. These circumstances can become extremely stressful. Even in the event of a power outage or natural disaster, it’s crucial for your business to maintain its operations. Your business needs a business continuity management plan that ensures critical people and processes remain operational. (“CenturyLink | Business Continuity & Disaster Recovery Solutions,” n.d.). A backup contact list will include alternate methods of communicating. This will help the company save critical information when access to servers fail. Documents will be uploaded to a secure online locations.
Each employee will have access accessible from any location. Lockyourdocuments.com is a known website used by banking intuitions in which the bookstore will utilize to keep documents safe. The bookstore will use a method of intercompany communication. This will help to elevate barriers of communication if the office or website is unavailable. Choices contains cellphones, text messaging, face time or skype. Making arrangements for incoming communications using VIOP system such as Vonage. (“Small-Business Guide- A Small-Business Guide to Disaster Recovery-NYTimes.com,”n.d.). Employees Response
In order to have a successful disaster recovery Amazon will prepare their employee where to go and what to do if a disaster happens. Which means to identify critical functions like setting up communication methods, contacting clients and handling insurance. (“Small-Business Guide- A Small-Business Guide to Disaster Recovery-NYTimes.com,”n.d.). The company will designate a selection of employees to facilitate a primary location to meet or use of a website to log onto. When your plan is finalized, distribute to each employee. A copy will be uploaded to an online location. Final Results
There are so many reason why each organization should consider having a disaster recovery plan. This process assisted the bookstore in evaluating potential weakness and planning how to deal with what could possibly go wrong. It offers management the chance to gain a better understanding of the minutia of their business and ultimately helps an organization identify ways to strengthen any short comings. (“Disaster Recovery Planning (DRP) and Business Continuity Plan (BCP) Template,” n.d.). At some point your business is going to face an emergency situation, it’s just a matter of what type, what magnitude and when. The best preparation for any situation you may face is to have a well-thought-out plan in place and to educate your team on its elements. (“Small-Business Guide- A Small-Business Guide to Disaster Recovery-NYTimes.com,”n.d.).
CenturyLink | Business Continuity & Disaster Recovery Solutions. (n.d.). Retrieved from http://www.centurylink.com/business/products/managed-services/business-continuation/index.html Disaster Recovery Planning (DRP) and Business Continuity Plan (BCP) Template. (n.d.). Retrieved from http://DisasterRecovery.org Disaster Recovery Planning (DRP) and Business Continuity Plan (BCP) Template. (n.d.). Retrieved from http://www.disasterrecovery.org Small-Business Guide – A Small-Business Guide to Disaster Recovery – NYTimes.com. (n.d.). Retrieved from http://www.nytimes.com/2009/09/10/business/smallbusiness/10disaster.html?_r=0
Cashman, S. (2000). Types of Information Systems. Retrieved from http://bisom.uncc.edu/courses/info2130/Topics/istypes.htm Kroenke, D.M. (2014). MIS Essentials (3rd ed.). Retrieved from The University of Phoenix eBook Collection database. Leonard-Barton, D., & Kraus, W. A. (1985, November). Implementing New Technology. Harvard Business Review. Retrieved from http://hbr.org/1985/11/implementing-new-technology/ar/8 Rehani, N. (n. d. ). Using SDLC Methodology to Implement HIT. Retrieved from http://www.leidoshealth.com/images/uploads/maxIT-VCS_Using_SDLC_Methodology_ to_Implement_HIT_vF.pdf