case study

Date: 10/18/2019

Subject: Tracking Shadow IT/ Including new projects

Introduction Comment by Sharon Rose: The CEO challenge is for an internal employee provide recommendation of new IT system to remove or bring the Shadow IT projects under the IT department.Include how this assignment will communicate how your project proposal satisfied the CEO's concern. Remember Shadow IT from the Week 1 Discussion. The Shadow IT has to either be adopted by the organization, or it has to be removed by the organization. Comment by James Manning:

After our meeting today we all know very well that there has been an increase in the appearance of unauthorized or planned IT resources appearing in our network. The challenge here is that as a company our IT team has no way to track all of these resources and ensure that they are not violating our information security policies. Since we host sensitive personal information we need a way to ensure that any new resources or tools do not present a security concern. While we would all like to think that our IT team can crack down and we can train and global email our way into an IT culture within the company that eliminates shadow IT resources and projects. I think that there is a way for us to help track these projects and ensure that security is not compromised in the process.

Proposed Information System Comment by Sharon Rose: Identify the main functions of your proposed information system and why they are important to the business.To earn an ‘A’ in this section you must (From Grading Rubric):Proposed an original information system. Identified the main functions of the system. Explained the importance of each function to the business.Explained the stylistic choices for architecture of information system. Connected main functions of system to business needs and shadow IT.

Cloud providers now offer a vast amount of resources that allow customers like ourselves to ensure that we can launch resources and track the costs of those resources on an enterprise level. I propose that we allow each business unit or practice group to create AWS accounts for its employees. If each practice group has its own AWS organization it can track the resources cost and configuration of everything launched on the platform. This way our IT team can create access roles to each account and perform audits for cost, security and compliance. This adds value and is important to our business as it presents us the opportunity to rid ourselves of untracked resources and potential security risks.

Comment by James Manning:

Figure 1. aws.amazon.com

Functions Important to Business Comment by James Manning: To earn an “A” in this section (From Grading Rubric):Explained how the main functions are being handled by the old information system. Described the problems of the old system. Justified why the new system can handle things better than the old system.Described why inefficiencies of maintenance in the old system persist. Provided options for keeping the system separate, integrating with old, or scaling up/down based on business needs.

Currently our IT team provisions resources and access per request. As our company has grown at a rapid rate over the past three or four years. As a result the requests for features and systems have increased at a rate where we cannot accommodate them in a manner that helps our employees continue to satisfy our customer needs. This led to us breaching SLA at a pace that was not acceptable to our bottom line. We cannot risk upsetting customers and losing revenue for our company. As a result this has led to more and more shadow IT resources being provisioned without the approval of IT and IS teams. As a result having these AWS accounts available for creating new resources and applications will drive our business productivity while allowing us to monitor the spend and configuration from an administrative and security standpoint.

Comment by Sharon Rose: Add Charts when applicable. Comment by James Manning:

Data Management Comment by Sharon Rose: Provide an overview of data management. Comment by James Manning: Comment by Ali, Kheezer:

Data management is the action of gathering storing and protecting the data that our company needs to store in order to function as a business. As a company we need to ensure that the data we gather is stored in secure encrypted location. Access should be managed to ensure that no data leaks exist.

Data Types Comment by James Manning: Describe the data types in the system. The 13 Types Of DataTo earn an “A” in this section (From Grading Rubric):Described the data types in the system.

Each new system can manage different types of data. If the marketing team builds a new website for a customer. They will have customer data that will include name email addresses and other personal information

Storage Methods Comment by James Manning: Describe the Storage Methods4 Data Storage Methods for BusinessesTo earn an “A” in this section (From Grading Rubric):Explained how the system would hold each data type. Explained the system storage and interaction with data.

Depending on the type of data collected by each system or resources provisioned. The data can be stored within RDS or S3. This data will be accessed by other components of the system as needed.

Data Quality Comment by James Manning: Describe the Data QualityWhat is Data Quality?To earn an “A” in this section (From Grading Rubric):Proposed how data quality would be ensured.Considered the impacts of cost and maintenance on data quality.

We will be ensuring data quality by having the IT and IS teams audit the databases and access protocols of each system. Access will monitored strictly by the IT and IS teams. Keeping data secure and making it hard to be altered or tainted will ensure that our data is of high quality. Keeping access tight ensure that we do not have a data leak which can cost large sums of money to clean up.

Transition of System Functions Comment by Sharon Rose: Describe the System TransitionTo earn an “A” in this section (From Grading Rubric):Explain how the functions you mentioned are being handled by the old information systemThe problems that occurWhy your information system will handle things better.Described why inefficiencies of maintenance in the old system persist. Provided options for keeping the system separate, integrating with old, or scaling up/down based on business needs. Comment by Ali, Kheezer:

While we will not be replacing an existing system with this approach right off the bat. This approach will allow us to track any and all new IT resources and systems. This is in turn will drive down shadow IT.

Evidence of Feasibility Comment by Sharon Rose: Offer evidence of feasibility: Show that similar information systems have been built successfully and that they save more money than they cost.What is Feasibility?To earn an “A” in this section (From Grading Rubric):Identified similar, successful information systems. Demonstrated cost savings comparison. Defended how the new system could operate similarly to successful systems.Explain what makes the information system identified similar to yours. Demonstrate how the new system outperforms similar systems.

A large question that will arise upon reviewing this memo will be cost. To that I would like to point out right now we are unable able to quantify the cost that shadow IT has placed upon us due to our inability to track these resources on a granular level. With this approach a new budget can be put in place and strictly enforced from a management level. Since the costs will roll up to the payer account of each Organization. We will have great visibility into the spend of each business unit.

References Comment by Sharon Rose: Reference Page Notes: Use a separate references page and double space. Note that throughout the paper and reference list, titles of non-periodicals and the names of journals, book titles, and volume are set in italics rather than being underlined. See APA Manual, pages 239-281 for examples of various references. In addition, please read pages 215-232 for basic reference guidelines. Remove References in example that you do not use.

Baltzan, Paige. (2017) Information Systems (4th ed.). New York, NY: McGraw-Hill Education.