Mini Case
Delivering Business Value with
IT at Hefty Hardware2
“IT is a pain in the neck,” groused Cheryl O’Shea, VP of retail marketing, as she
slipped into a seat at the table in the Hefty Hardware executive dining room, next to
her colleagues. “It’s all technical mumbo-jumbo when they talk to you and I still don’t
know if they have any idea about what we’re trying to accomplish with our Savvy Store
program. I keep explaining that we have to improve the customer experience and that
we need IT’s help to do this, but they keep talking about infrastructure and bandwidth
and technical architecture, which is all their internal stuff and doesn’t relate to what
we’re trying to do at all! They have so many processes and reviews that I’m not sure
we’ll ever get this project off the ground unless we go outside the company.”
“You’ve got that right,” agreed Glen Vogel, the COO. “I really like my IT account
manager, Jenny Henderson. She sits in on all our strategy meetings and seems to really
understand our business, but that’s about as far as it goes. By the time we get a project
going, my staff are all complaining that the IT people don’t even know some of our
basic business functions, like how our warehouses operate. It takes so long to deliver
any sort of technology to the field, and when it doesn’t work the way we want it to, they
just shrug and tell us to add it to the list for the next release! Are we really getting value
for all of the millions that we pour into IT?”
“Well, I don’t think it’s as bad as you both seem to believe,” added Michelle
Wright, the CFO. “My EA sings the praises of the help desk and the new ERP system
we put in last year. We can now close the books at month-end in 24 hours. Before that,
it took days. And I’ve seen the benchmarking reports on our computer operations. We
are in the top quartile for reliability and cost-effectiveness for all our hardware and
systems. I don’t think we could get IT any cheaper outside the company.”
“You are talking ‘apples and oranges’ here,” said Glen. “On one hand, you’re
saying that we’re getting good, cheap, reliable computer operations and value for the
money we’re spending here. On the other hand, we don’t feel IT is contributing to
creating new business value for Hefty. They’re really two different things.”
“Yes, they are,” agreed Cheryl. “I’d even agree with you that they do a pretty
good job of keeping our systems functioning and preventing viruses and things. At
least we’ve never lost any data like some of our competitors. But I don’t see how they’re
contributing to executing our business strategy. And surely in this day and age with
increased competition, new technologies coming out all over the place, and so many
changes in our economy, we should be able to get them to help us be more flexible, not
less, and deliver new products and services to our customers quickly!”
2 Smith, H. A., and J. D. McKeen. “Delivering Business Value with IT at Hefty Hardware.” #1-L10-1-001,
Queen’s School of Business, May 2010. Reproduced by permission of Queen’s University, School of Business,
Kingston, Ontario, Canada.
76
Delivering Business Value with IT at Hefty Hardware 77
The conversation moved on then, but Glen was thoughtful as he walked back to
his office after lunch. Truthfully, he only ever thought about IT when it affected him and
his area. Like his other colleagues, he found most of his communication with the depart-
ment, Jenny excepted, to be unintelligible, so he delegated it to his subordinates, unless
it absolutely couldn’t be avoided. But Cheryl was right. IT was becoming increasingly
important to how the company did its business. Although Hefty’s success was built on
its excellent supply chain logistics and the assortment of products in its stores, IT played
a huge role in this. And to implement Hefty’s new Savvy Store strategy, IT would be
critical for ensuring that the products were there when a customer wanted them and
that every store associate had the proper information to answer customers’ questions.
In Europe, he knew from his travels, IT was front and center in most cutting-
edge retail stores. It provided extensive self-service to improve checkout; multichannel
access to information inside stores to enable customers to browse an extended product
base and better support sales associates assisting customers; and multimedia to engage
customers with extended product knowledge. Part of Hefty’s new Savvy Store business
strategy was to copy some of these initiatives, hoping to become the first retailer in
North America to completely integrate multimedia and digital information into each of
its 1,000 stores. They’d spent months at the executive committee meetings working out
this new strategic thrust—using information and multimedia to improve the customer
experience in a variety of ways and to make it consistent in each of their stores. Now,
they had to figure out exactly how to execute it, and IT was a key player. The question
in Glen’s mind now was how could the business and IT work together to deliver on this
vision, when IT was essentially operating in its own technical world, which bore very
little relationship to the world of business?
Entering his office, with its panoramic view of the downtown core, Glen had an
idea. “Hefty’s stores operate in a different world than we do at our head office. Wouldn’t
it be great to take some of our best IT folks out on the road so they could see what it’s
really like in the field? What seems like a good idea here at corporate doesn’t always
work out there, and we need to balance our corporate needs with those of our store
operations.” He remembered going to one of Hefty’s smaller stores in Moose River and
seeing how its managers had circumvented the company’s stringent security protocols
by writing their passwords on Post-it notes stuck to the store’s only computer terminal.
So, on his next trip to the field he decided he would take Jenny, along with Cheryl
and the Marketing IT Relationship Manager, Paul Gutierez, and maybe even invite the
CIO, Farzad Mohammed, and a couple of the IT architects. “It would be good for them
to see what’s actually happening in the stores,” he reasoned. “Maybe once they do, it
will help them understand what we’re trying to accomplish.”
A few days later, Glen’s e-mailed invitation had Farzad in a quandary. “He wants
to take me and some of my top people—including you—on the road two weeks from
now,” he complained to his chief architect, Sergei Grozny. “Maybe I could spare Jenny
to go, since she’s Glen’s main contact, but we’re up to our wazoos in alligators trying to
put together our strategic IT architecture so we can support their Savvy Stores initiative
and half a dozen more ‘top priority’ projects. We’re supposed to present our IT strategy
to the steering committee in three weeks!”
“And I need Paul to work with the architecture team over the next couple of
weeks to review our plans and then to work with the master data team to help them
outline their information strategy,” said Sergei. “If we don’t have the infrastructure and
78 Section I • Delivering Value with IT
integrated information in place there aren’t going to be any ‘Savvy Stores’! You can’t
send Paul and my core architects off on some boondoggle for a whole week! They’ve all
seen a Hefty store. It’s not like they’re going to see anything different.”
“You’re right,” agreed Farzad. “Glen’s just going to have to understand that I can’t
send five of our top people into the field right now. Maybe in six months after we’ve
finished this planning and budget cycle. We’ve got too much work to do now. I’ll send
Jenny and maybe that new intern, Joyce Li, who we’re thinking of hiring. She could use
some exposure to the business, and she’s not working on anything critical. I’ll e-mail
Jenny and get her to set it up with Glen. She’s so great with these business guys. I don’t
know how she does it, but she seems to really get them onside.”
Three hours later, Jenny Henderson arrived back from a refreshing noontime
workout to find Farzad’s request in her priority in-box. “Oh #*!#*@!” she swore. She
had a more finely nuanced understanding of the politics involved in this situation, and
she was standing on a land mine for sure. Her business contacts had all known about
the invitation, and she knew it was more than a simple request. However, Farzad, hav-
ing been with the company for only eighteen months, might not recognize the olive
branch that it represented, nor the problems that it would cause if he turned down the
trip or if he sent a very junior staff member in his place. “I have to speak with him about
this before I do anything,” she concluded, reaching for her jacket.
But just as she swiveled around to go see Farzad, Paul Gutierez appeared in her
doorway, looking furious. “Got a moment?” he asked and, not waiting for her answer,
plunked himself down in her visitor’s chair. Jenny could almost see the steam coming
out of his ears, and his face was beet red. Paul was a great colleague, so mentally put-
ting the “pause” button on her own problems, Jenny replied, “Sure, what’s up?”
“Well, I just got back from the new technology meeting between marketing and
our R&D guys, and it was just terrible!” he moaned. I’ve been trying to get Cheryl and
her group to consider doing some experimentation with cell phone promotions—you
know, using that new Japanese bar coding system. There are a million things you can
do with mobile these days. So, she asked me to set up a demonstration of the technol-
ogy and to have the R&D guys explain what it might do. At first, everyone was really
excited. They’d read about these things in magazines and wanted to know more. But
our guys kept droning on about 3G and 4G technology and different types of connec-
tivity and security and how the data move around and how we have to model and
architect everything so it all fits together. They had the business guys so confused we
never actually got talking about how the technology might be used for marketing and
whether it was a good business idea. After about half an hour, everyone just tuned out.
I tried to bring it back to the applications we could develop if we just invested a little
in the mobile connectivity infrastructure, but by then we were dead in the water. They
wouldn’t fund the project because they couldn’t see why customers would want to use
mobile in our stores when we had perfectly good cash registers and in-store kiosks!”
“I despair!” he said dramatically. “And you know what’s going to happen don’t
you? In a year or so, when everyone else has got mobile apps, they’re going to want
us to do something for them yesterday, and we’re going to have to throw some sort of
stopgap technology in place to deal with it, and everyone’s going to be complaining
that IT isn’t helping the business with what it needs!”
Jenny was sympathetic. “Been there, done that, and got the T-shirt,” she laughed
wryly. “These tech guys are so brilliant, but they can’t ever seem to connect what they
Delivering Business Value with IT at Hefty Hardware 79
know to what the business thinks it needs. Sometimes, they’re too farsighted and need
to just paint the next couple of steps of what could be done, not the ‘flying around in
jetpacks vision.’ And sometimes I think they truly don’t understand why the business
can’t see how these bits and bytes they’re talking about translate into something that it
can use to make money.” She looked at her watch, and Paul got the hint. He stood up.
“Thanks for letting me vent,” he said. “You’re a good listener.”
“I hope Farzad is,” she thought grimly as she headed down the hall. “Or he’s
going to be out of here by Thanksgiving.” It was a sad truth that CIOs seemed to turn
over every two years or so at Hefty. It was almost predictable. A new CEO would come
in, and the next thing you knew the CIO would be history. Or the user satisfaction rate
would plummet, or there would be a major application crash, or the executives would
complain about how much IT cost, or there would be an expensive new system failure.
Whatever it was, IT would always get blamed, and the CIO would be gone. “We have
some world-class people in IT,” she thought, “but everywhere we go in the business, we
get a bad rap. And it’s not always our fault.”
She remembered the recent CIM project to produce a single customer database for
all of Hefty’s divisions: hardware, clothing, sporting goods, and credit. It had seemed
to be a straightforward project with lots of ROI, but the infighting between the client
divisions had dragged the project (and the costs) out. No one could agree about whose
version of the truth they should use, and the divisions had assigned their most junior
people to it and insisted on numerous exceptions, workarounds, and enhancements, all
of which had rendered the original business case useless. On top of that, the company
had undergone a major restructuring in the middle of it, and a lot of the major play-
ers had changed. “It would be a lot easier for us in IT if the business would get its act
together about what it wants from IT,” she thought. But just as quickly, she recognized
that this was probably an unrealistic goal. A more practical one would be to find ways
for business and IT to work collaboratively at all levels. “We each hold pieces of the
future picture of the business,” she mused. “We need to figure out a better way to put
them together than simply trying to force them to fit.”
Knocking on Farzad’s door, she peeked into the window beside it. He seemed
lost in thought but smiled when he saw her. “Jenny!” he exclaimed. “I was just think-
ing about you and the e-mail I sent you. Have you done anything about it yet?” When
she shook her head, he gave a sigh of relief. “I was just rethinking my decision about
this trip, and I’d like your advice.” Jenny gave her own mental sigh and stepped into
the office. “I think we have a problem with the business and we need to fix it—fast,”
she said. “I’ve got some ideas, and what to do about the trip is just part of them. Can
we talk?” Farzad nodded encouragingly and invited her to sit down. “I agree with you,
and I’d like to hear what you have to say. We need to do things differently around here,
and I think with your help we can. What did you have in mind?”
Discussion Questions
1. Overall, how effective is the partnership between IT and the business at Hefty
Hardware? Identify the shortcomings of both IT and the business.
2. Create a plan for how IT and the business can work collaboratively to deliver the
Savvy Store program successfully.
Running Head: THE SCIENTIFIC METHOD APPLIED TO DIGITAL FORENSICS
1
THE SCIENTIFIC METHOD APPLIED TO DIGITAL FORENSICS 7
The Scientific Method Applied To Digital Forensics
by student name
Professor D. Barrett
University
Course
Todays date
Abstract
Computer forensics is the process of digital investigation combining technology, the science of discovery and the methodical application of legal procedures. Judges and jurors often do not understand the inner workings of computers and rely on digital forensics experts to seek evidence and provide reliable, irrefutable testimony based on their findings. The scientific method is the process of diligent, disciplined discovery where a hypothesis is formed without bias, and analysis and testing is performed with the goal of effectively proving or disproving a sound hypothesis. When investigative teams do not follow standard investigative procedures it can lead to inappropriate and inaccurate evidentiary presentations that are extremely difficult for non-technical participants to refute. The practitioners of digital forensics can make strides to measure and improve the accuracy of their findings using the scientific method. This paper includes a summary of the scientific method as applied to the emerging and growing field of digital forensics and presents details of a specific case where both the prosecution and defense would have benefitted greatly from the use of this proven method of discovery and analysis. Findings can only be deemed reasonably conclusive when the scientific process is correctly applied to an investigation, findings are repeatable and verifiable, and where both the evidence collected and the tools used are subject to the utmost scrutiny.
The Scientific Method Applied To Digital Forensics
The forensic analyst and investigator must use a unique combination of technical, investigative, and scientific skills when approaching a forensic case. Most adults remember the Scientific Method from their middle school science class as a set of six steps beginning with stating a problem, gathering information, forming a hypothesis, testing the hypothesis, analyzing the data and drawing conclusions that either support or do not support the hypothesis. Peisert, Bishop, & Marzullo (2008) note that the term computer forensics has evolved to mean “scientific tests of techniques used with the detection of crime” yet note that many academic computer scientists also use the term to refer to the “process of logging, collecting, auditing or analyzing data in a post hoc investigation”. The necessity to maintain chain of custody requires methodical and detailed procedures, as does the formulation of a legitimate and unbiased hypothesis and conclusion using the scientific method. Since many judges and jurors assume that computer forensic evidence is as “reliable and conclusive” as it is depicted on television, the legal system is unaware of the volatile nature of computer forensics investigations and the significance of a scientific approach to evidence gathering and analysis (Peisert et al., 2008).
The Scientific Process as Applied to Computer Forensics
Peisert et al. (2008) discuss in detail the need for the use of the scientific method in forensic investigations, not only for the process of discovery and analysis of evidence, but for measuring the accuracy of the forensic tools used in an investigation. Casey (2010) agrees, and cautions that evidence must be compared to known samples so that investigators better understand the scope and context of the evidence that is discovered or presented and to better understand the output of forensic tools. Casey (2010) further elaborates that the scientific method is a powerful tool for forensic investigators who must be neutral fact finders rather than advocates for one side of a case or the other.
The process of creating a hypothesis and completing experiments to prove or disprove them allows an investigator to gain a concrete understanding of the digital evidence or mere traces of evidence under analysis. Casey (2010) also notes that while there is no ethical requirement to do so and may be impractical, a thorough investigative practice would consider investigation of alternate scenarios presented by defense.
Forensic examination tools can contain bugs, or behave differently with various types of data and forensic images. Casey (2010) recommends that investigators examine evidence at both the physical and logical layers since both methods can provide unique perspectives, and the physical layer may not yield deleted, corrupted or hidden data. Suspects with limited technical experience can rename image files with different extensions not used for images, and those with more technical knowledge can use advanced steganography techniques to embed data within other data in an attempt to defy detection.
The 2004 case of State of Connecticut v. Julie Amero in Norwich, Connecticut is one where the scientific method was clearly missing from both the defense and prosecution. Eckelberry, Dardick, Folkerts, Shipp, Sites, Stewart, & Stuart (2007) completed a comprehensive post-trial analysis of the evidence as provided to the defense and discovered very different evidentiary results using a structured scientific approach to their investigation. Amero was a substitute elementary teacher accused of displaying pornographic images that appeared on pop-up’s to her students from what ultimately was proven to be a spyware-infected school computer. The credibility of the legal system was compromised and the prosecution made a numerous incorrect assumptions based on results provided from inadequate forensic tools and poor investigative techniques (Eckelberry et al., 2007).
The computer that Amero was using in her classroom was a Windows 98 machine running Internet Explorer 6.0.2800 and a trial version of Cheyenne AntiVirus that had not received an update in several years. The content filtering at the school had expired several months prior to the incident. The prosecution presented non-factual statements that may easily have been misconstrued by a non-technical jury and that likely caused a guilty verdict. The false testimony made by the school IT specialist indicated that the virus protection was updated weekly when in fact they were not since computer logs and the signatures clearly showed that virus updates were no longer supported by the vendor. The updates may have been performed but against files that had no new updates for many months. The IT Manager who testified also incorrectly claimed that adware was not able to generate pornography and especially not “endless loop pornography”. This information was received as a fact by the non-technical jury and incredibly not refuted by the defense. The detective for the prosecution also stated that his testimony was based completely on the product ComputerCop which the vendor admits is incapable of determining if a website was visited purposefully or unintentionally. The forensic detective astoundingly admitted that he did not examine the computer for the presence of adware (Eckelberry et al., 2007, p. 7-10).
The case against Amero was largely based on testimony stating that she deliberately visited the offensive pornographic websites and that the sites visited subsequently showed the links in red. The post-trial investigative team quickly verified that the ‘sites visited’ color setting in Internet Explorer on the suspect machine was set to “96,100,32” which is a greenish-gray color. One of the web pages that the defendant allegedly visited had an HTML override to highlight one of the links presented in red and was not colored based on a deliberate visit to the site. According to Eckelberry et al. (2007) the page in question was not discovered in “any of the caches or Internet history files or the Internet History DAT files. The post-trial investigative team through meticulous investigation and use of the scientific method were able to present facts that were “exculpatory evidence showing that the link was never clicked on by the defendant” or any other person, and disproved most of the statements made by the forensics examiner and the witnesses for the prosecution (Eckelberry et al., 2007, p. 12-14).
The prosecution testimony stated that there was no evidence of uncontrollable pop ups found on the suspect machine, however, the post-trial investigative team discovered irrefutable evidence that the page in question was loaded twenty-one times in one second using a computer forensics tool called X-Ways Trace. Eckleberry et al. (2007) detail many other instances where testimony was haphazard and discovered that a Halloween screen saver was the source of the adware that presented the continuous stream of pornographic sites. The chain of custody was also compromised in that the disk image was from a Dell PC but the defense witness saw a Gateway PC stored at the police station. The officer reportedly seized a computer but the police report contradicts this and states that only a drive was taken (Eckelberry et al., 2007, p. 14-17).
The case described and investigated by Eckelberry et al. (2007) resembles a staged blunder designed as a humorous sample case for beginning forensic students to discuss. The case was however very real and even though the defendant was eventually acquitted she suffered lasting harm from the notoriety based on the initial conviction of contributing to the delinquency of minors. If the prosecution or defense had investigated the evidence using the scientific method and maintained a credible chain of custody, or at least used clear critical thinking while performing a thorough forensic investigation this case may never have gone to trial. It wasted the time and resources of judge, jury, and countless other participants in the trial and permanently damaged an innocent victim (Eckelberry et al., 2007).
Conclusion
The scientific method is a process that allows confidence in a hypothesis when it can be subjected to repeated identical tests. The use of the scientific method not only provides a methodical structure to a forensic investigation, it lends credibility to a case in the very nature of the steps used to document and diligently test any given hypothesis. The case independently investigated post-trial by Eckelberry et al. (2007) was performed by a team of trained experts who were well aware of the necessity of the methodical requirements and necessity of the scientific method of discovery. Their findings proved that the suspect was in fact a victim of poorly maintained computers by a local Connecticut school system, that the forensic expert and witnesses who testified in the case were untrained and uninformed and used inadequate tools for the investigation. Cases such as State of Connecticut v. Julie Amero illustrate the importance of using the scientific method, and the necessity of proper training in the art and science of digital forensics.
References
Carrier, B. (2002, October). Open Source Digital Forensics Tools: The Legal Argument. In @ Stake Inc. Retrieved September 8, 2011, from
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.19.7899&rep=rep1&type=pdf
Casey, E. (Ed.). (2010). Handbook of Digital Forensics and Investigation (Kindle ed.). Burlington, MA: Elsevier, Inc.
Eckelberry, A., Dardick, G., Folkerts, J., Shipp, A., Sites, E., Stewart, J., & Stuart, R. (2007, March 21). Technical Review of the Trial Testimony of State of Connecticut vs. Julie Amero. Retrieved September 9, 2011, from
http://www.sunbelt-software.com/ihs/alex/julieamerosummary
Nelson, B., Phillips, A., & Steuart, C. (2010). Guide to Computer Forensics and Investigations (4th ed.). Boston, MA: Course Technology, Cengage Learning.
Peisert, S., Bishop, M., & Marzullo, K. (2008, April). Computer Forensics in Forensis. Retrieved September 8, 2011, from
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.140.3949&rep=rep1&type=pdf
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
