Discuss about the Automated Information Systems.
Technology is witnessing a lot of improvement in the recent years. There are newer Automated Information Systems (AIS) and Enterprise Resource Planning (ERP) systems that are being developed and implemented in the business organizations. Information Technology (IT) along with the Information Systems (IS) having revolutionized the business operations and practices that are being carried out. Earlier, there were manual processes that were carried out in the industrial sectors leading to numerous errors in terms of data handling and management, operation execution, and others. However, with the implementation of AISs, the business organizations have succeeded in overcoming such issues. Library management is one such area that has observed multiple changes and transformations with the use and implementation of AIS. There are various benefits that are provided by these automated systems and their implementation in the libraries. Some of these benefits include increase in the processing speed, better user engagement and satisfaction, automated data management, streamlining of the operations, and likewise. The report covers the business processes, requirements, and examples of such applications in the market, technological efficiencies, security risks and risk management.
There are numerous business processes and activities that are carried out in a library and these are summarized below.
- Data and information management of the readers, books, journals, papers, staff members, and other content included in the library.
- Processing and management of the payment for registration of a member in the library, fee for book/journal/paper, or penalties applied (Balnaves, 2008).
- Stock management activities and updating of the records in the system.
- Supply chain activities and processes
- Book reservation and recovery system
- Search processes on the basis of author, name, category, date of publication, publisher, etc.
- Report extraction and management
It is necessary for the business requirements to meet the business processes that are summarized above for the libraries. The primary goal of any library is to offer the readers with the material that they wish to read. The information management plays a significant role in the case of libraries and it shall be included in the business requirements as a top priority (Seethamraju, 2012). There are varied sets of information associated with the libraries and it is extremely necessary to adequately organize and manage these information sets. Some of these include member details, subscription information, information on the books/journals/articles/papers, details of the staff members and likewise.
System Requirements from Automated Information Systems
The automated information systems that are implemented in the libraries must be designed and developed as per the functional and system aspects to make sure that the business processes are included in the same. There shall be login functionality provided to the system for allowing only the authorized entities, such as members of the library and the staff of the library to access the system. The library catalog shall be included in the system to allow the reader to view the same and search for specific books or articles or journals on the basis of the author name, publication date, publisher name, and other filters. The member shall also be able to rent out a specific book or article for specified period of time and shall be able to check the availability of the same. The reservation and recovery requirement shall be included to keep a track of the due date of delivery and the application of penalty in case of delay (Stilwell and Hoskins, 2012). The system shall also provide the staff members with automated reports on the basis of the member choices and preferences along with the stock details. The stock and supply chain management functionalities shall also be implemented for the staff members and the admin. There must be payment gateways integrated in the system to allow the members to pay for their registration or subscription using the information system’s portal. The members shall be able to interact with the staff members using the chat functionality and shall also be allowed to provide their feedback or request through the system.
There are also a lot of non-functional requirements and aspects that are associated with automated information systems and these aspects shall be included in the system.
- The automated information system that will be installed in the library shall include performance as a significant non-functional requirement so that there is no adverse impact of decrease or increase in load and there is minimal response and throughput time maintain all throughout.
- The system shall include reliability as one of the essential and significant non-functional requirement so that the information associated with the library is always updated in the system and the updated details are provided to the users.
- The automated information system that will be installed in the library shall include usability as a significant non-functional requirement so that the business processes and functional aspects included are as per the needs of the users.
- The system shall include security as one of the essential and significant non-functional requirement so that the information and data sets are protected and safe from any of the security attacks.
- The automated information system that will be installed in the library shall include maintainability as a significant non-functional requirement so that the updates and patches can be conveniently installed.
- The system shall include scalability as one of the essential and significant non-functional requirement so that the system changes may be incorporated and the system may be scaled up or down as per the need.
- The automated information system that will be installed in the library shall include availability as a significant non-functional requirement so that the system is operational and accessible at any hour of the day and from any location as well.
- The system shall include platform-independence as one of the essential and significant non-functional requirement so that the system may be accessed by the users on any of the operation system or platform without any issues in the performance.
Software and Vendor Selection: Insignia Software
Automated library management software is required to ensure that the business processes and business requirements are met by the software. There are several vendors in the market that offer these services to the users and one such popular name is Insignia Software. There are some of the unique features that are provided by Insignia that has made it a known name in the market.
- It is extremely scalable in nature and can be installed for a single or multiple libraries for an organization.
- It offers browser-based and cross-platform access to the users.
- Collection analysis, federated search, discovery layer, and inventory management are some of the distinguished features (Insigniasoftware, 2018).
- It offers easy cataloging and secure data management.
- There are automated reports that can be extracted from the system.
- Easy to use and self-explanatory features.
Open Source Automated Library System (OPALS)
With the enhancement in technology, there are a lot of vendors that have entered in the market that provide the users with automated library management systems. However, not all of these vendors have been successful. The ones that have been able to target the user requirements and demands have been able to establish a distinguished name in the market. OPALS is one such name that has set itself apart due to the abundant and latest set of features that it provides.
- It is an open-source system so the users can avail the same without having any impact on the budget constraints.
- It is a web-based system so it is easily accessible from any location and at any time.
- Online public access catalog feature is included in the system (Opalsinfo, 2018).
- The reports, such as item acquisitions list, lost items, damaged items, copyright details, etc. can be extracted from the system.
- Quick deletion utility is integrated in the system.
- Equipment and asset management
- Easy circulation
- Management of the textbooks
Automated library management software is required to ensure that the business processes and business requirements are met by the software. There are several vendors in the market that offer these services to the users and one such popular name is Koha Software. There are some of the unique features that are provided by Koha that has made it a known name in the market.
- The software is open-source in nature and can be easily downloaded from the website of the software.
- The design is based on the industry standards and guidelines. The best practices have been followed by the developers (Koha, 2018).
- There is a 24x7 support service available for the users.
- It offers easy cataloging and secure data management.
- The software is platform-independent in nature.
- Easy cataloging and management.
With the enhancement in technology, there are a lot of vendors that have entered in the market that provide the users with automated library management systems. However, not all of these vendors have been successful. The ones that have been able to target the user requirements and demands have been able to establish a distinguished name in the market. Libero is one such name that has set itself apart due to the abundant and latest set of features that it provides.
- It is a hosted solution and can be accessed in a web browser.
- It can be accessed on the desktop as well as mobile platforms as the design is responsive in nature.
- The search functionality included in the software included abundant search options and there are also a wide variety of sort & filter options included (Libero, 2018).
- Public libraries can also be accessed using the software.
- Customization and personalization features are included in the software.
- Equipment and asset management
- Easy circulation and management of the textbooks
Utilization of Technology – System Acquisition Methods
There are scenarios with the libraries wherein it becomes urgent to install the automated systems to ensure that the business continuity is maintained. These are the case in which packages purchasing shall be opted as an option. These are the packages that are ready to install and are also tested beforehand to ensure that there are no bugs present in the package. The reliability level of these packaged software are high. There is also a lot of information that may be collected from the market sources about the package and the decision may accordingly be taken. The one drawback of this case is the non-adherence to the specific requirements of the industry.
This is one of the widely used methods that is adopted by the libraries as the specific skills to design and develop an automated software is absent from the libraries. In such cases, there are third-parties that are contacted and the task of developing the required software is provided to them. In such cases, the end-product is as per the demands of the end-user; however, this option may be high in terms of the costs.
Custom Developed Software
Another method that the libraries can go for is the use and implementation of custom developed software. It is the case in which pre-designed software is implemented with certain changes and modifications as per the requirements of the library. The software vendors make the changes as listed by the library owners and managers and the delivery is quickly made. These options may turn out to be expensive as there will be varied costs involved with the same in terms of cost of development and customization, cost of resources, and cost of design. However, the end-product will meet the demands of the users.
- The libraries that will be deploying the automated software will have certain constraints in terms of costs and schedule. These constraints shall be matched up.
- The resources and members of the staff engaged with the libraries may or may not be technically efficient. Therefore, the software shall have easy features and layout for the users.
- There may be certain technological changes in terms of the environment that may be required to be done. These changes shall be communicated in advance.
- The network requirements of the software may also be different from the existing applications which shall be included before the deployment of the system.
- The existing technical tools and applications must be compatible with the new system being installed.
Potential Security Risks and Data Breaches
The automated information system that will be developed and implemented in the library will involve the use of various technologies, such as wireless networking, cloud computing, database management systems, and likewise. With the inclusion of such technologies, there will be numerous risks on the security and privacy of the information sets that will be witnessed. These risks will impact the essential properties of the information and data sets, such as confidentiality, integrity, and availability of the information.
The most common form of security attack that may take on the automated information systems, such as the one being developed for the library will be data and information breaches. The information targeted in this case may be user details, library catalog, payment information, and likewise. The attack may take place due to the various access points present in the system or the network being used to access the same (Wood, 2016).
There may be unauthorized network monitoring and information tracking activities being performed by the malevolent entities through the forms of the attacks, such as eavesdropping attacks and man in the middle attacks.
There are business intelligence tools and concepts that will be integrated in the automated information system developed for a library. These may bring up the data mining threats and attacks in terms of data analytics issues, data leakages, and likewise (Amato, 2016).
There are a lot of malware codes and programs that have been developed by the malevolent entities, such as viruses, ransomware, spyware, worms, logic bombs, and many others. The malware codes target specific areas of the system or the system as a whole and may be reproducible as well. These malware codes may target the confidential information associated with the library and may turn out to be extremely dangerous.
There will be a lot of information exchange and transmission of the messages that will be observed in the automated information system that will be developed for the library. The exchange of messages may be between a member of the library and the staff member in terms of enquiries or support messages. The malevolent entities may perform unauthorized alteration to these messages which may disturb the integrity of the data and information sets (Microsoft, 2016).
There will be a lot of information exchange and transmission of the media contents that will be observed in the automated information system that will be developed for the library. The exchange of media may be between a member of the library and the staff member in terms of files or images. The malevolent entities may perform unauthorized alteration to these media contents which may disturb the integrity of the data and information sets (Aws, 2016).
These are the forms of security attacks in which the availability of the automated system developed for the library may be put at risk. The attackers may launch garbage traffic on the system which may lead to the situation of a breakdown.
There will be many servers that will be involved with the system, such as database servers, file servers, exchange mail servers, and likewise. The impersonation on these servers may be carried out by the attackers (Mahmoud, 2015).
It would be essential for the automated information system to follow and adhere to specific quality policies and standards. The QoS abuse may be done to disturb the same (Panetta, 2016).
Protection Measures for Mitigation of the Risks
The security risks and attacks that are identified shall be handled and managed using a defined risk management process. It shall include the steps as risk identification, risk assessment and evaluation, risk response & treatment, risk monitoring, and risk closure.
The mitigation of the risks that have been listed above shall be done on the basis of the use of several administrative, technical, and physical controls. The mitigation mechanisms are as listed below.
- There are a lot of automated tools and software developed to ensure that the attacks on confidentiality and integrity of the data and information sets are avoided. The libraries must ensure that they implement anti-malware and anti-denial tools.
- There shall be advanced authorization and access control measures adopted with the use of secure log in functionality, multi-fold authentication, discretionary access control, and role based access control (Lu, 2014).
- Most of the security threats and attacks that have been identified above make use of network as the threat agent. It would be required by the libraries to make sure that Virtual Private Networks are used to access the same. Also, the use of firewalls and proxy servers will be essential. There are also a lot of automated network security tools, such as network based intrusion detection system, network based intrusion prevention system, network scanner, network monitors, and log maintenance that shall be done (Jing, 2014)
- Cryptography and the encryption of the data sets must be ensured for the data stored in the database and for the data in transmission as well. There shall be encryption algorithms, such as advanced encryption algorithm, data encryption standard, and hashing algorithms that shall be used.
- The library may not have a security analyst or expert engaged before the implementation of the automated information system. However, security reviews and audits will be necessary to be carried out. A technical resource must perform the same or an external resource shall be hired by the library for this purpose.
- Technology is witnessing a lot of change and the system must maintain pace with these changes. There shall be updates and patches that must be installed on the system as per the changes in technology.
- The system data and information sets shall always be kept protected by using automated tools for data backups (Bhabad, 2016).
Recommendations & Conclusion
There are a number of software vendors that have been recommended in the report. The one that shall be used for the library shall be OPALS. The recommendation has been provided because the software is an open-source system so the users can avail the same without having any impact on the budget constraints. It is a web-based system so it is easily accessible from any location and at any time. There are also methods suggested for acquiring the system. The one recommended is custom made software to be implemented. OPALS shall be implemented with a few changes as per the configuration necessary for the library and inclusion or exclusion of the feature set accordingly.
The primary goal of any library is to offer the readers with the material that they wish to read. The information management plays a significant role in the case of libraries and it shall be included in the business requirements as a top priority. The library catalog shall be included in the system to allow the reader to view the same and search for specific books or articles or journals on the basis of the author name, publication date, publisher name, and other filters. The member shall also be able to rent out a specific book or article for specified period of time and shall be able to check the availability of the same. The non-functional requirements, such as performance, scalability, availability, reliability, security, etc. shall also be maintained. It is necessary for the business requirements to meet the business processes for the libraries. The stock and supply chain management functionalities shall also be implemented for the staff members and the admin.
Amato, N. (2016). The hidden costs of a data breach. [online] Journal of Accountancy. Available at: https://www.journalofaccountancy.com/news/2016/jul/hidden-costs-of-data-breach-201614870.html [Accessed 17 May 2018].
Aws (2016). Overview of Security Processes. [online] Available at: https://d0.awsstatic.com/whitepapers/aws-security-whitepaper.pdf [Accessed 17 May 2018].
Bhabad, M. (2015). Internet of Things: Architecture, Security Issues and Countermeasures. [online] Available at: https://www.ijcaonline.org/research/volume125/number14/bhabad-2015-ijca-906251.pdf [Accessed 17 May 2018].
Jing, Q. (2014). Security of the Internet of Things: perspectives and challenges. [online] Available at: https://csi.dgist.ac.kr/uploads/Seminar/1407_IoT_SSH.pdf [Accessed 17 May 2018].
Lu, C. (2014). Overview of Security and Privacy Issues in the Internet of Things. [online] Available at: https://www.cse.wustl.edu/~jain/cse574-14/ftp/security.pdf [Accessed 17 May 2018].
Mahmoud, R. (2015). Internet of things (IoT) security: Current status, challenges and prospective measures - IEEE Xplore Document. [online] Ieeexplore.ieee.org. Available at: https://ieeexplore.ieee.org/document/7412116/ [Accessed 17 May 2018].
Microsoft (2016). Core Infrastructure Optimization: IT & Security Processes - Best Practices for Business IT. [online] Available at: https://www.microsoft.com/india/infrastructure/capabilities/itprocesses.mspx [Accessed 17 May 2018].
Panetta, K. (2016). Gartner's Top 10 Security Predictions 2016 - Smarter With Gartner. [online] Smarter With Gartner. Available at: https://www.gartner.com/smarterwithgartner/top-10-security-predictions-2016/ [Accessed 17 May 2018].
Seethamraju, R. (2012). Business process management: a missing link in business education. Business Process Management Journal, 18(3), pp.532-547.
Wood, P. (2016). Social hacking: The easy way to breach network security. [online] ComputerWeekly. Available at: https://www.computerweekly.com/tip/Social-hacking-The-easy-way-to-breach-network-security [Accessed 17 May 2018].