A model for green IT strategy : a content analysis approach
- Authors: Du Preez, Riekert
- Date: 2010
- Subjects: Information technology -- Environmental aspects , Green technology -- South Africa , Strategic planning , Climatic changes , Green movement
- Language: English
- Type: Thesis , Masters , MBA
- Identifier: vital:8630 , http://hdl.handle.net/10948/1485 , Information technology -- Environmental aspects , Green technology -- South Africa , Strategic planning , Climatic changes , Green movement
- Description: Society’s reliance on Information Technology (IT) has increased tremendously in the last few decades. Unfortunately, the growth of the IT sector has occurred at the expense of the environment. The adverse environmental impact of IT operations is partly due to the production and disposal of IT equipment, which can result in harmful pollution and toxic materials being released into the environment. Furthermore, IT equipment consumes large amounts of electricity, and this results in significant amounts of carbon dioxide (CO2) being released into the atmosphere. Since CO2 is classified as a greenhouse gas, it contributes to the phenomenon of climate change. Organisations are socially and ethically required to minimise the environmental impact of their IT operations. However, in addition to fulfilling their responsibility towards environmental sustainability, organisations can gain a competitive advantage through adopting green IT practices. In order to reap the benefits of green IT and to fulfil their social and ethical responsibilities, organisations need to formulate and implement a comprehensive green IT strategy. When formulating strategic decisions, the use of a clear decision process enhances the effectiveness of such decisions. As a result, top IT management require a model or framework which could guide their thinking and allow for a clear decision process when formulating green IT strategy. However, after an extensive search of the literature had been conducted, a research gap was identified for the definition of a model which deals specifically with the formulation and execution of green IT strategy. As a result, this treatise sets out to answer the question of what organisations should consider when formulating and implementing green IT strategy. To answer the research question, the treatise defines a model for green IT strategy. The model was defined by conducting a content analysis of the literature on green IT. The content-analysis ABSTRACT iii research technique was utilised to identify the underlying concepts within the literature related to green IT strategy formulation and execution. The resulting model indicates that green IT strategy formulation requires holistic thinking, since several forces affect green IT strategy. As a result, these forces should be considered when a green IT strategy is to be formulated. However, even if a strategy is formulated by considering all the forces at play, it is of little use if it is not implemented effectively. The model indicates that green IT strategy should be implemented though a series of practices. These practices are not limited to IT practices alone, but include, in addition, several business practices. This indicates that green IT adoption extends far beyond the mere implementation of green technology.
- Full Text:
- Date Issued: 2010
The cost of free instant messaging: an attack modelling perspective
- Authors: Du Preez, Riekert
- Date: 2006
- Subjects: Computer security , Instant messaging , Data protection
- Language: English
- Type: Thesis , Masters , MTech
- Identifier: vital:9797 , http://hdl.handle.net/10948/499 , http://hdl.handle.net/10948/d1011921 , Computer security , Instant messaging , Data protection
- Description: Instant Messaging (IM) has grown tremendously over the last few years. Even though IM was originally developed as a social chat system, it has found a place in many companies, where it is being used as an essential business tool. However, many businesses rely on free IM and have not implemented a secure corporate IM solution. Most free IM clients were never intended for use in the workplace and, therefore, lack strong security features and administrative control. Consequently, free IM clients can provide attackers with an entry point for malicious code in an organization’s network that can ultimately lead to a company’s information assets being compromised. Therefore, even though free IM allows for better collaboration in the workplace, it comes at a cost, as the title of this dissertation suggests. This dissertation sets out to answer the question of how free IM can facilitate an attack on a company’s information assets. To answer the research question, the dissertation defines an IM attack model that models the ways in which an information system can be attacked when free IM is used within an organization. The IM attack model was created by categorising IM threats using the STRIDE threat classification scheme. The attacks that realize the categorised threats were then modelled using attack trees as the chosen attack modelling tool. Attack trees were chosen because of their ability to model the sequence of attacker actions during an attack. The author defined an enhanced graphical notation that was adopted for the attack trees used to create the IM attack model. The enhanced attack tree notation extends traditional attack trees to allow nodes in the trees to be of different classes and, therefore, allows attack trees to convey more information. During the process of defining the IM attack model, a number of experiments were conducted where IM vulnerabilities were exploited. Thereafter, a case study was constructed to document a simulated attack on an information system that involves the exploitation of IM vulnerabilities. The case study demonstrates how an attacker’s attack path relates to the IM attack model in a practical scenario. The IM attack model provides insight into how IM can facilitate an attack on a company’s information assets. The creation of the attack model for free IM lead to several realizations. The IM attack model revealed that even though the use of free IM clients may seem harmless, such IM clients can facilitate an attack on a company’s information assets. Furthermore, certain IM vulnerabilities may not pose a great risk by themselves, but when combined with the exploitation of other vulnerabilities, a much greater threat can be realized. These realizations hold true to what French playwright Jean Anouilh once said: “What you get free costs too much”.
- Full Text:
- Date Issued: 2006