Enterprise systems and information security in business

Chapters 8 & 9 Discussion You are working for a fastgrowing online retailer called LoneStar Home & Tech, which sells home goods and consumer electronics across the United States. This is a hypothetical company and scenario created for this class. LoneStar has expanded quickly, but its information systems have not kept up: Different departments (sales, warehouse, purchasing, and customer service) use separate, disconnected systems and spreadsheets to manage orders, inventory, and customer information. The company recently suffered a ransomware attack that shut down its ordering website for two days and may have exposed some customer data. Basic antivirus and firewalls were in place, but there was no clear security policy, no regular patch management, and no formal incident response plan. The supply chain is struggling: popular items are often out of stock, while slowmoving items pile up in the warehouse. Each part of the supply chain (purchasing, warehouse, and shipping) forecasts demand separately, and small changes in customer demand seem to cause big swings in orders to suppliers. Customer service agents cannot see a complete history of each customers orders and interactions. Marketing sends the same promotions to all customers, and the company has limited insight into which customers are most valuable or at risk of leaving. Top management is considering three major changes: 1. Implementing an enterprise resource planning (ERP) system to integrate finance, operations, supply chain, and sales. 2. Strengthening information security and controls, including security policies, risk assessment, and new technologies such as improved firewalls, intrusion detection, and better identity and access management. 3. Investing in customer relationship management (CRM) and better supply chain management (SCM) tools to improve demand planning, inventory management, and customer loyalty. Question 1 LoneStar’s leaders argue that “more antivirus software” is enough to prevent future incidents. Using concepts from Chapter 8, explain why this view is too narrow. In your answer, refer to at least two categories of threats or vulnerabilities (for example, internal threats, software vulnerabilities, wireless/network vulnerabilities, or social engineering). Question 2 LoneStar is considering an ERP system to link sales, inventory, purchasing, and finance, and SCM tools to better manage suppliers and inventory. Explain one important way an enterprise system (ERP) could improve LoneStars internal operations and decisionmaking (for example, reducing data silos, improving realtime visibility, or enforcing standard processes). Be specific to the scenario. Question 3 Customer Relationship Management and Business Value (Chapter 9) Right now, LoneStar treats all customers essentially the same and has limited insight into loyalty or customer lifetime value. Identify one way an operational CRM system (for sales, service, or marketing) could directly improve LoneStars interactions with customers (for example, more personalized service, better handling of complaints, or more targeted campaigns).