Chapter 17 Managing Information MGMT Chuck Williams Designed & Prepared by B-books, Ltd.

Moore’s Law Moore’s Law is the prediction that every 18 months, the cost of computing will drop by 50 percent as computer-processing power doubles. As Exhibit 17.1 shows, Gordon Moore, one of the founders of Intel Corporation, was right—and his prediction was in 1965! If car manufacturers had achieved the same power increases and cost decreases attained by computer manufacturers, a fully outfitted Lexus or Mercedes sedan would cost less than $1,000!

Why Information Matters After reading these sections, you should be able to: explain the strategic importance of information. describe the characteristics of useful information (i.e., its value and costs). Raw data are facts and figures. For example, 11, $452, 1, and 26,100 are some data that the author used the day he wrote this section of the chapter. However, facts and figures aren’t particularly useful unless they have meaning. For example, you probably can’t guess what these four pieces of raw data represent, can you? And if you can’t, those data are useless. That’s why researchers make the distinction between raw data and information. While raw data consists of facts and figures, information is useful data that can influence someone’s choices and behavior. So what did those four pieces of data mean to me? Well, 11 stands for channel 11, the local CBS affiliate on which he watched part of the men’s PGA. golf tournament. $452 is how much it would cost him to rent a minivan for a week if he goes skiing over spring break. 1 is for the 1 gigabyte storage card that he wants to add to his digital camera. And 26,100 means that it’s time for him to get the oil changed on his car.

Data versus Information Raw data = facts + figures Information = useful data that influences choices

Strategic Importance of Information First-Mover Advantage Sustaining a Competitive Advantage First-mover advantage is the strategic advantage that companies earn by being the first in an industry to use new information technology to substantially lower costs or to differentiate a product or service from competitors. In all, first-mover advantages can be sizable. On average, first movers earn 30 percent market share compared to 19 percent for companies that follow. Over 70 percent of market leaders started as first movers. 1

First-Mover Advantage The strategic advantage that companies earn by being the first to use new information technology to lower costs or to differentiate a product. 1.1

Cable versus DSL Cable companies have invested $90 billion over the last decade to create a first-mover advantage in delivering high-speed Internet. Recall from Chapter 6 the discussion regarding first-mover advantage. In that chapter, the example of user interface illustrated the concept of sustainable competitive advantage. AOL was the first ISP to have an easy-to-use and intuitive interface; competitors could not match AOL’s features, which gave AOL a first-mover advantage.

Fast Facts on First Movers ON AVERAGE: First movers earn a 30% market share. Later movers earn a 19% share. Of market leaders, a whopping 70% were first movers. Over time, however, competitors like MSN were able to imitate AOL’s design features and keep AOL from achieving a sustainable competitive advantage through information technology.

Sustaining a Competitive Advantage Competitive Disadvantage Competitive Parity Sustained Competitive Advantage Temporary Competitive Advantage Is it difficult for another firm to create or buy the IT? NO YES Does the information technology (IT) create value? Is the IT different across competing firms? According to the resource-based view of information technology shown in Exhibit 17.2, companies need to address three critical issues in order to sustain a competitive advantage through information technology. First, does the information technology create value for the firm by lowering costs or providing a better product or service? If an information technology doesn’t add value, then investing in it would put a firm at a competitive disadvantage to companies that choose information technologies that do add value. Second, is the information technology the same or different across competing firms? If all the firms have access to the same information technology and use it in the same way, then no firm has an advantage over another (i.e., competitive parity). Third, is the firm’s use of information technology difficult for another company to create or buy? If so, then a firm has established a sustainable competitive advantage over competitors through information technology. If not, then the competitive advantage is just temporary, and competitors should eventually be able to duplicate the advantages the leading firm has gained from information technology. The key to sustaining a competitive advantage is through the use of information technology to improve and support the core functions of a business. Wal-Mart is an excellent example. It was one of the first retailers to use computers and bar codes to track sales and inventory data, then share those data with suppliers. 1.2

Characteristics of Useful Information Accurate Verifiable Timely Organized Accessible Relevant Complete Information is useful when it is accurate. To be accurate, information must be reliable and valid. Information is useful when it is complete. To be complete, the amount of information must be sufficient to identify the problem and begin to identify potential solutions. Information is useful when it is relevant. Information is relevant when it pertains to the problem, so that decision makers can use it to define the problem and begin to identify potential solutions. Finally, information is useful when it is timely. To be timely, the information must be available when needed to define a problem or begin to identify possible solutions. If you’ve ever thought, “I wish I'd known that ahead of time,” then you understand the importance of timely information. 2

Costs of Useful Information Acquisition Processing Storage Retrieval Communication Costs There are costs associated with obtaining good information: Acquisition cost is the cost of obtaining data that you don’t have. Processing cost is the cost of turning raw data into usable information. Storage cost is the cost of physically or electronically archiving information for later use and retrieval. Retrieval cost is the cost of accessing already-stored and processed information. One of the most common misunderstandings about information is that it is easy and cheap to retrieve once the company has it. Not so. First, you have to find the information. Then, you’ve got to convince whoever has it to share it with you. Then the information has to be processed into a form that is useful for you. By the time you get the information you need, it may not be timely anymore. Communication cost is the cost of transmitting information from one place to another. 2

Getting and Sharing Information After reading these sections, you should be able to: explain the basics of capturing, processing, and protecting information. describe how companies can access and share information and knowledge.

Capturing Information Electronic Manual Bar Codes Radio Frequency Identification Tags Electronic Scanners Optical Character Recognition There are two basic methods of capturing information, manual and electronic. Manual capture of information is a labor-intensive process by which data are recorded and entered by hand into a data storage device. The problem with manual capture of information is that it is slow, expensive, and often inaccurate. Consequently, companies are relying more on electronic capture, in which data are electronically recorded and entered into electronic storage devices. Bar codes and document scanners are the most common methods of electronically capturing data. Bar codes represent numerical data by varying the thickness and pattern of vertical bars. The primary advantage that bar codes offer is that the data they represent can be read and recorded in an instant with a hand-held or pen-type scanner. One pass of the scanner (Ok, sometimes several) and “Beep!” the information has been captured. Bar codes were invented in 1952, and were first used to track parts inventory in factories in 1961. However, it took nearly two decades for bar code scanners to become standard equipment in most retail and grocery stores. Yet, once adopted, bar codes cut checkout times in half, reduced data entry errors by 75 percent, and saved stores money because stockers didn’t have to go through the labor-intensive process of placing a price tag on each item in the store. Radio frequency identification tags contain miniscule microchips and antennas that transmit information via radio waves. RFID tags are read by turning on an RFID reader, at a range up to several thousand feet. For example Sky Chefs uses this technology to keep track of serving carts on planes. Because they are inexpensive and easy to use, electronic scanners, which convert printed text and pictures into digital images, have become an increasingly popular method of electronically capturing data. However, text that has been digitized cannot be searched or edited like the regular text in your word processing software. Therefore, companies can use optical character recognition software to scan and convert original or digitized documents into ASCII text (American Standard Code for Information Interchange). ASCII text can be searched, read, and edited in standard word processing, e-mail, desktop publishing, database management, and spreadsheet software. 3.1

Processing Information: Data Mining Supervised Data Mining Data Warehouse Unsupervised Data Mining Data Clusters Sequence Patterns Predictive Patterns Affinity Patterns Processing information means transforming raw data into meaningful information that can be applied to business decision making. Evaluating sales data to determine the best and worst selling products, examining repair records to determine product reliability, or monitoring the cost of long-distance phone calls are all examples of processing raw data into meaningful information. One promising tool to help managers dig out from under the avalanche of data is data mining. Data mining is the process of discovering unknown patterns and relationships in large amounts of data. Data mining works by using complex algorithms. Data mining looks for patterns that are already in the data but are too complex for managers to spot on their own. The data typically come from a data warehouse that stores huge amounts of data that have been prepared for data mining analysis by being cleaned of errors and redundancy. The data in a data warehouse can then be analyzed using two kinds of data mining. Supervised data mining usually begins with the user telling the data mining software to look and test for specific patterns and relationships in a data set. By contrast, unsupervised data mining is when the user simply tells the data mining software to uncover whatever patterns and relationships it can find in a data set. Unsupervised data mining is particularly good at identifying association or affinity patterns, sequence patterns, and predictive patterns. It can also identify data clusters. 3.2

Unsupervised Data Mining Data Clusters Sequence Patterns Predictive Patterns Affinity Patterns Three or more database elements occur together One of the elements precedes the other Helps identify database elements that are different Two or more database elements occur together significantly Association or affinity patterns occur when two or more database elements tend to occur together in a significant way. Sequence patterns occur when two or more database elements occur together in a significant pattern, but with one of the elements preceding the other. By contrast, predictive patterns are just the opposite of association or affinity patterns. While association or affinity patterns look for database elements that seem to go together, predictive patterns help identify database elements that are different. Data clusters are the last kind of pattern found by data mining. Data clusters occur when three or more database elements occur together (i.e., cluster) in a significant way. Traditionally, data mining has been very expensive and very complex. Today, however, data mining is much more affordable. 3.2

Protecting Information Authentication Authorization Two-factor authentication Firewalls Antivirus software Data encryption Virtual private networks Secure Sockets Layer (SSL) encryption Protecting information is the process of ensuring that data are reliably and consistently retrievable in a usable format for authorized users, but no one else. Two critical steps to make sure that data can be accessed by authorized users only are authentication and authorization. Two-factor authentication is based on what users know, and what they have, such as a secure ID card. To reduce risks of hackers, companies use firewalls. Firewalls are hardware or software devices that sit between the computers in an internal organizational network and outside networks, such as the Internet. Firewalls filter and check incoming and outgoing data. They prevent company insiders from accessing unauthorized sites or from sending confidential company information to people outside the company. Firewalls also prevent outsiders from identifying and gaining access to company computers and data. A virus is a program or piece of code that attaches itself to other programs on your computer and can trigger anything from a harmless flashing message to reformatting your hard drive to a system wide network shutdown. Another way of protecting information is to encrypt sensitive data. Data encryption transforms data into complex, scrambled digital codes that can only be unencrypted by authorized users who possess unique decryption keys. One method of data encryption is to use products such as PGP Desktop Security (www.pgp.com) to encrypt the files stored on personal computers. However, virtual private networks (VPN) solve this problem by encrypting Internet data at both ends of the transmission process. Instead of making long-distance calls, employees dial an Internet Service Provider, such as MSN or AOL that provides local service all over the world. Unlike typical Internet connections in which Internet data packets are unencrypted, the virtual private network encrypts the data sent by employees outside the company network, decrypts the data when they arrive within the company computer network, and does the same when data are sent back to the computer outside the network. Secure Sockets Layer encryption provides secure off-site access to data and programs. 3.3

Protecting Information Firewall - Security system consisting of hardware and/or software that prevents unauthorized intrusion Protecting information is the process of ensuring that data are reliably and consistently retrievable in a usable format for authorized users, but no one else. Two critical steps to make sure that data can be accessed by authorized users only are authentication and authorization. Two-factor authentication is based on what users know, and what they have, such as a secure ID card. To reduce risks of hackers, companies use firewalls. Firewalls are hardware or software devices that sit between the computers in an internal organizational network and outside networks, such as the Internet. Firewalls filter and check incoming and outgoing data. They prevent company insiders from accessing unauthorized sites or from sending confidential company information to people outside the company. Firewalls also prevent outsiders from identifying and gaining access to company computers and data. A virus is a program or piece of code that attaches itself to other programs on your computer and can trigger anything from a harmless flashing message to reformatting your hard drive to a system wide network shutdown. Another way of protecting information is to encrypt sensitive data. Data encryption transforms data into complex, scrambled digital codes that can only be unencrypted by authorized users who possess unique decryption keys. One method of data encryption is to use products such as PGP Desktop Security (www.pgp.com) to encrypt the files stored on personal computers. However, virtual private networks (VPN) solve this problem by encrypting Internet data at both ends of the transmission process. Instead of making long-distance calls, employees dial an Internet Service Provider, such as MSN or AOL that provides local service all over the world. Unlike typical Internet connections in which Internet data packets are unencrypted, the virtual private network encrypts the data sent by employees outside the company network, decrypts the data when they arrive within the company computer network, and does the same when data are sent back to the computer outside the network. Secure Sockets Layer encryption provides secure off-site access to data and programs.

Protecting Information What is a biometric device? Authenticates person’s identity using personal characteristic Fingerprint, hand geometry, voice, signature, and iris Protecting information is the process of ensuring that data are reliably and consistently retrievable in a usable format for authorized users, but no one else. Two critical steps to make sure that data can be accessed by authorized users only are authentication and authorization. Two-factor authentication is based on what users know, and what they have, such as a secure ID card. To reduce risks of hackers, companies use firewalls. Firewalls are hardware or software devices that sit between the computers in an internal organizational network and outside networks, such as the Internet. Firewalls filter and check incoming and outgoing data. They prevent company insiders from accessing unauthorized sites or from sending confidential company information to people outside the company. Firewalls also prevent outsiders from identifying and gaining access to company computers and data. A virus is a program or piece of code that attaches itself to other programs on your computer and can trigger anything from a harmless flashing message to reformatting your hard drive to a system wide network shutdown. Another way of protecting information is to encrypt sensitive data. Data encryption transforms data into complex, scrambled digital codes that can only be unencrypted by authorized users who possess unique decryption keys. One method of data encryption is to use products such as PGP Desktop Security (www.pgp.com) to encrypt the files stored on personal computers. However, virtual private networks (VPN) solve this problem by encrypting Internet data at both ends of the transmission process. Instead of making long-distance calls, employees dial an Internet Service Provider, such as MSN or AOL that provides local service all over the world. Unlike typical Internet connections in which Internet data packets are unencrypted, the virtual private network encrypts the data sent by employees outside the company network, decrypts the data when they arrive within the company computer network, and does the same when data are sent back to the computer outside the network. Secure Sockets Layer encryption provides secure off-site access to data and programs. Next

Protecting Information What is encryption? Safeguards against information theft Process of converting plaintext (readable data) into ciphertext (unreadable characters) Encryption key (formula) often uses more than one method To read the data, the recipient must decrypt, or decipher, the data Protecting information is the process of ensuring that data are reliably and consistently retrievable in a usable format for authorized users, but no one else. Two critical steps to make sure that data can be accessed by authorized users only are authentication and authorization. Two-factor authentication is based on what users know, and what they have, such as a secure ID card. To reduce risks of hackers, companies use firewalls. Firewalls are hardware or software devices that sit between the computers in an internal organizational network and outside networks, such as the Internet. Firewalls filter and check incoming and outgoing data. They prevent company insiders from accessing unauthorized sites or from sending confidential company information to people outside the company. Firewalls also prevent outsiders from identifying and gaining access to company computers and data. A virus is a program or piece of code that attaches itself to other programs on your computer and can trigger anything from a harmless flashing message to reformatting your hard drive to a system wide network shutdown. Another way of protecting information is to encrypt sensitive data. Data encryption transforms data into complex, scrambled digital codes that can only be unencrypted by authorized users who possess unique decryption keys. One method of data encryption is to use products such as PGP Desktop Security (www.pgp.com) to encrypt the files stored on personal computers. However, virtual private networks (VPN) solve this problem by encrypting Internet data at both ends of the transmission process. Instead of making long-distance calls, employees dial an Internet Service Provider, such as MSN or AOL that provides local service all over the world. Unlike typical Internet connections in which Internet data packets are unencrypted, the virtual private network encrypts the data sent by employees outside the company network, decrypts the data when they arrive within the company computer network, and does the same when data are sent back to the computer outside the network. Secure Sockets Layer encryption provides secure off-site access to data and programs. Next Next

Tips for Protecting Data Beyond the Book Rule #1: Understand the real value of data (not just the value of the disk it’s on) and treat it accordingly. Encrypt data. Track data that you send to someone else. Use a coding system to label the value of a disk or a memory stick. Source: B. Worthen, “Workers Losing Computer Data May Lack Awareness of its Value,” The Wall Street Journal, 27 November 2007, B3.

Accessing and Sharing Information and Knowledge Internal Access and Information Sharing External Access and Information Sharing Sharing of Knowledge and Expertise 4

Executive Information System (EIS) Uses internal and external data Used to monitor and analyze organizational performance Must provide accurate, complete, relevant, and timely information to managers An executive information system (EIS) uses internal and external sources of data to provide managers and executives the information they need to monitor and analyze organizational performance. The goal of EIS is to provide accurate, complete, relevant, and timely information to managers. Most EIS programs use touch screens, "point and click" commands, and easy-to-understand displays, such as color graphs, charts, and written summaries so that little learning or computer experience is required. In addition, basic commands such as find, compare, and show allow managers to easily and quickly get the information they need to make good decisions. 4.1

Intranets Private company networks Allow employees to access, share, and publish information A firewall permits only authorized internal access Intranets are private company networks that allow employees to easily access, share, and publish information using Internet software. Intranets are exploding in popularity. Intranet web sites are just like external Web sites, but the firewall separating the internal company network from the Internet only permits authorized internal access. 4.1

Why Companies Use Intranets Inexpensive Increase efficiencies and reduce costs Intuitive and easy to use Work across all computer systems Can be built on top of existing network Work with software programs that convert to HTML Software is available at no cost or is less expensive 4.1

Corporate Portals Corporate Portals A hybrid of executive information systems and intranets that allow managers and employees to use a Web browser to gain access to customized company information and to complete specialized transactions. While an EIS provides managers with the information they needs to monitor and analyze organizational performance, and intranets help companies distribute and publish information and forms with in the company, corporate portals allow company managers and employees to access customized information and complete specialized transactions using a Web browser. Corporate portals are a hybrid of executive information systems and intranets. 4.1

External Access and Sharing Electronic Data Interchange Extranets Web Services Internet Historically, companies have been unable or reluctant to let outside groups have access to corporate information. However, a number of information technologies—electronic data interchange, extranets, Web services, and the Internet—are not only making it easier to share company data with external groups like suppliers and customers. But the reduced costs, higher productivity, better customer service, and faster communications they produce also have managers scrambling to find ways to use them in their own companies. Electronic data interchange, or EDI, is the direct electronic transmission of purchase and ordering information from one company’s computer system to another company’s computer system. EDI saves companies money by eliminating step after step of manual information processing. While EDI is used to directly transmit purchase and ordering information from one company’s computer system to another company’s computer system, an extranet, by contrast, allows companies to exchange information and conduct transactions with outsiders by providing them direct, web-based access to authorized parts of a company’s intranet or information systems. Web services use standardized protocols to describe and transfer data from one company in a way that those data can be understood in another company. Similar to the way in which an extranet is used to handle transactions with suppliers and distributors, companies are reducing paperwork and manual information processing by using the Internet to electronically automate transactions with customers. In the long run, the goal is to link customer Internet sites with company intranets (or EDI) and extranets so that everyone who is involved in providing a service or making a product for a customer is automatically notified when a purchase is made. 4.2

Benefits of External Access and Sharing Increased productivity Reduced data entry errors Improved customer service Faster communications Reduced costs 4.2

Electronic Data Interchange (EDI) When two companies convert their purchase and ordering information to a standardized format to enable the direct electronic transmission of that information from one computer system to the other. 4.2

Extranet Extranet Allows companies to exchange information and conduct transactions with outsiders by providing them direct, Web-based access to authorized parts of a company’s intranet or information system. 4.2

Web Services Web Services Using standardized protocols to describe data from one company in such a way that those data can automatically be read, understood, transcribed, and processed by different computer systems in another company. 4.2

Sharing Knowledge and Expertise Decision Support System Helps managers to understand specific kinds of problems and potential solutions, and to analyze the impact of different decision options using “what if” scenarios. Expert System An information system that contains the specialized knowledge and decision rules used by experts so that nonexperts can draw on this knowledge base to make decisions. Unlike executive information systems that speed up and simplify the acquisition of information, decision support systems (DSS) help managers understand problems and potential solutions by acquiring and analyzing information with sophisticated models and tools. Furthermore, unlike EIS programs that are broad in scope and permit managers to retrieve all kinds of information about a company, DSS programs are usually narrow in scope and targeted toward helping managers solve specific kinds of problems. DSS programs have been developed to help managers pick the shortest and most efficient routes for delivery trucks, to pick the best combination of stocks for investors, and to schedule the flow of inventory through complex manufacturing facilities. It’s important to understand that DSS programs don’t replace managerial decision making; they improve it by furthering managers' and workers' understanding of the problems they face and the solutions that might work. Expert systems are created by capturing the specialized knowledge and decision rules used by experts and experienced decision makers. They permit nonexpert employees to draw on this expert knowledge base to make decisions. Most expert systems work by using a collection of “if-then” rules to sort through information and recommend a course of action. 4.3

Sharing Knowledge and Expertise What is an expert system? Captures and stores knowledge of human experts and then imitates human reasoning and decision making Consists of two components knowledge base—combined subject knowledge and experiences of human experts inference rules—set of logical judgments applied to the knowledge base

Sharing Knowledge and Expertise What is an example of an expert system? Step 1. A user selects his or her gender Step 2. Select the location on the body where the problem is being experienced Step 3. Select the type of pain. Step 5. Review the possible diagnosis. Step 4. Select other information about the problem.