Amy W. Ray

Strategic benefits to SMEs from third party web services: An action research analysis

Prior research provides evidence that large organizations can derive strategic benefits from developing new applications with web services. This research contributes to the literature by demonstrating that small and medium enterprises (SMEs) can derive strategic benefits from using publicly available web services, and that SMEs may be best able to take advantage of the inexpensive, user friendly third party web services that are emerging. In this paper we describe how one small golf retailer used web services to achieve strategic benefits including higher profit margins and better competitive positioning relative to a large competitor. Specifically, action research methods were used to devise and implement an innovative strategy for applying the web services offered by eBay in tandem with web services offered by related third party companies. The business and IT strategies, first year results, and key success factors are described followed by a discussion of the generalizability of the strategies employed. In conclusion, possible directions for future research are discussed.

Editorial: Editorial: JSIS Security and Privacy Special Issue

Information privacy vulnerabilities resulting from security lapses at various companies confirm the axiom that ‘a company can have information security without privacy but not privacy without information security’. Yet little is understood about the nature of the relationship between privacy and security. For example, will the commercial implementation of RFID, GPS, Ambient Intelligence, and other emerging context-aware applications have an impact on personal privacy rights or societal values or culture, and if so, what will such impacts be and how may they be assessed? Can information privacy be protected while still drawing advantage from the potential benefits of these technologies? How dynamic or stable is the relationship between privacy and information security in different technological and organizational settings? Are information privacy and security positively correlated in some situations and negatively correlated in others? Can companies effectively leverage privacy protection as a selling point? What is the measurable impact on information privacy from mergers between information vendors and marketing firms? Are there best practices for marrying existing organizational privacy practices with new legal and regulatory mandates? There are no simple answers for these questions. While protection strategies may be a function of the nature of the firm and industry, are there any generic principles that could be followed? This special issue seeks to address these concerns. There is no doubt that technical means of assuring security and privacy is critical, yet the related bureaucratic control structures cannot be ignored. This means that while granting access to certain parts of information technology systems may be important, there is also a need to institute corresponding structures of responsibility and authority. Success of such structures in turn is a function of the right attitudes and normative controls and the regulatory environment. The special issue considers a range of security and privacy issues and presents five very interesting papers that help in furthering the body of knowledge. In many ways the papers form the basis for further theoretical work, which we feel would serve the community well. The first paper, ‘‘Danger is in the eye of the beholders: Social representations of Information Systems security in healthcare’’, by Emmanuelle Vaast of Long Island University, USA, investigates the social representations of information systems security of different communities working in a healthcare organization. It considers questions of IS security as socially constructed and dependent on how people make sense of their context of work.

The Cambridge Container Company: managing customer-centric information integration

Abstract This case illustrates the efforts of the Cambridge Container Company, a fictitious manufacturer of plastic containers, as they consider methods for moving organizational decision-making toward a more customer-centric focus. Cambridge has four independent manufacturing units, each of which currently bases all operational decisions on internally generated cost and profitability information. 1 In 2000, Cambridge established a special enterprise level division to consider best practices for collecting qualitative product and service feedback from customers and to subsequently consider how to best integrate such nontraditional, nonfinancial information into their own operational decision models. This realistic scenario gives students an opportunity to consider the financial and managerial implications of moving to customer-centric operational decision-making. Business articles on the advantages of customer centricity abound, but few sources consider the financial and managerial consequences beyond increased customer loyalty and satisfaction. In actuality, this current business trend requires significant reengineering of information systems and management practices. Consequently, accounting methods must be re-evaluated for accuracy and fit with new systems and management practices. At the heart of this case is an opportunity for students to consider the appropriate balance of traditional financial and customer-driven nonfinancial information in management decision models for optimal profitability of the company and its individual units. In addition, the instructor can delve into a number of internal control and political issues related to information sharing. There is also opportunity for students to consider at a high level the complexities of balancing open information sharing and information security. Several alternative questions and suggested solutions are provided for the instructor at the end of the case. We suggest that instructors select only three or four of the questions so students can spend more time on each selected issue. This case is adaptable for use in managerial accounting, accounting systems or management systems courses at the undergraduate or graduate levels.