Information Systems for Managers

June 2022 Examination

QUESTION 1.
You have been appointed as IT Head of a soon to be opened Retail chain store by the name of
“India Retail Store” which will have branches all over India. India Retail store is a Private
Limited company.
Highlight at least 5 security threats that a bank may face in today’s times and suggest 5
innovative IT security mechanisms to ensure that such threats do not harm your Retail store
chain & that your systems remain as secure as ever. (10 Marks)

ANSWER 1
Introduction:
The development of generation has now not simplest supplied advantages to the corporations but
has also posed many protection challenges. In India, the major problem that a bank may
additionally face or any corporation for that be counted can face is the issue associated with
cybercrimes. The data available on the bank's cloud may be hacked or misused, and as a result, it
becomes very tough today to trust the bank's functioning.
Concepts and Application related to the question:

Five security threats to bank & five innovative IT security mechanisms:

The subsequent are the five most significant threats to any newly open-end bank in India:
1. Unencrypted Data: It is to be noted that any monetary organization has to store its
statistics in an encrypted format. It's miles because even supposing the hackers will hack
the statistics, and they won’t be able to use the statistics properly; it would require a
specific different mechanism from their end. However, suppose the records could be left
unencrypted. In that case, the hackers might be able to use the information right away,
which may create serious trouble for the financial institution.
2. Malware: In many instances, the give-up user's devices, including a cell phone or
computers, were compromised with malware. It can pose a severe risk for your bank’s
cyber security on every occasion you will join your device to any network. However,
 suppose one could set up malware into their tool without the proper protection. In that
case, that malware can even assault the financial institution’s network, which could cause
compassionate statistics to be disclosed or get hacked by random human beings.

3. Third party services are not secure: Many times, those newly set up banks so one can
offer higher offerings to their clients rent a few third party/suppliers. However, it may be
trouble if the third-party vendors do not have accurate cyber security measures in place..
Consequently, intending to believe a third party with the customer's sensitive
information, the bank needs to ensure that they have the top infrastructure to keep away
from the security-associated troubles.

4. Data manipulated: Hackers today have located numerous new techniques to hack the
statistics of economic institutions. They now do no longer go to thieve the data. However,
they try to control the statistics. They are trying to alternate or alter the information
available on the cloud. Considering that the altered and unaltered statistics look more or
much less similar to every other, it is difficult to detect this hack properly. Furthermore,
the bank ought to deploy the latest technology to help detect the hacking of that
encrypted facts. By point, the hackers would be able to convert those encrypted statistics,
and the financial institution can take actions to forestall it.

5. Spoofing: This is once more a new hacking technique that those hackers are adopting.
Right here, they will discover a way to impersonate a banking internet site’s URL with a
website that appears and functions exactly the identical. It's miles harmful because as and
when the consumer shall enter their login facts, the hackers might be capable of hitting
upon it after misusing it.

Five innovative IT security mechanisms

1. Improve your risk assessment: In order to establish risk mitigation methods, assess online
transactions and the level of risk they pose by type of transaction or user category.
Consider client type, transaction volume and capabilities, data sensitivity and existing
security, simplicity of use and customer experience, and how mobile devices interact with
 your environment. Take into account not only the money loss, but also the liability,
corporate risk, and reputational damage. And don't stop there; examine and update this
assessment at least once a year.

2. Strong authentication standards should be adopted: Today's risks necessitate more secure
authentication methods than simple usernames and passwords, especially for high-risk
financial transactions like wire transfers. Traditional two-factor authentication solutions
such as one-time-passcode (OTP) tokens, when used alone, are no longer viable against
sophisticated man-in-the-browser attacks, for example. There are a variety of
contemporary solutions that give the necessary level of safety, such as using a separate
communication channel with the user or depending on advanced behavior-based fraud
detection engines that can detect transaction or website navigation irregularities in real-
time.

3. Take a multi-pronged approach: It's worth mentioning that no one authentication or

traditional fraud detection solution will protect banks and other financial institutions from
advanced malware. The best method of protecting customer identities and transactions in
a banking environment is to layer different, complementary security technologies, such as
strong authentication, behavioural fraud detection, out-of-band transaction verification,
mobile authentication, and extended validation SSL digital certificates.

4. Investigate improved authentication methods: Today, a variety of robust advanced

authentication approaches are accessible. As the sophistication of online fraud attempts
grows, so does the need for authentication technology innovation to counter these attacks
in the consumer sector. Rather than relying on static device cookie-based procedures, FIs
should investigate sophisticated strategies such as mobile-based transaction verification
and dynamic device authentication. Keep in mind, though, that dangers change and
expand all the time. This means that financial institutions must invest in their technology,
people, and procedures on a continuous basis. This is not a one-time exercise in terms of
security.
 5. Customer education and awareness should be improved: Finally, we recommend that
financial institutions include customers as much as possible in the battle against fraud.
The reputational harm that an online attack can bring is something that no bank or
financial institution can afford. Investing in security systems, procedures, and people on a
regular basis is a must, not a nice-to-have. Otherwise, institutions risk exposing client
data to hackers.

Conclusion:
Today, the bank needs to take innovative measures to stop those mishappenings. In any other
case, the bank will face varieties of problems, and one could be dropping patron base due to loss
of consideration. The alternative is the money owed/ liabilities because now all the losses should
be recovered from the bank. So, to avoid some of these contingencies, a bank must verify the
third party entirely- heartedly, and handiest then must consider them with the records of the
citizens. It has to expand the trust of most of the people that allows you to have higher
sustenance and to offer better offerings to the clients.

QUESTION 2.
Choose any e-Governance initiative of any country in the world which is aimed at helping the
poor & the needy sections of the society. Enlist at least 10 benefits of having implemented this
system for the benefit of this downtrodden section. (10 Marks)
ANSWER 2.
Introduction:
E governance refers to the use of e-commerce and E-business technologies by governments and
their departments to conduct their own business. E governance also enables transactions to be
conducted across an electronic network where the basic infrastructure is the same as that of e-
business. E governance has gained popularity in countries across the world as it enables
governments to offer services in an efficient manner, overcoming some of the hurdles posed by
earlier manual methods.
In India, e-governance gained popularity with the spread of electronic networks and availability
of computing technology within government departments. The initial phase of computing created
a set of applications for a department's internal use for personnel management, accounts, project
management and file management among others. Later, some citizen-facing services were set up
that allowed citizens to access information and forms on computer terminals maintained at some
offices.

Concepts and Application related to the question:

E-governance initiatives are particularly important in a vast country such as India that’s aiming
to be a digital superpower. Let's see some of the ways in which e-governance benefits the
common man.

1. Speedier Services: One of the biggest advantages of e-governance is speed. Government

services swiftly and directly reach your doorstep, saving a lot of time in the process.
Similarly, you can directly reach out to the government in case of any queries. This way,
there is quick two-way communication between both citizens and the government entity -
no more middlemen and prolonged waiting periods.

2. Empowers Citizens By Giving Them Improved Access: If earlier, you couldn’t access
certain government services owing to physical constraints, uncertain wait times or even
ignorance, e-governance has solved this problem. You can now access a host of services
right from the comfort of your homes, in just a few clicks.

3. Leads To Cost And Time-Effectiveness: E-governance has eliminated the need for
traditional methods of storing data and indiscriminate use of stationery. Today you can
store data over the cloud and send communication over the internet. This not only saves
cost and time, but also proves to be a more secure way of managing large amounts of
public data.
 4. Processes Become Transparent: E-governance initiatives ensure that there is transparency
between the government and private citizens. You can fill applications online, check their
status, know the reason for delay, if any, and do a lot more, all from the comfort of your
home. You can also keep track of processes online unlike earlier. E-governance has
eliminated the need for traditional methods of storing data.

5. Makes Governments More Accountable: All the above benefits are directly linked to
accountability. E-governance makes governments more accountable and answerable to
citizens and leaves little room for doubt or misrepresentation. This improves citizen-
government relationship and builds trust between them.

6. Better accessibility: E-governance helps government to reach to more peoples and help
them by providing better resources. By the help of E-governance government can reach
to more and more people and provide the resources to them.

7. Easy and quick implementation: With the help of E-governance the government can
easily implement the new policies to the needy people and reach them quickly with the
newly made policies which can provide great benefits to these peoples.

8. Privacy and Security: when personal sensitive data exists the formation of the security
access policy is a much more complex process with legal consideration. With the
implementation of e-government projects, effective measures must be taken to protect
sensitive personal information. A lack of clear security standards and protocols can limit
the development of projects that contain sensitive information such as income, medical
history.

9. Convenience: E-Government brings public services to citizens on their schedule and

their venue.

10. Improved Customer Service: E-Government allows to redeploy resources from back-end
processing to the front line of customer service.

Conclusion:
We have seen how the concept of e-governance and e-business has evolved in Indian scenario
and how much it is required for transparency and accountability on the part of government and at
the same time it is also a toll to increase the participation of people in policy making by
empowering them with the right information at right time. The penetration of internet,
telecommunication services in India has increased in the last decade and this gives a ray of hope
to the citizens of India to fight with the long persisting problems of poverty, corruption, regional
disparity and unemployment. But at the same time, due to slow pace of project completion, red-
tape and resistance from the side of government employees and citizens too has not given the
desired result.
QUESTION 3.
The city of Mysuru is one of the cleanest cities of India and is in close driving distance from
Bengaluru, the IT hub. You have been invited as an external IT consultant by Government of
India with a mandate to convert Mysuru into a “Smart City”

a. Which “Smart” city in the world will you choose as a benchmark to emulate some of the best
practices of that city into Mysuru? Provide at least 3 reasons with brief descriptions behind your
choice of choosing that particular city as a benchmark? (5 Marks)
b. Suggest & describe at least 2 innovative technology enabled services that you will introduce
into Mysuru so that it can be called as a “Smart city”? (5 Marks)

ANSWER 3A.
Introduction:
Smart cities are the cities with all the amities which help in improving the standard of the
citizens. New York is the “smart” city that I can choose for benchmarking and emulating some
of its best practices. I consider this city because it leverages communication and information
technologies to enhance economic development, service levels, and the well-being of the
citizens. Smart cities are the towns that have a modern competitive framework and the one which
highlights the importance of records and communication technology (ICTs) in the town. Various
innovative town projects had been launched using the Ministry of Housing and concrete Affairs
(authorities of India).

Concepts and Application related to the question:

Some of the reasons for choosing New York include

1. Smart Lighting – lighting upgrades have provided New York with significant
opportunities where smart city technology makes a difference. The installed
smart controls can minimize lighting power through dimming and hours of
operation through occupancy sensing and scheduling.

2. Smart Waste Management – the city of New York has continued to deploy ‘The
Big Belly’, a smart trash can that is more efficient compared with garbage bins.
This smart trash can monitors trash level through a wireless sensor which allows
the efficient scheduling of pick-up trips.
 3. Smart Water Metering – while New York has a large population, it has deployed
Automated Meter Reading (AMR) system which assists customers check their
water usage. The installation of AMR units includes radio devices that
communicate through receivers hence providing users hourly data and water
consumption notifications. This unit can also integrate with smartphone
application that detects abnormal spikes and water leaks.

Conclusion:
In my perspective, the smart city does now mean a city with excellent IT infrastructure. It wishes
to meet many more standards, including sanitation, good power, and water supply, to maintain
first-rate living requirements for all the residents living there. One more excellent critical issue
that has taken vicinity in these standards is the better healthcare services available 24*7 for all
the citizens. If Mysuru city comply all these standard then it will become the smart city.

ANSWER 3B:

Introduction:
Smart cities are the ones which put digital technology and data to work so as to make better
decisions and improve life quality. Comprehensively, real-time data provides agencies with
enhanced ability of watching events as they develop, understand the change of demand patters
and respond quickly with lower-cost solutions. As a result, the one “smart” city in the world I
would choose for benchmarking is the city of Copenhagen which has the best plan for collecting
and utilizing data to create a better business climate, greener city and provide citizens with a
higher life quality.

Concepts and Application related to the question:

As a result, the following are technology enabled technologies that can be introduced into
Mysuru to make it a “Smart City”.
1. Intelligent Energy – this involves gathering and using data through artificial intelligence
to enable the creation of a better business climate, higher life quality and greener Mysuru
“smart” city. By intelligently using wireless data from sensors in garbage cans, sewers,
 GPS’s in vehicles and cell phones, Mysuru administrative authorities can achieve some
of the objectives including reduced air pollution and carbon emissions.
2. Infrastructure and ICT - this involves using new technological solutions to make it easier
for citizens to experience a better city and efficient services. This move will see Mysuru
investing significantly in new streetlights and intelligent traffic management. This will
ensure motorists use less time to travel.

Conclusion:
Smart cities are the towns with a current aggressive framework and are the only ones that
highlight the importance of statistics and conversation technology (ICTs) inside the town.
Numerous innovative city tasks have been released using the Ministry of Housing and Urban
Affairs (government of India). Nonetheless, the most famous and recent one turned into the
smart towns venture in 2015. It’s far a project under which the government attempts to construct
smart cities throughout the United States and make them citizen-pleasant and sustainable.