1 / 56

Chapter 11

Chapter 11. Phase Description. Systems Operation, Support, and Security is the final phase in the systems development life cycle (SDLC) You will be supporting a functioning information system

verdad
Télécharger la présentation

Chapter 11

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 11

  2. Phase Description • Systems Operation, Support, and Security is the final phase in the systems development life cycle (SDLC) • You will be supporting a functioning information system • You continuously will access and improve the system, and you will be alert to any signs of obsolescence • You will also address multi-level security issues

  3. Chapter Objectives • Explain how the systems operation, support, and security phase relates to the overall system development process • Describe user support activities, including user training and help desks • Discuss the four main types of system maintenance

  4. Chapter Objectives • Explain various techniques for managing systems operation and support • Describe techniques for measuring, managing, and planning system performance • Assess system security at five levels: physical security, network security, application security, file security, and user security

  5. Chapter Objectives • Describe backup and disaster recovery policies and methods • List factors indicating that a system has reached the end of its useful life • Assess future challenges for IT professionals as technology reshapes the workplace

  6. Introduction • Now that the system is operational, the IT staff members must assure that it meets user expectations, supports business objectives, and is secure • More than half of all IT department effort goes into supporting existing systems and making them more valuable to users

  7. Overview of Systems Support and Maintenance • The systems operation, support, and security begins when a system becomes operational and continues until the system reaches the end of its useful life • After delivering the system, the analyst has two other important tasks: he or she must support users and provide necessary maintenance to keep the system operating properly

  8. User Support Activities • User Training • Additionally, new employees must be trained on the company’s information systems • Training users about system changes is similar to initial training

  9. User Support Activities • Help Desk • Often called an information center (IC) • Enhance productivity and improve utilization of a company’s information resources

  10. User Support Activities • Help Desk • Might have to perform the following tasks: • Show a user how to create a data query or report that displays specific business information • Resolve network access or password problems • Demonstrate an advanced feature of a system or a commercial package • Help a user recover damaged data

  11. User Support Activities • Online Chat Support • Interactive support also can be delivered in the form of an online chat • Blackboard provides a chat room called a Virtual Classroom, which is an online meeting-place where students can ask questions and interact with an instructor

  12. Maintenance Activities • The systems operation, support and security phase is an important component of TCO (total cost of ownership) because ongoing maintenance expenses can determine the economic life of a system • Operational costs • Maintenance expenses • Maintenance activities

  13. Maintenance Activities

  14. Maintenance Activities • Four types of maintenance task can be identified • Corrective maintenance • fixing errors • Adaptive maintenance • adding new enhancement • Perfective maintenance • improving efficiency • Preventative maintenance • preventing failures

  15. Maintenance Activities • Four types of maintenance task can be identified

  16. Managing Systems Support • Maintenance Team • System administrator • Systems analysts • Analysis • Synthesis

  17. Managing Systems Support • Maintenance Team • Programmers • Applications programmer • Systems programmer • Database programmer • Programmer/analyst

  18. Managing Systems Support • Managing Maintenance Requests • Involves a number of steps • Maintenance request • Initial determination • Role of the systems review committee • Completion of the work • User notification

  19. Managing Systems Support • Establishing Priorities • In many companies, systems review committee separates maintenance requests from new systems development requests • Many IT managers believe that evaluating all projects together leads to the best possible decisions • Neither approach guarantees an ideal allocation between maintenance and new systems development

  20. Managing Systems Support • Configuration Management • Configuration management (CM) is a process for controlling changes in system requirements during SDLC development phases • As enterprise-wide information systems grow more complex, configuration management becomes critical • Many vendors offer configuration management software and technique.

  21. Managing Systems Support • Maintenance Releases • Maintenance release methodology • A numbering pattern distinguishes the different released • Reduces the documentation burden • But new features or upgrades are available less often • Service packs is maintenance release provided by commercial software suppliers.

  22. Managing Systems Support • Version Control • Archived • Systems librarian • Companies can purchase software such as Serena

  23. Managing Systems Support • Baseline • Baseline is a formal reference point that measures system characteristics at a specific time. • Systems analysts use baselines as yardsticks to document features and performance during the systems development process • Functional baseline is the configuration of the system documented at the beginning of the project. It consist of all the necessary system requirement and constrains.

  24. Managing Systems Support • Baseline • Allocated baseline documents the system at the end of the design phase and identifies any changes since the functional base line. It includes testing and verification of all system requirements and features. • Product baseline describes the system at the beginning of the system operation. It includes the result of the performance and acceptance tests for the operational system.

  25. Managing System Performance • Performance and Workload Measurement • Metrics such as number of lines printed, number of records accessed and number of transactions processed in a given period of time. The following is the metrics used for network base system. • Response time • Bandwidth and throughput • Kbps (kilobits per second) • Mbps (megabits per second) • Gbps (gigabits per second)

  26. Managing System Performance • Performance and Workload Measurement • Turnaround time • The IT department often measures response time, bandwidth, throughput, and turnaround time to evaluate system performance both before and after changes to the system or business information requirements • Management uses current performance and workload data as input for the capacity planning process

  27. Managing System Performance • Capacity Planning • What-if analysis • You need detailed information about the number of transactions; the daily, weekly, or monthly transaction patterns; the number of queries; and the number, type, and size of all generated reports

  28. Managing System Performance • System Maintenance Tools • Many CASE tools include system evaluation and maintenance features • In addition to CASE tools, you also can use spreadsheet and presentation software to calculate trends, perform what-if analyses, and create attractive charts and graphs to display the results

  29. System Security • Physical Security • First level of security concerns the physical environment • Computer room • Computer room security • Biometric scanning systems • Motion sensor

  30. System Security • Physical Security • Servers and desktop computers • Keystroke logger • Record everything that is been typed • Tamper-evident cases • Show attempt to open or unlock a case • BIOS-level password • Monitor screensaver password also called: • Boot-level password • Power-on password

  31. System Security • Physical Security • Notebook computers • Select an operating system that allows secure logons and BIOS-level passwords • Mark or engrave the computer’s case • Consider notebook models that have a built-in fingerprint reader • Universal Security Slot (USS) that can fasten to cable luck or alarm • Back up all vital data

  32. System Security • Physical Security • Notebook computers • Use tracking software • While traveling, try to be alert to potential high-risk situations • Establish stringent password protection policies that require minimum length and complexity.

  33. System Security • Network Security • In order to connect to network , a computer must have Network interface which is a combination of hardware and software. • Data can be protected be Encrypted to provide security. • Encrypting network traffic • Unencrypted – plain text • Public key encryption (PKE) a common encryption method

  34. System Security • Network Security • Encrypting network traffic • Public key • Private key • Wi-Fi Protected Access (WPA) is a method for securing wireless network that is been replaced by Wired Equivalent Privacy (WEP) uses a special pre shared key between clients • WPA2 is more secured method for protecting wireless network.

  35. System Security • Network Security • Private networks • Network should not be connected to outside • Virtual private networks • By entering a secure Key the tunnel of communication can be established between client and the access point of local interanet

  36. System Security • Network Security • Ports and services • Port is a positive integer that is used for routing incoming traffic to correct computer. All traffic received by a computer has a Destination port • A Service is an application that monitors a particular port and it plays important role in computer security.

  37. System Security • Network Security • Service can be affected by port scan and denial of service. • Port scans attempt to detect service that is running on the computer. It can be used find the possible weakness of the network by finding the map of network • Denial of service (DOS) happened when attacking computer makes repeated request to a service or services running on certain ports so that the computer can not answer to legitimate request

  38. System Security • Network Security • Firewalls • Firewalls can be configured to detect and respond to DOS attacks, port scans, and other suspicious activity

  39. System Security • Application Security • Combination of the services running on computer is important • In some cases this combination causes variability called Security hole • Administrator – super-user can only have special Access to the services • Input validation can also reduces potential problem • Patches and updates • Patches • Third-party software • Automatic update service

  40. System Security • Application Security • Patches and updates • Patches are software module to repair the security holes. • Patches that are released by Third-party software vendors usually are safe • Many software vendors offer an automatic update service that enables an application to contact vendor for appropriate patches. And it can be downloaded automatically.

  41. System Security • File Security • File security is based on establishing a set of permissions, the right the user has to a particular file or directory. • System administrator can also create user group, add specific users and assign permission to the group.

  42. System Security • User Security • Privilege escalation attack is an naturalized attempt to increase permission levels. • Identity management is the controls and procedures necessary to identify legitimate user and system component. • Identity management is the top priority of the IT managers.

  43. System Security • User Security • Password protection issues. • IT managers should require passwords that have minimum length and require a combination of case sensitive letters and numbers. • Even if users are protected with password intruder might attempt to gain unauthorized access to system using Social engineering.

  44. Backup and Disaster Recovery • Backup Options • Backup policy • Backup media • Rotation schedule • Offsiting

  45. Backup and Disaster Recovery • Backup Options • Schedules • Full backup • Incremental backup • Retention periods • Back ups are stored for a specific period called Retention periods

  46. Backup and Disaster Recovery • Disaster Recovery Issues • Hot site • Any transaction should automatically propagate to the hot site this is known as Data replication • Companies that require a hot site view it as a justifiable and necessary business expense, whether or not it ever is needed

  47. System Obsolescence • Even with solid support, at some point every system becomes obsolete • Signs: • The system’s maintenance history indicates that adaptive and corrective maintenance is increasing steadily • Operational costs or execution times are increasing rapidly, and routine perfective maintenance does not reverse or slow the trend

  48. System Obsolescence • Signs: • A software package is available that provides the same or additional services faster, better, and less expensively than the current system • New technology offers a way to perform the same or additional functions more efficiently • Maintenance changes or additions are difficult and expensive to perform

  49. System Obsolescence • Signs: • Users request significant new features to support business requirements

  50. Facing the Future: Challenges and Opportunities • Predictions • It is clear that companies will continue to face intense competition and global change, especially in the wake of economic, social, and political uncertainty • Although disruptions will occur, technology advances will spur business growth and productivity

More Related