Business Commons^™

Evaluation Approach For An Effective Blockchain Implementation In An Accounting Environment, Angel R. Otero, Ryan P. Fink

Communications of the IIMA

Blockchain has the potential to revolutionize accounting transactions in the same way the Internet revolutionized the collection and dissemination of information. Nonetheless, like the Internet, blockchain technology is a double-edged sword offering tremendous benefits but also drawbacks. The literature points to inadequacies in blockchain implementations, particularly when evaluating and selecting controls to help ensure an effective blockchain implementation in organizations. This research develops an approach that not only addresses the inadequacies identified in the literature, but also prompts organizations to a more precise evaluation and selection of controls to achieve effective blockchain implementation. The approach uses Desirability Functions to quantify …

Phishing For All Ages, Rachana Vann

Electronic Theses, Projects, and Dissertations

Since the start of the pandemic in 2020 and the increase in teleworking, we have witnessed a subsequent increase in cyber-attacks. This project focused on the tools and techniques a teleworker should use to stay safe from online predators. An online predator or hacker is defined as someone who uses the internet to get access to proprietary information or seek a ransom. This project sought to introduce tools and techniques that would help people of all ages to stay safe online. The questions asked were: What techniques do online predators use to lure their unsuspecting victims? On the American Generation …

An Analysis Of Online Internships And Video Conferencing Security, Joshua Trapp

Electronic Theses, Projects, and Dissertations

This culminating experience project explored online internships and video conferencing security. The research questions asked focus on the effectiveness of online versus in-person internships, internship curriculum, third-party internships, video-conferencing applications and their security, advantages of micro-internships, and benefits of internships to all stakeholders. To answer these research questions, data was collected on the security and encryption of video conferencing, and a literature review was conducted using the following terms: Employment, Internship, Video, Video conferencing, Virtual, Online, Electronic, Technology, and Security. Key findings include: (1) Online internships can provide employers with a global pool of employable candidates with increased diversity. (2) …

Emergent Ai, Social Robots And The Law: Security, Privacy And Policy Issues, Ramesh Subramanian

Journal of International Technology and Information Management

The rapid growth of AI systems has implications on a wide variety of fields. It can prove to be a boon to disparate fields such as healthcare, education, global logistics and transportation, to name a few. However, these systems will also bring forth far-reaching changes in employment, economy and security. As AI systems gain acceptance and become more commonplace, certain critical questions arise: What are the legal and security ramifications of the use of these new technologies? Who can use them, and under what circumstances? What is the safety of these systems? Should their commercialization be regulated? What are the …

An Exploration Of Mobile Device Security Artifacts At Institutions Of Higher Education, Amita Goyal Chin, Diania Mcrae, Beth H. Jones, Mark A. Harris

Journal of International Technology and Information Management

The explosive growth and rapid proliferation of smartphones and other mobile

devices that access data over communication networks has necessitated advocating

and implementing security constraints for the purpose of abetting safe computing.

Remote data access using mobile devices is particularly popular among students at

institutions of higher education. To ensure safe harbor for constituents, it is

imperative for colleges and universities to establish, disseminate, and enforce

mobile device security artifacts, where artifacts is defined as policies, procedures,

guidelines or other documented or undocumented protocols. The purpose of this

study is to explore the existence of, specific content of, and the …

Explicitly Stated Security Policies Of Web Sites Of Global Banks Of Europe, Australia, Asia And The U.S, Donald R. Moscato, Eric D. Moscato

Communications of the IIMA

This paper is the latest component of a research project conducted by the authors over a three-year period. The first phase emphasized the privacy policies of global banks and other businesses engaged in E-commerce. Over 600 individualized web-sites were visited and evaluated. This, the second phase of the research project, focuses on the security policies in place for global financial institutions. The purpose of this research study is to review, compare and summarize the security policies of global banks as they are expressed on their web sites. A total of over 300 web sites of global banks were included in …

The Price Of Security: The Challenge Of Measuring Business Value Investments In Securing Information Systems, Tony Coulson, Jake Zhu, Shan Miyuan, Tapie Rohm

Communications of the IIMA

With powerful regulations surrounding security and privacy of information, the authors attempt to identify challenges valuing information security investments. The authors examine three primary approaches to measuring information value: Perceived, Real, and Normative. Literature is reviewed and the approaches are examined in terms of their strengths and weaknesses in providing value measurements for secure information systems. A framework is presented to suggest at what level in an organization and in what situations these information value approaches are most suitable.

The Interrelationship And Effect Of Trust And Strong Cultures In Setting Information Systems Security Goals, Ioannis V. Koskosas, Jyoti Choudrie, Ray J. Paul

Communications of the IIMA

This paper investigates the interrelationship and effect of trust and culture on the level of goal setting within the context of information systems security. In doing so, it explores and discusses the concepts of trust and strong culture and seeks to demonstrate their importance in setting efficiently information systems security goals. The paper contributes to interpretive information systems research with the study of goal setting in a security management context and its grounding within an interpretive epistemology.

Developing Security For E-Commerce Applications: A Teaching Case, Chang Liu, Brian G. Mackie

Communications of the IIMA

The number of severe computer security breaches in e-commerce applications has been on the increase over the last few years. This has become one of the biggest security problems in recent years. Although there are tools to build e-commerce application firewalls to alert and prevent intruder attacks, these tools are not trivial to install (they are not plug-and-play). Internet intruders can create havoc and produce catastrophe results by exploiting weaknesses in e- commerce applications. Therefore, developers of e-commerce web sites have to incorporate ways to systematically identify and eliminate vulnerabilities in the EC applications to enhance their security. This paper …

The State Of Cryptocurrencies, Their Issues And Policy Interactions, Ramesh Subramanian, Theo Chino

Journal of International Technology and Information Management

This paper focuses on the evolution of cryptocurrencies. It traces the history of early cryptography, the ‘cypherpunk’ movement, and how the work of some cyber libertarians and cryptographers enabled the emergence of popular cryptocurrencies. The paper then focuses on Bitcoin. It delves into the technology behind the Bitcoin architecture and shows how exactly this technology works. The paper then does an analysis of security and regulatory considerations that affect the growth of Bitcoin-based businesses. The paper concludes with some suggestions for future work in the area.

Effects Of Exchange Benefits, Security Concerns And Situational Privacy Concerns On Mobile Commerce Adoption, Hua Dai, Yan Chen

Journal of International Technology and Information Management

Few empirical studies have examined both privacy and security concerns in the context of mobile commerce (m-commerce) while accounting for the effects of situational privacy concerns specific to the context of m-commerce. This research fills this gap in research by exploring users’ exchange perceptions specific to the context of m-commerce in China and by examining the inhibitors and drives of m-commerce adoption in China from the perspectives of social exchange. Particularly, this research develops an integrated research model in which users’ perceptions on value added of and usefulness of m-commerce, and users’ privacy concerns and security concerns of m- commerce …

Limitations Of Nonfinancial Metrics Reported By Social Media Companies, Rob Weitz, Theresa Henry, David Rosenthal

Journal of International Technology and Information Management

Publicly traded companies in the U.S. are required by the Securities and Exchange Commission (SEC) to file annual and quarterly financial statements (form 10-K and form 10-Q respectively). The Management Discussion and Analysis (MD&A) section of these reports, as per SEC requirements, should include the identification and discussion of nonfinancial performance metrics that are critical to management and important to investors. This paper examines a set of common nonfinancial metrics reported by some well-known social media companies. These metrics include such quantities as number of registered users, monthly average users, and number of unique visitors. The definition and use of …

Enterprise Systems Network: Securid Solutions, The Authentication To Global Security Systems, Emmanuel U. Opara, Vance Etnyre

Journal of International Technology and Information Management

Enterprise systems need reliable, flexible and secure means for making public and confidential information available to users in a secured and trusted manner. Although enterprise systems have variety of choice to authenticate these users, organizations face significant issues when granting access and providing a manageable structure for valuable access control. Logon functionalities such as user name and password algorithm have been used to grant authentication and authorization into enterprise systems network resources. Since most systems clients prefer the ease of using passwords, and since passwords are easily compromised, the urgency for a stronger authentication process becomes paramount. This study performed …

Evaluating The Perceived Impact Of Collaborative Exchange And Formalization On Information Security, Randall Young

Journal of International Technology and Information Management

Organizations integrate information security measures through information security planning and policy development. This study aims to examine how the extent of collaborative exchange within the organization and extent of formalization of the information security function impact the effective utilization of well-established information security objectives. The security objectives of interest, described in general deterrence theory, are deterrence, detection and recovery. This study finds that organizations that exhibit higher levels of collaborative exchange and develop and implement more information security policies are more effectively utilizing the information security strategies of detection, deterrence and recovery. This study highlights the importance of the complementary …

Improving The Judicial System To Handle Computer Crime, Gerald V. Post, Albert Kagan

Journal of International Technology and Information Management

This paper asked professionals in the legal system to evaluate the current state and effectiveness of laws to identify and deter computer crime. Responses were evaluated with a formal structural equation model. The results generally show that legal professionals believe potential jurors have minimal knowledge of computer crime issues. More importantly, they also believe that judges have little knowledge or experience. A similar lack of knowledge by defense attorneys indicates that it could be difficult for a person accused of computer related infractions to find adequate representation. On the other hand, more experienced participants do not believe computer laws present …

More Secure Passwords, Scott Magruder, Stanley X. Lewis Jr

Journal of International Technology and Information Management

Passwords are often the first line of defense against hackers trying to logon to a user’s account. Due to this, the password that a user selects for protection of their account is critical. These passwords must be “good” passwords that are not easily cracked. However, how does the network administrator enforce this? A simple change to the login process can make the passwords chosen by users much more secure. A description of this simple process is given in this paper. The normal login process is described. A description of the how hackers attempt to crack passwords is given. The simple …

The Role Of Quantitative Analysis In The Information Security Systems Development Lifecycle, Stephen R. Rosenkranz, Michael E. Busing, Faye P. Teer, Karen A. Forcht

Journal of International Technology and Information Management

Today’s numerous Quantitative Analysis (QA) tools have been successfully utilized to solve business problems in diverse applications. However, the application of QA tools in solving information security problems has been sparse. Devising the means and ways to use QA tools in resolving industry-wide security problems has the potential to yield enormous global economic benefit. The purpose of this paper is to explore the use of QA tools as a means of improving the processes involved in the Information Security Systems Development Lifecycle (SecSDL). Information security professionals use the SecSDL as a guide for formulating a comprehensive information security program. The …

Enterprise Integrated Security Platform: A Comparison Of Remote Access And Extranet Virtual Private Networks, Emmanuel U. Opara, Jack T. Marchewka

Journal of International Technology and Information Management

The Internet has created unprecedented opportunities for both organizations and individuals. However, these opportunities also have created a double-edge sword as organizations attempt to connect trading partners, customers, and remote users while providing adequate security measures that are flexible and cost-effective. This paper explores why secured socket layer (SSL) may be better tool for secured remote access and extranets by comparing it to internet protocol security virtual private networks (IPSec-based VPNs).

Computer Security Checklist For Non-Security Technology Professionals, Chlotia P. Garrison, Roderick B. Posey

Journal of International Technology and Information Management

Networked computers and electronic data storage make computer security a fundamental component of a company’s survival. Security incidents can cause reputation damage, loss customers, or even liability. Companies that are unable or unwilling to hire certified security professionals often rely on non-security IT professionals for assistance. This paper provides a checklist the non-security professional can use to assist the company in the critical areas of conducting risk analysis, performing vulnerability assessments, educating employees and developing computer security policies and procedures

Online Privacy Policies: An Assessment Of The Fortune Global 100, Randy Ryker, M. Khurrum S. Bhutta

Journal of International Technology and Information Management

Both industry leaders and government officials around the globe are struggling with how to address online privacy. One solution suggested by both groups within the United States is for companies to voluntarily comply with the fair information practices of Notice, Choice, Access, and Security. A content analysis of the online privacy policies of the firms in the Fortune Global 100 was conducted to determine the extent to which the most successful global companies comply with fair information practices. The results indicate that 1.2% fully complies, 87.2% partially comply and 11.6% fail to comply with one or more fair information practice.