Data Resource Management Natural Resource

Question: Describe about the Data Resource Management for Natural Resource. Answer: Introduction Overview of the business issue BHP Billiton is an Australian based globally active company that deals in natural resource generation and exportation. Inability of Data management: Some of the issues faced by BHP Billiton are problems of data lost, inability for maintenance of large amount of data, and data infiltration. The company has to maintain huge amount of data about its customers, clients, stakeholders, and inventory system (Brewster, Mayrhofer Morley, 2016). Privacy issues: The database of BHP Billiton consists of various amounts of data that is confidential in nature. The interest of their stakeholders is in achieving the services from the organization without risking the information. However, the growth and development of technology has made the information in the database at stake. There are means by which the information can be extracted without taking consent from the database administrator. Research Approach There are four main types of research approach that can be followed for researching about the security issues with the data resource management. The four types of research methods are Quantitative research, Qualitative research, Pragmatic approach for research, and Participatory research (Noshadi et al., 2013). Among these four research approaches the pragmatic is the best way for dealing with the research problem and not getting caught in the philosophical debates. This process of research has many benefits over the rest other research approaches. The pragmatic research approach would be helpful for implying the methods of both qualitative and quantitative method of research. The techniques and procedures can be altered and modified in pragmatic research approach as per the requirements of the research (Brewster, Mayrhofer Morley, 2016). It is evident that each of the step or method in research procedure has some limitations and complementary methods would be helpful for overcoming these limitations. The pragmatic method had helped in researching the security problems of data resource management for BHP Billiton. More than one research method can be used at the same time in this pragmatic research approach (Noshadi et al., 2013). Triangulation and data analysis are some other features of the pragmatic research method. Literature review Hacking of the Times Newspaper for data extraction According to Perlroth (2013), Chinese hackers have infiltrated the computer system of New York Times for extracting information and data. A report titled Hackers in China Attacked The Times for Last 4 Months, was published in The New York Times of Edition on 30th January, 2013. It clearly pointed out that the Chinese hackers have persuasively hacked into the database system of the Times. They extracted the information and passwords of the reporters and employees of the Times. It showed the security slackness of the data resource management at the Times. The information was stored in the information system database used at the Times. The technical experts of the Times get to know about the infiltration of the system after four months. The hackers constantly hacked the information system of the Times in the period of four months (Storey, 2014). The computer security expert at Times realized the attack when news was posted online in Times stating that the relatives of the prime minister of China had occupied huge amount of fortune. The security team found out that the hackers have got into the accounts of David Barboza (Bureau chief of Times in Shanghai) and Jim Yardley (Bureau Chief of Times South Asia). The security experts have not found out any proof of whether the report has been tampered, accessed, or downloaded. The penetration on the Times computer system was first done from the computers available at the universities of the United States. The hackers have routed the attack from these computer systems. It was similar type of attack that has been observed in Chinese Military (McKenzie, Neiger Thackeray, 2016). However the Times security experts have confirmed that the data and information of the customers have not been stolen. The attacks have been on a very complex scale that has showed signs of involvement of the professional hackers. These professional hackers have increased their range from spying on locals to big organizations, activist groups, government agencies, and media newspaper (Storey, 2014). The hackers have targeted western areas for stealing their trade secrets and different resources of news. They have been trying to anticipate the news and information for harming the image of the Chinese leaders among the people. They have stolen information from over 30 journalists and made a convenient grip on the contacts, files and email ids of these journalists. It is not the first time that the information system of United States has been compromised. Iran had also hacked the information system of banks and oil and gas corporations in US (McKenzie, Neiger Thackeray, 2016). Russia had used the hacking against its vengeance with Georgia in the year of 2008. The security team back tracked the attack a nd came to know that the hackers used to work regularly and they used to work till midnight with the hacking processes. The technology used for hacking by the hackers was such that whenever the users of the emails click on the link, the information could be accessed to the hackers. It was possible with the help of remote access tool for draining off the passwords, screen images, and documents. Illegal extraction of information from Sports Analytics An article titled Hackers strike out: Recent cases of alleged sports analytics IP theft has been posted in the Journal of Sports Analytics, IOS Press Content Library (Edition 2015, vol. 1). According to Frankel (2015), the article has focused on the scenarios of using modern technology for attacking the privacy of the information about sports. There have been some cases on the infringement, misappropriate use of the information or theft of the intellectual property of the sports analytics. There are various trade secrets and laws aligned to the sports activities. Two examples of cases where such infringement had occurred are National Football Scouting v. Rang and Houston Astros (Nabrzyski, Schopf Weglarz, 2012). In the first case of National Football Scouting v. Rang, there was a registration of federal court case. The issue was some disputes in the trade secrets and copyright patent of the sports analytics. The second case was of infiltration of the database of the proprietary data base of Houston Astros (Olanrewaju et al., 2016). The database containing the sports analytics was being hacked and the data were extracted or theft from the analytic system. The elements of data analytics are computer programs, statistical compilations, confidential business, and player evaluations data. These should be kept private for protecting the trade secrets of the organization (Nabrzyski, Schopf Weglarz, 2012). The development of technology has made it evitable for getting into the system and extracting the information from it. The information like fielding ability of players or playing attributes are all being recorded on the technology based structures. The technological advancement has also made it liable for being extracted from the database. The sports associations are facing many problems due to the infiltration of the data and information about the sports person (Olanrewaju et al., 2016). The trade secrets are defined for formulas, methods, compilations, and patterns. The main problem that the association faced due to data and information leakage is that their opponent could gain the player statistics. For example if the opponent team wou ld have the information about a good player, his or her strong attributes, and weak attributes, they would form strategies against the player (Matsuda et al., 2013). It would harm the play and the team whose players information has been leaked could lose. The companies that provide the data analytics for the sports association are also under threat of data theft. Their methods of data storage, compilation methods, and analysis tools could be duplicated or used by their rival companies (Matsuda et al., 2013). The plan made by any one company would be made available for their opponent or rival company. Hence, their time, money, and effort would be wasted. The rivals after gaining information about the company could successfully market control and customers. Therefore it is important for protecting the trade secrets by taking some measurable steps and actions. Results The result of the research can be explained by the Zachman framework for research study. Scope of research Model of Research System model Technological Model Details Who (People) Employees and Stakeholders Pragmatic research Tier Structure ER system diagram Role What (Data) Data Security Quantitative Database model Information system Data When (Time) Initial stage Event model Diagram of Event Specification of Event Event How (Role) Process list Model of processing Diagram of processing Function specification Process Where (Site) Internet Sources Location model Diagrams of location Specification of location Place Why (Motivation) Security Impact Relationship goal Rules Diagram Specification of rules Rules The Zachman Framework has shown that the research process consists of five main stages. They are scope, model, system model, technological model and details of the research (Stakutis et al., 2014). In this research there are only three stages of Zachman valid, and it can be explained in the following headings. Scope: According to Chen and Zhao (2012), the scope of the research is in the analysis of the data security methods. The research would help in understanding the extent to which the security threats are affecting the data resource management of BHP Billiton. The information system of BHP Billiton consists of large sets of data and information stored in stack format. The information is managed by the use of data administration or data resource management (Modi et al., 2013). The research would provide ample knowledge about the ways of the data resources can be managed securely. The various security issues of the data administration could be understood from the assignment. Model of research: The research approach that has been used for the assignment is pragmatic (Modi et al., 2013). The pragmatic research model had helped in quantitative analysis of the people elements in the BHP Billiton organization. On the other hand the hybrid structure of the research approach has made it possible for qualitative analysis of the data from different Internet sources (Stakutis et al., 2014). The research model used for research is best in this topic of data resource management. Details of the Research: The details of the research consist of elements such as data, processes, and events (Chen Zhao, 2012). The research activity would be eased if the data, processes and events are synchronised and they are managed on an individual scale. Discussion The discussion of the research process would help in interpretation of the measures of data security of the data resource management. The research has been done on the topic of security issues of the data administration or data resource management (Power, Sharda Burstein, 2015). The data security could be established by applying the security measures in the system. The study has helped in understanding the security issues and forming strategies for dealing with these issues. Design failures and suggestion for improvement of security design The security of the data resource management has to face the issue of design failure (Al Ameen, Liu Kwak, 2012). The security designs of the information management system or data administration system have to be validating with the current system and database. The failure of the design would lead to the formation of security issues in the deployment model. The design failure would result in security slackness and problematic processing. The key administration frameworks are intended to guard the security keys (Pitoura Samaras, 2012). However the examination group regularly discovered that the encryption keys are put away on organization circle drives. Database chairmen in some cases inaccurately trust on the system and these keys are left on the account of database discontent. Problems in Deployment and Use of SQL injection The security designs of the data resource management would have to be deployed without any issue (Power, Sharda Burstein, 2015). The database of the system could face problems while deploying the system security design in the BHP Billiton. The deployment could be failed due to minor problems in structure. A popular method for dealing with the hackers is SQL injections. The security had remained a critical problem in the protection of enterprise databases (Peltier, 2016). Applications are attacked by injections, and the database administrator is left to clean up the mess caused by contaminated variables and malicious code which is inserted into strings and later passed to an instance of SQL server for parsing and execution. Data theft and Avoidance from theft and fraud The integrity of the database would have to be maintained for database system (Al Ameen, Liu Kwak, 2012). The integrity of the database would help in successful implementation of the administration of the data. The database could be lost in the process of deployment. The buffer flow of the database administration vulnerability would leave to demonstration of the system compactness. The security measures would help in protecting the information system from the theft or fraud (Davis Squibb, 2015). The databases security system would enhance the security and protect the system from outside interference. The sensitive data would be protected from the access of non authorizing party. The BHP Billiton would be able to protect their data and information like stakeholder information, taxation data and legal obligations from its rivals. Issue of Data leaks and Privacy and Confidentiality implementation The database of the BHP Billiton would always be in threat of data leak by hackers and cyber criminals (Donald et al., 2013). The security issues of the information system would also give rise to the leakage of data. The absence of strong database security would give rise to the chance of data infiltration and un-authentic access. The confidentiality and privacy is very important for any business system (Peltier, 2013). The data like customers information and sales data must be kept at high notch. The privacy or confidentiality hindrance of this information would result in damaging the company. Hence the BHP Billiton could protect these data and maintain their data system by using the security features of the data resource management. Problem of Inconsistencies, Segregation and forming Integrity The administrator of the database system would have to make sure that the data is secured in a systematic and classified system (Borkar et al., 2012). The lack of segregation would result in the security issues of the database. The absence of segregation duties and administrator power would result in occurrence of frauds and theft. The database of the research process has to be consistent and compact for getting better results (de Melo et al., 2016). The database processing would be effective when the database is consistent and well maintained. However, the disruption in the data stored would result in abrupt database structure. It would lead to several issues including security issues. The data stored from various department of the BHP Billiton could be merged on a single platform (Ifinedo, 2014). The storage area of the data resource management would help in securing the data and forming an integrated storage for the BHP Billiton. It would ease the operations and increase the perfo rmance of the organization. Hence the security of the database and information in BHP Billiton is important. The best ways to protect against these threats are to protect web-facing databases with firewalls and to test input variables for SQL injection during development. Some other recommendations for security measures include Secret word Protection and Firewall implementation. These recommendations have been explained below: Secret word Protection: All records and assets must be ensured by passwords which meet the accompanying necessities, which must be naturally implemented by the framework: Must be no less than eight characters in length (Bielova, 2013) Must NOT be lexicon or basic slang words in any dialect, or be promptly guessable Must incorporate no less than three of the accompanying four attributes in any order, upper case letters, bring down case letters, numbers, and extraordinary characters, such as*!@#$%^*. Must be changed in any event once every year Firewall implementation: Database frameworks must be secured by a firewall which permits just those approaching associations important to satisfy the business need of that framework (Escobar-Alegria Frongillo, 2013). Customer frameworks which have no business need to give arrange administrations must deny every single approaching association. Frameworks that give arrange administrations must utmost get to those administrations to the littlest sensibly reasonable gathering of hosts that need to contact them. Conclusion The report has shown that the Data Resource Management has to face several issues like design failures, problems in deployment, database lost, data leaks, slackness in segregation, and inconsistencies. Hence the security of the information system must be made strong for protecting the information system from external hindrance. The data and information security could be established by the use of authentication, authorization, secret word protection, and firewall implementation. The security of the data resource management would help in avoiding the theft and fraud of data by hackers and cyber criminals, privacy and confidentiality of information and integrity in the database structure. References Al Ameen, M., Liu, J., Kwak, K. (2012). Security and privacy issues in wireless sensor networks for healthcare applications.Journal of medical systems,36(1), 93-101. Bielova, N. (2013). Survey on JavaScript security policies and their enforcement mechanisms in a web browser.The Journal of Logic and Algebraic Programming,82(8), 243-262.] Borkar, V., Carey, M. J., Li, C. (2012, March). Inside Big Data management: ogres, onions, or parfaits?. InProceedings of the 15th international conference on extending database technology(pp. 3-14). ACM. Brewster, C., Mayrhofer, W., Morley, M. (Eds.). (2016).New Challenges for European Resource Management. Springer. Chen, D., Zhao, H. (2012, March). Data security and privacy protection issues in cloud computing. InComputer Science and Electronics Engineering (ICCSEE), 2012 International Conference on(Vol. 1, pp. 647-651). IEEE. Davis, D. C., Squibb, J. (2015). Policies, Procedures, and Devices Used by US Hospitals for HiPAA Privacy and Security Compliance.Communications of the IIMA,4(2), 7. de Melo, G., Kacimi, M., Varde, A. S. (2016). Dissertation Research Problems in Data Management and Related Areas.ACM SIGMOD Record,44(4), 53-56. Donald, A. C., Oli, S. A., Arockiam, L. (2013). Mobile cloud security issues and challenges: A perspective.International Journal of Electronics and Information Technology (IJEIT), ISSN, 2277-3754. Escobar-Alegra, J. L., Frongillo, E. A. (2013). Sustainability of food-security policies during presidential transitions: Framework integrating socio-political and nutritional sciences.The FASEB Journal,27(1 Supplement), 620-2. Frankel, M. J. (2015). Hackers strike out: Recent cases of alleged sports analytics IP theft.Journal of Sports Analytics,1(2), 83-86. Ifinedo, P. (2014). Information systems security policy compliance: An empirical study of the effects of socialisation, influence, and cognition.Information Management,51(1), 69-79. Matsuda, H., Sawayanagi, K., Otake, T., Yoshida, O. (2013).U.S. Patent No. 8,589,545. Washington, DC: U.S. Patent and Trademark Office. McKenzie, J. F., Neiger, B. L., Thackeray, R. (2016).Planning, implementing evaluating health promotion programs: A primer. Pearson. Modi, C., Patel, D., Borisaniya, B., Patel, A., Rajarajan, M. (2013). A survey on security issues and solutions at different layers of Cloud computing.The Journal of Supercomputing,63(2), 561-592. Nabrzyski, J., Schopf, J. M., Weglarz, J. (Eds.). (2012).Grid resource management: state of the art and future trends(Vol. 64). Springer Science Business Media. Noshadi, H., Dabiri, F., Meguerdichian, S., Potkonjak, M., Sarrafzadeh, M. (2013). Behavior-oriented data resource management in medical sensing systems.ACM Transactions on Sensor Networks (TOSN),9(2), 12. Olanrewaju, R. F., Khan, B. U. I., Baba, A., Mir, R. N., Lone, S. A. (2016, July). RFDA: Reliable framework for data administration based on split-merge policy. InSAI Computing Conference (SAI), 2016(pp. 545-552). IEEE. Peltier, T. R. (2013).Information security fundamentals. CRC Press. Peltier, T. R. (2016).Information Security Policies, Procedures, and Standards: guidelines for effective information security management. CRC Press. Perlroth, N. (2013). Hackers in China attacked The Times for last 4 months.NY Times, Jan,30. Pitoura, E., Samaras, G. (2012).Data management for mobile computing(Vol. 10). Springer Science Business Media. Power, D. J., Sharda, R., Burstein, F. (2015).Decision support systems. John Wiley Sons, Ltd. Stakutis, C. J., Haselton, W. R., Stearns, K. M., Stuart, A. L., Marek, T. L. (2014).U.S. Patent No. 8,700,576. Washington, DC: U.S. Patent and Trademark Office. Storey, J. (2014).New Perspectives on Human Resource Management (Routledge Revivals). Routledge.