Transcript Systems Analysis & Design Sixth Edition Chapter 10 Phase Description ● Systems Operation, Support, and Security is the final phase in the systems development life.

Systems Analysis & Design
Sixth Edition
Chapter 10
Phase Description
● Systems Operation, Support, and
Security is the final phase in the systems
development life cycle (SDLC)
● You will be supporting a functioning
information system
● You continuously will assess and
improve the system, and you will be alert
to any signs of obsolescence
● You will also address multi-level security
issues
2
Chapter Objectives
● Explain how the systems operation,
support, and security phase relates to
the rest of the system development
process
● Describe user support activities,
including user training and help desks
● Discuss the four main types of system
maintenance: corrective, adaptive,
perfective, and preventive
3
Chapter Objectives
● Explain various techniques for
managing systems operation and
support
● Describe techniques for managing
system performance, including
workload measurement and capacity
planning
● Assess system security at five levels:
physical security, network security,
application security, file security, and
user security
4
Chapter Objectives
● List factors indicating that a system has
reached the end of its useful life
● Assess future challenges for IT
professionals as technology reshapes
the workplace
5
Introduction
● Now that the system is operational, the
real key question is whether or not the
system meets user expectations,
supports business objectives, and is
secure
● Systems must be maintained and
improved continuously to meet
changing business demands, and users
constantly require assistance
6
Overview of Systems Support and
Maintenance
● The systems operation, support, and
security phase begins when a system
becomes operational and continues until
the system reaches the end of its useful
life
● After delivering the system, the analyst
has two other important tasks: he or she
must support users and provide
necessary maintenance to keep the
system operating properly
7
User Support Activities
● User Training
– In addition to the initial training that is performed
when a new system is introduced
– New employees must learn how to use the
company’s information systems
– User training package
– Training users about system changes is similar
to initial training
8
User Support Activities
● Help Desks
– Also called information center (IC)
– Enhance productivity and improve
utilization of a company’s information
resources
– Might have to perform the following tasks:
• Show a user how to create a data query or
report that displays specific business
information
• Resolve network access or password problems
• Demonstrate an advanced feature of a system
or a commercial package
• Help a user recover damaged data
9
User Support Activities
● Online Chat Support
– Interactive support also can be delivered in the
form of an online chat
– Virtual Classroom
10
Maintenance Activities
● The systems operation, support, and
security phase is an important
component of TCO (total cost of
ownership) because ongoing
maintenance expenses can determine
the economic life of a system
● Operational costs
● Maintenance expenses
● Maintenance activities
11
Maintenance Activities
● Corrective Maintenance
– Diagnoses and corrects errors in an operational
system
– Can respond to errors in various ways,
depending on nature and severity of the problem
– In a typical procedure, a user submits a systems
request that is evaluated, prioritized, and
scheduled
12
Maintenance Activities
● Adaptive Maintenance
– Adds enhancements to an operational
system and makes the system easier to use
– The procedure for minor adaptive
maintenance is similar to routine corrective
maintenance
– Can be more difficult than new systems
development because the enhancements
must work within constraints of an existing
system
13
Maintenance Activities
● Perfective Maintenance
– Involves changing an operational system to
make it more efficient, reliable, or maintainable
– Can improve system reliability
– Cost-effective during the middle of the system’s
operational life
14
Maintenance Activities
● Perfective Maintenance
– Software reengineering
– Depending on results of software
reengineering, the system might be revised,
migrated to a different environment, or
replaced altogether
– Programs that need a large number of
maintenance changes usually are good
candidates for reengineering
15
Maintenance Activities
● Preventive Maintenance
– Requires analysis of areas where trouble is
likely to occur
– IT department normally initiates preventative
maintenance
– Often results in increased user satisfaction,
decreased downtime, and reduced TCO
– Sometimes does not receive the high priority it
deserves
16
Managing System Support
● Maintenance Team
– System administrator
– Systems analysts
• Analysis
• Synthesis
– Programmers
•
•
•
•
Applications programmer
Systems programmer
Database programmer
Programmer/analyst
17
Managing System Support
● Maintenance Team
– Organizational issues
• IT managers often divide systems analysts and
programmers into two groups: one group performs new
system development, and the other group handles all
maintenance
• Many analysts feel that maintenance work is less
attractive than developing new systems
• One disadvantage of rotation is that it increases
overhead costs
18
Managing System Support
● Managing Maintenance Requests
–
–
–
–
–
–
Involves a number of steps
Maintenance request
Initial determination
Role of the systems review committee
Completion of the work
User notification
19
Managing System Support
● Establishing Priorities
– Systems review committee separates
maintenance requests from new systems
development requests when evaluating
requests and setting priorities
– Many IT managers believe that evaluating
projects together leads to the best possible
decisions
– Neither approach guarantees an ideal
allocation between maintenance and new
systems development
20
Managing System Support
● Configuration Management
– Configuration management (CM)
– As enterprise-wide information systems grow
more complex, configuration management
becomes critical
– Most maintenance projects require
documentation changes
21
Managing System Support
● Maintenance Releases
– Maintenance release methodology
– Maintenance release
– A numbering pattern distinguishes the different
releases
– Reduces the documentation burden
– New features or upgrades are available less
often
– Service packs
22
Managing Systems Support
● Version Control
– Version control is the process of tracking system
releases
– Systems librarian
– Archived
● Baselines
– Functional baseline
– Allocated baseline
– Product baseline
23
Managing System Performance
● A system’s performance directly affects
users who rely on it to perform their job
functions
● To ensure satisfactory support for
business operations, the IT department
monitors current system performance
and anticipates future needs
● Benchmark testing
24
Managing System Performance
● Performance and Workload Measurement
– Response time
– Bandwidth and throughput
• Kbps (kilobits per second)
• Mbps (megabits per second)
• Gbps (gigabits per second)
25
Managing System Performance
● Performance and Workload
Measurement
– Turnaround time
● Capacity Planning
– What-if analysis
– You need detailed information about the
number of transactions; the daily, weekly, or
monthly transaction patterns; the number of
queries; and the number, type, and size of all
generated reports
26
Managing System Performance
● Capacity Planning
27
Managing System Performance
● System Maintenance Tools
– Many CASE tools include system evaluation
and maintenance features
– In addition to CASE tools, you also can use
spreadsheet and presentation software to
calculate trends, perform what-if analyses, and
create attractive charts and graphs to display
the results
28
System Security
● Physical Security
– First level of security concerns the physical
environment
– Computer room
– Physical access to a computer represents an
entry point into the system and must be
controlled and protected
29
System Security
● Physical Security
– Computer room security
• Biometric scanning systems
• Motion sensor
– Servers and desktop computers
•
•
•
•
•
Keystroke logger
Tamper-evident cases
BIOS-level password
Boot-level password
Power-on password
30
System Security
● Physical Security
– Notebook computers
• Select an operating system that allows secure logons
and BIOS-level passwords
• Mark or engrave the computer’s case with the
company name and address, or attach a tamper-proof
asset ID tag
• Universal Security Slot (USS)
• Back up all vital data
31
System Security
● Physical Security
– Notebook computers
• Use tracking software
• While traveling, try to be
alert to potential high-risk
situations
• Establish stringent
password protection
policies
32
System Security
● Network Security
–
–
–
–
Network
Traffic
Network interface
Encrypted
33
System Security
● Network Security
– Encrypting network
traffic
• Unencrypted – plain
text
• Public key encryption
(PKE)
• Public key
• Private key
• Wi-Fi Protected
Access (WPA)
• Wired Equivalent
Privacy (WEP)
34
System Security
● Network Security
– Private networks
– Virtual private networks
• Virtual private network (VPN)
• Tunnel
35
System Security
● Network Security
– Ports and services
•
•
•
•
•
•
Port
Destination port
Service
Port scans
Denial of service (DOS)
Distributed denial of service (DDOS)
36
System Security
● Network Security
– Firewalls
• Firewall
• Rules – protocols
• Firewalls can be configured to detect and respond to
DOS attacks, port scans, and other suspicious activity
37
System Security
● Application Security
– Services
• Security hole
• Administrator – super-user
• Permissions
– Input validation
– Patches and updates
• Patches
• Third-party software
• Automatic update service
38
System Security
● File Security
– Safety and protection of files is a vital element in
any computer security program
– Permissions
– User Groups
39
System Security
● User Security
– Privilege escalation attack
– Identity management
– Password protection
• AOL PassCode®
– Social engineering
– User resistance
40
Backup and Disaster Recovery
● The heightened focus on disaster
recovery has spawned a whole new
disaster recovery industry, which
includes many new tools and techniques
41
System Obsolescence
● Even with solid support, at some point
every system becomes obsolete
● Signs:
1. The system’s maintenance history indicates
that adaptive and corrective maintenance is
increasing steadily
2. Operational costs or execution times are
increasing rapidly, and routine perfective
maintenance does not reverse or slow the
trend
42
System Obsolescence
● Signs:
3. A software package is available that provides
the same or additional services faster, better,
and less expensively than the current system
4. New technology offers a way to perform the
same or additional functions more efficiently
5. Maintenance changes or additions are difficult
and expensive to perform
6. Users request significant new features to
support business requirements
43
System Obsolescence
● Systems operation and support
continues until a replacement system is
installed
● At some point in a system’s operational
life, maintenance costs start to increase,
users begin to ask for more features and
capability, new systems requests are
submitted, and the SDLC begins again
44
Facing the Future: Challenges and
Opportunities
● Predictions
– It is clear that companies will continue to face
intense competition and global change,
especially in the wake of economic, social,
and political uncertainty
– It is interesting to note that some observers,
such as Bill Joy, wonder whether technology
is moving so fast that humans will be left
behind
– What does seem clear is that the future world
of IT must be envisioned, planned, and
created by skilled professionals
45
Strategic Planning for IT
Professionals
● An IT professional should think of himself
or herself as a business corporation that
has certain assets, potential liabilities,
and specific goals
● Working backwards from your long-term
goals, you can develop intermediate milestones and begin to manage your career
just as you would manage an IT project
● Planning a career is not unlike planting a
tree that takes several years to reach a
certain height
46
IT Credentials and Certification
● Credentials
● Certification
● Many IT industry leaders offer
certification, including Microsoft, Cisco,
Novell, Oracle, and Sun Microsystems
47
Chapter Summary
● Systems operation, security, and support
covers the entire period from the
implementation of an information system until
the system no longer is used
● A systems analyst’s primary involvement with
an operational system is to manage and solve
user support requests
● A maintenance team consists of one or more
systems analysts and programmers
48
Chapter Summary
● Systems analysts need the same talents and
abilities for maintenance work as they use
when developing a new system
● Configuration management is necessary to
handle maintenance requests
● System performance measurements include
response time, bandwidth, throughput, and
turnaround time
● All information systems eventually become
obsolete
49
Chapter Summary
● An IT professional should have a
strategic career plan that includes longterm goals and intermediate milestones
● An important element of a personal
strategic plan is the acquisition of IT
credentials and certifications that
document specific knowledge and skills
● Chapter 10 complete
50