828 resultados para systems management
Much ado about nothing? Tracing the progress of innovations borne on enterprise social network sites
Resumo:
Enterprise social networks are organizationally bounded online platforms for users to interact with another and maintain interpersonal relationships. The allure of these technologies is often seen in intra-organizational communication, collaboration and innovation. How these technologies actually support organizational innovation efforts remains unclear. A specific challenge is whether digital content on these platforms converts to actual innovation development efforts. In this study we set out to examine innovation-centric content flows on enterprise social networking platforms, and advance a conceptual model that seeks to explain which innovation conveyed in the digital content will traverse from the digital platform into regular processes. We describe important constructs of our model and offer strategies for the operationalization of the constructs. We conclude with an outlook to our ongoing empirical study that will explore and validate the key propositions of our model, and we sketch some potential implications for industry and academia.
Resumo:
The Internet of Things facilitates the identification, digitization, and control of physical objects. However, it is the availability of cost effective sensors, mobile smart devices, scalable cloud infrastructure, and advanced analytics that have consumerized the Internet of Things. The accessibility of digital representations of things has transformative potential and provides entire new affordances for organizations and their ecosystems across most industries.
Resumo:
Social networking sites (SNSs), with their large numbers of users and large information base, seem to be perfect breeding grounds for exploiting the vulnerabilities of people, the weakest link in security. Deceiving, persuading, or influencing people to provide information or to perform an action that will benefit the attacker is known as “social engineering.” While technology-based security has been addressed by research and may be well understood, social engineering is more challenging to understand and manage, especially in new environments such as SNSs, owing to some factors of SNSs that reduce the ability of users to detect the attack and increase the ability of attackers to launch it. This work will contribute to the knowledge of social engineering by presenting the first two conceptual models of social engineering attacks in SNSs. Phase-based and source-based models are presented, along with an intensive and comprehensive overview of different aspects of social engineering threats in SNSs.
Resumo:
While social engineering represents a real and ominous threat to many organizations, companies, governments, and individuals, social networking sites (SNSs), have been identified as among the most common means of social engineering attacks. Owing to factors that reduce the ability of users to detect social engineering tricks and increase the ability of attackers to launch them, SNSs seem to be perfect breeding ground for exploiting the vulnerabilities of people, and the weakest link in security. This work will contribute to the knowledge of social engineering by identifying different entities and subentities that affect social engineering based attacks in SNSs. Moreover, this paper includes an intensive and comprehensive overview of different aspects of social engineering threats in SNSs.
Resumo:
There is no doubt that social engineering plays a vital role in compromising most security defenses, and in attacks on people, organizations, companies, or even governments. It is the art of deceiving and tricking people to reveal critical information or to perform an action that benefits the attacker in some way. Fraudulent and deceptive people have been using social engineering traps and tactics using information technology such as e-mails, social networks, web sites, and applications to trick victims into obeying them, accepting threats, and falling victim to various crimes and attacks such as phishing, sexual abuse, financial abuse, identity theft, impersonation, physical crime, and many other forms of attack. Although organizations, researchers, practitioners, and lawyers recognize the severe risk of social engineering-based threats, there is a severe lack of understanding and controlling of such threats. One side of the problem is perhaps the unclear concept of social engineering as well as the complexity of understand human behaviors in behaving toward, approaching, accepting, and failing to recognize threats or the deception behind them. The aim of this paper is to explain the definition of social engineering based on the related theories of the many related disciplines such as psychology, sociology, information technology, marketing, and behaviourism. We hope, by this work, to help researchers, practitioners, lawyers, and other decision makers to get a fuller picture of social engineering and, therefore, to open new directions of collaboration toward detecting and controlling it.
Resumo:
In this editorial letter, we provide the readers of Information Systems Management with a background on process design before we discuss the content of the special issue proper. By introducing and describing a so-called process design compass we aim to clarify what developments in the field are taking place and how the papers in this special issue expand on our current knowledge in this domain.
Resumo:
This teaching case describes how SAP, a leading global information technology (IT) solutions provider, embarked on a large-scale transformation program to implement a dual sustainability strategy of: (a) internally transforming the organization, and (b) addressing a business opportunity by developing IT solutions that enable their customers to become more sustainable. This case provides students with significant information about the development of SAP towards sustainability, including the company's underlying motivation, their approach to change and related challenges, and their use of IT to enable the transformation. The teaching case provides an opportunity to critically examine the benefits and risks of using IT in an effort to improve the sustainability of an organization, and to develop appropriate models for sustainable strategies and IT implementation efforts.
Resumo:
The purpose of this study is to understand a small e-support firm’s response to the local e-readiness and the global e-business environment in a developing context. E-Support firms provide Web development and consultancy services to user organizations, assisting them in their uptake and maintenance of their Internet applications. Within the e-readiness research area, little is known about e-support firms, particularly in connection with their interaction with their local and the global e-business environment. As yet the emphasis on e-readiness studies has been at the national level. Nevertheless, the e-support sector is very significant in the successful adoption and diffusion of the Internet and related applications in any economy. It is thus important to understand how such firms relate to their e-business environments.That said, this study draws on the interpretive case study of a small e-support firm in Ghana, a developing context, to investigate the firm’s response to the e-readiness level of the local and the global e-business environment. Findings show that the firm could employ resources from the global environment to address most of the infrastructural challenges posed by a relatively poor local e-readiness context. However, its attempt to transfer advanced e-business technologies from the global e-business environment to the local e-business context did not succeed. This chapter offers implications for practice and research concerning the notion of reconciling local and global e-business environments in the small e-support sector.
Resumo:
Organizations often have some innovation capability but typically not across all stages of the innovation process. Understanding key requirements of each stage helps shifting the capability focus to cover the entire innovation process.
Resumo:
The question concerning what makes for good BPM is often raised. A recent call from Paul Harmon on the BPTrends Discussion LinkedIN Group for key issues in BPM received 189 answers within two months, with additional answers still appearing. I have teamed up with a number of BPM researchers and practitioners to bring together our joint experience in a BPM workshop at the University in Liechtenstein in 2013, where we developed ten principles of good BPM, later published in Business Process Management Journal (vom Brocke et al., 2014). The paper, which has received considerable attention in academia, was ranked the journal’s most downloaded paper the month it was published. Slides on Slideshare that provide a brief summary of the paper have been accessed more than 3,000 times since they were first put online in March 2014. Given the importance of the topic–what makes for good BPM–and the positive response to the ten principles, I wrote this note with the co-authors of the original BPMJ paper to outline the ten principles and illustrate how to use them in practice. We invite all readers to engage in this discussion via any channel they find appropriate.
Resumo:
This paper proposes a recommendation system that supports process participants in taking risk-informed decisions, with the goal of reducing risks that may arise during process execution. Risk reduction involves decreasing the likelihood and severity of a process fault from occurring. Given a business process exposed to risks, e.g. a financial process exposed to a risk of reputation loss, we enact this process and whenever a process participant needs to provide input to the process, e.g. by selecting the next task to execute or by filling out a form, we suggest to the participant the action to perform which minimizes the predicted process risk. Risks are predicted by traversing decision trees generated from the logs of past process executions, which consider process data, involved resources, task durations and other information elements like task frequencies. When applied in the context of multiple process instances running concurrently, a second technique is employed that uses integer linear programming to compute the optimal assignment of resources to tasks to be performed, in order to deal with the interplay between risks relative to different instances. The recommendation system has been implemented as a set of components on top of the YAWL BPM system and its effectiveness has been evaluated using a real-life scenario, in collaboration with risk analysts of a large insurance company. The results, based on a simulation of the real-life scenario and its comparison with the event data provided by the company, show that the process instances executed concurrently complete with significantly fewer faults and with lower fault severities, when the recommendations provided by our recommendation system are taken into account.
Resumo:
The worldwide installed base of enterprise resource planning (ERP) systems has increased rapidly over the past 10 years now comprising tens of thousands of installations in large- and medium-sized organizations and millions of licensed users. Similar to traditional information systems (IS), ERP systems must be maintained and upgraded. It is therefore not surprising that ERP maintenance activities have become the largest budget provision in the IS departments of many ERP-using organizations. Yet, there has been limited study of ERP maintenance activities. Are they simply instances of traditional software maintenance activities to which traditional software maintenance research findings can be generalized? Or are they fundamentally different, such that new research, specific to ERP maintenance, is required to help alleviate the ERP maintenance burden? This paper reports a case study of a large organization that implemented ERP (an SAP system) more than three years ago. From the case study and data collected, we observe the following distinctions of ERP maintenance: (1) the ERP-using organization, in addition to addressing internally originated change-requests, also implements maintenance introduced by the vendor; (2) requests for user-support concerning the ERP system behavior, function and training constitute a main part of ERP maintenance activity; and (3) similar to the in-house software environment, enhancement is the major maintenance activity in the ERP environment, encompassing almost 64% of the total change-request effort. In light of these and other findings, we ultimately: (1) propose a clear and precise definition of ERP maintenance; (2) conclude that ERP maintenance cannot be sufficiently described by existing software maintenance taxonomies; and (3) propose a benefits-oriented taxonomy, that better represents ERP maintenance activities. Three salient dimensions (for characterizing requests) incorporated in the proposed ERP maintenance taxonomy are: (1) who is the maintenance source? (2) why is it important to service the request? and (3) what––whether there is any impact of implementing the request on the installed module(s)?
Resumo:
This paper presents a technique for the automated removal of noise from process execution logs. Noise is the result of data quality issues such as logging errors and manifests itself in the form of infrequent process behavior. The proposed technique generates an abstract representation of an event log as an automaton capturing the direct follows relations between event labels. This automaton is then pruned from arcs with low relative frequency and used to remove from the log those events not fitting the automaton, which are identified as outliers. The technique has been extensively evaluated on top of various auto- mated process discovery algorithms using both artificial logs with different levels of noise, as well as a variety of real-life logs. The results show that the technique significantly improves the quality of the discovered process model along fitness, appropriateness and simplicity, without negative effects on generalization. Further, the technique scales well to large and complex logs.
