Protecting management information systems: Virtual Private Network competitive advantage

摘要

Information security technologists and business scholars are motivated by a desire to understand how and to what extent the application of IT within enterprise systems leads to improved and secured organizational performance. An effective relationship between business and IT professionals is a primary determinant of success in gaining business advantage through the enterprise system. As business innovation has relied increasingly on partnerships between business and IT professional, a different perspective of how IT professionals view their organizational contributions was needed for organizations to remain competitive. Business knowledge is essential if IT professionals are to create linkages with other organizational units and have a wider perspective about business objectives, thus achieving fit between IT and organizational strategies. Organizations have started responding to this challenge by demanding more business acumen in their IT staff. The focus of this study is on the knowledge that is beyond that of independent business and IT only domain knowledge of information security. Therefore, technical areas of knowledge, such as hardware and software, all of which are closely associated with IT skills, are not discussed in this thesis. This is not to declare that such knowledge is not important. Clearly technical knowledge is part of the IT professional's overall information security technology expertise, but this study is about the organization proficiency of business and the IT professional, and is therefore interested in what enables business and IT professionals to apply their business domain and technical knowledge in ways that are beneficial to the organization and to act cooperatively with their customers and business partners. The purpose of this study is to employ the triangulation method to identify the theoretical links and empirically examine the association between business and IT perspective of information security. An important contribution of this study is the identification of business and IT perspectives on information security technology. By establishing the link between business and IT, the study focuses and evaluates Virtual Private Network (VPN) as an information security technology to find out if VPN can secure and gain competitive advantage by partisan business process and organization performance. This study articulates distinctive characteristics of Virtual Private Network and management processes that extend the range of applicability across diverse business segments. It distinguishes between business and IT and explains why the exploitation of a complementary set of related information security entities (such as VPN) across multiple functions create competitive vi advantages even across a diverse set of businesses that have limited opportunity to exploit business process and organization performance. The most important direct predictor of this study is a high level of communication between business and IT. However, one cannot mandate meaningful communication between individuals. IT people have to earn the right to play a meaningful role in management forums. Based on the findings from this study, one important way for an IT person to be heard is for him/her to devote the time necessary to create competitive advantage and develop shared domain knowledge, the most influential construct in the research model. An IT person needs to understand the leverage points of the industry, the history and current issues of the business units, and to learn to apply business oriented objectives in the application of technology to business problems. This change in view would help focus their attention on security technology and ideas that could produce the most benefit and create competitive advantage, rather than those that offer the most technical promise.