Search This Blog

Thursday, March 25, 2010

Activity No. 3 - Cases

Case 1 – Missing White House E-mail

Questions:

1. What is the White House records management process? What is the significance of the records management process?

Record Management Process is the process of transferring e-mails to the Executive Office of the President to computer systems in the White House. The significance of records Management process is to allot the text of the e-mails to be searched in response to subpoenas and other inquiries.

2. Daniel Barry discovered a problem with the record management process in January 1998, but didn’t determine the extent of the problem. What further actions might he have taken to correctly assess the situation while avoiding potential personal repercussions?

Daniel Barry reported to the supervisor but they don't take action because they thought it was just a minor case. But then, even though it's just a minor problem they must take action and check the system and must not blamed it to the technician. It must be checked by the programmer of the system. Proper maintenance must be done with the physical asset of the system.

3. What could Barry’s supervisor have done to identify the extent of the problems earlier? Why might he have failed to follow through on resolving the problem? Can you identify any reasons why there was a six-month delay from the time the problem was finally recognized until it was fixed?

As a starting point, the supervisor must check the reported error even if it's minor. And not doing so would simply mean, he failed to follow the steps and measures of resolving problem. He does not supervised well and just blamed other person. Blaming in times of crisis is of no help. Well then, there was a six moth delay from the time problem was recognized and fixed because there are still some things to consider like the long process of investigation (find and fixed process).

4. Considering the above case, how useful and crucial e-mails in the business environment?

It is crucial because nowadays more business is occurring specifically in the field of doing the transaction online or e-business. Crucial in terms of sending important and private documents like for instance paypal accounts, documents, certification, shipments, funding documents, codes and other important business factors that could be sent. E-mails is the easiest, fastest and cheapest way to send and information especially when the business of organization have long distance location of areas.

Case 2 Pamalihog Situation

A coworker calls you at 9 A.M. at work and asks for a favor. He is having a little trouble getting going this morning and will be an hour or so late getting into work. He explains that he has already been late for work twice this month and a third time will cost him for hours pay. He asks you to stop by his cubicle, turn his computer on, and place some papers on the desk so that it looks like he is “in”. You have worked on some small projects with this co-worker and gone to lunch together. He seems nice enough and does his share of the work, but you are not sure what to tell him.


Questions:

1. What would you do? Why?

In dealing with such a situation, you must consider two main things – the badness and goodness of what you are going to do. After considering these things and have come up with some thoughts in the mind, try to weigh it up and decide on what to do.

First thing, I would frankly tell him that I am not doing it. Asked why? I simply don’t want to do it because it’s not good for me and for the company to pay for some kind of a tardy person.

Posted by at No comments:

Am I aiming for any IT Certification?

Well, for me I should say 'Why not? For some reason, being certified really means a lot.Being a Philnits certified database and network administrator is one of my biggest dreams. Having this certification would greatly help me lend a good job with great salary.
Posted by at No comments:

Licensing IT Professionals, is there a need?

Yes. For some reason, licensing could become a venue to assess the expertise, knowledge and skills of an individual in the field; hence, excellence and quality of performance is always assured of. It could serve as an evidence proficiency and capability of doing the things you are expected to.
Posted by at No comments:

Monitoring Employees: My Own Stand Point

Organizations, whether big or small have recognize the need to use information technologies. These may be provided by the administration or brought in the workplace by the employees. The need to monitor employees’ usage of information and communications technology tools in the workplace rooted in the misuse of these said technologies.

Essentially, these technologies; as its main purpose is to aid employees in doing their tasks effectively and efficiently. But for some extent, these technologies are being misused by the employees. Take into consideration the scenarios of an employee making chit chat to friends through the phone even during office hours; using the internet services of a company in doing monkey business such as opening Facebook, Twitter, Friendster and other social networking sites; sometimes, playing online games. These are just some of the reasons why employers keep an eye of their human resource in the workplace.

Employers have come to put some CCTV cameras, install tracking software or application in the office computers and telephone lines. But, why would they do these? All of these measures are just company’s means of protecting their business. These acts of the employees may affect their productivity and concentration in the business and to the extreme, would greatly affect the business’ production and market competitiveness.

To end, employees must also take into consideration the fact that employees also have their right to privacy even during workplace. Company must make some measures to let their employees know that they are monitored while in the workplace. With these, harmonious relationship at work is established.

Posted by at No comments:

Benefits of Joining Professional Organization

Here are the benefits of joining a professional group:

Expand your professional network. Our contacts become stale and limiting if we have a narrow circle of workers;
Learn about industry trends. Leaders from industry present and discuss current industry topics.
Increase others awareness of your company;
Gets you to think outside of the box (many companies and their workers have tunnel vision)
Discover what other companies are doing;
serves as proper guidance of your skills and competence in your chosen field;
joining a professional organization is an immense place to network with people in your career path and stay abreast of changes in your field;
it will build up your potential to become an organization leader; and
a basis to expand your understanding of the particular area and to develop innovative skills.

Some of the disadvantages are:

First thing’s first, the pressure is always at your hands because individuals may anticipate too much from you. Second, it could result to overconfidence of an individual. Lastly, expectations are extremely high.


Posted by at No comments:

Professional Organizations

International IT professional organizations:

Association of Information Technology Professionals (AITP) - The organization’s mission is to provide superior leadership and education in Information Technology. AITP is dedicated to using the synergy of Information Technology partnerships to provide education and benefits to our members and to working with the industry to assist in the overall promotion and direction of Information Technology.

American Society for Information Science (ASIS) - Since 1937 ASIS has been the society for information professionals leading the search for new and better theories, techniques, and technologies to improve access to information. ASIS brings together diverse streams of knowledge, focusing what might be disparate approaches into novel solutions to common problems. ASIS bridges the gaps not only between disciplines but also between the research that drives and the practices that sustain new developments

The Information Technology & Telecommunications Association (ITTA) - The Information Technology and Telecommunications Association is the resource for information technology and telecommunications professionals involved in transporting, connecting and integrating data, image, video and voice.

Institute for Certification of Computing Professionals (ICCP) - Founded in 1973, the Institute for Certification of Computing Professionals is acknowledged throughout the information and technology sectors as an authoritative source of professional certification. The CCP examinations demand a high degree of professional competence. The tests are organized into 17 specialty exams ranging from Business Information Systems to RPG/400 Language.

The System Administrators Guild (SAGE) and the USENIX Association - The organization’s mission is to advance the status of computer system administration as a profession, establish standards of professional excellence and recognize those who attain them, develop guidelines for improving the technical and managerial capabilities of members of the profession, and promote activities that advance the state of the art or the community.

National IT professional organizations:

Information Technology Association of the Philippines (ITAP) - is a private, independent and non-profit association whose members are composed of leading product and service providers of Information and Communications Technology. The group is aimed at promoting ICT development and its usage as it contributes to the economic growth and global competitiveness of the Philippines.

Information Technology Foundation of the Philippines - was established in 1994 and acts as an umbrella for around eleven ICT associations in the country. The mission of ITFP is to represent and act as the single voice of the Philippine IT sector. The objectives are to accelerate the development of the Philippine Information Technology industry and help the segment by conducting and supporting projects and activities that will lead to the attainment of its purposes.

Information Systems Audit and Control Association ISACA-Manila Chapter is an organization for Information Systems (IS) professionals in the Philippines providing a source of information, education and guidance in IS auditing, control and security. They provide complimentary download of COBIT™ and offers CISA. and CISM™ accreditation to its members.


Local IT Professional Organizations:

Cebu Educational Development Foundation for Information Technology (CEDF-IT)- is an offshoot of the first Cebu IT Summit convened last March 2001. The Cebu IT Summit identified the need to enhance the quality and quantity of human resources in the IT industry and CEDF-IT was the response to this challenge by the major players in the industry, the academe, and government and NGOs.

Council of Deans for IT Education in Region XI (CDITE-XI) started in year 2001 and spread its wings under the presidency of Vic Calag (UP-Mindanao) for three years until year 2004. It would be worthy to note that the vision of CDITE-XI is to make Davao as the center of quality and world-class IT education and training in Mindanao. The mission is to produce highly competent and efficient IT professionals with sound social and ethical standards. The five main programs are: (1) Administrators and Faculty Development; (2) Academe-IT Industry Linkage; (3) Inter-School Cooperation; (4) Advocacy; and (5) Networking. The core values are commitment, professionalism, excellence, continuing education, integrity, social relevance and unity.
Posted by at No comments:

Saturday, March 6, 2010

Google @ China

Google is the largest search engine with the most number of users worldwide (?) It pro­vides a means for users to search through the Internet any information needed. Google also pro­vides service as GMail – an electronic mail service.

Some time, Chinese authorities censored search results from Google and hacked some GMail accounts in its way to investigate some human rights activists. China’s act of what is known as “cyber oppression” is such a manifestation of what is called intrusion or violation of ones right to privacy.

With what China did, Google withdraws its operation in the country. This is such a good decision. This is a very positive develop­ment in safeguarding Internet users from unauthorized disclosure of personal accounts. It proves the premise that not all organizations are only on the look for big profit but also to the protection of its patrons right to privacy.


Note: The above post is a reflection or essay on the article of Dr. Florangel Braid in Manila Bulletin entitled "Google and Skype".
Posted by at No comments:

Monday, January 4, 2010

Types of Attacks to Computer Security

This post list the different forms of attack that threatens Computer Security.

  • DoS- Denial of Service
  • Trojan Horse - Comes with other software.
  • Virus - Reproduces itself by attaching to other executable files.
  • Worm - Self-reproducing program. Creates copies of itself. Worms that spread using e-mail address books are often called viruses.
  • Logic Bomb - Dormant until an event triggers it (Date, user action, random trigger, etc.).
Hacker Attacks are various forms that exploit weakneses in security. Many of these may cause loss of service or system crashes.
  • IP spoofing - An attacker may fake their IP address so the receiver thinks it is sent from a location that it is not actually from.
  • Gaining access through source routing. Hackers may be able to break through other friendly but less secure networks and get access to your network using this method.
  • Man in the middle attack -
    • Session hijacking - An attacker may watch a session open on a network. Once authentication is complete, they may attack the client computer to disable it, and use IP spoofing to claim to be the client who was just authenticated and steal the session.
  • Server spoofing - A C2MYAZZ utility can be run on Windows 95 stations to request LANMAN (in the clear) authentication from the client. The attacker will run this utility while acting like the server while the user attempts to login. If the client is tricked into sending LANMAN authentication, the attacker can read their username and password from the network packets sent.
  • DNS poisoning - This is an attack where DNS information is falsified. This attack can succeed under the right conditions, but may not be real practical as an attack form. The attacker will send incorrect DNS information which can cause traffic to be diverted. The DNS information can be falsified since name servers do not verify the source of a DNS reply. When a DNS request is sent, an attacker can send a false DNS reply with additional bogus information which the requesting DNS server may cache. This attack can be used to divert users from a correct webserver such as a bank and capture information from customers when they attempt to logon.
  • Password cracking - Used to get the password of a user or administrator on a network and gain unauthorized access.
Posted by at No comments:

What is a PROFESSIONAL?

After having the definition of a PROFESSION, let's take a look on what a 'Professional' is...

The word professional traditionally means a person who has obtained a degree in a professional field. The term professional is used more generally to denote a white collar working person, or a person who performs commercially in a field typically reserved for hobbyists or amateurs.

A professional is someone who requires advanced trainings and experience, must exercise discretion and judgment in the course of his her work and whose work cannot be standardized.

A professional is expected by many to contribute to society, to participate in a life-long training program (both formal and informal), to keep abreast of development in their field and to help develop other professionals.

Many professional roles carry with them special rights and special responsibilities.

Sources:
Ethics in Information Technology by George Reynolds (2006)
http://en.wikipedia.org/wiki/Professional
Posted by at No comments:

What is a PROFESSION?

As posted on the internet, "a profession is a vocation founded upon specialized educational training, the purpose of which is to supply disinterested counsel and service to others, for a direct and definite compensation, wholly apart from expectation of other business gain".

In addition, according to Webster's Dictionary of the English Language, a profession is a calling requiring specialized knowledge and often long and intensive academic preparation.

With the above definitions of profession, it is clearly emphasized that in order to gain a profession, one must finish "special education", 'trainings", must obtain "specialized knowledge" from a long and intensive academic exposures.

The terms ‘profession’ (the area of study and work) and ‘professional body’ (the organisation that regulates or has oversight of the profession) sometimes merge in popular usage.

In an explanatory context, there are many professions and they are controlled to varying degrees by professional, regulatory or governmental bodies. Most definitions of profession identify ‘working for the public good’ as among the characteristics of the profession.

Some analytical reviews on profession:

The Australian Council of Professions (2004) defines ‘a profession’ as follows:

A profession is a disciplined group of individuals who adhere to ethical standards and uphold themselves to, and are accepted by, the public as possessing special knowledge and skills in a widely recognised body of learning derived from research, education and training at a high level, and who are prepared to exercise this knowledge and these skills in the interest of others.

It is inherent in the definition of a profession that a code of ethics govern the activities of each profession[al]. Such codes require behaviour and practice beyond the personal moral obligations of an individual. They define and demand high standards of behaviour in respect to the services provided to the public and in dealing with professional colleagues. Further, these codes are enforced by the profession and are acknowledged and accepted by the community.

Boone (2001) states:

Professions are based on scientific and philosophical facts acquired through scholarly endeavor (1). Individuals who enter a profession do so for reasons that distinguish them from other work or vocations. They understand that their work renders a unique public service with a scientific or philosophical basis and/or body of knowledge that requires an extended period of academic and hands-on preparation. Professions are also based on specialized skills necessary for the professional to perform the public service.

Southern Illinois University (2004) proposes that professions have the following common characteristics:

· Associated with a profession is a great body of special knowledge.

· Preparation for a profession includes training in applying that knowledge.

· The standards of a profession are maintained at a high level through the force of organization or concerted opinion.

· Each member of a profession recognizes his or her responsibilities to the public over and above responsibilities to clients or to other members of the profession.

This matches the earlier views of Burbules and Densmore (1991) identify the characteristics of a profession as:

professional autonomy; a clearly defined, highly developed, specialized, and theoretical knowledge base; control of training, certification, and licensing of new entrants; self-governing and self-policing authority, especially with regard to professional ethics; and a commitment to public service.

Pratte and Rury (1991), focus more on status and remuneration in their list of the characteristics of a profession:

remuneration, social status, autonomous or authoritative power, and service.


Sources:
Ethics in Information Technology by George Reynolds (2006)
http://www.qualityresearchinternational.com/glossary/profession.htm
http://en.wikipedia.org/wiki/Profession



Posted by at No comments:
Subscribe to: Posts (Atom)