61
News:
Daffodil International University Forum contains information about Open Text material, which is only intended for the significant learning purposes of the university students, faculty, other members, and the knowledge seekers of the entire world and is hoped that the offerings will aide in the distribution of reliable information and data relating to the many areas of knowledge.
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
62
Software Engineering / Dhaka issues emergency guidelines on global cyberattack
« on: July 19, 2017, 07:05:23 PM »
The Information and Communication Technology (ICT) Division on Tuesday issued an emergency advisory on a rampaging ransomware virus that emerged across the globe on Friday.
The ICT suggested all computer users to follow some guidelines on how to protect their personal and workplace computers from being affected by the virus known as “WannaCry” or “Wannacrypt”.
The virus swept computers running on Microsoft Windows Operating System, especially those not currently supported such as Windows XP, Windows 8 and Windows Server 2003.
To avoid the attack, the ICT suggested people for taking regular data backup of the computers and keep the data save another devices.
“Regularly update the operating systems, with keeping the windows automatic update activated,” the advisory said.
For windows, the ICT advised updating the computer with MS17-010 patch.
It also strongly recommended avoiding downloading and opening unsolicited files and attachments.
“Never click any unknown link without verifying the source” it said.
Besides, the ICT advised updating security system and anti-virus of before browsing internet.
The ICT suggested all computer users to follow some guidelines on how to protect their personal and workplace computers from being affected by the virus known as “WannaCry” or “Wannacrypt”.
The virus swept computers running on Microsoft Windows Operating System, especially those not currently supported such as Windows XP, Windows 8 and Windows Server 2003.
To avoid the attack, the ICT suggested people for taking regular data backup of the computers and keep the data save another devices.
“Regularly update the operating systems, with keeping the windows automatic update activated,” the advisory said.
For windows, the ICT advised updating the computer with MS17-010 patch.
It also strongly recommended avoiding downloading and opening unsolicited files and attachments.
“Never click any unknown link without verifying the source” it said.
Besides, the ICT advised updating security system and anti-virus of before browsing internet.
63
Software Engineering / World’s first modular self-driving car
« on: July 19, 2017, 07:03:43 PM »
Trying to find a car that matches your style is no easy task.
But a new modular driverless vehicle that is described as a ‘blank sheet of paper’ could be the solution to meeting people’s varying styles.
The ‘Edit’ self-driving vehicle is made up of five parts, allowing users to create different configurations of the same vehicle both in terms of style and use.
The Edit vehicle was designed by Hong Kong based OSVehicle, who wanted to make a self-driving car for everyone.
Alessandro Camorali, CEO of OSVehicle said: ‘EDIT is designed for the future, five parts define the whole volume so everyone can easily have more configurations of the same vehicle both in terms of use, style, and recognizability.
‘The intention was to create a “non form”, a blank sheet of paper, where people can develop their own ideas.
‘Because design must not be an imposition but a participation.’
The modular technology allows users to easily embed several autonomous driving technologies, including lidars and sensors.
The firm describes this as ‘BYOSDCACH’ – Bring Your Own Self Driving Code And Custom Hardware Stack.
The cars are expected to last more than 20 years, as modules can be replaced.
On its website, OSVehicle said: ‘EDIT’s modular technology enables the easy replacement of key components such as electric motor and battery pack, which allow vehicles to last 10X longer than traditional cars.’
Edit can also be customised by brands, both in the exterior body and the interior.
Described as ‘Vehicle-as-a-Service’, this allows companies to quickly deliver models tailored for each service and country.
OSVehicle said: ‘With the rise of food delivery, ride and car sharing, vehicles should focus on the service brand and its needs, not the car brand.’
The body is divided into five main parts – front, rear, roof and double symmetrical door, optimizing production and decreasing costs.
OSVehicle said: ‘A friendly shape, easily transformable according to the needs of the customer that could help the transition towards a different layout of the autonomous driving cars of the future.
‘Easy to repair and upgrade to transition faster to a zero emission and zero fatality mobility.’
The interior can provide different settings from level one to five of autonomous driving.
In a level five version, there is a face-to-face seating layout with a table in the central area.
It is unclear when the car will be available, or how much it will cost.
Source: Businessnews24bd.com
But a new modular driverless vehicle that is described as a ‘blank sheet of paper’ could be the solution to meeting people’s varying styles.
The ‘Edit’ self-driving vehicle is made up of five parts, allowing users to create different configurations of the same vehicle both in terms of style and use.
The Edit vehicle was designed by Hong Kong based OSVehicle, who wanted to make a self-driving car for everyone.
Alessandro Camorali, CEO of OSVehicle said: ‘EDIT is designed for the future, five parts define the whole volume so everyone can easily have more configurations of the same vehicle both in terms of use, style, and recognizability.
‘The intention was to create a “non form”, a blank sheet of paper, where people can develop their own ideas.
‘Because design must not be an imposition but a participation.’
The modular technology allows users to easily embed several autonomous driving technologies, including lidars and sensors.
The firm describes this as ‘BYOSDCACH’ – Bring Your Own Self Driving Code And Custom Hardware Stack.
The cars are expected to last more than 20 years, as modules can be replaced.
On its website, OSVehicle said: ‘EDIT’s modular technology enables the easy replacement of key components such as electric motor and battery pack, which allow vehicles to last 10X longer than traditional cars.’
Edit can also be customised by brands, both in the exterior body and the interior.
Described as ‘Vehicle-as-a-Service’, this allows companies to quickly deliver models tailored for each service and country.
OSVehicle said: ‘With the rise of food delivery, ride and car sharing, vehicles should focus on the service brand and its needs, not the car brand.’
The body is divided into five main parts – front, rear, roof and double symmetrical door, optimizing production and decreasing costs.
OSVehicle said: ‘A friendly shape, easily transformable according to the needs of the customer that could help the transition towards a different layout of the autonomous driving cars of the future.
‘Easy to repair and upgrade to transition faster to a zero emission and zero fatality mobility.’
The interior can provide different settings from level one to five of autonomous driving.
In a level five version, there is a face-to-face seating layout with a table in the central area.
It is unclear when the car will be available, or how much it will cost.
Source: Businessnews24bd.com
64
Business Administration / Bangladesh to produce 4.2m tonnes fishes in 2016-17
« on: July 19, 2017, 06:45:06 PM »
Fish production in Bangladesh is estimated to increase to 4.04 million tonnes in 20015-16 fiscal year from 3.88 million tonnes in 2014-15 fiscal.
Fisheries and Livestock Minister Muhammed Sayedul Hoque Tuesday said this adding the country will be self-sufficient in fish through enhancing production up to 4.2 million tones within the next year.
He was addressing a press briefing in the city marking the beginning of National Fisheries Week-2017.
The fisheries minister said in 2008-09 the country produced only 2.70 million tonnes fishes and the production was significantly increased to 3.88 million tonnes in 2015-16 fiscal year due to various development programmes taken by the government.
Source: Financial Express
Citing a Food and Agriculture Organization (FAO) estimate, the minister said the country will need almost 4.2 million tonnes fish in a year to meet its annual demand with daily per capita requirement of 60 grams.
The minister said the government has released 558.35 tonnes of fish fries throughout the country under development and revenue sectors in 2016-17 fiscal year, adding that a total of 1251 beel-hatcheries also have been set up for raising the production of open water fishes, according to a report by BSS.
Fisheries and Livestock Minister Muhammed Sayedul Hoque Tuesday said this adding the country will be self-sufficient in fish through enhancing production up to 4.2 million tones within the next year.
He was addressing a press briefing in the city marking the beginning of National Fisheries Week-2017.
The fisheries minister said in 2008-09 the country produced only 2.70 million tonnes fishes and the production was significantly increased to 3.88 million tonnes in 2015-16 fiscal year due to various development programmes taken by the government.
Source: Financial Express
Citing a Food and Agriculture Organization (FAO) estimate, the minister said the country will need almost 4.2 million tonnes fish in a year to meet its annual demand with daily per capita requirement of 60 grams.
The minister said the government has released 558.35 tonnes of fish fries throughout the country under development and revenue sectors in 2016-17 fiscal year, adding that a total of 1251 beel-hatcheries also have been set up for raising the production of open water fishes, according to a report by BSS.
65
Tourism & Hospitality Management (THM) / Tourist destination: 4 waterfalls of Mirsharai
« on: July 19, 2017, 06:41:42 PM »
The key attraction of the remote village located in the foot of hills in Mirshara upazila’s Khoyachora union is its four beautiful waterfalls -- Ujalia, Kupikatakum, Napittyachora and Bandorkum. Tourists started flocking the area after the beauty of the waterfalls and the scenic trail that leads to the water falls inside the hills spread through social media in the last two years.
The waterfalls of Napittyachora trail are attracting daily 500 to 1000 visitors, said locals. During holidays, it crosses thousand.
For visiting the waterfalls one needs to go to Noyduara area of Mirsharai upazila. It takes around three hours to reach the waterfalls from Noyduara area. After walking for half an hour, one could reach the first two waterfalls -- Ujalia and Kupikatakum. On crossing the first two waterfalls it would take more than two hours to reach the other two waterfalls. Local youths and teenage boys work as guide to show the ways through deep jungle. They charge Tk 300 to 500 for the whole journey.
Way to the other two waterfalls takes over two hours to reach and it needs ascending-descending the steep hills, walking through the ankle to knee deep water course, going through green jungle, walking on large slippery stones that resemble like eggs of a prehistoric animals. In addition, chirping of wild birds and sound of insects would make it a memorable journey.
For visitors it could become quite difficult and risky to reach the four waterfalls deep inside the jungle as there is no sign boards with directions were seen on the way.
Besides, the tourists have to suffer a lot as the road is not much developed.
Mentionable, a tourist was killed after falling from hill in the Napittyachora trail last year after a group of tourist lost their way on August 15, 2016.
Other than these hazards, the waterfalls could become a great tourist attraction in Chittagong.
The waterfalls of Napittyachora trail are attracting daily 500 to 1000 visitors, said locals. During holidays, it crosses thousand.
For visiting the waterfalls one needs to go to Noyduara area of Mirsharai upazila. It takes around three hours to reach the waterfalls from Noyduara area. After walking for half an hour, one could reach the first two waterfalls -- Ujalia and Kupikatakum. On crossing the first two waterfalls it would take more than two hours to reach the other two waterfalls. Local youths and teenage boys work as guide to show the ways through deep jungle. They charge Tk 300 to 500 for the whole journey.
Way to the other two waterfalls takes over two hours to reach and it needs ascending-descending the steep hills, walking through the ankle to knee deep water course, going through green jungle, walking on large slippery stones that resemble like eggs of a prehistoric animals. In addition, chirping of wild birds and sound of insects would make it a memorable journey.
For visitors it could become quite difficult and risky to reach the four waterfalls deep inside the jungle as there is no sign boards with directions were seen on the way.
Besides, the tourists have to suffer a lot as the road is not much developed.
Mentionable, a tourist was killed after falling from hill in the Napittyachora trail last year after a group of tourist lost their way on August 15, 2016.
Other than these hazards, the waterfalls could become a great tourist attraction in Chittagong.
66
Business Administration / BB, bankers sit today to devise ways to boost remittance
« on: July 19, 2017, 06:38:37 PM »Bangladesh Bank officials will sit with the top executives of 20 banks today to find out how to reduce the cost of sending remittance through the banking channel.
The meeting will be held at the headquarters of the banking regulator in Dhaka, as part of an effort to arrest the fall in remittance and encourage the expatriates to send more money.
Migrant workers sent home $12.77 billion in the last fiscal year, down 14.47 percent year-on-year, according to data from the central bank.
The cost of sending remittance is high mainly due to the commission taken by the exchange houses aboard, said Ahmed Jamal, executive director of Bangladesh Bank.
He spoke at a workshop for journalists jointly organised by the BB and Economic Reporters Forum, at the central bank headquarters yesterday.
The central bank is concerned about the declining remittance, as the strong growth of remittance had helped Bangladesh cushion the shocks of the global economic meltdown earlier, he said. Tightening of anti-money laundering regulations globally amid rising militant activities hindered the remittance inflow, said Habibur Rahman, general manager of the BB.
Rahman, who was a member of the research team that the BB had formed to find out the causes of falling remittance, said cost is not the major reason behind the sliding remittance.
The workers are being harassed while sending money through the banking channel due to the tightening of the anti-money laundering regulations in the countries where Bangladesh has a big labour market, he said.
The cuts in wages amid economic crisis in Middle Eastern countries are also responsible for the fall in remittance, he said.
Remittance inflows from Saudi Arabia slumped 23 percent and from the UAE 22.79 percent in last fiscal year compared to the previous year, according to BB data.
Source: Star Business, 19.07.2017
67
Business & Entrepreneurship / What Does the Malware Do?
« on: April 20, 2017, 06:26:14 PM »
As far as what malware is installed exactly, it can vary. Some devices had malware that shows adverts such as the Loki malware. Other examples gleaned information from the user and sent it to a third-party server. Others acted as Android-specific ransomware. As such, there’s no single diagnosis or symptom you can give a newly-bought phone to tell if it has been pre-infected with malware or not.
How Did This Happen?
It’s distressing to hear that phones are now shipping with malware installed the moment you buy them! How did this even happen in the first place? How is it that malware is finding its way onto users’ phones before they even go online?
As for the report by Check Point, they state that the companies found to be selling malware-infected devices were “a large telecommunications company and a multinational technology company,” which doesn’t say much. However, it does mention that the malware attacks “… were not part of the official ROM supplied by the vendor, and were added somewhere along the supply chain.”
This means that the distributors of the phones were the ones adding the malware, not the manufacturers. A Samsung Galaxy phone infected with pre-installed malware wasn’t the fault of Samsung themselves, for instance. This creates a worrying scenario where customers can no longer be certain that their phone will remain untampered with from the factory line to the home.
How Do I Avoid It?
preinstalled-malware-antivirus
Now that malware is being spread onto phones before they’re even sold, the tried and trusted anti-malware advice won’t work against this new form of attack. Exercising caution over the apps you download, the websites you visit, and the links you click won’t help you avoid malware that’s already on your system since day one. There are some additional precautions you can take, however, to prevent being bitten by this bug.
First, make sure you purchase your devices from trusted resellers. This includes stores that are owned entirely by the people manufacturing the phone that you want, as well as highly respected and trusted network providers for your country. Purchasing a phone from less-reputable sellers runs the risk of having malware pre-installed on it.
How Did This Happen?
It’s distressing to hear that phones are now shipping with malware installed the moment you buy them! How did this even happen in the first place? How is it that malware is finding its way onto users’ phones before they even go online?
As for the report by Check Point, they state that the companies found to be selling malware-infected devices were “a large telecommunications company and a multinational technology company,” which doesn’t say much. However, it does mention that the malware attacks “… were not part of the official ROM supplied by the vendor, and were added somewhere along the supply chain.”
This means that the distributors of the phones were the ones adding the malware, not the manufacturers. A Samsung Galaxy phone infected with pre-installed malware wasn’t the fault of Samsung themselves, for instance. This creates a worrying scenario where customers can no longer be certain that their phone will remain untampered with from the factory line to the home.
How Do I Avoid It?
preinstalled-malware-antivirus
Now that malware is being spread onto phones before they’re even sold, the tried and trusted anti-malware advice won’t work against this new form of attack. Exercising caution over the apps you download, the websites you visit, and the links you click won’t help you avoid malware that’s already on your system since day one. There are some additional precautions you can take, however, to prevent being bitten by this bug.
First, make sure you purchase your devices from trusted resellers. This includes stores that are owned entirely by the people manufacturing the phone that you want, as well as highly respected and trusted network providers for your country. Purchasing a phone from less-reputable sellers runs the risk of having malware pre-installed on it.
68
Business & Entrepreneurship / How to Tackle Pre-Installed Malware on Your Android Phone
« on: April 20, 2017, 06:25:46 PM »
As mobile devices become essential in our daily lives, malware developers have been working hard at developing software to attack the millions of Android phones around the world. Previously, a user could keep themselves safe by not installing shady apps and taking care while browsing the Internet. Recently, however, Check Point discovered a worrying trend of malware where thirty-six different devices were found infected before the user even received the device. In other words, malware is being installed before the customer even sees the phone for the first time.
69
Business & Entrepreneurship / Outsourcing e-commerce compliance
« on: April 20, 2017, 06:23:55 PM »
For companies that do not meet the level 1 merchant status caught in this situation, there is a cut-down version of the PCI DSS self-assessment questionnaire (SAQ), SAQ A, which applies to “Card-not-present Merchants, All Cardholder Data Functions Fully Outsourced”. It was developed by the SSC to address requirements applicable to merchants whose cardholder data functions are completely outsourced to validated third parties, where the merchant retains only paper reports or receipts with cardholder data.
The full eligibility criteria for completing an SAQ A is described within the document, but the main requirement is that cardholder data functions are completely outsourced to validated third parties. “Validated parties” are service providers that are PCI DSS-compliant for the services they deliver, which may include the following:
Website design
Physical hosting
Managed hosting
Payment processing
Outsourced e-commerce and PCI DSS – what you need to know
Geraint Williams 3rd March 2015
A presence on the Internet is considered essential for modern business, and the UK Government’s digital inclusion policy aims to get SMEs online and part of the digital economy. For many small companies, however, going online and taking payments for services online is new and uncharted territory.
There’s a wide range of regulations, standards and requirements that an organisation must meet to trade within the digital economy, which is a challenge that many companies don’t appreciate when they begin. In particular, the Payment Card Industry Data Security Standard (PCI DSS) and distance-trading regulations present notable difficulties.
Male hand using computer and credit card for online paymentPCI DSS
The PCI DSS was initiated by the payment brands (Visa, MasterCard, American Express, Discover and JCB) to combine their individual data security requirements into a single set. The Standard is developed by the PCI Security Standards Council (SSC). It contains requirements for storing, processing or transmitting cardholder data, and includes anything that might affect this. Merchants who accept payment cards from the five brands are responsible for ensuring the payment collection process complies with the standard. Merchants cannot delegate the accountability, even if the whole payment process is handled by third parties.
One of the pitfalls I come across when advising companies about the PCI DSS is that in many instances they already have an e-commerce presence, but it does not comply with the PCI DSS.
For example, they have a website designed, hosted and managed by third parties to take card payment online rather than do it themselves. This is a good option for many companies, as developing or hiring the expertise to do so in-house can be expensive and time-consuming. In many instances, however, they find that the process of meeting the requirements of the PCI DSS has become very difficult because the suppliers themselves are not PCI DSS-compliant.
Outsourcing e-commerce compliance
For companies that do not meet the level 1 merchant status caught in this situation, there is a cut-down version of the PCI DSS self-assessment questionnaire (SAQ), SAQ A, which applies to “Card-not-present Merchants, All Cardholder Data Functions Fully Outsourced”. It was developed by the SSC to address requirements applicable to merchants whose cardholder data functions are completely outsourced to validated third parties, where the merchant retains only paper reports or receipts with cardholder data.
The full eligibility criteria for completing an SAQ A is described within the document, but the main requirement is that cardholder data functions are completely outsourced to validated third parties. “Validated parties” are service providers that are PCI DSS-compliant for the services they deliver, which may include the following:
Website design
Physical hosting
Managed hosting
Payment processing
There is a distinction between being certified as a merchant and being certified as a service provider. A service provider will have an Attestation of Compliance (AoC) for either a Report on Compliance (RoC) or an SAQ D for service providers; the AoC will state the services being covered.
It is important to confirm that the AoC includes the services you are contracting, as some companies get caught out because their service provider is certified as a merchant rather than a service provider. In these cases, the ‘service provider’ is approved to take payments, but may not be certified for the services they are actually offering.
For example, you could pay for a website design company to create and host a website that takes payments by credit card. Meanwhile, the website design company may have outsourced its e-commerce operation and completed an SAQ A. When asked for evidence of compliance, it may offer the SAQ A as proof of certification, but this only covers its merchant activity and not its software development and hosting services. It should have an SAQ D for service providers to prove that its services are PCI DSS-compliant, and present the AoC showing this when requested.
The problem
In my experience, companies get caught out by having a website designed and hosted, and then finding they have to comply with the PCI DSS when their acquiring bank asks for an SAQ. At this point, they discover that their suppliers are not PCI DSS-compliant for the services contracted, and that they don’t have sufficient information to complete an SAQ D because they don’t have control over the hosting or management of the website. They’re left unable to meet the acquiring bank’s request.
The company is then left with few options:
Ask the suppliers to become compliant.
Audit the suppliers as part of the company’s compliance.
Change to a certified supplier.
None of these options are attractive or easy to complete. When a company is non-compliant, they can be fined by the acquiring bank monthly, pay additional transaction costs or, in extreme cases, have the ability to process payment cards removed.
Advice
My advice for companies thinking about starting an e-commerce operation is to contact a PCI DSS expert to get advice on the Standard before actually implementing the website. This can save a lot of hassle, time and money in the long term.
There should also be more effort by governments, acquiring banks, payment brands and payment processors to makes sure those new to online payments can get the right advice.
The full eligibility criteria for completing an SAQ A is described within the document, but the main requirement is that cardholder data functions are completely outsourced to validated third parties. “Validated parties” are service providers that are PCI DSS-compliant for the services they deliver, which may include the following:
Website design
Physical hosting
Managed hosting
Payment processing
Outsourced e-commerce and PCI DSS – what you need to know
Geraint Williams 3rd March 2015
A presence on the Internet is considered essential for modern business, and the UK Government’s digital inclusion policy aims to get SMEs online and part of the digital economy. For many small companies, however, going online and taking payments for services online is new and uncharted territory.
There’s a wide range of regulations, standards and requirements that an organisation must meet to trade within the digital economy, which is a challenge that many companies don’t appreciate when they begin. In particular, the Payment Card Industry Data Security Standard (PCI DSS) and distance-trading regulations present notable difficulties.
Male hand using computer and credit card for online paymentPCI DSS
The PCI DSS was initiated by the payment brands (Visa, MasterCard, American Express, Discover and JCB) to combine their individual data security requirements into a single set. The Standard is developed by the PCI Security Standards Council (SSC). It contains requirements for storing, processing or transmitting cardholder data, and includes anything that might affect this. Merchants who accept payment cards from the five brands are responsible for ensuring the payment collection process complies with the standard. Merchants cannot delegate the accountability, even if the whole payment process is handled by third parties.
One of the pitfalls I come across when advising companies about the PCI DSS is that in many instances they already have an e-commerce presence, but it does not comply with the PCI DSS.
For example, they have a website designed, hosted and managed by third parties to take card payment online rather than do it themselves. This is a good option for many companies, as developing or hiring the expertise to do so in-house can be expensive and time-consuming. In many instances, however, they find that the process of meeting the requirements of the PCI DSS has become very difficult because the suppliers themselves are not PCI DSS-compliant.
Outsourcing e-commerce compliance
For companies that do not meet the level 1 merchant status caught in this situation, there is a cut-down version of the PCI DSS self-assessment questionnaire (SAQ), SAQ A, which applies to “Card-not-present Merchants, All Cardholder Data Functions Fully Outsourced”. It was developed by the SSC to address requirements applicable to merchants whose cardholder data functions are completely outsourced to validated third parties, where the merchant retains only paper reports or receipts with cardholder data.
The full eligibility criteria for completing an SAQ A is described within the document, but the main requirement is that cardholder data functions are completely outsourced to validated third parties. “Validated parties” are service providers that are PCI DSS-compliant for the services they deliver, which may include the following:
Website design
Physical hosting
Managed hosting
Payment processing
There is a distinction between being certified as a merchant and being certified as a service provider. A service provider will have an Attestation of Compliance (AoC) for either a Report on Compliance (RoC) or an SAQ D for service providers; the AoC will state the services being covered.
It is important to confirm that the AoC includes the services you are contracting, as some companies get caught out because their service provider is certified as a merchant rather than a service provider. In these cases, the ‘service provider’ is approved to take payments, but may not be certified for the services they are actually offering.
For example, you could pay for a website design company to create and host a website that takes payments by credit card. Meanwhile, the website design company may have outsourced its e-commerce operation and completed an SAQ A. When asked for evidence of compliance, it may offer the SAQ A as proof of certification, but this only covers its merchant activity and not its software development and hosting services. It should have an SAQ D for service providers to prove that its services are PCI DSS-compliant, and present the AoC showing this when requested.
The problem
In my experience, companies get caught out by having a website designed and hosted, and then finding they have to comply with the PCI DSS when their acquiring bank asks for an SAQ. At this point, they discover that their suppliers are not PCI DSS-compliant for the services contracted, and that they don’t have sufficient information to complete an SAQ D because they don’t have control over the hosting or management of the website. They’re left unable to meet the acquiring bank’s request.
The company is then left with few options:
Ask the suppliers to become compliant.
Audit the suppliers as part of the company’s compliance.
Change to a certified supplier.
None of these options are attractive or easy to complete. When a company is non-compliant, they can be fined by the acquiring bank monthly, pay additional transaction costs or, in extreme cases, have the ability to process payment cards removed.
Advice
My advice for companies thinking about starting an e-commerce operation is to contact a PCI DSS expert to get advice on the Standard before actually implementing the website. This can save a lot of hassle, time and money in the long term.
There should also be more effort by governments, acquiring banks, payment brands and payment processors to makes sure those new to online payments can get the right advice.
70
Business & Entrepreneurship / Outsourced e-commerce and PCI DSS – what you need to know
« on: April 20, 2017, 06:22:55 PM »
presence on the Internet is considered essential for modern business, and the UK Government’s digital inclusion policy aims to get SMEs online and part of the digital economy. For many small companies, however, going online and taking payments for services online is new and uncharted territory.
There’s a wide range of regulations, standards and requirements that an organisation must meet to trade within the digital economy, which is a challenge that many companies don’t appreciate when they begin. In particular, the Payment Card Industry Data Security Standard (PCI DSS) and distance-trading regulations present notable difficulties.
There’s a wide range of regulations, standards and requirements that an organisation must meet to trade within the digital economy, which is a challenge that many companies don’t appreciate when they begin. In particular, the Payment Card Industry Data Security Standard (PCI DSS) and distance-trading regulations present notable difficulties.
71
Business & Entrepreneurship / Train staff to spot the attacks
« on: April 20, 2017, 06:22:14 PM »
The PCI SSC advises organisations to train staff to react and respond to ransomware attacks. This is in line with Requirement 12.6 of the Payment Card Industry Data Security Standard (PCI DSS), which states that organisations must “implement a formal security awareness programme to make all personnel aware of the cardholder data security policy and procedures.”
The PCI SSC guide recommends that organisations develop a plan “that educates your employees on the best ways to avoid these types of attacks and how to handle an attack if one does occur”.
Given the connection between ransomware and phishing – with a report from last year claiming that ransomware is delivered in 97% of phishing emails – the PCI SSC advises organisations to make sure their staff know what to do if they suspect they have received a phishing email.
“[Staff] should understand that it’s okay to delete [an] email if it looks suspicious,” the guide says. “Emails can look like they come from anyone in the company. If there are any questions, always contact that person to confirm [that it’s genuine] before clicking on a link or opening a file.”
The PCI SSC guide recommends that organisations develop a plan “that educates your employees on the best ways to avoid these types of attacks and how to handle an attack if one does occur”.
Given the connection between ransomware and phishing – with a report from last year claiming that ransomware is delivered in 97% of phishing emails – the PCI SSC advises organisations to make sure their staff know what to do if they suspect they have received a phishing email.
“[Staff] should understand that it’s okay to delete [an] email if it looks suspicious,” the guide says. “Emails can look like they come from anyone in the company. If there are any questions, always contact that person to confirm [that it’s genuine] before clicking on a link or opening a file.”
72
Business & Entrepreneurship / Defending against ransomware attacks in the payment card industry
« on: April 20, 2017, 06:21:26 PM »
Ransomware is currently the biggest cyber security concern for many businesses, and the danger of an attack is continuing to grow. There has been a 600% growth in new ransomware families since December 2015, according to a recent Payment Card Industry Security Standards Council (PCI SSC) guide, which also reported that ransomware crime cost businesses an estimated $1 billion (approximately £800 million) last year.
This should be particularly worrying for any business that stores, transmits or processes payment card data. Given that many hackers are after money, gaining access to payment card information is their most direct route to their goal.
This is why point-of-sale (PoS) systems are such a common target. They are essential for many businesses to operate, and whether or not the victim organisation pays the ransom, the hackers get what they want.
This should be particularly worrying for any business that stores, transmits or processes payment card data. Given that many hackers are after money, gaining access to payment card information is their most direct route to their goal.
This is why point-of-sale (PoS) systems are such a common target. They are essential for many businesses to operate, and whether or not the victim organisation pays the ransom, the hackers get what they want.
73
Business & Entrepreneurship / What is International Marketing?
« on: April 20, 2017, 06:19:52 PM »
Introduction to International Marketing
International marketing is simply the application of marketing principles to more than one country. However, there is a crossover between what is commonly expressed as international marketing and global marketing, which is a similar term. For the purposes of this lesson on international marketing and those that follow it, international marketing and global marketing are interchangeable.
Note: Keegan’s definition is typical of those that see international marketing a one stage of an internationalisation process.
What is Global Marketing?
“Global marketing refers to marketing activities coordinated and integrated across multiple country markets.”
Johansson (2000)
Note: Jonny K. Johansson defines global marketing as a bigger brother to international marketing i.e. more of an extension.
". . . The result is a global approach to international marketing. Rather than focusing on country markets, that is, the differences due to the physical location of customers groups, managers concentrate on product markets, that is, groups of customers seeking shared benefits or to be served with the same technology, emphasizing their similarities regardless of geographic areas in which they are located. “
Muhlbacher, Helmuth, and Dahringer (2006)
Note: Muhlbacher et al delineate international marketing (adapted) and global marketing (standardised).
"Global/transnational marketing focuses upon leveraging a company’s assets, experience and products globally and upon adapting to what is truly unique and different in each country. “
Keegan (2002)
Note: Keegan takes a strategic, corporate overview to define the transnational nature of global marketing.
So, as with many other elements of marketing, there is no single definition of international marketing, and there could be some confusion about where international marketing begins and global marketing ends. These lessons will assume that both terms are interchangeable, and will define international marketing as follows:
International marketing is simply the application of marketing principles to more than one country.
Bibliography
Doole, I. and Lowe, R. (2001), International Marketing Strategy – Analysis, Development and Implementation, Thomson Learning, 3rd Ed.
Johansson, J.K. (2000), Global Marketing – Foreign Entry, Local Marketing, and Global Management, Johansson, International Edition.
Cateora, P.R., and Ghauri, P.N. (1999), International Marketing, McGraw-Hill Publishing Company, European Edition.
Muhlbacher, H., Helmuth, L. and Dahringer, L. (2006), International Marketing – A Global Perspective, Thomson, 3rd Ed.
Keegan, W.J., (2002), Global Marketing Management, Prentice Hall, 7th Ed.
The intersection is the result of the process of internationalisation. Many American and European authors see international marketing as a simple extension of exporting, whereby the marketing mix is simply adapted in some way to take into account differences in consumers and segments. It then follows that global marketing takes a more standardised approach to world markets and focuses upon sameness, in other words the similarities in consumers and segments. So let’s take a look at some generally accepted definitions.
What is International Marketing?
"At its simplest level, international marketing involves the firm in making one or more marketing mix decisions across national boundaries. At its most complex level, it involves the firm in establishing manufacturing facilities overseas and coordinating marketing strategies across the globe.”
Doole and Lowe (2001).
Note: Doole and Lowe differentiate between international marketing (simple mix changes) and global marketing (more complex and extensive).
"International Marketing is the performance of business activities that direct the flow of a company’s goods and services to consumers or users in more than one nation for a profit. “
Cateora and Ghauri (1999)
Note: Cateora and Ghauri consider international marketing in the absence of global marketing.
"International marketing is the application of marketing orientation and marketing capabilities to international business. “
Muhlbacher, Helmuth, and Dahringer (2006)
Note: Muhlbacher et al consider international marketing in relation to marketing orientation and competences (see also Global Marketing).
"The international market goes beyond the export marketer and becomes more involved in the marketing environment in the countries in which it is doing business. “
International marketing is simply the application of marketing principles to more than one country. However, there is a crossover between what is commonly expressed as international marketing and global marketing, which is a similar term. For the purposes of this lesson on international marketing and those that follow it, international marketing and global marketing are interchangeable.
Note: Keegan’s definition is typical of those that see international marketing a one stage of an internationalisation process.
What is Global Marketing?
“Global marketing refers to marketing activities coordinated and integrated across multiple country markets.”
Johansson (2000)
Note: Jonny K. Johansson defines global marketing as a bigger brother to international marketing i.e. more of an extension.
". . . The result is a global approach to international marketing. Rather than focusing on country markets, that is, the differences due to the physical location of customers groups, managers concentrate on product markets, that is, groups of customers seeking shared benefits or to be served with the same technology, emphasizing their similarities regardless of geographic areas in which they are located. “
Muhlbacher, Helmuth, and Dahringer (2006)
Note: Muhlbacher et al delineate international marketing (adapted) and global marketing (standardised).
"Global/transnational marketing focuses upon leveraging a company’s assets, experience and products globally and upon adapting to what is truly unique and different in each country. “
Keegan (2002)
Note: Keegan takes a strategic, corporate overview to define the transnational nature of global marketing.
So, as with many other elements of marketing, there is no single definition of international marketing, and there could be some confusion about where international marketing begins and global marketing ends. These lessons will assume that both terms are interchangeable, and will define international marketing as follows:
International marketing is simply the application of marketing principles to more than one country.
Bibliography
Doole, I. and Lowe, R. (2001), International Marketing Strategy – Analysis, Development and Implementation, Thomson Learning, 3rd Ed.
Johansson, J.K. (2000), Global Marketing – Foreign Entry, Local Marketing, and Global Management, Johansson, International Edition.
Cateora, P.R., and Ghauri, P.N. (1999), International Marketing, McGraw-Hill Publishing Company, European Edition.
Muhlbacher, H., Helmuth, L. and Dahringer, L. (2006), International Marketing – A Global Perspective, Thomson, 3rd Ed.
Keegan, W.J., (2002), Global Marketing Management, Prentice Hall, 7th Ed.
The intersection is the result of the process of internationalisation. Many American and European authors see international marketing as a simple extension of exporting, whereby the marketing mix is simply adapted in some way to take into account differences in consumers and segments. It then follows that global marketing takes a more standardised approach to world markets and focuses upon sameness, in other words the similarities in consumers and segments. So let’s take a look at some generally accepted definitions.
What is International Marketing?
"At its simplest level, international marketing involves the firm in making one or more marketing mix decisions across national boundaries. At its most complex level, it involves the firm in establishing manufacturing facilities overseas and coordinating marketing strategies across the globe.”
Doole and Lowe (2001).
Note: Doole and Lowe differentiate between international marketing (simple mix changes) and global marketing (more complex and extensive).
"International Marketing is the performance of business activities that direct the flow of a company’s goods and services to consumers or users in more than one nation for a profit. “
Cateora and Ghauri (1999)
Note: Cateora and Ghauri consider international marketing in the absence of global marketing.
"International marketing is the application of marketing orientation and marketing capabilities to international business. “
Muhlbacher, Helmuth, and Dahringer (2006)
Note: Muhlbacher et al consider international marketing in relation to marketing orientation and competences (see also Global Marketing).
"The international market goes beyond the export marketer and becomes more involved in the marketing environment in the countries in which it is doing business. “
74
Business & Entrepreneurship / What C-level leaders need to know about cybersecurity
« on: April 20, 2017, 06:19:45 PM »
Despite the scale and potential harm from cyber-attacks, there's wide recognition that corporate leaders, especially boards of directors, aren't taking the necessary actions to defend their companies against such attacks. It's not just a problem of finding the right cyber-defense tools and services, but also one of management awareness and security acumen at the highest level, namely corporate boards.
"Our country and its businesses and government agencies of all sizes are under attack from a variety of aggressive adversaries and we are generally unprepared to manage and fend off these threats," said Gartner analyst Avivah Litan, a longtime cybersecurity consultant to many organizations.
Litan's worries seem to have reached some quarters of the corporate governance community. The National Association of Corporate Directors (NACD) recently released a survey of more than 600 corporate board directors and professionals that found only 19% believe their boards have a high level of understanding of cybersecurity risks. That's an improvement from 11% in a similar poll conducted a year earlier.
"Our country and its businesses and government agencies of all sizes are under attack from a variety of aggressive adversaries and we are generally unprepared to manage and fend off these threats," said Gartner analyst Avivah Litan, a longtime cybersecurity consultant to many organizations.
Litan's worries seem to have reached some quarters of the corporate governance community. The National Association of Corporate Directors (NACD) recently released a survey of more than 600 corporate board directors and professionals that found only 19% believe their boards have a high level of understanding of cybersecurity risks. That's an improvement from 11% in a similar poll conducted a year earlier.
75
Business & Entrepreneurship / Modes of Entry into International Markets (Place)
« on: April 20, 2017, 06:19:16 PM »
How does an organization enter an overseas market?
Background
Modes of entry into an international market are the channels which your organization employs to gain entry to a new international market. This lesson considers a number of key alternatives, but recognizes that alteratives are many and diverse. Here you will be consider modes of entry into international markets such as the Internet, Exporting, Licensing, International Agents, International Distributors, Strategic Alliances, Joint Ventures, Overseas Manufacture and International Sales Subsidiaries. Finally we consider the Stages of Internationalization.
Licensing
Licensing includes franchising, Turnkey contracts and contract manufacturing.
Licensing is where your own organization charges a fee and/or royalty for the use of its technology, brand and/or expertise.
Franchising involves the organization (franchiser) providing branding, concepts, expertise, and infact most facets that are needed to operate in an overseas market, to the franchisee. Management tends to be controlled by the franchiser. Examples include Dominos Pizza, Coffee Republic and McDonald’s Restaurants.
Turnkey contracts are major strategies to build large plants. They often include a the training and development of key employees where skills are sparse – for example, Toyota’s car plant in Adapazari, Turkey. You would not own the plant once it is handed over.
International Agents and International Distributors
Agents are often an early step into international marketing. Put simply, agents are individuals or organizations that are contracted to your business, and market on your behalf in a particular country. They rarely take ownership of products, and more commonly take a commission on goods sold. Agents usually represent more than one organization. Agents are a low-cost, but low-control option. If you intend to globalize, make sure that your contract allows you to regain direct control of product. Of course you need to set targets since you never know the level of commitment of your agent. Agents might also represent your competitors – so beware conflicts of interest. They tend to be expensive to recruit, retain and train. Distributors are similar to agents, with the main difference that distributors take ownership of the goods. Therefore they have an incentive to market products and to make a profit from them. Otherwise pros and cons are similar to those of international agents.
Strategic Alliances (SA)
Strategic alliances is a term that describes a whole series of different relationships between companies that market internationally. Sometimes the relationships are between competitors. There are many examples including:
Shared manufacturing e.g. Toyota Ayago is also marketed as a Citroen and a Peugeot.
Research and Development (R&D) arrangements.
Distribution alliances e.g. iPhone was initially marketed by O2 in the United Kingdom.
Marketing agreements.
Essentially, Strategic Alliances are non-equity based agreements i.e. companies remain independent and separate.
Joint Ventures (JV) and modes of entry
Joint Ventures tend to be equity-based i.e. a new company is set up with parties owning a proportion of the new business. There are many reasons why companies set up Joint Ventures to assist them to enter a new international market:
Access to technology, core competences or management skills. For example, Honda’s relationship with Rover in the 1980’s.
To gain entry to a foreign market. For example, any business wishing to enter China needs to source local Chinese partners.
Access to distribution channels, manufacturing and R&D are most common forms of Joint Venture.
Overseas Manufacture or International Sales Subsidiary
A business may decide that none of the other options are as viable as actually owning an overseas manufacturing plant i.e. the organization invests in plant, machinery and labor in the overseas market. This is also known as Foreign Direct Investment (FDI). This can be a new-build, or the company might acquire a current business that has suitable plant etc. Of course you could assemble products in the new plant, and simply export components from the home market (or another country). The key benefit is that your business becomes localized – you manufacture for customers in the market in which you are trading. You also will gain local market knowledge and be able to adapt products and services to the needs of local consumers. The downside is that you take on the risk associated with the local domestic market. An International Sales Subsidiary would be similar, reducing the element of risk, and have the same key benefit of course. However, it acts more like a distributor that is owned by your own company.
Internationalization Stages, and modes of entry
So having considered the key modes of entry into international markets, we conclude by considering the Stages of Internationalization. Some companies will never trade overseas and so do not go through a single stage. Others will start at a later or even final stage. Of course some will go through each stage as summarized now:
Indirect exporting or licensing
Direct exporting via a local distributor
Your own foreign presences
Home manufacture, and foreign assembly
Foreign manufacture
It is worth noting that not all authorities on international marketing agree as to which mode of entry sits where. For example, some see franchising as a stand alone mode, whilst others see franchising as part of licensing. In reality, the most important point is that you consider all useful modes of entry into international markets – over and above which pigeon-hole it fits into. If in doubt, always clarify your tutor’s preferred view.
The Internet
The Internet is a new channel for some organizations and the sole channel for a large number of innovative new organizations. The eMarketing space consists of new Internet companies that have emerged as the Internet has developed, as well as those pre-existing companies that now employ eMarketing approaches as part of their overall marketing plan. For some companies the Internet is an additional channel that enhances or replaces their traditional channel(s). For others the Internet has provided the opportunity for a new online company. More
Exporting
There are direct and indirect approaches to exporting to other nations. Direct exporting is straightforward. Essentially the organization makes a commitment to market overseas on its own behalf. This gives it greater control over its brand and operations overseas, over an above indirect exporting. On the other hand, if you were to employ a home country agency (i.e. an exporting company from your country – which handles exporting on your behalf) to get your product into an overseas market then you would be exporting indirectly. Examples of indirect exporting include:
Piggybacking whereby your new product uses the existing distribution and logistics of another business.
Export Management Houses (EMHs) that act as a bolt on export department for your company. They offer a whole range of bespoke or a la carte services to exporting organizations.
Consortia are groups of small or medium-sized organizations that group together to market related, or sometimes unrelated products in international markets.
Trading companies were started when some nations decided that they wished to have overseas colonies. They date back to an imperialist past that some nations might prefer to forget e.g. the British, French, Spanish and Portuguese colonies. Today they exist as mainstream businesses that use traditional business relationships as part of their competitive advantage.
Background
Modes of entry into an international market are the channels which your organization employs to gain entry to a new international market. This lesson considers a number of key alternatives, but recognizes that alteratives are many and diverse. Here you will be consider modes of entry into international markets such as the Internet, Exporting, Licensing, International Agents, International Distributors, Strategic Alliances, Joint Ventures, Overseas Manufacture and International Sales Subsidiaries. Finally we consider the Stages of Internationalization.
Licensing
Licensing includes franchising, Turnkey contracts and contract manufacturing.
Licensing is where your own organization charges a fee and/or royalty for the use of its technology, brand and/or expertise.
Franchising involves the organization (franchiser) providing branding, concepts, expertise, and infact most facets that are needed to operate in an overseas market, to the franchisee. Management tends to be controlled by the franchiser. Examples include Dominos Pizza, Coffee Republic and McDonald’s Restaurants.
Turnkey contracts are major strategies to build large plants. They often include a the training and development of key employees where skills are sparse – for example, Toyota’s car plant in Adapazari, Turkey. You would not own the plant once it is handed over.
International Agents and International Distributors
Agents are often an early step into international marketing. Put simply, agents are individuals or organizations that are contracted to your business, and market on your behalf in a particular country. They rarely take ownership of products, and more commonly take a commission on goods sold. Agents usually represent more than one organization. Agents are a low-cost, but low-control option. If you intend to globalize, make sure that your contract allows you to regain direct control of product. Of course you need to set targets since you never know the level of commitment of your agent. Agents might also represent your competitors – so beware conflicts of interest. They tend to be expensive to recruit, retain and train. Distributors are similar to agents, with the main difference that distributors take ownership of the goods. Therefore they have an incentive to market products and to make a profit from them. Otherwise pros and cons are similar to those of international agents.
Strategic Alliances (SA)
Strategic alliances is a term that describes a whole series of different relationships between companies that market internationally. Sometimes the relationships are between competitors. There are many examples including:
Shared manufacturing e.g. Toyota Ayago is also marketed as a Citroen and a Peugeot.
Research and Development (R&D) arrangements.
Distribution alliances e.g. iPhone was initially marketed by O2 in the United Kingdom.
Marketing agreements.
Essentially, Strategic Alliances are non-equity based agreements i.e. companies remain independent and separate.
Joint Ventures (JV) and modes of entry
Joint Ventures tend to be equity-based i.e. a new company is set up with parties owning a proportion of the new business. There are many reasons why companies set up Joint Ventures to assist them to enter a new international market:
Access to technology, core competences or management skills. For example, Honda’s relationship with Rover in the 1980’s.
To gain entry to a foreign market. For example, any business wishing to enter China needs to source local Chinese partners.
Access to distribution channels, manufacturing and R&D are most common forms of Joint Venture.
Overseas Manufacture or International Sales Subsidiary
A business may decide that none of the other options are as viable as actually owning an overseas manufacturing plant i.e. the organization invests in plant, machinery and labor in the overseas market. This is also known as Foreign Direct Investment (FDI). This can be a new-build, or the company might acquire a current business that has suitable plant etc. Of course you could assemble products in the new plant, and simply export components from the home market (or another country). The key benefit is that your business becomes localized – you manufacture for customers in the market in which you are trading. You also will gain local market knowledge and be able to adapt products and services to the needs of local consumers. The downside is that you take on the risk associated with the local domestic market. An International Sales Subsidiary would be similar, reducing the element of risk, and have the same key benefit of course. However, it acts more like a distributor that is owned by your own company.
Internationalization Stages, and modes of entry
So having considered the key modes of entry into international markets, we conclude by considering the Stages of Internationalization. Some companies will never trade overseas and so do not go through a single stage. Others will start at a later or even final stage. Of course some will go through each stage as summarized now:
Indirect exporting or licensing
Direct exporting via a local distributor
Your own foreign presences
Home manufacture, and foreign assembly
Foreign manufacture
It is worth noting that not all authorities on international marketing agree as to which mode of entry sits where. For example, some see franchising as a stand alone mode, whilst others see franchising as part of licensing. In reality, the most important point is that you consider all useful modes of entry into international markets – over and above which pigeon-hole it fits into. If in doubt, always clarify your tutor’s preferred view.
The Internet
The Internet is a new channel for some organizations and the sole channel for a large number of innovative new organizations. The eMarketing space consists of new Internet companies that have emerged as the Internet has developed, as well as those pre-existing companies that now employ eMarketing approaches as part of their overall marketing plan. For some companies the Internet is an additional channel that enhances or replaces their traditional channel(s). For others the Internet has provided the opportunity for a new online company. More
Exporting
There are direct and indirect approaches to exporting to other nations. Direct exporting is straightforward. Essentially the organization makes a commitment to market overseas on its own behalf. This gives it greater control over its brand and operations overseas, over an above indirect exporting. On the other hand, if you were to employ a home country agency (i.e. an exporting company from your country – which handles exporting on your behalf) to get your product into an overseas market then you would be exporting indirectly. Examples of indirect exporting include:
Piggybacking whereby your new product uses the existing distribution and logistics of another business.
Export Management Houses (EMHs) that act as a bolt on export department for your company. They offer a whole range of bespoke or a la carte services to exporting organizations.
Consortia are groups of small or medium-sized organizations that group together to market related, or sometimes unrelated products in international markets.
Trading companies were started when some nations decided that they wished to have overseas colonies. They date back to an imperialist past that some nations might prefer to forget e.g. the British, French, Spanish and Portuguese colonies. Today they exist as mainstream businesses that use traditional business relationships as part of their competitive advantage.