1 / 50

Chapter 10

Chapter 10. Phase Description. Systems Operation, Support, and Security is the final phase in the systems development life cycle (SDLC) You will be supporting a functioning information system

rudolph
Download Presentation

Chapter 10

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Chapter 10

  2. Phase Description • Systems Operation, Support, and Security is the final phase in the systems development life cycle (SDLC) • You will be supporting a functioning information system • You continuously will assess and improve the system, and you will be alert to any signs of obsolescence • You will also address multi-level security issues

  3. Chapter Objectives • Explain how the systems operation, support, and security phase relates to the rest of the system development process • Describe user support activities, including user training and help desks • Discuss the four main types of system maintenance: corrective, adaptive, perfective, and preventive

  4. Chapter Objectives • Explain various techniques for managing systems operation and support • Describe techniques for managing system performance, including workload measurement and capacity planning • Assess system security at five levels: physical security, network security, application security, file security, and user security

  5. Chapter Objectives • List factors indicating that a system has reached the end of its useful life • Assess future challenges for IT professionals as technology reshapes the workplace

  6. Introduction • Now that the system is operational, the real key question is whether or not the system meets user expectations, supports business objectives, and is secure • Systems must be maintained and improved continuously to meet changing business demands, and users constantly require assistance

  7. Overview of Systems Support and Maintenance • The systems operation, support, and security phase begins when a system becomes operational and continues until the system reaches the end of its useful life • After delivering the system, the analyst has two other important tasks: he or she must support users and provide necessary maintenance to keep the system operating properly

  8. User Support Activities • User Training • In addition to the initial training that is performed when a new system is introduced • New employees must learn how to use the company’s information systems • User training package • Training users about system changes is similar to initial training

  9. User Support Activities • Help Desks • Also called information center (IC) • Enhance productivity and improve utilization of a company’s information resources • Might have to perform the following tasks: • Show a user how to create a data query or report that displays specific business information • Resolve network access or password problems • Demonstrate an advanced feature of a system or a commercial package • Help a user recover damaged data

  10. User Support Activities • Online Chat Support • Interactive support also can be delivered in the form of an online chat • Virtual Classroom

  11. Maintenance Activities • The systems operation, support, and security phase is an important component of TCO (total cost of ownership) because ongoing maintenance expenses can determine the economic life of a system • Operational costs • Maintenance expenses • Maintenance activities

  12. Maintenance Activities • Corrective Maintenance • Diagnoses and corrects errors in an operational system • Can respond to errors in various ways, depending on nature and severity of the problem • In a typical procedure, a user submits a systems request that is evaluated, prioritized, and scheduled

  13. Maintenance Activities • Adaptive Maintenance • Adds enhancements to an operational system and makes the system easier to use • The procedure for minor adaptive maintenance is similar to routine corrective maintenance • Can be more difficult than new systems development because the enhancements must work within constraints of an existing system

  14. Maintenance Activities • Perfective Maintenance • Involves changing an operational system to make it more efficient, reliable, or maintainable • Can improve system reliability • Cost-effective during the middle of the system’s operational life

  15. Maintenance Activities • Perfective Maintenance • Software reengineering • Depending on results of software reengineering, the system might be revised, migrated to a different environment, or replaced altogether • Programs that need a large number of maintenance changes usually are good candidates for reengineering

  16. Maintenance Activities • Preventive Maintenance • Requires analysis of areas where trouble is likely to occur • IT department normally initiates preventative maintenance • Often results in increased user satisfaction, decreased downtime, and reduced TCO • Sometimes does not receive the high priority it deserves

  17. Managing System Support • Maintenance Team • System administrator • Systems analysts • Analysis • Synthesis • Programmers • Applications programmer • Systems programmer • Database programmer • Programmer/analyst

  18. Managing System Support • Maintenance Team • Organizational issues • IT managers often divide systems analysts and programmers into two groups: one group performs new system development, and the other group handles all maintenance • Many analysts feel that maintenance work is less attractive than developing new systems • One disadvantage of rotation is that it increases overhead costs

  19. Managing System Support • Managing Maintenance Requests • Involves a number of steps • Maintenance request • Initial determination • Role of the systems review committee • Completion of the work • User notification

  20. Managing System Support • Establishing Priorities • Systems review committee separates maintenance requests from new systems development requests when evaluating requests and setting priorities • Many IT managers believe that evaluating projects together leads to the best possible decisions • Neither approach guarantees an ideal allocation between maintenance and new systems development

  21. Managing System Support • Configuration Management • Configuration management (CM) • As enterprise-wide information systems grow more complex, configuration management becomes critical • Most maintenance projects require documentation changes

  22. Managing System Support • Maintenance Releases • Maintenance release methodology • Maintenance release • A numbering pattern distinguishes the different releases • Reduces the documentation burden • New features or upgrades are available less often • Service packs

  23. Managing Systems Support • Version Control • Version control is the process of tracking system releases • Systems librarian • Archived • Baselines • Functional baseline • Allocated baseline • Product baseline

  24. Managing System Performance • A system’s performance directly affects users who rely on it to perform their job functions • To ensure satisfactory support for business operations, the IT department monitors current system performance and anticipates future needs • Benchmark testing

  25. Managing System Performance • Performance and Workload Measurement • Response time • Bandwidth and throughput • Kbps (kilobits per second) • Mbps (megabits per second) • Gbps (gigabits per second)

  26. Managing System Performance • Performance and Workload Measurement • Turnaround time • Capacity Planning • What-if analysis • You need detailed information about the number of transactions; the daily, weekly, or monthly transaction patterns; the number of queries; and the number, type, and size of all generated reports

  27. Managing System Performance • Capacity Planning

  28. Managing System Performance • System Maintenance Tools • Many CASE tools include system evaluation and maintenance features • In addition to CASE tools, you also can use spreadsheet and presentation software to calculate trends, perform what-if analyses, and create attractive charts and graphs to display the results

  29. System Security • Physical Security • First level of security concerns the physical environment • Computer room • Physical access to a computer represents an entry point into the system and must be controlled and protected

  30. System Security • Physical Security • Computer room security • Biometric scanning systems • Motion sensor • Servers and desktop computers • Keystroke logger • Tamper-evident cases • BIOS-level password • Boot-level password • Power-on password

  31. System Security • Physical Security • Notebook computers • Select an operating system that allows secure logons and BIOS-level passwords • Mark or engrave the computer’s case with the company name and address, or attach a tamper-proof asset ID tag • Universal Security Slot (USS) • Back up all vital data

  32. System Security • Physical Security • Notebook computers • Use tracking software • While traveling, try to be alert to potential high-risk situations • Establish stringent password protection policies

  33. System Security • Network Security • Network • Traffic • Network interface • Encrypted

  34. System Security • Network Security • Encrypting network traffic • Unencrypted – plain text • Public key encryption (PKE) • Public key • Private key • Wi-Fi Protected Access (WPA) • Wired Equivalent Privacy (WEP)

  35. System Security • Network Security • Private networks • Virtual private networks • Virtual private network (VPN) • Tunnel

  36. System Security • Network Security • Ports and services • Port • Destination port • Service • Port scans • Denial of service (DOS) • Distributed denial of service (DDOS)

  37. System Security • Network Security • Firewalls • Firewall • Rules – protocols • Firewalls can be configured to detect and respond to DOS attacks, port scans, and other suspicious activity

  38. System Security • Application Security • Services • Security hole • Administrator – super-user • Permissions • Input validation • Patches and updates • Patches • Third-party software • Automatic update service

  39. System Security • File Security • Safety and protection of files is a vital element in any computer security program • Permissions • User Groups

  40. System Security • User Security • Privilege escalation attack • Identity management • Password protection • AOL PassCode® • Social engineering • User resistance

  41. Backup and Disaster Recovery • The heightened focus on disaster recovery has spawned a whole new disaster recovery industry, which includes many new tools and techniques

  42. System Obsolescence • Even with solid support, at some point every system becomes obsolete • Signs: • The system’s maintenance history indicates that adaptive and corrective maintenance is increasing steadily • Operational costs or execution times are increasing rapidly, and routine perfective maintenance does not reverse or slow the trend

  43. System Obsolescence • Signs: • A software package is available that provides the same or additional services faster, better, and less expensively than the current system • New technology offers a way to perform the same or additional functions more efficiently • Maintenance changes or additions are difficult and expensive to perform • Users request significant new features to support business requirements

  44. System Obsolescence • Systems operation and support continues until a replacement system is installed • At some point in a system’s operational life, maintenance costs start to increase, users begin to ask for more features and capability, new systems requests are submitted, and the SDLC begins again

  45. Facing the Future: Challenges and Opportunities • Predictions • It is clear that companies will continue to face intense competition and global change, especially in the wake of economic, social, and political uncertainty • It is interesting to note that some observers, such as Bill Joy, wonder whether technology is moving so fast that humans will be left behind • What does seem clear is that the future world of IT must be envisioned, planned, and created by skilled professionals

  46. Strategic Planning for IT Professionals • An IT professional should think of himself or herself as a business corporation that has certain assets, potential liabilities, and specific goals • Working backwards from your long-term goals, you can develop intermediate mile- stones and begin to manage your career just as you would manage an IT project • Planning a career is not unlike planting a tree that takes several years to reach a certain height

  47. IT Credentials and Certification • Credentials • Certification • Many IT industry leaders offer certification, including Microsoft, Cisco, Novell, Oracle, and Sun Microsystems

  48. Chapter Summary • Systems operation, security, and support covers the entire period from the implementation of an information system until the system no longer is used • A systems analyst’s primary involvement with an operational system is to manage and solve user support requests • A maintenance team consists of one or more systems analysts and programmers

  49. Chapter Summary • Systems analysts need the same talents and abilities for maintenance work as they use when developing a new system • Configuration management is necessary to handle maintenance requests • System performance measurements include response time, bandwidth, throughput, and turnaround time • All information systems eventually become obsolete

  50. Chapter Summary • An IT professional should have a strategic career plan that includes long-term goals and intermediate milestones • An important element of a personal strategic plan is the acquisition of IT credentials and certifications that document specific knowledge and skills • Chapter 10 complete

More Related