Professional Thesis Writing Service

Several viewpoints on information systems illustrate that the stud

For a programmer, trap doors make sense. If the programmer needs to modify the program sometime in the future, he can use the trap door instead of having to go through all of the normal, customer-directed protocols just to make the change. Trap doors should be closed or eliminated in the final version of the program after all testing is complete, but, intentionally or unintentionally, some are left in place. Other trap doors may be introduced by error and only later discovered by crackers who are roaming around, looking for a way into system programs and files. Typical trap doors use such system features as debugging tools, program exits that transfer control to privileged areas of memory, undocumented application calls and parameters, and many others.

Trap doors make obvious sense to expert computer criminals as well, whether they are malicious programmers or crackers. Trap doors are an easy way to get into a system or to gain access to privileged information or to introduce viruses or other unauthorized programs into the system.

Cases

In 1993 and 1994, an unknown group of computer criminals repetitively broke into systems on the Internet using passwords captured by password sniffers. Once on the system, they exploited software flaws to gain privileged access. They installed modified login and network programs that allowed them reentry even if the original passwords were changed.

In 1996, Philip Myers described the insertion and exploitation of back doors as “subversion” in his MSc thesis at the Naval Postgraduate School.  He pointed out that subversion, unlike penetration attacks, can begin at any phase of the system development life cycle, including design, implementation, distribution, installation and production.

Donn B. Parker described interesting back-door cases in some papers (no longer available) from the 1990s.  For example, a programmer discovered a back door left in a FORTRAN compiler by the writers of the compiler. This section of code allowed execution to jump from a regular program file to code stored in a data file. The criminal used the back door to steal computer processing time from a service bureau so he could execute his own code at other users’ expense.  In another case, remote users from Detroit used back doors in the operating system of a Florida timesharing service to find passwords that allowed unauthorized and unpaid access to proprietary data and programs.

Even the US government has attempted to insert back doors in code. In September 1997, Congress’ proposed legislation to ban domestic US encryption unless the algorithm included a back door allowing decryption on demand by law enforcement authorities moved famed Ron Rivest to satire.  The famed co-inventor of the Public Key Cryptosystem and founder of RSA Data Security Inc. pointed out that some people believe the Bible contains secret messages and codes, so the proposed law would ban the Bible.

More recently, devices using the Palm operating system (PalmOS) were discovered to have no effective security despite the password function.  Apparently developer tools supplied by Palm allow a back-door conduit into the supposedly locked data.

Dumpster Diving

What is Dumpster Diving?

Dumpster diving is a name given to a very simple type of security attack, which is scavenging through materials that have been thrown away, as shown below. This type of attack isn’t illegal in any obvious way. If papers are thrown away, it means that nobody wants them, right? Dumpster diving also isn’t unique only to computer facilities. All kinds of sensitive information ends up in the trash, and industrial spies through the years have used this method to get information about their competitors.

http://oreilly.com/catalog/crime/chapter/f_02_01.gif

Dumpster Diving in Process

There is another type of computer-related “trash” that we might not consider. In the system itself are files that have been deleted, but that haven’t actually been erased from the system. Computers and users used only to save data, not destroying it, and sometimes some data is saved that shouldn’t be saved. Electronic trashing is easy because of the way that systems typically delete data. Usually, deleting a file, a disk, or a tape doesn’t actually delete data, but simply rewrites a header record. Using MS-DOS, for example, a file can be deleted via the DEL command, however, someone else can retrieve the contents of the file simply by running UNDELETE. System utilities are available that make it easy to retrieve files that may seem to be completely gone.

Although there are methods for truly erasing files and magnetic media, most users who work on large systems do not take the time to erase disks and tapes when they are finished with them. They may discard old disks and tapes with data still on them. They simply write the new data over the old data already on the tape. Because the new data may not be the same length as the old, there may be sensitive data left for those skilled enough to find it. It is far safer to explicitly write over storage media and memory contents with random data and to degauss magnetic tapes.

Cases

One computer company in Texas that does business with a number of oil companies noticed that whenever a certain company asked them to mount a temporary storage (scratch) tape on the tape drive, the read-tape light would always come on before the write-tape light. The ingenious oil company was scavenging the tape for information that might have been put on it by competitors that used the tape before them.

Trashing can have deadly consequences. When some old Department of Justice computers were sold off, they had on their disks information on the whereabouts of witnesses in the Federal Witness Protection Program. Although the data had been deleted, it had not been completely erased from the disk. The DOJ was able to get back some of the computers, but not all, and was forced to relocate the compromised families as a result.

In 1991, spies posed as garbage collectors outside of a U.S. defense contractor executive’s home, dug through trash cans looking for information. One of the collectors was actually France’s consul general and claimed he was collecting fill for a hole in his yard. Upon investigation, the FBI determined that this operation was part of a French secret-searching mission, aimed at finding U.S. military or scientific information.

Then in 1999, two key members of a group called the “Phonemasters” were convicted of theft and possession of unauthorized access devices and unauthorized access to a federal interest computer. This international group of cyber criminals had allegedly penetrated the computer systems of MCI, Sprint, AT&T, Equifax and the National Crime Information Center. The Phonemasters’ skills had enabled them to download hundreds of calling card numbers and distribute them to organized crime groups around the world. Part of their method included dumpster diving and collecting old phone books and system manuals. These tools, combined with social engineering, led to the attacks on the mentioned systems.

In 2000, in a widely publicized case, the CEO of Oracle, Larry Ellison, hired private investigators to dig through corporate dumpsters at Microsoft. This was an effort aimed at finding information about Microsoft’s possible development of grassroots organizations to support it’s side in an anti-trust lawsuit. One of the investigators unsuccessfully tried to pay off a member of the janitorial service in exchange for the garbage of one of these organizations. Ellison held that his actions were a ‘civic duty’, to uncover Microsoft’s secret funding of such groups, but his opponents assert that the incident was distasteful and scandalous.

Microsoft complained that various organizations allied to it have been victimized by industrial espionage agents who attempted to steal documents from trash bins. The organizations include the Association for Competitive Technology in Washington, D.C., the Independent Institute in Oakland, California, and Citizens for a Sound Economy, another Washington D.C. based entity. Microsoft said, “We have sort of always known that our competitors have been actively engaged in trying to define us, and sort of attack us. But these revelations are particularly concerning and really show the lengths to which they’re willing to go to attack Microsoft.”

Saying he was exercising a “civic duty,” Oracle chairman and founder Lawrence J. Ellison defended his company of suggestions that Oracle’s behavior was “Nixonian” when it hired private detectives to scrutinize organizations that supported Microsoft’s side in the antitrust suit brought against it by the government. The investigators went through trash from those organizations in attempts to find information that would show that the organizations were controlled by Microsoft. Ellison, who, like his nemesis Bill Gates at Microsoft, is a billionaire, said, “All we did was to try to take information that was hidden and bring it into the light,” and added: “We will ship our garbage to Microsoft, and they can go through it. We believe in full disclosure.” “The only thing more disturbing than Oracle’s behavior is their ongoing attempt to justify these actions,” Microsoft said in a statement. “Mr. Ellison now appears to acknowledge that he was personally aware of and personally authorized the broad overall strategy of a covert operation against a variety of trade associations.”

During the year 2001, industrial espionage came to light concerning the shampoo market between fierce competitors Proctor & Gamble and Unilever. Private Investigators hired by Proctor & Gamble sifted through garbage bins outside of the Unilever corporation, succeeding in gathering viable information about market analysis, predictions and future products.[16] Upon legal action by Unilever, the two corporations settled out-of-court, because these actions broke Proctor & Gamble’s internal policy on information gathering.

Logic Bombs

What is a Logic Bomb?

Logic bombs are small programs or sections of a program triggered by some event such as a certain date or time, a certain percentage of disk space filled, the removal of a file, and so on. For example, a programmer could establish a logic bomb to delete critical sections of code if she is terminated from the company. Logic bombs are most commonly installed by insiders with access to the system.

Logic bombs are a malicious programming code that is inserted into a network system or a single computer for the purpose of deleting data or creating other malicious acts on a specified date. A logic bomb works similar to a time bomb because it can be set to go off at a specific date. A logic bomb does not distribute malicious codes until the specified date is reached.

How Logic Bombs Work

Logic bombs are created by criminals who are well-versed in computer programming and are generally used to perform acts with malicious intent that threaten network security. The criminal acts include setting a virus to be released into a network system or PC at a specified date or other actions such as deleting or corrupting data and completely reformatting a computer hard drive.

A logic bomb works through a code that is inserted into existing software on a network or in a computer where it will lie dormant until a specific event occurs such as a date or time or other command from the computer programmer. When the bomb finally releases the code it can delete files, send confidential information to unauthorized parties, wipe out databases, and disable a network for a period of days.

Why a Logic Bomb is Used

A logic bomb can be used by a disgruntled employee or other IT personnel that has the knowledge of how to program a logic bomb to threaten network security. Other than targeting a specific computer or network system, a logic bomb can also be used to demand money for software by creating a code that makes the software application into a trial version. After a specific period of time the user must pay a specified sum of money to continue to use the software.

Logic bombs can also be used for blackmail and if the demand is not met, the logic bomb will detonate into a computer system or network to destroy data and perform other malicious acts that are included in the command codes.

Logic bombs are fairly easy to create if you have a lot of knowledge in computer programming and they do not replicate like other malicious programs. For this reason, logic bombs are usually targeted to specific victims and will not spread to unintended victims.

A logic bomb can be rather difficult to detect, however you can take security measures such as constantly monitoring the network system for any suspicious activity, using antivirus applications and other scanning programs that can detect any new activity in the data on a network system. The scanning systems should also monitor the entire network and the individual computers connected to the network.

Cases

A former system administrator for UBS PaineWebber, Roger Duronio, was charged in a New Jersey federal court on charges of sabotaging two-thirds of the company’s computer systems. His alleged motive was to undermine the company’s stock price and make a bunch of money in the process. He is alleged to have shorted over 30,000 shares of UBS stock prior to unleashing his attack which means the potential was there to make 30,000 times the amount by which the stock dropped when the media got wind of the attacks. In a recent stock manipulation case involving Emulex, shares fell 50 percent. Based on the trading range of UBS PaineWebber stock at the time of Duronio’s alleged attack, it is reasonable to say his profits could have exceeded half a million dollars.

The flaw in Duronio’s alleged scheme was the obviously unexpected ability of UBS PaineWebber to prevent news of the attack getting out. This was quite a feat on the company’s part because the logic bombs activated on about 1,000 of its nearly 1,500 computers and the malicious programs did actually delete files. Indeed, the company says attack cost it $3 million.

In the end, the federal grand jury charged Duronio with one count of securities fraud and one count of violating the Computer Fraud and Abuse Act. Duronio was hit with up to 20 years in prison and fines of more than $1.25 million.

In September 1990, Donald Burleson, a programmer at the Fort Worth-based insurance company, USPA, was fired for allegedly being quarrelsome and difficult to work with. Two days later, approximately 168,000 vital records erased themselves from the company’s computers. Burleson was caught after investigators went back through several years’ worth of system files and found that, two years before he was fired, Burleson had planted a logic bomb that lay dormant until he triggered it on the day of his dismissal. Burleson became the first person in America to be convicted of “harmful access to a computer.”

In early 2009, Timothy Allen Lloyd was sentenced to 41 months in prison for leaving behind malicious programs that deleted critical data from the servers of Omega Engineering, a high-tech measurement company that claimed the cost of the attack was $10 million.

According to a report in the National Computer Security Association section on CompuServe, the Orlando Sentinel reported in January 1992 that a computer programmer was fined $5,000 for leaving a logic bomb at General Dynamics. His intention was to return after his program had erased critical data and get paid lots of money to fix the problem.

In 1995, a disgruntled computer security officer at an insurance brokerage firm in Texas set up a complex series of Job Control Language (JCL) and RPG programs described later as “trip wires and time bombs.” For example, a routine data retrieval function was modified to cause the IBM System/38 midrange computer to power down. Another routine was programmed to erase random sections of main memory, change its own name, and reset itself to execute a month later.

y of information systems is a field with multiple disciplines and therefore, no single theory or perspective governs. Generally speaking, the field can be separated into behavioral and technical approaches. The behavioral approach can be broken down even further into sub-categories to include economics, psychology, and sociology. The technical approach can also be broken down into sub-categories to include management science, computer science, and operations research.

A very important element of the information systems field is involved with behavioral issues that surface in the development and preservation of information systems. Problems like strategic business design, implementation and utilization, and management cannot be fully explored with the models using a technical approach. Behavioral disciplines such as economics, psychology, and sociology can also contribute vital concepts and processes. For example, economists study information systems mainly interested in what impact systems have on cost structures within the business and within its particular market. On the other hand, Psychologists are interested in how human decision makers comprehend and use information. Finally, sociologists study information systems looking for how groups and organizations form the development of systems and also how these different systems affect individuals, groups, and organizations (“Information Management”, 2010).

The behavioral approach does not completely ignore technology. In fact, information systems technology is frequently the reason for a specific behavioral problem or issue. But usually the heart of this approach is not normally geared toward technical solutions. Instead it centers on modification in attitudes, management and organizational policy, and behavior.

Technical Approach

The technical approach to information systems puts emphasis on mathematically based models to study information systems, in addition to the physical knowledge and abilities of these systems. The disciplines that play a role in the technical approach are computer science, management science, and operations research. Computer science has to do with creating theories of computability, means of computation, and approaches to effective access and storage of data. Management science highlights the growth of models for decision-making and management procedures. Lastly, operations research deals with mathematical methods for optimizing business issues such as inventory control, transportation, and transaction costs (“Information Management”, 2010).

Key Management Challenges

Building, operating, and maintaining information systems in today’s fast-paced business world can be very challenging. These key management challenges are based on a multitude of problems such as information system investments, strategic business decisions, globalization, information technology infrastructure, and ethics and security.

Information System Investment Challenge

If managed intelligently, investments in information systems can improve employee’s lives and a business’s overall performance. For instance, over the past twenty years the Internet has developed form a technical innovation to a personal and business necessity. Some business’s have recognized considerable improvements in processing information by changing from mainframe computing to personal computers connected by local area networks (LAN). The ability of software applications to identify and correlate pertinent data in a data warehouse allows businesses to uncover unidentified financial or physical resource relationships and therefore make available suitable assistance where there had been none. However, along with the ability to enhance lives and organizations, some information system investments can become risky, costly, wasteful mistakes. To overcome these challenges, senior management personnel need to be able to successfully evaluate these investments to ensure the correct return on investment (ROI) (Laudon & Laudon, 2006).

Strategic Business Challenge

You can pick up any management book and you can read about the significance of developing a strategic plan, and ideas about how to both develop and implement your plan. On the other hand, you will also find articles that you imply that strategic planning does not work because it is impossible to develop a long term plan in this ever changing business environment. In my opinion, the truth lies somewhere in between.

Strategic planning can definitely help you get prepared on what you need to accomplish over the next years, what things you will need to accomplish those goals, and exactly how to go about accomplishing your goals. The trouble is that the benefits of strategic planning can be easily lost. These plans fail primarily because of what happens after the process of strategic planning. In general, a great effort goes into creating and developing a strategic plan, which is then quickly put away and forgotten, even by the people that created it. The goal of strategic planning lies not only in the development of the plan, but also in its implementation. Implementing the strategic plan will only work if you are clear about what this plan can bring to you and the organization.

The strategic plan needs to have value, not only to the organization, but also to the employees. The bottom line is that the plan needs to be used by everybody. A strategic plan needs to be used as a decision-making tool from the top of the organization all the way to the bottom. Chief Executive Officers ought to be able to use it to make decisions on the direction of their business, mergers, or staffing. Managers should also be able to use it to make decisions for the priorities of their departments goals and objectives, and to align the work of their department with the overall goals of organization. Lastly, every employee must be able to use the plan to recognize his or her own goals, and where they fit in big scheme of things. When implemented correctly, a strategic plan helps to add meaning and focus to not only every individual, but the organization as a whole (“Information Systems”, 2010).

Globalization Challenge

The globalization of information technology warrants special attention by business executives, government officials and scholastic researchers for a multitude of reasons. First, is that information technology and systems are high-technology industries of considerable size and with significant potential for stimulating economic growth and jobs. The immediate growth in global trade and the surfacing of an international economy require information systems that can sustain both the production and selling of goods and services in many different countries. Second, access to the most up-to-date computer and telecommunications technology is central to competitive success in nearly all industries. Government policies which deliberately or inadvertently retard technological progress in the production and use of computers, information systems and telecommunications have important economic effects. Third, given language barriers, cultural, and political differences among dissimilar countries, this focus often resulted in confusion and the breakdown of central management controls (Laudon & Laudon, 2006). To overcome these challenges, it is imperative for organization to develop global hardware, software, and information systems standards. Additionally, organizations must be able to create global accounting and reporting methods and design worldwide business processes.

Information Technology Infrastructure Challenge

This particular challenge for businesses deals with how organizations can develop information technology infrastructures that can sustain their goals when business situations are changing at a rapid pace. Aging infrastructure is obviously a huge issue in many industries that only gets bigger as time goes on. Some equipment may have had external upgrades or facelifts, but in most cases, it is over 70 years old. Many organizations are left with expensive and unmanageable IT platforms that cannot readily adapt to innovation and change. Additionally, a competitive business environment and the pressures of the global financial situation weigh increasingly on companies’ minds (“Information Systems”, 2010). To battle this challenge, some organizations may be required to redesign its organization and develop a new information technology infrastructure to survive in this competitive business world.

Ethics and Security Challenge

Organizations must always be cognizant that their information systems are used in both an ethically and socially responsible manner. Although information systems have provided many benefits, they have also created new ethical and security issues that must be addressed. Every improvement in information technology can be tied in with at least one ethical dilemma. From Facebook to ordering merchandise online, computer users are ignorant of the delicate balance between ethical behavior and profits. Businesses, software and hardware developers, and individuals must think about what is ethically correct when using information technology on a daily basis. The primary issues essential to the world of information technology are the individuals expectation of privacy and the provider’s ethical duty to use its applications responsibly (“Information Systems”, 2010). The challenges organizations will face will be how to apply high-quality assurance standards to their information systems, as well as to their products and services. Additionally, they will have to develop information systems that are not only secure but that are still easy to use by most individuals.

Digital Firms

A digital firm can be described as, “One in which nearly all of the organization’s significant business relationships with customers, suppliers, and employees are digitally enabled and mediate” (Laudon & Laudon, 2006, p. 11-12). The firm’s primary business processes are performed through digital networks encompassing the whole organization or connecting several different organizations.

A core or primary business process can be defined as the minimum single tasks to be completed to provide a certain level of reliability in output, without any thought to hardware, software, or performance. When a core process is put into practice, anything can be added to make the process more efficient, but nothing can be removed. On the other hand, a business process can be defined as, “The set of logically related tasks and behaviors that organizations develop over time to produce specific business results and the unique manner in which these activities are organized and coordinated” (Laudon & Laudon, 2006, p. 12).

Digital firms are extremely powerful because they can sense and react to their ever changing surroundings much faster those traditions organizations. Because of their quick reaction and the fact that they are more adaptable than the traditional firm, digital firms are much more able to endure in unstable times. Because these new firms are completely digital, there exist much more opportunities for them in the global business word.

The Internet is quickly becoming the information system infrastructure of preference for electronic commerce. It offers organizations an easy way to connect with other business and individual at an unbelievably low cost. Additionally, it offers a complete and uncomplicated set of technologies and technology standards that can be implemented by any organization. Organizations can use Internet technology to drastically cut their transaction costs, time searching for buyers and sellers, and gathering information on products or services. This information is at the fingertips of anyone with a computer and access to the Internet.

One example of a powerful digital firm has to be EBay. Following 2001, there were a high number of dotcom businesses that failed, but there were a few that held their ground, like eBay. The success of eBay is based on its capacity to transform many splintered, predominantly local markets into global ones at a comparatively low cost to its users (Simonsohn, 2010). People have always had a basic need and an appeal in buying and selling used objects and collectibles items. Prior to eBay, people would have tried to sell their unwanted items through family garage sales, classified ads, and flea markets. Nevertheless, the amount of people accessible to sell these items to was limited due to the fact that face-to-face transactions were almost always required.

Another great example of a powerful digital firm would be Google. Google isn’t just legendary for producing and providing useful services, but it has also acquired a few innovative businesses and integrated them. These include YouTube, Blogger, Picasa and Jaiku. Google used its digital background to take advantage of opportunities in the global business world, making them one of the most powerful businesses to date (“Google”, 2010).

Types of Information Systems

For most organizations, there are many different requirements for data or information. Senior managers continually need up-to-date information to help aide in their business decisions. Mid-level managers may need a bit more detailed information to assist them in monitoring and managing a multitude of different business dealings. Lastly, supervisors and employees with operational roles need information in order for them to perform their everyday jobs. Consequently, organizations tend to have a number of information systems operating at the same time. The three I will be discussing are the management information system (MIS), decision-support systems (DSS), and the transaction processing system (TPS).

Management Information System

A management information system (MIS) management information system (MIS)System used to extract data from a database and compile reports that help managers make routine decisions. obtains data from a database to compose reports, such as detail reports, summary reports, exception reports, and financial statements to assist managers in making better decisions. The different types of reports depend on the specific information a particular manager may require. A MIS is largely involved with internal sources of information. MIS generally receive data from the transaction processing systems (TPS) and reduce it into a sequence of management reports. MIS reports generally are used by mid-level managers and operational supervisors (Laudon & Laudon, 2006).

Decision-Support Systems

A decision support system (DSS)decision support system (DSS)Interactive system that extracts, integrates, and displays data from multiple sources to help managers make nonroutine decisions. is an interactive system that gathers, displays, and combines information from various sources to help managers make non-routine decisions. DSS are explicitly designed to help management make decisions in circumstances where there is doubt about the potential results of those decisions. DSS are made up of tools and procedures to help gather pertinent information and analyze decisions and alternatives. DSS often requires the use of complex spreadsheets and databases to produce what-if models (Laudon & Laudon, 2006).

Transaction Processing Systems

The majority of organizations day-to-day activities are documented and processed by its transaction processing system (TPS)transaction processing system (TPS)Information system used to record and process an organization’s daily activities or transactions., which collect input data and changes them into output information meant for a variety of users. Input data are called transactions which are transactionsFinancial and nonfinancial events that affect a businessevents that affect a business. Transaction Processing Systems (TPS) are intended to process everyday transactions accurately and efficiently. A business may have several transaction processing systems to include; billing systems, payroll and tax payments systems, production and purchasing systems, or stock control systems to handle all movements into and out of the organization (Laudon & Laudon, 2006).

Challenges Posed by Information Systems

Although the many different types of information systems are available to an organization and can be extremely beneficial to its growth, there are some management challenges. Some of these challenges include the tension related to designing and building the information systems, the need for training for both management and employees, and the need to establish which information systems is the most critical, therefore which system receives the majority of the funding. For an organization to overcome these challenges they need establish exactly what is needed in terms of information systems. Next, they need to schedule and provide proper training to all company personnel, so they are familiar with the systems. Finally, they need to develop a method of accounting for the cost of the systems and their priority.

Key Enterprise Applications

Most organizations compete in an rapidly changing, aggressive, global environment. Operating in a global environment forces an organization to concentrate on the most cost-effective implementation of its processes, customer service, and speed at which their products or services are brought to market. To achieve these lofty goals, it is essential that the organization freely exchange useful information across different functions, levels, and business departments. By incorporating all its processes, the organization can more effectively exchange information between departments, customers, and suppliers. The four key enterprise applications are enterprise systems, supply chain management systems, customer relationship management systems, and knowledge management systems.

Enterprise Systems

Enterprise systems incorporate the vital business processes of an organization into a separate software system. Data from a variety of functional areas are centrally housed and maintained where they can be retrieved and utilized by other functional processes. This alters an organizations work flow. Now information can effortlessly run throughout the organization, increasing synchronization, efficiency, and decision making. Enterprise systems are extremely tricky to employ successfully and once employed, are especially hard to change. “Enterprise systems, also known as enterprise resource planning (ERP) systems solve problems by providing a single information system for organization-wide coordination and integration of key business processes” (Laudon & Laudon, 2006, p. 56).

Supply Chain Management Systems

Supply chain management (SCM) can be described as an overseeing of resources, information, and finances as they move form supplier to manufacturer to wholesaler to retailer and finally to the consumer. Supply chain management requires managing and integrating the information, goods, and services flow together within and amongst organizations. Supply Chain Management Systems (SCMS) are used to help an organization manage its relationship with suppliers to optimize the planning, sourcing, manufacturing, and delivery of goods and services. SCMS supply information to aide suppliers, purchasing organizations, wholesale distributors, and logistic companies coordinate, schedule, and control business processes for their products and services (Su & Yang, 2010).

Customer Relationship Management Systems

Many businesses make more profit from ongoing relationships with their customers than from the original sale. Customer relationship management (CRM) is a term applied to processes implemented by an organization to handle its contact with its customers. Customer relationship management systems (CRMS) concentrates on the coordination all of the business processes encompassing the organizations with its customers in sales, marketing, customer satisfaction, revenue optimizing services, and customer retention (Laudon & Laudon, 2006). In today’s highly-competitive business surroundings, the success of an organization relies greatly upon maintaining and exceeding customer expectations for both service and value.

Knowledge Management Systems

Knowledge management is the specific management of essential knowledge and information acquired by individuals so that it can be is effectively shared and made use of by other personnel in the organization. Through the successful sharing of corporate intellectual assets, Organizational Knowledge must be efficiently changed into business intellect.

Personal knowledge concerning a business process must be converted into corporate knowledge ensuring it applied throughout consistently, ensuring maximum benefit to the organization. The main function of a Knowledge Management System (KMS) must be to make information obtainable to all authorized users (Laudon & Laudon, 2006). However, implementing a straightforward information management system, file indexing and retrieval system is only the start. Securing corporate knowledge requires more than software and technology, it requires solid document management software and cultural alteration of how information is produced, handled, stored, and distributed.