Your team has been researching and discussing three bookstores throughout the course to apply the concepts presented. For
this assignment, you will continue to apply those concepts in a final paper.
Write a paper of no more than 550 words in which you discuss one of the bookstores, use the SDLC method to implement a
new technology into the bookstore, and detail a disaster recovery plan for the bookstore.
Discuss Powell’s bookstores based on the research and evaluation in your Learning Team.
• Introduce your selected bookstore.
o Who and what is the bookstore? What is their mission?
o What products do they sell?
o Who are their customers?
o Explain their website.
• Color
• Navigation
• Ease of using the tools; for example, using credit cards for purchases
Detail a disaster recovery plan for your selected bookstore and include the following:
• Types of disasters and threats
• People involved and their roles
• Assets to protect including information
• Data policy definitions
• Necessary response plans in case of a disaster
Powell’s book stores: work done in the past 3 weeks.
Paper 1
Michael Powell had started a bookstore in Chicago, Illinois, in 1970 which specialized in used, rare and
discounted books, primarily of an academic and scholarly nature. Although Michaels father gave him the idea of bringing
in new books to mix with the old ones, Michael said the idea was crazy but went with it. Used book sellers in the region
say it’s become increasingly difficult to compete with Powell’s because of its vast inventory — more than 4 million
titles in stock — and the company’s ability to undercut rivals’ prices. After Emily Powell succeeded her father Michael
Powell, she faced many challenges in running the country’s largest, and under her management.
Powell’s is the largest independent chain of bookseller’s in the world. It is centered in the Portland, Oregon metro are
and is unique. The bookstore has gained fame over the years and has become known as “Powell’s City of Books.” Being a
smaller, independent bookstore, Powell’s has an advantage over big chain stores whose market share flounders from time to
time. As for their ability to compete in new technology markets and real world day to day book sales, Powell’s does offer
online purchasing with the top name Author’s and books that people love today. You have options, as most stores to buy
via credit card, PayPal, as well as using gift cards for store purchases. The use of computers and their ability to
function with a website, showing inventory, means that a data entry process is in place and managed by a set of
individuals who update and process the book inventory.
In 1994, Powell’s bookstore went online after six store locations, four full-service stores, two specialty stores and
Powells.com website. The current website features a search engine where you can search over millions of titles, old and
new. Within ten years, the company’s online operation had dozens of employees and was operating out of a
60,000-square-foot warehouse. In that same year, Powell.com Web site got its start before Amazon with online 20%-25% of
sales. With her marketing skills and ideas, she transformed the stores into a big power in the ways the stores sell the
e-book and successfully sustain the operational efficiencies of the online stores for decades. Powell’s moved to Google
eBooks because of its simplicity and started experimenting with digital integration in the store and store integration on
its Web site. The use of QR codes (Quick Response codes) was recently introduced to the stores as well as on Powells.com
in conjunction with a free Powell’s Meridian iPhone app from developer Spotlight Mobile. Powell’s bookstores released an
app in 2011 which provides customers navigate the flagship store and locate a specific title and link to Powells.com.
Powell’s is considering an Apple-inspired Genius Bar to help customers find books.
Independent bookstores such as Powell’s and large chains such as Amazon and Barnes and Noble have one thing in common,
they all use Point of Sale software. Bookstores have such large inventories that without this type of software there
would be no way to manage inventory. These systems can be used to maximize just about any type of business, but
bookstores might make use of them the best. A point of sale software is everything needed to get a customer through the
checkout process in a fast and efficient manner. Payment processing hardware would include cash drawers, receipt
printers, computers and scanners.
Powell’s uses the Indaba software to manage their inventory, simultaneously list products, competitively price products,
store shipping information and manage customer emails. “The software can scan inventory, and Indaba lists is on sites
chosen, configures pricing according to the rules implemented, and tracks each order as it is shipped to the customer”
(2015). The Indaba software is a one stop shop tool. Indaba information system database software is built on a
client/server foundations which use SQL server technology. This software allows replication of your inventory and keeps
an updated backup on the server. The servers are based in a tier 2 data center and allow an up-time of 99.9 percent.
Powell’s has become one of the largest independent bookstores in the world because of its organized payment processing
hardware and exceptional inventory management. Consistent excellent customer service keeps their customers returning.
Retrieved from http://www.publishersweekly.com/pw/by-topic/industry-
news/bookselling/article/46704-lessons-from- powell-s-books.
Indaba System – Software. (2015). Retrieved from http://www.goindaba.com/
Retrieved from http://en.wikipedia.org/wiki/Powell%27s_Books
http://content.time.com/time/travel/cityguide/article/0,31489,1975826_1975753_1975580,00.ht ml
Paper 2
The team’s objective for week three is to discuss how and when to use Internet technologies in business; determine
collaboration tool needs based on business functions; we are asked to explain with how the Powell’s bookstores utilize
various software and hardware by determining the appropriate databases and data communication architectures, utilizing
the internet and other collaborative tools, as well as discussing the company’s business objectives, vision and mission
of the companies.
Powell’s bookstore has been a long standing independent bookstore for many years. Throughout time, Powell’s has made
strides to become more innovative and efficient in their ability to remain a staple in the independent seller market.
With new technology and large chain bookstore, Powell’s adjusted its sales approach and went to the internet technologies
available. The use of computers and its multiple functions have given rise to the success of internet sales and
marketing. Powell’s has adopted the Indaba system and in doing so they can manage the sales in a greater capacity. The
use of the Indaba software as a management inventory tool has allowed them to reach maximum customers in one place, with
just a few easy steps. The process of listing books as inventory listings and accessory products have given them the
flexibility to manage their sales point and integrate a shipping and customer feedback feature that is monitored via an
email line. The software simply allows them to scan their inventory, and Indaba lists it on their website. Powell’s can
configure pricing according to the rules they’ve implemented, and tracks each order as it is shipped to the customer.
Indaba has long-standing relationships with leading online marketplaces and shopping networks around the world, and that
alone is a benefit to Powell’s.
Most recently in the past five years, Powell’s has seen its share of problems like the big chain bookstores. Back in
2010, Powell’s had to lay off 31 of its employees, or at that time 7% of its workforce. Although they are not in dire
straits of losing market share, Powell’s has made an impact in its own financial and business objectives. The initial
stages were when they began with the computer age and marketed their business to online sales, as well as repeat business
of the locals coming in to get the books first hand. The strong financial backing of years of success has Powell’s’ in a
good cash position to continue to thrive as a successful bookseller and remain a favorite. In addition to the Meridian
app and its technological changes they have adopted and use of internet sales, they are also considering an
“Apple-inspired Genius Bar” to help customers find books in that new way. “We have a lot on our plate right now,” says
Powell. Not least of which is some pain for management with pay freezes set to go into effect on July 1, 2012. Since
then, the online launch was successful, and they have begun to make progress and remain a profitable organization.
Powell’s is serious about their mission and vision of taking pride in reaching their social responsibility in fighting
censorship and to encourage authors and their works of writings. Promoting literary awareness in positive reinforcement
in helping children obtain the knowledge of reading material appropriate for their age.
Powell’s is committed to the community and their industry in their effort to become a leader in supporting public
schools and libraries. They also support numerous organizations and promote reading programs that help children of all
ages. From literacy programs, speech issues and civil right causes, Powell’s is there to help out with open arms.
Powell’s books understand the righteousness of reaching out and helping the community, in recent years they have donated
over 40,000 books to public schools. One challenging program that Powell’s operates is the Community Giving Program which
goes by the slogan of “It’s for Kids”, campaign. Through hard work and great effort, Powell’s is giving back to their
community and promoting their industry in highlighting the importance of reading in every person’s life.
Powell’s bookstore launched their online site in 1994. The Windows program crashed after the first order was placed.
Knowing the growing online business opportunities, Powell’s acted quickly and hired two full-time employees to manage the
online site. One employee managed the programming, and the other managed the orders. In January of 1995 sales were at
8,000.00 and 470 online searches were made per day. With the increased online traffic, Powell’s decided to add eight
more employees to the internet team. By 1998, online sales accounted for 3% of Powell’s total revenue and continued to
double more than in the years to follow. With the consistent growth of online customers, a blog was added to engage
customers even more. The blog includes categories such as interviews, original essays, Q&A, playlist, required reading
and ask a book buyer. Customers and Powell’s employees can communicate amongst each other on the blogs and social media
sites. The online website provides a direct link to Facebook, Twitter, and Pinterest. The use of the internet and
collaboration tools gives people from all over the world the opportunity to communicate with each other.
Powell’s clear understanding of technologies in managing operations is a primary means of sustainability.
Computer technology allows management to make strategic decisions and to effectively utilize time and resources to
overcome intimidating tasks. The Use of Databases and Data Communication Technologies like all other business operations,
Powell’s utilizes its Data Information Technology (IT) and Databases to retrieve, transmit, manipulate, and distribute
useful information through secure channels made accessible to employees. Information Networks are the life lines for all
businesses to connect with their employees, suppliers, and customers. The Data Communication is either shared via the
intranets from peer to peer (P2P) or the Internet in business to customer (CRM- customer relationship management), and
business to supplier (EDI-electronic data exchange) transactions. Management on all levels uses different systems in
their data communication such as:
Wireless communications in which allows employees to get information when and where it is needed.
Management Information Systems (MIS) transform data into workable information for employees to use.
Executive Information Systems (EIS) is utilized by upper management to focus on development and business strategies.
4-Transaction processing systems (TPS) help management to handle routine accounting transactions.
Decision Support Systems (DSS) assists management to evaluate non-routine and alternative decisions.
With the success of new ideas, new hardware and software, Powell’s has become a sufficient business. An increase in
sales, due to the current internet technology is available. With the aftermath of 2010 and laying off personnel, the
innovative thinking of the owner, Powell’s bookstore was able to streamline and advance sales using internet technology
enabling them to hire more people in creating jobs for the community. Powell’s continues to take pride in helping the
community and striving to keep their passion for books to be in the hearts of every person’s passion for reading. The
success of Powell’s selfless service to organize literacy and challenge programs to help kids read remains a top priority
in their mission and vision. Through their book donations to local high schools and libraries, Powell’s remains a
favorite in the public’s eye. Powell’s has committed themselves to constantly adapt to the changing ages of computer
technology and the world of the internet, maintaining their integrity and strong willingness to help their community is
what makes Powell’s bookstore an exciting business for anyone to enjoy via online or within their stores.
References
Retrieved from: http://www.powells.com/info/community.html
Retrieved from http://www.publishersweekly.com/pw/by-topic/industry-
news/bookselling/article/46704-lessons-from- powell-s-books.
Indaba System – Software. (2015). Retrieved from http://www.goindaba.com/
Retrieved from http://en.wikipedia.org/wiki/Powell%27s_Books
http://content.time.com/time/travel/cityguide/article/0,31489,1975826_1975753_1975580,00.ht ml
Paper 3
The team’s objective for week four is to develop methods to address information security needs. Our team has to
determine the security needs for Powell’s bookstores including the legal and privacy aspects of the websites and
business. We will examine several ways to address security concerns including hardware, software, and, employee
terminations. Information security is a very essential step in protecting the company from security threats whether it’s
human error, malicious activity or natural disasters. As the team determines the security program for the bookstore, it
is necessary to keep in mind the three components: senior management, data safeguards, and incident response. These are
the makings of an effective security program. As we will see based on the “Database Security: Attacks and Control
methods” article, the more sensitive the data, the more protected and secure the database should be against possible
breach or attack. In article “Privacy and Security: Usable Security: How to Get It”, the team highlights how the lack of
security due to users’ inability to navigate the software and /or their unfamiliarity regarding the cost of potential
attacks in finances and time. Lastly, based on the article of “Security Framework for information Systems”, our team will
analyze and identify the Advantages believed imperative in achieving the framework and its application methodology to
insure Information Security Management.
Information Security Management
Sources of security threats can be caused by human error, computer crime and natural disasters. There are programs
available prevent unexpected security compromises. Powell’s uses Norton Secured security programs which are tested by
both in-house personnel and outside security consultants. The website secures private information using a Security
Socket Layer (SSL) certificate. Information exchanged with any address beginning with https is encrypted using SSL
before launching, “a safeguard is some measure that individuals or organizations take to block the threat from obtaining
the asset” (2014). Technical safeguards include the hardware and software of an information system including
identification and authentication, encryption, firewalls, Malware protection and designs for computer applications. The
“Data safeguards protect databases and other organizational data” (2014). Data administration and database
administration(s) work together to define data policies, data rights and responsibilities, rights enforced by user’s
accounts authenticated by passwords, data encryption, backup and recovery procedures and physical security. Human
safeguards result when authorized users follow appropriate procedures for system use and recovery. Disaster preparedness
includes having an alternative recovery plan. All safeguards are a form of security protection against foul play.
Database Security
Data is the most valuable asset in today’s world as it is used in day to day life. The use of data is necessary from the
independent user to large companies or firms. The process as we know it, is to make data easy and efficient to use. Its
critical nature is all bundled up in a Database in which is a vulnerable and preferred target for attacks to take place
because of the data that is contained and also because of its proprietary nature. There are many ways a database can be
compromised. In this paper the challenges and threats in database security are identified.
Here are some ways of classic attacks below:
1) Spoofing – In this type of attack, cipher text value is replaced by a generated value.
2) Splicing – Here, a cipher text value is replaced by different cipher text value.
3) Replay – replay is a kind of attack where cipher text value is replaced with old version
previously updated or deleted.
4) Phishing – pretends to be a legitimate company and sends an email requesting
confidential data, such as account numbers, Social Security numbers, account
passwords, and so forth. Phishing compromises legitimate brands and trademarks.
Large number of security weaknesses is being identified in the database communication protocols of all database
retailers. Fraudulent activities directing these vulnerabilities can vary from illegal data access to data exploitation
and denial of service and many more.
The risk consists of information loss by data system breaches, faulty service, human error, natural disaster and
unintentional information exchanges to a scammer.
Control methods include the use of encryption, firewalls, changing of passwords regularly and so forth are ways
to discourage that threat. Identification, malware protection, policies and procedures must also be in place by any
organization to safely remain unthreatened and keep critical information at bay within the companies DIS.
Databases are a favorite target for attackers because of the amount of information and data they can obtain in
one breaching. There are many ways in which a database can be compromised as discussed above. There are various types of
attacks and threats from which a database should be protected. Solutions to most of the threats mentioned above have been
found, although some solutions are good while some are only temporary.
Privacy and Security
Computer Security is in a tough bind this day and age. The amount of time and money individuals spend on it is
astounding and in the long run the systems are still insecure. Secure software is prevalent, but in terms of two things,
bugs and conflicts, software is never going to be entirely safe.
Bugs: Secure systems are complicated, hence imperfect. Of course software always has bugs, but even worse, security must
be set up: user accounts and passwords, access control on resources, and trust relationships between organizations. In a
world of legacy systems, networked computers, mobile code, and changing relationships between organizations, setup is
error-prone. (Lampson, B.)
Conflicts: Even more important, security gets in the way of other things you want. In the words of General B.W. Chidlaw,
“If you want security, you must be prepared for inconvenience.” For users and administrators, security adds hassle and
blocks progress. For software developers, it interferes with features and with time to market. (Lampson, B.)
Policy is what users and administrators see and set. The use of a good model is necessary to ensure the user
understands the functions associated with the data and the computer itself. An example is having a person trained in
computer science and know they understand the functions of a computer, rather than just a key puncher not knowing why or
what the risk associated with the functional use may be. As in, don’t press enter unless you are sure the document is
correct and also the security is in place with whom you are sending it to.
Isolation is necessary to allow for only one input to occur to reach an object is through a channel controlled by policy.
Isolation fails when an input has an effect that is not controlled by policy; this is a bug.
Accountability is a required source for any business and must be enforced. Some form of disciplinary action
needs to be instituted in the event a user is found at fault. It is difficult to deter attacks on a computers connected
to the Internet because it is difficult to find the predators. The way in which to fix this is to communicate only with
parties that are accountable, that you can punish. There are many different punishments: money fines, ostracism from some
community, firing, jail, and other options. Often it is enough if you can undo an action; this is the financial system’s
main tool for security.
The obvious reasons of software related issues is accountability. The freedoms we allow our employees on
computer use and to communicate with parties you don’t know much about, such as unknown vendors or gambling sites is
costing us millions in software repairs, or data compromising.
Things can be and are so bad for usable security that we need to give up on being flawless and shooting for
perfection and focus on just the essentials. Another root cause is economics and how we don’t know the costs either way
of getting security or of not having it, so users quite rationally don’t care much about it. Therefore, vendors have no
incentive to make security usable.
Security Framework
Security framework for information systems is a broad but very important topic for discussion. Every year,
there is a conference held in France known as the European Conference on Information’s Warfare and Security that brings
together an assortment of individuals from professors to engineers to discuss Information Warfare and Information
Security. During this conference there is an abundance of shared knowledge being gathered, giving in-depth knowledge of
operational information as well as technical information; safe within the compounds of computer technology, there are
constant battles of trying to beat the newest anti-virus protection software. Dealing with military systems throughout
the world, security protocols and protection software are in an everyday battle against cyber-attacks. Information
warfare is a tough cookie to explain, it has so many dimensions. In regards to Information Warfare, basically can be
downsized to a multiple arrangement of techniques used to gain information which may Including collection, disturbance
or degradation of Information Warfare is not only displayed within the military but is also within the competitive
fields of public and private organizations. The classification of threats, attack methods and weapons used has been a
huge problem that brought on cyber security and the need for protection. Threats can be the stealing of a laptop, insider
internet abuse, denial of service, theft of proprietary information, unauthorized access and viruses. Malware is used to
destroy and steal information. Spyware is also used to steal information and can even record your keystrokes to gain
access to passwords and bank account information. Spyware is exactly that, it hides within the files on your computer.
Viruses can hide within a computer and rely on other programs for survival. Viruses infect a computer a lot like they do
a person in the way they replicate themselves and create further issues. Worms are slightly different and nastier then a
virus, they multiple and need no host to survive. A denial of service attack is when a cyber-attack focuses on
interrupting a network service by sending high volumes of data traffic through the network until it becomes overloaded.
It can be dangerous in the event that it enables hackers to have access to the web application in which they can damage
the data. Due to these issues a framework for the detection and prevention of common types of SQL attacks has been
derived, and consists of multiple components which check the user for any existing attacks, check for any new types of
attacks, and block responses that are unexpected. This frame work is based on Ana tempura tool. When dealing with
cyber-attacks and a constant variety of different strings of viruses the need for information security protocols is a
necessity. The battle for security within our own agenda with regards to identity the
To avoid information theft, everyone should take day to day precautions when handling or discarding any personal
paperwork. The future goals of the European Information Security meetings will advance with newer updated information and
keep updates on all current malicious software and cyber-attacks going on.
Powell’s customers can feel at ease knowing their financial and personal information will be safe and not end up in the
wrong hands because of the extra security measures put into place. Powell’s has more than twenty five years of
experience and guarantees, 100% that every online transaction will be safe. The website is a secure site and monitored
by Norton Secure. Privacy and security is the most important element of how Powell’s runs their operations. “Under US
Federal Law, your bank cannot hold you liable for more than $50.00 of fraudulent charges. If your bank does hold you
liable for any or all of the maximum $50 amount, Powells.com will cover the charge, assuming that the unauthorized use of
your credit card resulted through no fault of your own from purchases made at Powells.com while using our secure server”
(1994-2015).
References
Proceedings from the 11th European Conference of Information Warfare and Information Security, July, 2011
Lampson, B. Practical principles for computer security. In Software System Reliability and Security, Broy et al., Eds.,
IOS Press, 2007, 151–195
Kroenke, D. M. (2014). MIS essentials (3rd ed.). Upper Saddle River, NJ: Pearson/Prentice Hall.
Retrieved from: http:// http://www.powells.com/info/secpri.html
Kroenke, D.M. (2012) MIS essentials (2nd ed.): Pearson/Prentice Hall. University of Phoenix
The post Your team has been researching and discussing three bookstores throughout the course to apply the concepts presented appeared first on Exquisite Essay Writings.