Change in the company’s operations
The decision of the company , Paisley Patterns, to develop a web presence or to adopt e-commerce to do business is a timely and wise decision as they can harness the power of the internet to leverage their business. Today the internet figures largely in the day to day operations of several businesses. Doing business through the internet offers several advantages such as wider reach ,cost-effectiveness, saved time, optimized business processes , easier communication and creates a direct connection between customers and organizations. The internet has transformed the global economy and in this scenario developing a website provides customers with the confidence that the organization is tech-savvy and capable of upgrading their services to suit the needs and comfort of their customers.
Adopting web technologies and using the internet for business requires that business processes be made to adapt to that .i.e. a migration of business processes of the supply chain to the web is required. This is called Business process re-engineering.
Paisely patterns is currently having a travelling sales force to sell their cotton fabrics . By developing a web presence which has significant impact on the supply chain customers can place orders for the fabric online and pay for it online . Hence the company needs to identify correctly the role of the sales person and the role of the website in the entire business process and how they go hand in hand and can be utilized most efficiently. The entire business process much be adapted to accommodate and utilize the web presence .
Differences in the companys operations
Introduction of e-commerce into any business brings about several changes as they streamline communication, make business processes more effective, faster and so on .Although the website has been introduced the company is still not completely web based . It is not possible to turn completely online overnight. Hence we can say that the company is a brick and click company using e-commerce jargon meaning it uses e-commerce and the usual sales force. Some of the changes that will probably be seen in each of the phases of the business process are as follows:
By the introduction of the website for purposes of purchasing and marketing there is generally a decrease in interaction between the sales force and customer as all the information is available online .Customers can access the internet 24/7 to access products , information and services while sitting in the comfort of their homes If the website is organized well customers can access as much information as they want and whenever from the comfort of their homes. While this appears to be an advantage initially this is actually a disadvantage as the customer is missing out on the personal touch of the company. The company will become just another name on a website . Hence it is essential that the company takes steps to develop the personal customer relations . Feedbacks can be requested from the customer regarding the web experience , products and customer service . Analysis of these feedbacks will help us identify problem areas where improvements need to be made. With the introduction of the website customers are left with the impression that the organization cares enough about them to make the processes easier and faster by adopting the web.
Ordering and sales
Trading which is e-facilitated will attract a large number of customers. The entire value chain will be electronically connected including sourcing of fabrics and accessories , garment manufacturing and sales to the final customer (Katz. A, 2005). The gains will increase exponentially by connecting the entire T&C. Prior to the use of the website the entire marketing and sales was done by sales personnel.
With the introduction of the website significant number of sales can happen through the website .The website is the most important sales person. The website expands the market into geographically remote areas in no time where it would be costly and not feasible for salesmen to travel to to sell the products . Customers can sit in the comfort of their homes and have a rich shopping experience.
It is essential to ensure that the website is secure , fast , user friendly. Since the company is a clothes company and the trends and fashion keep changing it is essential to update the database regularly and display them on the web in a very attractive fashion. Audio, video can be used to provide a live, rich experience Customized suggestions and products can be displayed for different customer depending on data that is collected for every customer. Since this model of business is a brick and a click model it is essential for the salespeople to synchronize their data i.e. data should be consistent otherwise there could be severe database related problems. Businesses can put up large amounts of information on the web for marketing advertising and selling .Goods move faster, the entire process is faster
Hiring and traning
New processes have to be adapted to make the salesforce familiar with the net and use it through training. Also new people have to be hired who have expertise in website development maintenance and training existing workforce on its usage.
Thus the overall effect on trading is positive. Volume and the speed of sales increase. Market expands drastically geographically. Garment patterns and designs can be updated faster and can be kept up-to-date using the web. The entire business process will be faster more efficient with increased profit and saving.
Decision to move the website in-house
The decision on whether to host a website in-house or to outsource it can be a difficult one for organizations having the resources to host the website internally . There are several pros and cons of each of the 2 methods of having a company website.
Some of the disadvantages of hosting a website in-house are as follows :
a. Resources : Significant resources are required such as a web server , high speed connection to the internet, staff dedicated to managing and supporting operations on the website , software licenses etc . Managing all this requires significant man-power, time and money.
b. Dedicated Staff : Dedicated staff is required to develop and maintain the website . This staff should have sufficient training or expertise in this arena especially of security related issues and they need to train themselves or update themselves as technological advancements are made.
c. Cost :It is very costly to purchase web servers, hardware , software , internet connectivity
d. Support:24/7 support needs to available to end users of the website
e. Security: In-house website hosting poses several security threats which need too be managed by security experts
f. Environment issues
Some of the advantages of hosting the website internally are as follows:
a. Accessibility control : Absolute control over website accessibility and information leading to more security.
b. No Third party : No commercial and legal dealing with a third party Internet service provider
c. Control over software and hardware : Informed decisions on which upgradable and scalable software and hardware to be used can be taken . Companies can select these based on their customized needs and the best decision can be taken without the necessity to communicate and make a third party understand. Thus companies have complete control of the operating environment which they can develop and run based on their specific needs. Many of the technical details such as server platform, bandwidth limits ,disk space allocation, network connectivity, back ups etc can be taken by expert personnel from the organization itself.
d. Performance overheads :A lot of overhead is reduced as there is no third party communication involved and website storage and performance can be managed more effective.
e. Security :while there are several security risks that need to be taken care of if the networks are secure the content and sensitive information of the company are secure from third parties.
f. Technology ::Internet service providers cater to many customers may or may not support all the technologies and the platforms that the user requires
g. Support: it is difficult to monitor the support that third parties provide to end users which may not be adequate or timely
There are a large number of factors that need to be weighed carefully before deciding whether to host the website in-house . Hosting one’s own website may be a very costly affair initially but is a good investment in the long run for a large organization having sufficient resources , manpower and the necessity of complete control over its website and information. The decision of Paisley patterns to host their own internal website is a good one if they have sufficient resources and skilled staff to develop and manage the website
The Pros and Cons of Web Hosting In-House
Monthly out sourced Web hosting fee
Elimination of the cost of delays to implement desired services.
New hardware and software
Possible new application development.
The percentage of IT staff’s time installing and maintaining the site
Potential cost of the risks (% likelihood of failure per month X cost of failure)
Likelihood of a failure and it’s expected duration
The cost of both the failure and post-failure recovery (hardware, software, data restoration, time)
Irregular procedures that could increase the vulnerability of your site to failure.
Table 1: (Chin, P(2004))
A simple desktop system is sufficient for a simple website which does not have much database activity. Eg. The linuxhomenetworking.com site, which has half a million hits per month runs on 1GHz Celeron and 1 GB of RAM
Purpose-built Web servers, tend to use multiple CPUs, dual redundant power supplies, high-speed redundant SCSI disks that can be replaced while the system is running without affecting performance, special error-correcting ECC RAM, multiple PCI buses, special built in diagnostic tools and slim line cases only a few inches high. (Shinder, D(2006))
The website server area needs to be cool,clean and dry. There should be a UPS. A network diagram should be constructed that should be updated frequently with changes Cables should be labelled and colour coded appropriately. Cables should be colour coded depending on whether they are internet facing , have private IP addresses , they are straight through or crossover cables.
Internet connection can be obtained as data circuit technologies like cable modem, DSL, and wireless links. ISP’s provide high speed links to businesses which are more reliable, have more bandwidth and cost per megabyte. T1 dedicated links between 2 locations can be used . The charge is usually based on the distance(Warrene , B(2000) DSL and wireless services have greater speed for incoming traffic than for outgoing traffic. The ISP provides businesses with a fixed range of Internet addresses
Operating systems which can be used are Windows which is more popular and which users are very familiar with. In many cases the application or web will work only with this OS. Linux is another OS which is becoming more popular as it is more cost effective The webserver software used could be Apache which is very popular among web developers or InternetInformationServer for Windows.
Before developing and deploying an internally hosted website it is essential to pay attention to the following 3 requirements :
Network facilities and infrastructure to support the internally hosted website
Resources to develop, maintain, deploy an internet website
Internet facilities provided by an internet service provider (ISP) on the company’s network
When we have an internally hosted website the demands on the bandwidth are huge as there could be several authenticated users of the website from employees of the company , to customers to casual users . Processing of HTML pages inputs and CGI scripts , database connectivity and retrieval is essential for the usage of the web pages and the tools on it and a mail server to route email traffic via SMTP.
The LAN should have sufficient bandwidth to support all this . Hence the LAN could have a capacity from 10MB – 100MB or even gigabit.
We can breakdown the hardware and software requirements into the following components :
Firewall for directing the incoming traffic
A LAN server to authenticate staff and external users with access to the LAN
Server for serving web pages and database data
SMTP gateway and server for routing email
T1 internet to handles internal requests for internet access and requests coming from outside authenticated users to the web server.
The part of the LAN that is used for hosting the internal website should be zoned off from the rest of the LAN as a subnet which is called DMZ zone. It requires a special route for navigating the rest of the LAN and providing services to requests from internal and external users .TCP/IP subletting can be used to provide security and services required by users .
The T1 used can cost from 700$ to 1600$ depending on the geographic location.We can negotiate for the T1, internet services and domain name handling together as a package which will keep the costs low.
The ISP has the role of providing a registered domain name for public access to the internet , route HTTP and mail requests and other DNS services .They will also help set up firewall and proxy server and handle any TCPIP issues during setup. They can also make some recommendations regarding security , softwares and so on .
Extensive testing needs to be done from external locations by the webmaster to test connectivity and security and services.
Onc the website is up and running it is essential to maintain it .Maintenance involves updating contents of the website , database related updations and archiving, changing designs of the website to optimize , providing new services such as FTP. All this requires extensive work . Hence it is feasible to have one member of the staff dedicated to maintaining the in-house website such as a webmaster . Since this person is going to be dedicated only for that we can hire a person having expertise in web development maintenance and internet services.
It is essential to develop and deploy website carefully as there will be a loss in faith in the company to adapt to newer technologies which provide customers with a huge advantage.
The company must brace itself for server licensing, which means that every installed copy of the server software requires the purchase of a Windows server license. Additionally, a Windows CAL (Windows Server 2003 Client Access License) is required to access or use the server software. However, a Windows CAL is not a requirement for unauthenticated access over the Internet.
Security is the one of the single most important reasons why companies outsource or host in-house their webservers . Here it could mean physical security but it mainly means the security from viruses and hackers. E.g. Government websites require strong physical security in addition to security from viruses and hackers. Physical security can be provided by housing the web-server and its network in a super secure location with a card system for accessibility . A power grid with a back up generator is also required .
Security from viruses and hackers can be provided by intrusion detection, 24/7 monitoring ,software updates and security patches Backups , archiving , latest software developing is done .
Small companies often make use of third parties to host their web servers and mail servers . However as the business grows and more services are provided using a third party may prove to be very expensive . Companies then consider developing their internet resources and LAN to host their website and mail servers in-house . However this also poses severe security threat as outside entities have direct access to internal LAN . External users who want to access services send their requests to the internal server which provides them with services . If not protected properly the LAN could be open to security risks and attacks. The nature of security threats keep changing continuously and companies need to identify the best way to protect their systems which scalable , flexible and more secure.
One way to handle such security threats in Paisley Patternsis to use the DMZ concept.
The DMZ concept
The term DMZ has its origin in military jargon where it means the area or the boundary between 2 attacking armies. In relation to the Internet and the intranet it means the boundary between the internet from where security threats arise and the intranet which is susceptible to security threats .
This concept involves separating all the systems that directly interact with external computers into a separate subnet which is separated from the rest of the intranet using a firewall. Firewall is present at the internet side and at the subnet and LAN boundary to protect the LAN from external security threats .This type of double screening makes sure that any attacks that penetrate the first firewall do not make their way into the internal LAN. This type of subnet is called DMZ or perimeter network or screened subnet.A three-legged firewall could also be used with 2 firewalls and the LAN connected to one and the DMZ to another
Implementations of DMZ
Single firewall with bastion host
A host such as a web server which is considered unreliable by internal computers uses a single firewall that leaves it susceptible to attacks but protects the rest of the network. This implementation is low cost and not scalable
A single firewall with a screened subnet and a bastion host
There is a screened subnet and a firewall for the LAN which protects both the bastion host and the internal LAN. Separate DNS zones or DNS records for the various servers in the domain have to be maintained called a split DNS configuration. This provides better security and is more scalable
This provides multiple levels of security to the subnet and the internal LAN. This implementation is scalable, more secure and flexible and provides more services although it is very costly
Scalability of DMZ
One way to make your DMZ scalable is to choose your firewalls wisely. By selecting a firewall that can inspect VLAN tags, you don’t have to have individual physical firewalls but can configure your firewall to enforce different policies according to the VLAN tags. (Shinder, D(2006))
When the network expands many more servers can be added to the subnet.FTP servers and DNS servers we host can also be added to the DMZ. Domain Controllers and Remote access authentication servers such as RADIUS servers should not be placed in the DMZ as if the security is breached the entire network will be breached or affected. We can use VPN (virtual private network) solutions or proxies for external user authentication.
DMZ is a way to provide security cover to our internal LAN. It is also called perimeter network . We have to select the DMZ design carefully as some of them are more scalable than others as future developments may be necessary.
Hosting an in-house web server can be a very daunting task and before we decide to host the website in-house we must consider the several challenges that we are likely to face such as the challenges related to cost , infrastructure , skilled staff and expertise etc.It is essential that we take professional advice or opinion on this . Oncethe decision is taken to host the website in-house decisions must be taken to optimize network issues and provide sufficient security as there is atleast one computer that is directly exposed to the internet.
Awde, P. (1999) Business guide to business intelligence , Information Age
Boisot , M .(1998) Knowledge Assets :Securing competitive advantage in the information economy, Oxford press
Warrene, B. (2000, March 6) What should you expect if you host your website in-house ? Retrieved from http://articles.techrepublic.com.com/5100-10878_11-1033448.html on July 26, 2009
Shinder , D.(2006, November 13) Tips for bringing e-mail, website hosting in-houes . Retrieved from http://articles.techrepublic.com.com/5100-10878_11-6134430.html on July 26, 2009
Chin, P(2004, January 12) The pros and cons of third part internet hosting. Retrieved from http://www.intranetjournal.com/articles/200412/ij_12_01_04a.html on July 26 2009
Will, K(2005, December 9) Cost consideration for outsourcing vs In-House. Retrieved from , http://www.processor.com/editorial/article.asp?article=articles%2Fp2749%2F30p49%2F30p49.asp on July 26,2009
Calder , A.(January 2, 2009) A Business guide to information security , Google books
Roggio, A .(July 22, 2009) Ecommerce Know – How should you host your own website Retrieved from http://www.practicalecommerce.com/articles/1200-Ecommerce-Know-How-Should-You-Host-Your-Own-Website on July 26, 2009
Israel, A.(March 5, 2008) Tread lightly: an in-house Web server requires careful planning Retrieved from http://www.faqs.org/abstracts/Publishing-industry/Tread-lightly-an-in-house-Web-server-requires-careful-planning.html on July 26, 2009
Gutzman, A (Spetember 17, 1999) Web Site Hosting: In-House or Outsource? Retrieved from http://www.ecommerce-guide.com/news/news/article.php/203331 on July 26, 2009
deGeyter, S (July 22, 2009) Matching your site host with your performance , iEntry, Inc publication