Research Proposal 1

INFORMATION SYSTEM CONSULTANTS: A CHALLENGING ROLE AGAINST HACKING

Research Proposal 2

Introduction To bridge the fields of business and computer technology, the discipline of Information Systems is forming new scientific and digital approaches. Usually abbreviated as IS, this is an academic or professional discipline that is supported by the hypothetical fundamentals of computations and information so that educated scholars have exclusive prospects to discover the academics of a variety of business model and associated algorithmic routes within the discipline of computer-science. The start of this field is as old as the invention of computer in 1981. From the very start, computer was used to store military data. This utility has extended to the world wide data storage and transfer across the globe. Other than the designers and implementers of these information systems, there is the role of a consultant who is responsible to satisfy the queries of the customers and to ensure the solution of any problem that occurs. Thus, an information system consultant plays a challenging role that has to keep up with all the latest technologies to foresee any new issue or problem that might arise. Moreover, he also has to devise new approaches to serve the organizations better with securer programs focusing on the possible threats of data theft and data loss during transference (Dhillon, 2003, p.76). The most common threat against which the information system consultants have to fight is the data hacking. Hacking is the theft of data or information in order to harm an organization or to benefit the other by unlawful means. It started 2 years after the invention of computer and from then programmers are trying to find newer security measures. There are numerous data hacking devices and software in use nowadays that have made it the most potential danger against the secrecy of an organization. Therefore, a consultant has to find out such restricted ways that can guarantee the privacy of an individual organization.

Research Proposal 3

Background and Problem definition The research problem to be addressed would be: "A study to analyze the challenging role of IT consultants against hacking issue. The researcher wants to highlight the increasing tendency of network and data hacking in the information systems. Though information systems have emphasized the importance of computer techniques in the development of business, the increasing tendencies of hacking are causing fears in the minds of executives. The theft of important information can lead to enormous loss. This issue has raised various questions upon the utility and limitations of using information systems for data transfer. Research Questions The researcher will try to find out the answers to the following questions:
1. What role can an information system consultant play to prevent even the minute data loss

and hack?
2. What threats will he have to face? 3. What new ways can be adopted to bring newness and uniqueness in the system ideas and

get prepared for the future threats? Research Objectives The objectives of this research are as follows:

Research Proposal 4

1. The researcher wants to highlight the challenging role that a consultant has to play in the development and success of an information system. 2. The researcher wants to aware the consultants of the importance of knowledge and skill against hacking software. Literature Review/ Theoretical Framework Computer technology and system software are now a crucial component of the daily routine of people and are essential to the development of the world economy. They are merging and fitting more and more. The programmers all over the world are doing their best to design fool proof and theft proof programs to ensure secure data and information transfer across the globe. However, data hacking has always been a potential threat in the development of safe data transfer paths. Data hacking means the stealing of information from ones safe place for some possible reasons:
1. To get benefitted from the information stolen 2. To challenge the security of ones organization (Dhillon, 2003, p.76-85)

For years, executives and programmers have fought against data hackers. Started in 1983 with the 414s, these gang cyber crimes have reached a peak nowadays. The role a consultant usually plays is that of a savior against various hacking attacks. He builds a bridge between the customer and the programmer, satisfies the queries of the customer and conveys new ideas to the programmers. In this way, he plays a battle against the hackers with the aid of information system developers and the organization (Lehtinen, Russell, and Gangemi, 2006, p. 250-255).

Research Proposal 5

Attacks against Information Systems The hacking threats against an information system are as follows:

Unauthorized Access: the attacker gains unauthorized access to the stored data by hacking password or by breaking its code.

Disruption: there can be various disrupting attacks that can cause denial or degradation of services. This kind of attack overloads the network system and causes automatically generated messages. This kind of attack has caused damages to millions of information systems till now.

Execution of Malicious Software: some of the attackers inject malicious software, such as virus, into the system that not only damages the computers but also causes loss of data. They can alter or delete data easily leading to high scale damages.

Interception of confidential information: the privacy and reliability necessities of the users are also damaged by informative interceptions; it is usually called sniffing.

Misrepresentation: It spreads by using someone elses identity through information system, can result in fraud and stealth of valuable information, it is usually known as Spoofing (Stewart, Tittel, and Chapple, 2008).

Prevention against hacking attacks The scholars have offered various anti hacking tips and suggestions to prevent the malicious activity and the loss of data and information. Some of these are as follows:

Research Proposal 6

Ubiquity of system: The total connectivity of systems implies wider range of hazards to security. The program will be exposed to more threats and the chances of hacking will increase. Therefore, scholars forbid total ubiquity of systems.

Third Parties: Public Keys Infrastructure has already worked with reliable third parties that, for example, issue digital documentations. These parties aid to lessen the problem of trust (Yakhno, 2004, p. 404-406). In spite of widening their reliance on a peer-to-peer network, people have to depend upon only a small number of chosen trusted third parties or documentation authorities.

Revision of network protocols: the design of internet had not considered security problems. This is the root cause of hacking that can be minimized by revising current communication protocols.

Biometrics: Biometric authentication techniques have some very hopeful compensation; however, they have some challenging characteristics as well (Bocij, Greasley, and Hickie, 2009, p. 532). Scholars have posed two questions against biometrics:
a. As Biometrics does not allow any pseudonym authentication, the people will be

asked for iris scans, fingerprints or DNA test every time.

b. As a new password is issued if the previous one is lost, what a man can do to

compensate the damage?

Security Outsourcing: security outsourcing organizations provide the solution of security and safety concentrating on the issues only (Kelly and Casey, 2009, p.340). Different organizations hire their services to ensure security.

Research Proposal 7

IT Insurances: Anti-hacking software, firewalls and other programs can also be developed to ensure safety and security of confidential data.

Khare (2006) has also suggested the following recommendations:

Simplification: Complex systems and programs are difficult to handle, and difficult to be secured. Therefore, the programmers must make such frameworks that devise simple structures for which there can be simple security systems devised.

Care in system designing: new programs, software and hardware must be designed keeping in view the current security hazards. This will lessen the potentiality of threats.

User Awareness: if the users are made aware of the potential security hazards, they can be taught ways to avoid mistakes that result in the leakage of confidential information. This will save enormous finance, time as well as valuable data. (Khare, 2006, p.258-260) Thus, the researcher thinks that a consultant can play a challenging role in mechanizing

the security of information systems. Therefore, the organizations must train such individuals who possess the knowledge of the business, computer skill as well as ability for programming so that they may devise and recommend solutions to the programmers on the basis of received responses of the users. The security of an information system can be ensured by the interaction of user, consultant and the programmer. The user gives feedback to the consultant after using the security program. The consultant analyzes the responses, probes into the reasons of security failures, thinks of solutions and suggests them to the designers and programmers of the system. The programmers will make amendments to fulfill the requirements. This program then can again be

Research Proposal 8

checked by the consultant and referred to the users for further check. The factors that will interfere include the personal mistakes of the users, non-electronic cheat (for example, telling the passwords to friends), system failure due to some local problem, etc. The personal sense of responsibility and duty among the users will also affect these programs. Thus, a mutual cooperation of the user, consultant and the programmer can ensure hacking free transference of the information possible. Methodology: The research design for this dissertation will be quantitative as in depth investigation of the phenomenon is required. A sample of 30 IT professionals will be randomly selected from various online business industries to represent the entire population. Data will be gathered from both primary and secondary resources. For primary data, a questionnaire having 6 questions will be designed and distributed. The plan of these questions will be deduced from the secondary data collected in the literature review. This questionnaire will be communicated to the respondents using Emails. For the purpose of analysis, pie charts will be used.

Research Proposal 9

References Bocij, P, Greasley, A. and Hickie, S. (2009). Business Information Systems: Technology, Development and Management. 4. UK: Pearson Education, Limited, p. 529-556. Dhillon, G. (2003). Social Responsibility in the Information Age: Issues and Controversies. Reprinted. Idea Group Inc (IGI), p.76-85. Lehtinen, R, Russell, D. and Gangemi, G.T. (2006). Computer Security Basics. 2nd Edition. O'Reilly Media, Inc, p. 250 - 278. Khare, R. (2006). Network Security and Ethical Hacking. Illustrated. UK: Luniver Press, p. 258269. Kelly, R., and Casey, G. (2009). Introduction to Information Systems: Enabling and Transforming Business. 3rd Edition. San Francisco: John Wiley and Sons, 2009. p. 336349. Stewart, J. M., Tittel, E. and Chapple, M. (2008). CISSP: Certified Information Systems Security Professional Study Guide. 4th Edition. San Francisco: John Wiley and Sons. Yakhno, T. (2004). Advances in information systems: third international conference, ADVIS 2004, Izmir, Turkey, October 20-22, 2004: proceedings. New York: Springer-Verlag New York Inc, pp. 402-465.