Chapter Twelve: EC Strategy, Globalization, and SMEs 12-1

Online File W12.1 Security Risks in E-Commerce and Social Commerce andMitigation Guidelines

1. The first step in any risk assessment is risk analysis—identifying and evaluating the sources of risk.2. Once sources of risk have been identified, the next step is risk assessment, namely to assess the potential damage.

If it is large enough, we move to risk management—to put in place a plan that reduces the threat posed by the risk.Risk management involves taking steps to reduce the probability that the threat will occur, minimizing the conse-quences if it occurs anyway, or both. Many risk management strategies in the offline world also apply to e-commercerisk management. For example, commonly used control systems can mitigate risk factors in e-commerce sourcing.In other risk areas, new and innovative risk management strategies are necessary.

Social networking is particularly prone to security breaches. In a 2010 Cisco survey of 500 IT professionals in the UnitedStates, Germany, Japan, China, and India, it was reported that 51 percent of the respondents saw social networking as oneof the three biggest security threats to the organization, and 20 percent considered it the biggest security threat. Otherresults revealed that employees often find workarounds for their company’s Web 2.0 security policies. For example, morethan 68 percent revealed that employees use unsupported social networking applications. In addition, almost 50 percentof the respondents said employees use unsupported devices, and more than one-third said they have had a breach or lostinformation due to unsupported network devices. Interestingly, the survey also showed that 71 percent felt that ‘“overstrict”‘ security policies hinder a company’s ability to attract employees under 30 years of age. And, there appeared to be amove toward allowing personal devices to be used on the network (Cisco 2010).

Greengard (2010) cites a number of ways in which Web 2.0 initiatives can be exploited. These include using:

◗ A malicious website to infect a victim’s browser with code and then execute the code on the client system.◗ XML to exploit systems as data is passed back and forth during Web 2.0 transactions.◗ RSS feeds to inject malicious JavaScript.◗ Cookies to compromise sites when a person remains logged into them after leaving the initial page and browsing to a

malicious site.◗ Web scanning to locate an unprotected Web Services Definition Language (WSDL) file that exposes sensitive data and

leads to a security breach.

Greengard (2010) also suggests the following five ways in which companies can protect themselves against Web 2.0threats:

1. View Web 2.0 security in a holistic way. Don’t limit yourself to using just one tool or approach.2. Test systems prior to deployment and monitor them closely for signs of undesirable activity using Web filtering,

malware protection, identity management, encryption, and intrusion detection.3. Develop policies and procedures that tap into opportunities but provide protection.4. Educate employees and others about what is acceptable and what is not acceptable.5. Test code and put protections in place at the programming level. Languages such as AJAX and JavaScript are particularly

vulnerable to attack.

REFERENCES FOR ONLINE FILE W12.1Cisco. “Global Study Reveals Proliferation of Consumer-

Based Social Networking Throughout the Enterprise anda Growing Need for Governance and IT Involvement.”January 13, 2010. newsroom.cisco.com/dlls/2010/prod_011310.html (accessed February 2011).

Greengard, S. “Weaving a Web2.0 Security Strategy.”Baseline, September/October, 2010.

12-2 Part 5: E-Commerce Strategy and Implementation

Online File W12.2 Partners’ Strategy and Business Alliances

Another important issue is that many EC application developments involve business partners—ASPs, ERP vendors andconsultants, and ISPs—with different organizational cultures and their own EC strategies and profit motives. A keycriterion in choosing an EC partner is finding one whose strategy aligns with or complements the company’s own.

When negotiating a partnership, the partner’s goal is to make a profit, and it is the negotiator’s responsibility tomake sure that is not being done at the expense of the company’s bottom line. One popular EC partner strategy isoutsourcing, which is the use of an external vendor to provide all or part of the products and services that could beprovided internally. For example, many firms in the United States have found it advantageous to outsource call centerfunctions offshore.

The bottom line here is that partnerships can be an effective way to develop and implement an EC strategy, but theyrequire a realistic evaluation of the potential risks and rewards.

Business Alliances and Virtual CorporationsIn the EC strategic planning process, a large-scale EC application that may be too difficult or complex for one company toundertake alone, an idea that works best across the industry rather than within a single firm, or a strategy that requires avariety of competencies to implement may be identified. In these cases, an alliance may be formed with other businesses,perhaps even competitors.

One type of business alliance is a B2B e-marketplace. For example, Sears was one of the founding members ofGlobalNetXchange (GNX). The purpose of GNX was to reduce procurement costs and product prices for its members whilemaking the purchase process more efficient. Eventually Sears, Carrefour (a global retailer), Kroger (United States), MetroAG (Europe), Coles Myer (Australia), and others joined GNX. GNX later was expanded under thename Agent Rick.

Another form of business alliance is a virtual corporation (VC), an organizationcomposed of several business partners sharing costs and resources for the production orutilization of a product or service. A virtual corporation typically includes several companies,each creating a portion of the product or service in an area in which it has a superior corecompetency (e.g., product development, manufacturing, marketing) or special advantage(e.g., exclusive license, low cost). VCs may be permanent (designed to create or assemble abroad range of productive resources on an ongoing basis) or temporary (created for a specificpurpose and existing for only a short time).

A particularly interesting type of business alliance is co-opetition. Co-opetition is acombination of the words cooperate and competition. It describes when two or more companiescooperate on some activities for mutual benefit, even while competing against each otherin the marketplace. A global airline alliance, such as OneWorld or Star Alliance, is an exampleof co-opetition. Individually, the airlines compete against each other for passengers. However,when flights can be combined to save costs without compromising customer service, theairlines cooperate through the alliance. The most visible aspect of this is code-share flights,in which passengers who bought tickets from a number of different airlines fly together on thesame flight. Through co-opetition, the airlines are reducing inefficiencies in their competingsupply chains, and the result is an excellent example of strategic supply chain alignment. For adiscussion of how the balanced scorecard technique can facilitate the success of an outsourcingrelationship, see Kaplan, et al. (2010).

virtual corporation (VC)An organizationcomposed of severalbusiness partners sharingcosts and resources forthe production or utiliza-tion of a product orservice.

co-opetitionTwo or more companiescooperate together onsome activities for theirmutual benefit, evenwhile competing againsteach other in the market-place.

REFERENCE FOR ONLINE FILE W12.2Kaplan, R., D. Norton, and B. Rugelsjoen. “Managing

Alliances with the Balanced Scorecard.” Harvard BusinessReview ( January–February 2010).

Chapter Twelve: EC Strategy, Globalization, and SMEs 12-3

ONLINE FILE W12.3Application Case

MARY KAY COMBINES E-COMMERCE STRATEGIES TOREVAMP ITS BUSINESS MODELMary Kay (marykay.com) has evolved from a one woman“dream company” located in a small office space inExchange Park, Dallas, Texas, to a $2.6 billion worldwideorganization in 2010. Since its inception in 1963, thecompany has averaged double-digit annual growth, and bothdomestic and international operations continue to expand ata rapid pace. Mary Kay products are currently sold in morethan 35 markets worldwide by a global independent salesforce of nearly 2 million women, including more than 37,000independent sales directors and over 600 national salesdirectors, the highest status within Mary Kay’s independentsales force. Information technology, and in particulare-commerce systems, have played a vital role in supporting

that growth.As a company that based its reputation on personal

contacts in door-to-door visits and home parties, e-commerce would seem to be the last thing Mary Kaywould benefit from. In reality, the opposite proved to betrue. Since it first introduced Web and e-commercecapabilities in 2000, more than 95 percent of Mary Kay’sindependent sales consultants currently place orders viathe Internet. Online selling, resulting from their implemen-tation of this evolving e-business strategy, has resulted inmajor changes in the way that Mary Kay interacts with itscustomers and is helping to make its original businessmodel even more effective.

The OpportunityThe cosmetics market is very competitive and it is growingrapidly, especially in developing countries. As a result,cosmetics companies are trying to capitalize on this globaltrend, and Mary Kay is no exception. Although its originalbusiness model enabled rapid growth into new markets, bythe early 2000s its consultants faced an increasing cus-tomer demand for Internet use as more and more customersgained access to the World Wide Web and started to shoponline. With a long and global supply chain and the needto manage almost 2 million consultants, it was clear thatautomation was needed, but its existing computer systemwas old and there were no Web or e-commerce applications.Therefore, a major overhaul of its information systemswas needed.

The SolutionMary Kay’s IT department was split into three divisions: e-commerce, supply chain, and back office support. For therestructuring, the company initially focused on e-commerce

because of the pressure from its consultants. Mary Kay chosethe Microsoft platform to support its e-commerce solutions(mymk.com) and Mary Kay InTouch.

Then Mary Kay focused its goals and objectives on e-business industry best practices. Its e-business solutionincluded an electronic service desk that supports consul-tants in 30 countries in a standardized way. Then a globalelectronic ordering system called Atlas, which connectedthe consultants with the company warehouses, was intro-duced. An intelligent data repository that dynamicallymaintains a logical model of the e-business environmentallows Mary Kay IT staff to access a consolidated view ofthat environment.

Mary Kay and its consultants also began making exten-sive use of social computing. For example:

◗ The company posts job opening announcements on severalsites including MySpace Jobs (jobs.myspace.com).

◗ Movies and videotapes are available on YouTube(youtube.com) and on movies.go.com.

◗ Several blogs are available both for and against thecompany (e.g., marykayandrews.com/blog).

◗ Auctions and fixed price items are available for saleon eBay.

◗ For millions of shoppers, Mary Kay provides a consultantlocator on the Internet (marykay.com/locator).

Extensive hardware and software infrastructure supportsall these initiatives including a wireless remote managementsystem at the 760,000 square-foot corporate headquarters,an extensive wide area network, and a large data center.Some of the e-business systems are used enterprisewide(e.g., service desk, ticketing system for consultants forevents, and service requests made by consultants). Othersare functional (e.g., accounting, finance, marketing, andinventory control). The company uses an intranet for itscommunications as well as dozens of e-business applicationscorporate-wide.

Most recently, the company turned to BMC Softwareand Maryville Technologies, of Kansas City, Missouri, toimprove its e-business strategy. Their challenge was tosupport dramatic business growth both domestically andinternationally by delivering superior IT products andservices that aligned with the corporate objectives.Maryville implemented two BMC software products toreduce the number of servers in use, find ways tosupport corporate growth without increasing staffing,

12-4 Part 5: E-Commerce Strategy and Implementation

ONLINE FILE W12.3 (continued)

REFERENCES FOR ONLINE FILE W12.3BMC Software. “Mary Kay Advances BSM Strategy and

ITIL Adoption with BMC Software.” March 2006.documents.bmc.com/products/documents/29/19/62919/62919.pdf accessed February 2011).

Dubie, D.“Mary Kay Makes Over Its WAN.” Network World,June 1, 2006. networkworld.com/newsletters/accel/2006/0529netop2.html (accessed December 2010).

Rubin, C. “More Than Skin Deep.” Communication News,March 2007. comnews.com/features/2007_march/0307coverstory.aspx (accessed December 2010).

and create a global system to provide better IT supportto Mary Kay’s independent sales consultants around theworld. In addition to providing better support to consul-tants, these new e-business initiatives have producedother benefits such as greater efficiency, reduced costsand downtime, and improved service. In terms of humanresources, it allowed the company to handle its rapidgrowth without a substantial increase in staffing.The changes also allow IT personnel to focus on strategictasks. Mary Kay found that its engineers and technicalpeople now have time to spend on innovative newoptions to make even more improvements to its existinge-business strategy.

Questions1. List the drivers of EC at Mary Kay.

2. List the business pressures that Mary Kay has tocontend with.

3. What were some of Mary Kay’s responses to thebusiness pressures?

4. What EC models were used at Mary Kay?

5. Describe the impacts of social networking at Mary Kay.

6. What types of EC transactions are taking place there?

7. List the benefits of EC to Mary Kay, its employees, andits customers.

Chapter Twelve: EC Strategy, Globalization, and SMEs 12-5

ONLINE FILE W12.4Application Case

WEB PAGE TRANSLATION AT THE DENVER METROCONVENTION AND VISITORS BUREAUDenver, Colorado, is one of America’s fastest-growing cities.Situated in the Rocky Mountains, the Mile High City enter-tains over 8.8 million visitors a year with people coming toenjoy the city’s outstanding cultural attractions, museums,shopping, dining, and nightlife.

Denver Metro Convention and Visitors Bureau (DMCVB)(denver.org) is a marketing organization responsible forpromoting the Denver metropolitan area and the rest ofColorado. Local, national, and international travelers,conventioneers, and meeting planners use the site. Manyof the international visitors attracted to Denver come fromnon-English-speaking parts of the world, including Germany,Latin and South America, Japan, and Korea.

The ProblemDMCVB knew its website was an economical means to getinformation to potential international visitors consideringDenver as a destination. After seeking a foreign languagesolution for about 2 years, the organization choseWorldLingo’s Instant Website Translator. The solution made itpossible for international visitors to get current informationabout Denver in their own language instantly.

The SolutionThe Instant Website Translator is a Web-based solution thatis extremely simple to implement and easy to install.Installation is a simple cut and paste of the code into exist-ing Web pages. Updates to translations happen dynamicallywhenever modifications are made to the website’s contents,

making the site easy to maintain. The implementationprovides an accurate machine translation service that trans-lates the original English into 10 languages: French, German,Italian, Spanish, Portuguese (Brazilian), Dutch, Korean,Chinese, Japanese, and Greek. Flag identifiers on thewebsite’s homepage make it simple for visitors to select thelanguage that they require with a click of the mouse. Visitor-tracking devices are also available, garnering valuabledemographic tracking that monitors and reports thelanguages used at the site.

The ResultsDenver’s Visitor Information Centers, in particular, haveovercome the language barrier and offer better service byreferring multilingual visitors to Web pages in their ownlanguage. The organization also refers international phoneand mail inquiries to the website for better service. Numeroustranslations are now requested as traffic to the site continuesto increase. The multilingual capability has given the websitean edge that many other official visitor sites lack.

Questions1. What drove the need for Web translations? And how

was it done?

2. What is translated on the site?

3. Enter wordlingo.com and review its products and services.Prepare a report.

REFERENCES FOR ONLINE FILE W12.4Wordlingo.com. “Case Study: DMCVB.” worldlingo.com/en/

company/wl_case_study001.html (accessed December2010).

Wordlingo.com. “Instant Website Translator.” 2011. worldlingo.com/en/products/instant_website_translator.html(accessed January 2011).

12-6 Part 5: E-Commerce Strategy and Implementation

ONLINE FILE W12.5Application Case

ADENA MEDICAL CENTER NAMED “MOST WIRED” SMALLAND RURAL HOSPITALIn 1895, when a B&O passenger train crashed just a few mileswest of Chillicothe, Ohio, there were no nearby medical facili-ties. Many of the injured had to be taken to private homes fortreatment. Under the guidance and urging of Dr. G. E.Robbins, a number of local citizens went to work to solicitbedding, furniture, and money to start an emergency hospitalin a small brick house at 107 North Bridge Street, and theAdena Health System was “born.” Since then, the AdenaHealth system (adena.org) has grown into a network of healthcare facilities in Southern Ohio that provides health servicesto more than 13 counties through a primary campus and eightremote locations. Today, Adena offers state-of-the-art healthservices with a staff of more than 2,200.

The OpportunityIn recent years, as Adena grew and expanded to serve morepeople, administrators began to explore how they couldbetter serve its patients and customers through the innova-tive use of information technology. To this end, in 2006, CIOMichael Bost stepped in with a new e-strategy. He set aboutrevamping the Adena network, improving interconnectivitybetween branches, and transforming the way health care wasdelivered at Adena Medical Center. Bost envisioned a state-of-the-art hospital employing the latest clinical informationtechnologies, including wireless care at the bedside,electronic medical records, and clinical systems that could beshared instantly online among patients and providersthroughout the region to support a safer environment andimprove the quality of care for patients.

One way in which Bost believed that Adena could leadthe way was in the use of telemedicine—video conferencingtechnology that connects patients with remote doctors.

Before the new telemedicine system was put in place in2007, Adena was often forced to send newborns with unusualconditions 70 miles to Columbus. Those trips not only causedconsiderable stress for the involved families, but each trans-port cost $10,000. By connecting Adena’s NeonatalDepartment with the Nationwide Children’s Hospital neonatalintensive care unit in Columbus, Ohio, via a high-definitionvideoconferencing system, the specialists in Columbus wereenabled to review online images, charts, and other information

from Adena in real time, so that the newborns could beimmediately diagnosed remotely. At the end of 2007, thenumber of annual physical transfers of newborns decreasedfrom 140 to 70, and by 2009, physical transfers had decreasedanother 50 percent, to just 35.

The ResultsIn 2009, Adena’s medical center received the DistinguishedHospital Patient Safety Award for the fourth year in a rowand was named “Most Wired Hospital” in the 2009 “MostWired Survey and Benchmarking Study” conducted byHospitals and Health Networks magazine to measure thenation’s hospitals on its use of information technologies forquality, customer service, public health and safety, businessprocesses, and workforce issues.

By early 2010, Adena had strung together an impressivelist of other achievements centered on the eager and fullyengaged involvement of nurses, office managers, physicians,and other health care practitioners. These achievementsincluded building an online patient portal called MyAdenathat allows patients to easily and quickly access health infor-mation, manage self-scheduling of appointments, accessprescription information, and pay bills online. And, impres-sively, the new portal is now actively used by all of Adena’s130 physicians who have been connected to and trained inits use through Bost’s initiatives.

To complete the 5-year project, an entire makeover iscurrently underway. Anticipated interactive upgrades willinclude new Web portals for Adena employees, physicians,and the community at large. These enhanced sites willprovide another dimension to accessibility for staff, patients,and the community through the growing power of digitalprogress in a small medical system in rural Ohio.

Questions1. What were the drivers of EC at Adena?

2. Discuss the strategy of dealing with technologicalissues in a largely nontechnical population.

3. Discuss the challenges that Adena had in linking itspatients with its doctors.

Chapter Twelve: EC Strategy, Globalization, and SMEs 12-7

REFERENCES FOR ONLINE FILE W12.5Adena.org. “Adena Medical Center Named Most Wired

Hospital.” Winter 2010. adena.org/files/pdf/health-conn-ections/2010-winter-final.pdf (accessed February 2011).

Cisco. “Health System Builds Technology Foundation toDeliver State-of-the-Art Care.” 2008. cisco.com/en/US/prod/collateral/switches/ps5718/ps708/case_study_c36_470924.pdf (accessed February 2011).

Evans, B. “Global CIO: A Remarkable Story of HealthcareSuccess.” Information Week, May 6, 2009. informationweek.com/news/global-cio/interviews/showArticle.jhtml?articleID=217300300 (accessed February 2011).

Rocs.com. “Case Study: Adena Health System.” 2010.rocs.com/case-studies/health-care/adena-health-system(accessed February 2011).