Information technology issues in e-business

role of information assurance on improving trust and efficiency in e-Business.

IT issues in E -Business

The field of Information technology has affected the way business is conducted across the whole world. There are however certain issue that affect this mode of conducting business and transactions. Fears of data loss and information security do dominate the field. In this paper we present the key issues that affect E-business in order to come up with a clear cut recommendation on how to tackle these issues. There are various issues affecting the effectiveness of e-business. The main issues that are detrimental to the success of various e-business strategies are explored and emphasis put on means of improving the effectiveness of various e-business platforms. The paper concludes with a recommendation and future works as well as a summary of the project deliverables.

Research

Subject: The role of information assurance on improving trust and efficiency in e-business.

My research proposal is formulated to investigate the methods of improving the efficiency of various e-business strategies. This is with the intention of driving up sales and efficiency so as to enable a particulate business to have a higher Return on Investment and a better global presence

Proposed Research Topic: This paper investigates the various issues that affect the proper execution of various e-business strategies with a focus on the Information technology related issues. Our focus is however on the methods of securing data being exchanged on the e-business infrastructure so as to achieve a better degree of data integrity.

Summary: The paper utilizes a variety of techniques in order to expose the key issues that dominate the field of e-business. The main intention is to identify the point of weakness in the various techniques used in executing the various e-business strategies. The main focus is however on the way information assurance can be effectively implemented on the various e-business platforms while coming up with a perfect mix to aid in the achievement of improved e-business platforms. Our analysis is however concentrated on the issues of Information Technology with little regards to issues of management and such like parameters.

Purposes: The purpose of the research proposal is to identify the main issues that affect e-business in the domain of Information technology. The identified issue which in this case is Information assurance is then investigated in order to come up with improved e-business models and platforms that would elicit consumer trust while providing protection to the organization's crucial data simultaneously.

Definition of terms:

E-Business

This is the use of Information technology techniques in supporting of various key operations of a business. The main activities that it affects are used in commerce which entails the exchange of various goods and services between various businesses, special groups as well as individuals, it can however be viewed as one of the main activities of various businesses.

Information technology

This is a field which entails the studying, designing, developing, implementing, supporting as well as the managing of various information technology infrastructures in order to come up with effective methods of disseminating information.

Information Assurance

This involves the practice of performing proper management to various risks that are related to the way information is effectively utilized, processed, stored as well as transmitted efficiently. It involves the field of information security as well as computer securit

Introduction

E-business is times referred to as electronic business and means as the utilization of elements of information technology in providing various forms of support of all the major activities of a particular organization. The techniques utilized in the electronic business enables various firms in the process of linking up both of their internal and external facilities for processing data in an deliberate attempt to improve the organization's efficiency and flexibility. The end result is the ability of the firm to operate hand in hand with their numerous suppliers, business partners as well as employees in order to achieve a high level of satisfaction in terms of the needs and demands of both the firm and its clientele. The idea of e-commerce has already resulted in enormous changes in business corporations, their market bases as well as general customer behaviour ( Laudon and Traver, 2007).

In many cases there are individuals who confuse the dynamic of e-commerce with those of e-business. It is therefore important to point them out categorically so as to ensure that our problem statement is effectively outlines and even stated. The first point to note is that the concept of e-business comprises of more intricate details as compared to e-commerce. In fact their basic definitions clearly illustrate their main differences. The major point to bring out the disparity is the fact that e-business refers to a concept that has its focus strategically pointed towards the firms that make use of electronic methods of information technology in enhancing its key functions and capabilities-commerce on the other hand is more focussed towards the enhancement of business processes that are involved with the electronic purchases of various goods and services in the entire process of value chain management as well as supply chain management

The process of implementing the various e-business strategies involves the use of various safe standards of encryption so as to ensure that there is a high level of assurance regarding the integrity and content of the sensitive information that is being exchanged between the corporation in question and its various branches as well as its headquarters. The process of adopting the various e-business strategies in the end should allow for a perfect integration of all the intra and extra-corporation processes geared towards the enhancement of the various business activities within the firm. The role of information technology is crucial in the entire process of e-business as it is the backbone upon which e-business rides. Various information technology protocols are used in order to achieve the concept of e-businessman example is the Transmission Control Protocol/Internet Protocol (TCP/IP) which is the major protocol used in the various types of intranet and internet communication facilitation ( Laudon and Traver, 2007).

Project Question

The main project questions revolve around the role played by information technology in increasing both the level of trust and efficiency of the various e-business strategies through an institution of appropriated information assurance policies.

Question 1:Does improved information assurance policies and initiatives leads to a more efficient e-business platform?

Question 2: Does improved information assurance policies and initiatives lead to better trust between the users of thee-business systems

Question 2: Does improved information assurance policies and initiatives lead more Return on Investment (ROI)?

The existing e-commerce security models

There are various security models that have been developed with the intention of providing an efficient and secure online e-business environment. The main one is the one that relies on the Sockets Layer/Transport Layer Security (SSL/TLS); this has widely been adopted by banks as their default internet banking standard so as to provide both trust and security need in the various transactions that do take place in their various e-business operations (). There are unverified claims however that various Certification Authorities who supply the SLL Certificates such as Thawte Consulting (Proprietary) Limited on various firm's web servers can securely collect client's sensitive details in an online environment and in the process win the trust of the customer and as a result lead to increased revenue collected as a result of the increased confidence level among the customers. This is because the customers develop the required confidence in the fact that both their credentials and that transaction as well are safely being executed

The existing e-business security models are however vulnerable to reduced level of trust and security. This is partly as a result of local attacks to the system which arises whenever an intruder installs a malicious software codes on the client computers. There are also cases of remote attacks to the computer system in the form of phishing and pharming.The main intention of this kind of attacks is to steal the credentials of the clients as well as the SLL user sessions for the purpose of carrying on further attacks. There are however certain more serious cases of attacks which results as a result of the attacker amalgamating both types of attacks into one major one involving the use of already acquired credentials and user sessions to carry out more damage to the e-business infrastructure.

One cannot avoid noticing the analogy that can be drawn from the structure of the e-business with the normal business environment in the real and tangible world of commerce. The various products and services that are transacted are represented digitally in the form of transactional data. The various suppliers, customers and vendors all connect to the e-business portal via an intranet or internet link as opposed to meeting face-to-face. There is therefore a systematic movement of inventory between the various parties and their houses of fulfilment. The revenue being generated also follows an exact same rhythm of digital flow from the many stores up to the various financial networks (banks) and then to the offices and then the cycle reverses in the exact order in which it evolved. The various e-businesses therefore depend upon various ISP's as well as the internet infrastructure in order to achieve an improved level of convenience as well as unparalleled availability. The merits associated with e-commerce has therefore resulted to rapid adoption of the concept with a heavy reliance on various encryption techniques such as SLL as well as username and password based authentication techniques that rely on authentication files contained within the file named .htaccess.

The simplicity of adopting and implementing both methods is therefore a merit as both can be achieved through the use of various components that are readily available to be used on the various web browsers. Their availability is however marked with cases of attacks fuelled majorly by the very nature of the common protocol used (TCP/IP). The availability of numerous points of attacks in terms of ports presents an excellent opportunity for would-be attackers to plan as well as to execute their attacks unabated. In order to achieve maximally secured e-business framework all the communication ports which run in the thousands must be watched every millisecond of their use.

All enterprises on the face of this earth have come to learn that is utterly impossible to eliminate all the risks associated with business. The best that can be done however is to manage the level of damage that can possible occur as a result of a risk affecting the operation of any business. The appropriate technologies must therefore be adopted in order to ensure that the processes that occur at then various e-business portals are secured to the acceptable standards. This is achieved through the installation of various technologies such as firewalls, encryption techniques, use of key card as well as the rolling out of properly managed Virtual Private Networks. These technologies are however no match for the current rate of attacks which exploit the fact that the technologies can only be implemented on certain parts of the network only. The use of obvious passwords as well as improperly configured network terminals is a recipe for unauthorized e-business portal control and data breach. The fact that the data being transmitted can be easily intercepted and even corrupted is a major blow to the e-business data integrity.

Ensuring e-business success through the reduction of online risks and cost

The concept of e-business is mainly faced with two types of risks in its implementation through both the open systems as well as networks ( Lasheng and Placide, 2009). The initial risk is associated with the opportunity cost related with the lack of implementing an overall connection which links a particular e-business with the rest of the world. There is also a great number of success statistics regarding the operations of various business-to-business (B2B) commerce activities in the online context. This is because the various B2B networks help in reducing the cost of sales as less staff is required in order to take care of the various business activities in the organizations.

Various firms therefore require the security and reliability that comes with the implementation of the various e-business platforms. The whole idea of e-business should be crowned and presented in a model which is encompasses the various functions of manufacturing, warehousing as well as enhancing the customer experience and relationship. Apart from the common lack of trust among the various persons who use the e-commerce platforms on the reliability and security of the technology, there is also the risk associated with the lack of flexibility that is necessary to offset the impending challenges that dog this form of doing business. There is therefore a need for an efficient risk management technique that is necessary to ensure that the key parameters of an e-business platform are properly taken care of and accounted for. The availability of proper and secure e-business platforms is crucial for winning the trust of the clients. In order to design a system that can appropriately meet the demand of the clients, it is crucial to properly identify the key factors that customers are concerned about in order to mend them as an effort to winning their trust in engaging with the e-commerce system it has been pointed out by Lasheng and Placide (2009) that a secured e-business environment helps firms in learning about their existence as well as their operations. They also gain a perspective regarding their potential and current client base.

There are various metrics that constitute a secure e-business environment. These metrics are essential to the achievement of success by the firms that adopt them because of the following reasons. The successful adoption and implementation of a secure e-business environment must meet the following conditions.

Must ensure that the data being exchanged is available with the highest level of both integrity and confidentiality (Information Assurance key factors)

Must allow for the ease of identification of various vulnerabilities that exist in the e-business system itself. The vulnerabilities are the ones that are responsible for the cases of network interruptions that affect the quality of service that can be derived from the system and hence reducing the level of confidence of the customers on the entire framework.

Must allow for the creation of secure and confidential channels of communications to be utilized for the transfer of corporation data.

There are therefore certain doctrines that must be adopted in order to ensure that a particular e-business model is secure. These are;

1. The ability of the designers of the model and the system to comprehend all the key corporation networks as well as the various objectives to be achieved by the systems in question. Not all parts of the e0business infrastructure should be accorded equal level of security. This is because certain areas are more at risk of breaches and should therefore be accorded a higher level of attention and hence higher level of precaution.

2. It is paramount that a comprehensive policy be drafted in order to achieve the required goals and levels of data integrity, availability as well as confidentiality. The available policy must be subjected to periodical amendments. The process can also help in streamlining and automating the business processes.

3. It is essential that the e-business platform is implemented using industry standards security techniques which involve the use of firewalls as well as encryption and authentication techniques. This aids in improving the efficiency of the e-business platform ( Lasheng and Placide, 2009).

4. Every organization that engages in e-business must ensure that they purchase the best products as well as assessment tools from known vendors in a multiple fashion. This is because such a move would ensure that independent and dependable solutions are derived from the evaluation process of gauging the performance of a given corporation's e-business security strategy.

5. It is important to ensure that some of the operations geared towards the management of the security of the e-business platform are outsourced in orde to minimize costs and maximize the ROI. This also gives the organization extra time to concentrate on its key activities.

In order to ensure that an organization's e-business' security infrastructure is properly managed and orchestrated, it is important to identify the main functions that drive each and every aspect of the e-business security. The level of trust can therefore be increased through the adoption of the following techniques.

The formulation of proper policies that must be complied with and the setting up of structures to assist in the process of managing the various vulnerabilities in the e-business platforms.

The ability of the e-business system to initiate actions of intrusion detection as well as the necessary response

The e-business platform must have a comprehensive risk assessment, risk management as well as a well outlined e-business insurance policy

The e-business platform should be able to provide facilities that can be outsourced to third parties. The main intension of this is to improve the efficiency of the firm by allowing it to concentrate on its major competencies while reducing cost at the same time.

The system should be adorned with a proper decision support as well as a dependable security management system.

Literature review

Extant literature has been dedicated to the study of various e-business strategies in regard to the improvement of security and trust on these Information Technology dependant services. Oliver (1980) postulated a theory he referred to as Expectation-confirmation theory (ECT) is very much in action whenever a consumer of a certain product wants to purchase or use a certain product. This form of behavior emerges from the basic logic that from the point of initial expectation before a certain purchase is made, a general percept in formed which judges the overall performance of a certain product. The perception is usually made stronger after the initial of use the product. This theory can be used or rather transposed to operate in the e-business security models. The reasoning is that once a user of a certain e-business system experiences its convenience and security, and then there is always an urge to rely more on the system for future transactions and online operations. Their satisfaction level is therefore decided by the extent to which their initial expectations were confirmed by the e-business platform. The satisfied client in the form of e-commerce (a subset of e-business) can then decide to repurchase the good or product or have an intention to do so in the future. Trust has been found to be based on the expectations that certain persons and firms with whom a given entity interact would not result in the entity being taken advantage of or be over-depended upon (Gefen. & Straub, 2003). As Kim et al.(2003) further points out, the trust-satisfaction dynamics is activated through a process which involves repeated interactions. Since trust is related to the degree of satisfaction, the e-business systems that are designed must be able to ensure a high level of interaction so that higher levels of satisfaction are derived.