IT

1 day ago

MUKESH NADH PERUMALLA 

Discussion 4

COLLAPSE

窗体顶端

1.

Because of a lot of reasons, mobile apps are thought to be unique. Some of them are,

Round-the-clock accessibility - Mobile phones make it easy to get in touch with people all the time. As a rule, people check their phones between three and four times an hour every day. You can't get a customer to be able to see your brand all the time.

Personalized Content - Shopping today is all about personalized content, and many people are willing to pay extra to get it, too. Shoppers want to have a great time shopping at an online store. Personal options like a "wishlist," "saved credit cards," and more make shopping easy and fun.

Push Notifications - There is no marketing campaign that works better than personalized mobile push notifications. Customers are more than three times as likely to check their phones for notifications than they are to check their web browsers (McWherter & Gowell, 2012). Also, mobile push notifications let retailers send messages to customers based on what they like and what they want.

Awesome Interface - A mobile user interface is better than a web interface. With better navigation and search options, the shopper has everything right in front of them. All of the options can be better organized in a menu form so that the customer can find the right one for him or herself.

Faster and Smoother - Mobile apps are faster and smoother than websites for mobile phones. This is how it works: Mobile apps are made to take advantage of all the features of the platform, like Android or iOS. This means that they work quickly but also don't take up a lot of space or battery power.

Safer and more secure - Mobile apps are hard to hack and bug-free, which makes them more secure than mobile websites. It is safer and more secure to make online transactions through apps than through websites.

Brand extension - Mobile apps are a way for your company to show off its brand. As long as the person has their phone with them, the logo of your company is always visible. There are a lot of people who like to buy things through your app instead of on the (McWherter & Gowell, 2012 ).

2.

When AI is combined with mobile apps, it can be very powerful. This is changing the world of technology and will take it to new heights in the near future. The algorithms and technology work together so that people with normal intelligence can do simple tasks without having to be told to do so (2016). In terms of mobile apps, AI helps the user out at a very high level. AI is going to be a big thing in the future, and it has a lot of great potentials. There is a lot of interest in artificial intelligence (AI) with chatbots and Personal Digital Assistants, but mobile apps are still very important to the business.

3.

Five years ago, the number of mobile apps was a lot less than it is now. There is a reason why the number of mobile apps is growing so quickly. It is very important for people to have mobile apps to help them with their daily lives now. People use a mobile app all day and all night. From fun to business, people refer to mobile applications (Mukherjea, 2016). Currently, there are a lot of mobile apps that let their users write reviews about different services. We can use mobile apps to stay healthy, learn languages, choose the best service, and more. There are many more things or tasks that people can do with the help of mobile apps.

窗体底端

Sai Vasanth Nanduri 

Mobile User Interface Design

COLLAPSE

窗体顶端

The tablet is a new computing platform, much like the smartphone was ten years ago. While the smartphone has moved past its infancy and is well-developed, the tablet remains relatively new and is in the process of development. With the explosion of mobile devices and platforms as iPhone Android, Blackberry developers have a greater need to create apps that are easy to use and navigate with touch screens. They have also created apps that take advantage of the small form factor, like social apps (Shaw et al., 2021). These trends also result in creating cross-platform apps, such as iChat, iMovie, and so on. Suppose the growth in the tablet market is any indication of the adoption of this new device. In that case, developers should begin planning to ensure their products are designed with tablet users in mind.

The majority of web designers and web admins are still thinking about web designs, not mobile designs. There is much confusion about creating a web design that is optimized for the smallest screen and the mobile device (Shaw et al., 2021). For many designers and web programmers who are not designers, their mobile web pages and web apps do not look different from the web pages they created before they learned how to use CSS and JavaScript to make a mobile-friendly web page and web app. To fix the web pages and web apps, they have to learn how to design mobile devices using CSS and JavaScript. However, there is another problem that they are not aware of. When asked how to make a website or web app that is mobile-friendly or optimized for mobile devices, most web designers do not provide a good answer (Wei et al., 2021).

Mobile apps are not just another website apps must be customized for each specific enterprise need. Most enterprises have to develop and manage apps to stay competitive in the mobile app market. The apps, often created by the companies marketing department, are beneficial. With the help of app developers, many companies spend a lot of time and money making apps, but then the market does an about-face, and app use declines (Wei et al., 2021). Companies spend valuable time and money creating apps that are not being used. For most organizations, mobile technology represents a great opportunity. It is rapidly becoming an essential means for employees to perform daily activities like interacting with customers, making reservations, or checking flight information (Wei et al., 2021).

窗体底端

Jack Yothers 

Week 4 Discussion: Separation of Duties

COLLAPSE

窗体顶端

When I think about separation of duties, I typically of examples in accounting or in SOX control (where it is mandated).  I can think of a few problems that I’ve personally witnessed where failure to have a proper separation of duties was an issue.  First, at a tennis club where I was a member, the manager was able to embezzle over $800,000 in a 10-year period by setting up a fictitious vendor account that she owned which billed the club for services on a monthly basis.  The club manager had the ability to approve both new vendor accounts and payments, which means that she had no oversight when it came to paying herself in this fraudulent way.  I’ve read of other small companies where this same scheme has been utilized.  When the club manager was eventually caught, she got a prison sentence and fines.  However, I don’t think the club was able to recover most of the lost money.  Second, I can recall working for a company in the 1990s where managers were allowed to approve employee expense reports with no oversight from accounting.  Due to this, I witnessed several occasions where managers took their team out for expensive dinners or trips to strip clubs, running up thousands of dollars of expenses.  However, they just had an employee that reported to them pay the tab and then the manager approved the expense report.  At my current company, this would be impossible to do now.  Managers are only allowed to approve expense reports up to a small amount, and then everything else requires a secondary approval from someone in the accounting department.  Therefore, fraud in expense reporting is generally impossible where I work.

How do you define a high-risk transaction?

I define a high-risk transaction as anything where there is the possibility for loss of either life, money, or reputation.  Typically, high-risk transactions involve compliance with legal or regulatory requirements, and failure to perform with care would jeopardize your job, the company’s viability, or endanger others.

If you were a security professional in a company, what are four roles (two sets of two related roles) you would separate and why?

From a SOX compliance standpoint, I can think of a couple examples of things that my team must do.  First, separation of duties in access control involves the submitter of an access request being unable to approve their own account changes.  For example, even though I am the manager of my team, if I request a role with super-admin privileges for an account, someone else must approve it. 

In addition, with change control under SOX, typically the same person that makes changes in the development environment can’t promote them into production.  This is done to avoid developers being able to fraudulently or inadvertently change production data that could be transactional or financial in nature.  Another example of separation of duty I can think of would be between developer and tester.  While a developer may want to test their own code before submission, the quality assurance of the code should be done by someone else before it is accepted into the main code branch or into a new environment.  On my team, we require at least two approvers for pull requests in Git to provide oversight and reduce errors in coding. 

窗体底端

Suraj Prakash Bhandari 

Discussion 4

COLLAPSE

窗体顶端

How do you define a high-risk transaction?

High-risk transactions are more likely to result in returns, chargebacks, or fraud. The issues will look the same regardless of the business's specific vertical. If there are any issues with the transaction, the merchant's funds will be put on hold until the issue is rectified (What Are High Risk Transactions, 2021). In other words, high-risk transactions can create a more significant loss if the vulnerabilities are exploited and may an organization standstill. For example, when an international customer does a transaction but as a card, not present transaction. In this case, it is complicated to verify that particular transaction and to check if it is authorized by the desired customer or not.

If you were a security professional in a company, what are four roles (two sets of two related roles) you would separate and why? Provide examples not mentioned in the description for this discussion.

Examples of Separation of duties are:

Layered Security Approach

A layered security approach in which two or more layers of independent controls are used to mitigate risk. Layered security takes advantage of the layers' redundancy, ensuring that if one layer fails to detect risk or attack, the following layer will. More layers, by this logic, should equal better risk reduction (Johnson & Easttom, 2021). More layers, on the other hand, might be cumbersome and costly. In risk reduction, there must be a balance between cost and reward.

Domain of Responsibility and Accountability 

Separation of Duties is typically used for transactions within a domain. Within a domain, it is the responsibility of management to identify high-risk transactions and ensure sufficient separation of duties; by ensuring adequate separation of duties, we can spot fraud opportunities in these transactions. It also entails recognizing the possibility of human error in these transactions. Separation of duties can help to reduce fraud as well as human error. 

窗体底端