Theories on Multinational Companies

Theories on Multinational Companies 2.1.1. Introduction In the process of studying the existence, growth and business activities of multinational companies, various theoretical approaches have been developed in the past forty years, depending on the scholars` fields of specialization, perspective and objectives. It is particularly important to distinguish economic approaches to the study of multinationals, strategic management approaches, and finally, cultural approaches to the study of multinational companies. Furthermore, the second part of the literature review will be dedicated to the study of various kinds of spillovers which multinational companies create while operating in the given country, a subject which is of particular importance for the topic of this thesis. 2.1.2. Economic Approaches to the Study of Multinational Companies When reviewing the literature on multinational companies, it is evident that economists find themselves at the forefront of the research on multinational companies. According to Cantwell (1991: 17-18), they are approaching the topic from three perspectives: microeconomic (which deals with cross-border interactions of individual firms), mesoeconomic (which deals with the cross-border interactions of firms at the industry level), and macroeconomic (dealing with the growth and trend of multinationals at national and international level). All of these categories have one thing in common: they all tend to explain the existence of international production. The economic approaches to the study of international business have been dominant in the fields of microeconomics, industrial economics and macroeconomics. These include the theory of the firm by Coase (1937, 1987), as well as internalization theory by Buckley and Casson (1976) and Rugman (1980, 1980 and 1982). Other famous theories on multinational enterprises refer to markets and hierarchies approach by Williamson (1975, 1985), furthermore, market power approach or the theory of international operations by Hymer (1960, 1976), and the approaches of industrial organization by Bain (1959), Caves (1971, 1982), Hirsch (1976), Johnson (1970) and Lall (1980a). As a starting point for his research, Ronald Coase (1937) departed from the traditional microeconomic assumption which states that economic activity is determined freely by the price mechanism and that the economic system works itself. In practice this means that suppliers respond to demand changes, and buyers respond to supply changes through the open market system, which is viewed as an automatic, responsive process. According to him, opposed to the traditional thinking that the economic system is being coordinated by the price mechanisms, Coase argues: This coordination of the various factors of production is, however, normally carried out without the intervention of the price mechanism. As is evident, the amount of vertical integration, involving as it does the supersession of the price mechanism, varies greatly from industry to industry, and from firm to firm. It can, I think, be assumed that the distinguishing mark of the firm is the supersession of the price mechanism. (Coase, 1937 in Williamson and Winter 1991:20). Furthermore, Coase (in Williamson and Winter 1991:30) suggests that at the margin, the costs of organizing within the firm will be equal either to the costs of organizing in another firm or to the costs involved in leaving the transaction to be organized by the price mechanism. Even though the theory of Coase was predominantly meant for the domestic horizon, it later served as the bases of the internalization theory. The concept of internalization has its origins in the theory of industrial relations. Bain (1959) pursues the proposition that there will be possibilities of integration by the firm (acquiring and combining with supplier firms or customer firms) which, among others, have positive economies or savings in cost. Additionally, he stresses that atomistic market structures with unrestricted competition will tend to force or make automatic efficiency increasing integration, and likewise tend to deter inefficient integration. Bain further claims that no particular type of integration will be fully forced in an oligopolistic situation, but there should be a tendency for oligopolistic firms to integrate if there are other advantages (other than costs) to the integration that will not result in inefficiency. He asserts that even inefficient integration is possible if it has offsetting advantages (Bain, 1959:168). Hirsch (1976) suggested that the optimal choice between international trade and international production is determined by the firms specific knowledge advantages and other intangible assets. Rugman (1981: 45) uses Hirsch`s model and interprets it as one that treats knowledge as an intermediate product which is internalized in the structure of multinational enterprise. These ownership advantages impose effective barriers to entry to rival firms. They enable temporary monopoly power to the company by allowing it a possibility to earn profit above the prevailing industry level. Hirsch (1976) states that the greater ownership advantages are, the more economics of production and marketing prefer foreign location and therefore foreign direct investment. Authors Buckley and Casson (1976:33) give their significant contribution to the theory of internalization based upon three presumptions: Companies maximize profit in a world of imperfect markets The imperfect nature of the markets for intermediate goods urges companies to avoid them by creating internal markets Internalization of markets across national boundaries creates multinational enterprises. The main thesis of Buckley and Casson is that attempts to improve the organization of these markets have led to a radical change in business organization, one aspect of which is the growth of MNE. Therefore, a multinational enterprise is perceived as an instrument used for raising efficiency by replacing foreign markets via exploitation of internalization advantages within the framework of transaction costs and exchange. Furthermore, they insist that an MNE is created whenever markets are internalized across national boundaries, and a market in an intermediate good will be internalized only in the situation when benefits outweigh costs. The authors stress the following: Vertical integration of production will give rise to MNEs because different stages of production require different combinations of factors and are therefore best carried out in different countries, according to factor availability and the law of comparative advantage. Moreover, there is a special reason for believing that internalization of the knowledge market will generate a high degree of multinationality among forms (Buckley and Casson 1976, 44-45). Theory of internalization has been additionally advanced by Rugman (1981:28) who pointed out that internalization is the process of making a market within a company. He suggests that company creates an internal market as a replacement for the missing regular (or external) market and in order to overcome the problems of allocation and distribution by the use of administrative fiat. Furthermore, he states that the internal prices (or transfer prices) of the firm lubricate the organization as a potential (but unrealized) regular market. In reality, the internalization theory pursued by Rugman tries to explain the reasons why a company wishes to go into international production across national boundaries. On this particular subject, Rugman (1981:29) states the following: A firm will wish to locate itself abroad to gain access to foreign markets. It will choose foreign direct investment when exporting and licensing are unreliable, inferior, or more costly options. Internalization is a device for keeping a firm specific advantage over a worldwide scale. The MNE is an organization able to monitor the use of its firm specific advantage in knowledge by establishing abroad miniature replicas of the parent firm. These foreign subsidiaries supply each foreign market and permit the MNE to segment national markets and use price discrimination to maximize worldwide profits. Internalization allows the multinational to control its affiliates and to regulate the use of the system specific advantage on a global basis. The concept of creating an internal market within a company in order to avoid relatively high transaction costs of the market system is additionally researched by Williamson (1975). In his work Markets and Hierarchies, he suggests that the economics of transaction costs and in general, new institutional economics explains why companies choose to conduct hierarchical expansion instead of conducting economic activity through the market mechanisms. Williamson states that multinational enterprises choose vertical integration or hierarchy for various reasons: in comparison to the market system, hierarchy extends boundaries on rationality by allowing the specialization of decision-making and economizing on communication expense. Furthermore, hierarchy permits additional incentives and control measures to discipline opportunism. Interdependent units are adapted to uncertainties and unexpected events more easily. Hierarchy also offers more constitutional possibilities for effective monitoring and auditing jobs, which consequently narrows down the information gap which appears in the case of autonomous agents. Finally, hierarchy provides a less calculative exchange atmosphere or environment (Williamson 1975:258). Scholars like Kay (1991) and Lee (1994) acknowledged Williamsons emphasis on asset specificity as a key environmental factor, coupled with uncertainty, which leads to hierarchy or vertical integration. Asset specificity actually represents specialization of assets with respect to use or user. It appears when one or both parties to the transaction invest in equipment, which has been designed especially to perform the transaction and has lower value when used for other purpose. Williamson (1985) states that spot markets will probably fail under the condition of asset specificity. This occurs because party making transaction-specific investments, and for whom the costs of switching partners are consequently high, will fear that one flexible party will opportunistically renegotiate the terms of trade. Asset specificity as a determinant of vertical integration is crucial in relation to given conditions of bounded rationality, opportunism and uncertainty. Asset specificity is the big locomotive to which transaction cost economies owes much of its predictive content. Its neglect is largely responsible for the monopoly preoccupation of earlier contract traditions (Williamson 1985: 54-56). One of the gurus of theory on multinational enterprises is certainly Richard Caves. Caves (1971, 1982) presumed that founding of subsidiary by a multinational enterprise amounts to entry into one national market by a going enterprise based on another geographic market. One possibility of entry is horizontal expansion, when a subsidiary produces the same type of product as the parent company. Other type of entry is vertical expansion or integration across national boundaries either backward to produce raw materials or intermediate products used in its home operations or forward to provide a distribution channel for its exports (Caves 1974a, 117). Additionally, Caves assumed that foreign direct investment appears mostly in industries characterized by certain market structures in both home or host countries. He concludes that differentiated oligopoly prevails mostly in the case when companies opt for horizontal expansion. On the other hand, oligopoly, not necessarily differentiated, in the home market is typical in industries which undertake vertical expansion across national boundaries. Direct investment tends to involve market conduct that extends the recognition of mutual market dependence the essence of oligopoly beyond national boundaries (Caves 1971:1). Additionally, in order to explain the presence of multinational companies, Caves distinguished and explained three types of multiplant companies horizontally integrated company which produces the same line of products from its plants in each geographic market, vertically integrated, which produces outputs in some of the plants that serve as inputs for other plants, and finally a diversified company whose plants outputs are neither horizontally nor vertically related to one another (Caves 1982a:2). With his theory of international operations, Hymer (1960, 1976) emphasized two major causes of international operations: exploitation of oligopolistic advantages and suspension of conflicts between companies in order to strengthen market power by means of collusion. Therefore, Hymer states the following: It frequently happens that enterprises in different countries compete with each other because they sell in the same market or because some of the firms sell to other firms. If the markets are imperfect, that is, if horizontal or bilateral monopoly or oligopoly, some form of collusion will be profitable. One form of collusion is to have the various enterprises owned and controlled by one firm. This is one motivation for firms to control enterprises in foreign countries (Hymer 1976:25). Furthermore, he states that FDI could not be explained as if it were portfolio investments that is, inter country movements of capital responding to differential rates of return on capital. If this direct investment is motivated by a desire to earn higher interest rates abroad, this practice of borrowing substantially abroad seems strange(Hymer 1976:13). Hymer emphasized that international operations type of investment does not depend on the interest rate. The direct investor is motivated by profits that are obtained from controlling the foreign enterprise, not by higher interest rates abroad (Hymer 1976: 26-30). He suggested that direct investments are the capital movements associated with the international operations of companies. According to him there are several types of motivation. The underlying motivation for controlling the foreign enterprise is to eliminate competition between that foreign enterprise and enterprises in other countries, and to form a profitable collusion among them. Another motivation is control which is desired in order to appropriate completely the returns on certain skills and abilities. The other motivation arises from the fact that a firm with advantages over other firms in production of a particular product may find it profitable to undertake the production of this product in a foreign country as well (Hymer 1976: 25-26). Another contribution which is even more fundamental made by Hymer, was to argue for the link between market failure and FDI. Hymer pioneered an oligopolistic theory of the growth of production networks across national boundaries, through collusion and exploitation of ownership advantages in a market power context, instead of a location theory context. The market power school of thought pursues that internationalization lowers the extent of competition and increases collusion among firms, in general (Cantwell 1991a:30). Due to their relative abundance of capital but scarcity of labor, traditional neo-classical economics assumes that countries which are economically developed have low profit or interest rates but high wage rates prior to international operations. Therefore, capital intensive goods go from economically developed countries to less developed labor abundant countries. There can also be a tendency for capital rich countries to export capital directly through foreign direct investment in developing countries. In the same manner, economists that belong to the Marxist school of thought, advocate the idea that there is a tendency for the rate of profit to decline in capital rich countries, due to the intensity of competition. Consequently, foreign investment in less developed or underdeveloped countries serves as an outlet for surplus capital (Cantwell in Pitelis and Sygden 1991:20). Recent historical data, however, reveal a trend which challenges stipulations of the traditional neo-classical and Marxist theories. Before 1939, imperialistic and colonial influences have been determining factors which influenced international trade and investment between hegemonic countries and developing countries. Similar trade and investment patterns prevailed in 1950s, but the trend started to change in the past few decades. In 1950, around three fifths of manufacturing exports from Europe, North America or Japan were directed to the developing countries across the world, but by 1971, only just over one third (Armstrong et al., 1984:251). Additionally, Dunning (1983b:88) acknowledged that two thirds of the worlds stock of FDI was located in developing countries in 1938. This amount has fallen to just little over a quarter by 1970s (cited by Cantwell in Pitelis Sugden 1991:20). During 1980s and 1990s significant capital mobility among developed countries overshadowed foreign direct investment in the developing countries. Mergers and acquisitions were the main trade mark of multinational production activities across the industrialized world during this period. At the time, in the developing world FDI have been characterized by joint ventures, privatization ventures and pioneering projects in the field of manufacturing and infrastructure (World Economic Forum 1997:28). During the 1990s, economically developed countries were still the most favorable destination of FDIs. However, this period has been significant since a large flow of capital invaded emerging markets, especially the ones in Asia where incentives for foreign investments have been extremely attractive. China, for instance, received $42.3 billion in 1996, which accounted for 38 percent of total FDI flows to the emerging markets in that year. Additionally, other emerging markets in Asia, such as Malaysia, Indonesia and Thailand became increasingly significant recipients of foreign direct investment (World Economic Forum 1997:28-30). On a macroeconomic level, different approaches have been developed in order to explain cross-border activities of multinational companies. The most important ones are the following: the product cycle model by Vernon (1966), trade and direct foreign investment model of Kojima (1978), location theories of the division of labor as analysed by Buckley and Casson (1976), Casson (1979,1986), Casson et al. (1986) and Buckley (1988), investment-development cycle advanced by Dunning (1982), stages of development approach by Cantwell and Tolentino (1987) and the eclectic paradigm by Dunning (1977, 1981, 1988, 1993a, 1995a, 1995b). Product cycle model, as defined by Vernon (1966) represents a combination of a three-stage theory of innovation, growth and maturing of a new product with the RD factor theory (Kojima 1978:61). The latter theory presumes where a new product or technology is most likely to be created. In this new phase stage, design of the product is often being changed and therefore, its production is technologically unstable and the market is not enough acquainted with the product. Consequently, the sales will not grow rapidly and the demand for the product will remain price-inelastic. In this phase, research and development activities of scientists and technicians are of crucial importance for the introduction of inventions and changes in design. Theoretically, the introduction of the RD factor in the product cycle theory represents the addition of a factor of production to the conventional two-commodity, two-factor model. If this approach is accepted, it follows that one may add new factors of production one by one in a similar manner. At the growth phase which comes after the first one, sales of products increase. Mass production and bulk sales methods are introduced. At the same time, entries in the industry increase and competition grows among producers. Demand becomes price-elastic and therefore, sales of each firm become more responsive to the price. Under these circumstances, the realization of economies of scale and managerial ability of the company play important role (Kojima 1978: 62). Finally, when the mature phase is reached, the product becomes standardized and its production technologically stabile. Instead of the crucial role that is played by research and development activities or managerial abilities in the new-phase stage and growth stage, unskilled and semi-skilled labor become important. Therefore, through foreign investment production location is being directed to low-wage, developing countries. The expenses of marketing or exporting the product from these countries may be lower compared to other commodities, since the commodity is standardized. Kojima (1978) gave several comments on Vernons product cycle theory. Firstly, the theory is not founded on the principle of comparative costs. Vernon himself elaborates that his theory discusses one promising line of generalization and synthesis, which appears to have been neglected by the main stream of trade theory. It does not stress the comparative cost doctrine but instead emphasizes more the timing of innovation, the effects of scale of economies, and the roles of ignorance and uncertainty in influencing trade patterns. Secondly, this theory tries to explain the location of production of one commodity by a firm growing through monopolistic or oligopolistic behavior (Kojima 1978:63). Kojima (1978) suggested the so-called trade and deficit foreign investment theory as an alternative approach to the study of multinationals. Furthermore, he suggested that foreign direct investment should complement comparative advantage patterns in different countries. Such advantage has to originate from the comparatively disadvantaged industry of the source country, which leads to lower-cost and expanded volume of exports from the host country. Significant criticism of Kojima`s theory is the manner in which import-substituting investments are referred to as anti-trade oriented. While import-substituting investments could be considered as anti-trade oriented at the microeconomic level, they are not anti-trade oriented at the macroeconomic level. In fact, an increasing level of exports usually follows the growth of FDI from USA, Germany and Japan. There are proofs which suggest that export-oriented investments may have a less significant impact in industrial adjustment or in increasing the welfare of the host country since these investments are likely to be an enclave kind (Dunning and Cantwell 1990 as cited in Tolentino 1993:51). Rugman (1981:47) suggested his main objection with Kojima`s analysis is that it is set in the static framework of trade theory, meaning that his model requires perfect markets. It is obviously a mistake to observe technology as a homogenous product over time and to ignore the dynamic nature of the technology cycle. It is probable that the United States have a comparative advantage, not in technology itself but in the generation of new knowledge. Consequently, it is feasible for US FDI in technology to take place to secure new markets on a continuous basis, as successive stages of the technology cycle are used, firstly in domestic markets and than in foreign ones. Dunning (1982, 1986) contributed to the investment-development cycle model with his suggestion that the level of inward and outward investment of different countries, and the balance of the two, is a function of their stage of development as measured by GNP (gross national product) per capita. After threshold phase of development, outward investment increases for countries at yet higher levels of development. The balance between inward and outward investment in developed countries results in the return of their net outward investment to zero. The continued growth of their outward investment at a later phase results in a positive net outward investment (NOI). Tolentino(1993) offered empirical evidence for the period since the mid-1970s which imply that the existence of a structural change in the relationship between NOI and the countrys relative stage of development as a consequence of the general rise in the internationalization of firms from countries at lower stages of development. The growth of newer multinationals from Japan, Germany and smaller developed countries, as well as some of the richer developing economies, implies their firms` capacity to follow the earlier outward multinational expansion of the traditional source countries, the USA and the UK, at a much earlier stage of their national development. The enhanced significance of outward investments from these newer source countries enables firm evidence of the general trend towards internationalization do that the national stage development no longer becomes a good predictor of a countrys overall net outward investment position. Cantwell and Tolentino (1987) suggested the stages of development approach to the study of multinationals. They posed a hypothesis that the character and composition of outward direct investment changes as development proceeds. Additionally, the say the following: Countries` outward direct investment generally follows a developmental or evolutionary course over time which is initially predominant in resource-based or simple forms of manufacturing production which embody limited technological requirements in the earlier stages of development and then evolve towards more technologically sophisticated forms of manufacturing investments. The developmental course of the most recent outward investors from the Third World has been faster and has a distinctive technological nature compared to the more mature multinationals from Europe, USA and Japan, owing to the different stages of their national development. Dunning (1977, 1981, 1988, 1993a, 1995a, 1995b) and his eclectic paradigm tends to explain the ability and willingness of companies to serve markets across national borders. Furthermore, the eclectic paradigm attempts to elaborate why they opt for the exploitation of any available advantages through foreign production instead of using domestic production, exports or portfolio resource flows. He hypothesized that a company will go for international production or engage in foreign direct investment if it owns net ownership advantages (mostly in the form of intangible assets) vis-Ã  -vis firms of other nationalities in serving particular markets. These ownership advantages, accompanied by internalization and location possibilities, will enable a company to benefit when using or internalizing a particular foreign market itself, instead of selling, renting or leasing them to foreign companies. Location possibility in this context means locating a multinational firms production activity in a foreign country that possesses competitive advantages in terms of factor endowments. If these three conditions (ownership, location and internalization) are not present, the firm can instead serve its local market through domestic production and expand it to serve foreign markets through international trade. The bigger the ownership advantages of multinational companies, the more incentive they have to use these themselves. The more the economics of production and marketing favor a foreign location, the more they are likely to engage in foreign direct investment. The propensity of a particular country to engage in international production is then dependent of the extent to which its enterprises possess these advantages and the location attractions of its endowments compared with those offered by other countries (Dunning 1981:79). According to Dunning eclectic paradigm is perhaps, the dominant paradigm of international production. It presumes ownership specific advantages as endogenous variables, i.e. to be a determinant of foreign production. This means that the paradigm is not only involved with answering the question of why firms go for FDI, in preference to other modes of cross-border transactions. It is also concerned with why these firms possess unique resources and competencies relative to their competitors or other nationalities and why they choose to use at least some of these advantages together with portfolio of foreign-based immobile assets. This makes it different from the internalization model, which regards ownership advantages as exogenous variables (Dunning, 1993a:252). As perceived by Dunning, the eclectic paradigm is meant to capture all approaches to the study of international production. In his opinion the model represents a good starting point to discover the global explanation of MNE`s existence and growth since it synthesizes the explanations of the existence and nature of international production. Dunning states that his eclectic paradigm can give an adequate analytical framework which enables understanding of all kinds of foreign production in services. Stressing the interdependence between services and goods industries, he asserts that it makes no sense to try to develop a new paradigm to explain the transnationality of the service sector (Dunning 1993a:248-284). In his scholarly research, Dunning was assertive to find all possible explanations of the existence of multinational enterprise in his eclectic paradigm. As the years went by, he tried to expand knowledge in the framework of his eclectic paradigm by attempting to accommodate possible additional explanations to multinational production activity that come to his knowledge. As an example, for instance, he argues that the advent of collaborative alliances among multinational firms does not lead to the development of a new multinational theory. Therefore, he has incorporated alliance capitalism in his model. In his renewed version of the eclectic paradigm in the light of alliance capitalism, Dunning(1995a) considers that inter-firm alliances (with clear reference to American multinationals) in innovation-led production systems are emerging as dominant forms of market-based capitalism, and are overtaking the global influence of hierarchical capitalism. Dunning has focused on the narrow view of the value-adding activity of innovation-led capitalism, and has considered other joint ventures, not wholly owned production operations, dominate the multinational enterprise involvement in less developed countries (Vaupel and Curhan 1973). Both in theory or in practice, internalizing a foreign market and going for a joint venture alliance with a foreign partner are just two possible options that a multinational company can choose in international business activities. Therefore, alliance as a strategy can be the dependent variable, just like international production, that needs further explanations. Explanations to joint ventures overseas could also include ownership, location and internalization considerations. Border lines between the three levels of economic analysis microeconomic, mesoeconomic and macroeconomic have to be neglected in order to synthesize the various economic approaches to the research of multinationals. Modern economic explanations of cross-border production activities of multinational firms are mostly reflected in the configuration of ownership, internalization and location advantages. Dunning has integrated those three fractions under the wing of his eclectic paradigm, but his primary objective in doing so is still to find eclectic explanations to the phenomenon of international production. Despite the differences in academic specialism, perspectives and objectives of economists who pursued the study of the existence of multinational companies and made significant contributions this field, they have one thing in common: they all targeted the explanation of the phenomenon of international production activity across national boundaries. 2.1.3. Strategic Management Approa

Reflection Worksheet Essay

Please use the information from your interview to complete this worksheet. Submit this worksheet in the Module 2: Assignment Dropbox no later than Day 7 of Module 2. Include vocabulary and concepts from your reading and course site to support and illustrate your own insights. In preparation for the papers you’ll write later in this course, take the time to organize your thoughts for each question and write clearly. 1. Summarize how you were rated on the 4 components of Interpersonal Effectiveness. Where are you doing well? Where do you need some practice? (Simply report your findings – do not explain your position). For the 4 components of Interpersonal Effectiveness, I was rated decently. In Emotional Intelligence, the only thing that I need to improve on is staying calm when speaking; I have a tendency to raise my voice and be overly intense. For Mindfulness, I was rated highly; I do posses the ability to maintain my full attention to the person and allow the person to speak before I do. Ethics was also rated highly, being able to keep in mind the situations of others. Competence was high, as well, I’m able to put aside my own differences in order to better understand others. 2. Discuss the differences and similarities between your interview results and your own self-assessment in Module 1: Discussion 2. How are people’s perceptions of your interpersonal effectiveness in alignment (or not) with your own? What surprised you? Honestly, I was not surprised by the results of the interview and my own self-assessment. I knew coming into the interview that I needed to work on some things, specifically, Emotional Intelligence. I’ve always had a temper when talking with someone and they are either not listening to me or not understanding where I’m coming from. It does seem that when I’m talking to someone I don’t really know, my Emotional Intelligence is in check. I’m able to tone down how I respond or act in unfamiliar territory when it comes to others. 3. How easy or hard was it for you to stay open-minded and non-defensive? Why? What did you have to do to stay open-minded and non-defensive? It was somewhat easy for me to stay open-minded and non-defensive because I was talking with someone I’m comfortable with. One thing I’ve learned is when you are faced with talking to someone you don’t necessarily agree with, it’s easy to put yourself in their shoes. Not getting so caught up in my feelings and ideas help me to maintain a leveled head. I have to remind myself that everyone is entitled to their opinions and ideals and I don’t have to like them but I do need to respect them. Having talked with someone I know did make me keeping all of that in mind, a little easier to do. 4. Why do you think you are being perceived as you are? Consider the perception process as outlined in Chapter 2 (i.e. selection, organization, interpretation, negotiation). For example, did your partner notice or â€Å"select† different behaviors than you expected? Or, did he/she think or â€Å"interpret† your behavior in ways that were different from what you intended? I think why I’m being perceived the way I am is because of my body language. The moment I folded my arms my partner knew I was becoming defensive. When I place my hand under my chin to rest my head, my partner assumed I was bored which was not the case at that time, I genuinely wanted to just hold my hand under my chin. Some perceptions that my partner saw and explained how they were feeling about it weren’t all accurate. My partner pointed out things that I didn’t realize I was doing and took it as disrespect but some habits I have are just that – habits. 5. Summarize 2 key insights from this assignment. What do you know now about your behavior and interpersonal effectiveness that you didn’t know before? There really wasn’t any behaviors and interpersonal effectiveness that I didn’t know already. This assignment did make some behaviors stand out more than others, such as, Emotional Intelligence. I’ve known I have a problem with remaining calm and not â€Å"wear my emotions on my sleeve† when having a conversation with someone and I don’t agree with what they’re saying. This assignment definitely pulled that out in full force and made me realize how often I do it. If anything that was a behavior that I didn’t notice that I do quite often in conversation. 6. Identify 2 actions you can take (i.e. new behaviors you can practice) that will immediately help you improve your interpersonal effectiveness. Be specific. One action I can take that will improve my interpersonal effectiveness is becoming a more active listener. Instead of just â€Å"waiting to speak† I can be present in that moment of conversation with someone and attentively listen. A second action I could practice would be to keep in mind Emotional Intelligence. Making sure I refrain from â€Å"wearing my emotions on my sleeve† and not get too involved in how things are said as much as what is being said. Listening with an open and clear mind will help me improve how I interact with others.

Networking - Free Essay Example

Sample details Pages: 29 Words: 8736 Downloads: 3 Date added: 2017/06/26 Category Statistics Essay Did you like this example? Introduction About Philadelphia Inc. Philadelphia Inc. is a large multinational company which is emphasis mainly in producing of computer software and manufacturing of computer and its accessories. It has branches all over the world, nearly about 12 countries. The headquarter is in Philadelphia town in USA which has 13 large departments. These are Front-desk Department, Don’t waste time! Our writers will create an original "Networking" essay for you Create order Human Resources Development Department, Accounting Department, Information Technology and Sever Controlling Department, Software Development Department, Hardware Manufacturing Department, Sale and Services Department, Warehouse Controlling Department, International Branches Relationship Department, Marketing Department, Retail Services Department Administration Department, and Administration Department, and The Philadelphia Inc. is one of the fully computerized companies and therefore networking between the branches and headquarter is needed to have a best security as the information of the company is fully stored in Database server in IT and Server Controlling Department. Unfortunately, as the saying, Nothing is perfect, the best security system of Philadelphia Inc. was broken by some kinds of viruses, worms, Trojans and other malicious ones. As the information stored in database server is essential for the Incorporated, thus, the executive director wanted to renew the networking design to enhance the networking security all over the Inc. Type of Network used in Philadelphia Inc. In Philadelphia Inc, all computers in all departments are linked to communicate, share information and others. It also has internet access, via wireless network, which need special take care not to hack the information in Inc. Although the technicians information technology and sever controlling department always check the servers performance, virus, and any other necessary things and also specially check the security of network, unfortunately, some kinds of virus starts break the network down. Among the 13 departments of Philadelphia Inc, the worst two departments that are interrupted by virus is Administration Department and Finance Department, which are very essential departments of Inc. Task 1 Topics Concerning with Network Security 1.1 Access Control There are various definitions of Access Control. From the context of networking, it means that it is a process that router insulate the access by identify the source and destination address by a set of rule to prevent from access the network by attackers. If the source and destination meets the criteria of rule set of router, it will allow accessing, if not so, it does not. This process takes place before forwarding an incoming packet. Form the point of user, access control is the processing of determining the access of network resources by identifying the user accounts type and its group in which user is situated. 1.2 User Authentication The word authentication is adapted from Greek word ae?t which means that real or genius from authentic: from author so this word means that real from author. Therefore authentication is the process of identifying the user by some kind of mark such as retinal scan, finger print and more simply username and password to get the access of network resources for the purpose of security. The authentication process makes the administrator control to whom can access the network resources. 1.4 Firewall Firewall is either physical or software devices that can investigate the packet going in and out and it can prevent some malicious attack by identifying packet by a set of rules. Firewall technology is introduced to construct more secure network. 1.5 Virus Protection Virus is the malicious program that can hide in computer as other program or document to disrupt the computer or network functions by deleting the essential files or they fragmenting the files especially system file. Virus protection is the process of preventing computer or network from attackers, who can create virus, by some kind of hardware or software or by make rule set for user. 1.6 Accessing the Internet Internet is very popular in recent year and nearly every people want to access the internet. The accessing to the internet is the process of connecting the internet by some kind on link system such as dial-up or others to get the internet to computer. There are several ways of access the internet. Some kinds of way to access internet are dial-up, asymmetric digital subscriber line (ADSL) and so on. Task 2 Solving Email Problem E-mail which is an electronic mail that can send and receive in a second have so many problems why user cannot log into the email account. As she, who cannot login into her account and staff of the company, used the outlook express mail which is the company official mail and thus she did not open the internet explorer to access the internet though she cannot log in the account. When she prints, she cannot print the printer which is in network. Thus I determined that it may be network problem. Therefore, I think it is connected the network improperly in physically or logically. No sooner did I reach her office than I check whether the network cable is connected correctly or not. But it is plugged in correctly. It makes me confused. Therefore I asked her a few questions concerning about her experience when she start opening the computer until she cannot print the printer in the network. When I asked her if something warning message occurred when you start using the outlook program and she answered No, I think so as I did not remember. Her answers were blur and made my head aches. Then I asked her if another person used this computer as an administrator account and then she answered It wont never happened as I use this computer with strong careful and I dont allow another person to use this computer. For a moment, I thought and thought and at that time she said with a strange and something-thinking face I think I got the warning Message. AnnI got it! It wrote something concerning about IP. Yes IP. No sooner did i hear it, I check the IP address that is in TCP/IP protocol. By viewing the event viewer and check in the Network place. No sooner I check the TCP/IP protocol; I learned that there was IP conflict problem, the same IP used in two computers of the same network. Therefore, after I had changed the IP address correctly, she could log in successfully into the email. The warning message appears no sooner the computer detected the IP conflict problem. Please refe r to the following picture. I hope the problem of the printers is also a fault of IP address and thus I checked it by printing. To my horror, computer could not print. It made me headache. I checked the internet setting and network setting to ensure the IP address was right and if there was any problem in the computer. But nothing was found. I thought and thought and then I got the idea. I asked her if someone used this computer. Answer me correctly and honestly. She answered me her boyfriend from the Sale and Marketing department used the computer. After he used this computer, this problem occurred. I told her not to do this kind of action again. I selected the Control Panel and then to the tag of Administrative Tools double clicked on it And then in the Administrative tool there are ten items that can do changes to the computer. Among these, selected the Services icon then the services windows would appear as below. Among several services, right click the print spooler. title where print spooler is written on the right side of the screen. Now printer can print successfully. From above event, I really want to warn the all staff not to be usable to the other staff or people from accessing the information or other essential things. Task 3 Security Review Report Nowadays, internet, a wide area network that connects a set of different network, is more and more utmost large. The following table shows the internet usage and population statics in the various parts of the world from the 2000 to 2008. It shows that it is obviously increasing in 2008 compared with 2000. Thus as the internet usage increases, security is getting an essential part of network of all types, including from enterprise to home network. The more and more technology is developing, the more and more the threats are born. So how to prevent various threats that is stealing the information from your network? According to the report of CERT? Coordination Center which is a center of Internet security expertise, the security incident are increasing each year and each year. Therefore, for protecting the ever-increasing number and complexity of threats, the enterprises need vigilant approaches that can defect them. They use the network password easier than security. When the password is long and difficult to penetrate, they wrote down on the stick paper and stick beside of computer. They are not careful about any security things that are essential to Network. Although reveling the security-protective things are made difficult to security penetrators, when people dont care about it, security is the place where penetrators enjoy to approach. Therefore, you should need to know how many kinds of threat are there and what are their effects? After that, you should rule a set of assessment that users should have, in short policy. Mark Carter from COO, CoreFacts, LLC, Data Recovery and Analysis Firm said that I have found that inadequate network security is usually caused by a failure to implement security policies and make use of security tools that are readily available. Its vital that companies complete professional risk assessments and develop comprehensive security plans and infrastructures that a re publicly supported by upper management. Not only companies should have network security, legislations should also be made to prevent and control the flow of electronic information. Therefore, to secure the network, especially when connecting to internet from enterprise network, security policies and disciplines and other security-enhanced things are really needed to make. Threats The word threats is very familiar to users of network as they face and hear everyday talking about threats. Thus, what is threat? Threat is something which wants to see others information concerning about financial, bank account and the one that want to destroy the computer or network and makes users confused. In computer aspect, there are so many threats which are human-based, automated, and the last one, natural phenomena. The latter is strange as we know threats are created by human or automated. The natural-phenomenal threat is like power outage to burglar alarm. The table below shows different kinds of security threats that commonly found in network aspect. To prevent the Network User Attack which many be internal employee, enterprises need to have access control and user authentication and essentially policies of using network. That kind of attack cannot protect by firewall but it can be protected by policies. Therefore, policies are needed to develop in either large or small e nterprises. Policy No famous companies satisfy with their written policy. Policy is a set of written statements that can set appropriate expectations of Internet assets of clients and servers. This document makes the companys network easy to draft, maintain, and enforce. Security policies are noses of companies. They can make the users to be more careful and to know what assets they have and they do not have. Every Small and Middle Enterprise (SME) needs a good set of policies that is effective. For Philadelphia Inc, although it has a set of policies and penalties occur when staff broke the rules, as a saying Nothing is perfect, the older set of policies is ineffective and thus this makes trouble to company and other vulnerabilities to allow get into the company network. Therefore, company needs a more set of policy that is perfect and effective in Task 4 of this assignment. To have a secure policy, firstly Access Control which can make the clients who have access to install or remove the software, in short users assets is needed to be clearly defined. Risk Management For risk management, there are various definition concerning about it. Among them, by comparing three definitions, it can be known that risk management is really difficult to meaning and solve. The three definitions are In the dictionary, risk as the possibly of suffering harm or loss Carnegie Mellon Universitys Software Engineering Institute (SEI) definescontinuous risk managementas processes, methods, and tools for managing risks in a project. It provides a disciplined environment for proactive decision-making to 1) assess continuously what could go wrong (risks); 2) determine which risks are important to deal with; and 3) implement strategies to deal with those risks (SEI,Continuous Risk Management Guidebook [Pittsburgh, PA: Carnegie Mellon University, 1996], 22). The Information Systems Audit and Control Association (ISACA) says, In modern business terms, risk management is the process of identifying vulnerabilities and threats to an organizations resources and assets and deciding what countermeasures, if any, to take to reduce the level of risk to an acceptable level based on the value of the asset to the organization (ISACA, Certified Information Systems Auditor (CISA) Review Manual, 2002[Rolling Meadows, IL: ISACA, 2002], 344). In real aspect, risk management includes in business and major subset, technology. In business risk, there most common risks are Treasury management Revenue management Contact management Fraud Environmental risk management Regulatory risk management Business continuity management and Technology. Technology risk management is one of the most common risks in the business risk management itself. In business, the most common risks are as below. Security and privacy Information technology operations Business systems control and effectiveness Business continuity management Information systems testing Reliability and performance management Information technology asset management Project risk management Change management Thus, the risk management is difficult to solve. Therefore, in businesss risk, the decision made is really important. When solving the risk, many important decisions are needed to be made so that the risk will be successfully conducted. In solving the risk management, there are various models describing how to solve the risk. Among these, the selection two models are described briefly. The first one is General risk management and the last one is risk management in software management. They have the same methods to solve the risk. They solve through the same phases like Identify Analysis Plan Track Control In general risk management, there is slightly different. In general, the phases are Asset identification (identify) Threats assessments Impact definition and Quantification Control Design and evolution Control Design and evolution The risk management is repeated as the residual risk management is the step where the risk has been neutralize but need to manage so the threat cannot be the risk again to the organization. If is again to become the risk, it is needed to solve through the above steps. The risks are essential to the organization and thus risk management is more important than other things. The above description is only a brief of the risk management only. Advantages and disadvantages of Network Security As the above description, nowadays, security is an essential to everything. For the enterprise, the network security is really important not to steal the information by others, not to get the virus and other malicious programs and to prevent other important things. There is no doubt that for the enterprises having network even extended to internet really needs to have security. But having network security has advantages and disadvantages. In real world, network having security can promise that all important data cannot be stolen by other hackers. Having firewall, one of the important security things, can prevent from entering the malicious things into the network. The virus, which may be man-based or not, can destroy the entire network and the only way to prevent this destroyable thing, is preventing the entire network by non-hold security, the most secure thing. Security can make network not to penetrate by threats thus the data and information are secure. The email and other communication can do without any limited as security can filter the virus from the other from entering the network. Therefore, security can give the network more trusted. As security does not have any intelligent, thus it can filter things that are not malicious code. As security will do as human command, human can accept to enter the malicious code into the network by closing the security. Firewall can prevent the email that is really not a virus, but firewall thinks it wrongly. If email is not important, it makes nothing to the enterprise. But if it does not like that, it makes the whole enterprise shocked. Sometimes security does not work well and thus it prevents or allows all information from the outsides of the network. In summary, as security is man-made, thus, even the most secure network can be destroyed by virus or other malicious code. Security is very good when it works properly. When something starts wrong, security can make the problem to the network. Thus, to have secure network, security should be controlled and is needed to check whether it is working correctly or not and dont allow other users to allow the things that are prevented by security. When security is used correctly and controlled, it will give advantages to the network. If not so, it wont. 3.1 Access Control Access control makes the process of determining and controlling the legitimate users activities, which can do or not. Access control makes restrict users who can install the software in computer but who cannot, who can change the IP address in computer but who cannot. Therefore, access control means that it restricting the users activities on computers. There have built-in access control accounts in Operation System, especially in Microsoft products such as Windows XP, 2000, vista and 7. They have various user accounts and its assets. The table below shows the account type and its asset. For a typical user account, the table is constructed according to the Windows Server 2003s user accounts. Group Rights Administrators Has complete control over the computer and domain Account Operators Can administer user and group accounts for the local domain Backup Operators Can back up and restore files that users normally cannot assess Guests Is permitted guest assess to domain resources Print Operators Can add, delete, and ,manage domain printers Server Operators Can administer domain server Users Has default access rights that ordinary users accounts have Source: Guide to Networking Essential 5th edition by Greg Tomsho, Ed Tittel and David Johnson. Table 3.3 User Accounts and Their Rights In normally or ordinary clients windows operating system, there are typically have Administrator, Standard and Guest accounts. By defining the users of network the account types according to the level, it can prevent changing the default setting of network or operation system. It is the simplest and easiest way of Access Control. The one important thing of setting the users account is placing the password that is not familiar and long and difficult for the other person but easier to remember myself. There are several rule of setting the password. Some of these are 1. Passwords should not be the parents name and spouse or husband or wifes name and childrens name. 2. Password should be mixed with numbers and alphabets. For example, adm1sn1s!ra!or or no24557raytheo 3. Although password should be difficult for the other users, it should not be difficult myself, that is, password should be easier and familiar with myself The above access control is simplest and easiest as I said above. The more effective and secure access control is containing the various restricting way of assets of users. The first way of secure access control is access control matrix, which is constructed by rows and columns and also describing the capability of the user. The second way is building the access control list that has one column at one time having the right of performance types and what kind of actions can be performed. It is short and simple. But it has many disadvantages. Account control List (ACL) is most suited where the data is accessed from the clients computers or stored in computers, which is most commonly in universities campus or universitys science labs. It is not suited where the clients or usurers are flooded and changing to the time and when users want to have delegate authority to install the program to use for a period of time. Although the ACL is easily to implemented, it is not effective as it needs security checking at runtime, when the user access the file or program as the operation system can readily knows what programs are accessed by user and users assets but it cannot know users access which file or folder unless operation system needs to check file at every time or to keep track of active assets of users or clients. The last one is that in ACLs, it makes tedious work that files or folders which are accessed by clients are searched. For instance, it is really a tedious job to do which is finding the files and folder of millions on the network and delete password or another of employs account is fired by Chief to ensure not to access network from the outside network. Another access control is Role-Based Access Control, defined mainly based on the roles and responsibilities of clients which access computers, files and folders. As this access control is defined by role and level of users, it can be easily known who has the right to install, who has the right to control IP address of network and who has only to do word processor software. It is easily to differentiate which role can do what kinds of operations in computer. When the role based access control system is used, as the users role should be defined and their privileges should also be set to the minimum or precisely for computer operations. Someone assigned to a job category may be allowed more privileges than needed because is difficult to tailor access based on various attributes or constraints. Therefore, role-based access control is difficult to define the controlling precisely. However, for the organization that defined nearly precise RBAC, users can know how much they can do the opera tion in the computer system and RBAC system provides the users with flexibility and breath of application greatly. In comparison with access control list and other access control system, RBAC is less intuitive and more conventional than other system of access control. Role Bases Access Control system is integral part that used in Secure European System application for Multi-vendor Environment (SESME) distributed system and the database language SQL3. For Philadelphia Inc, access control system will be used is role-based access control system as it can show the assets of users clearly and sharply. According to the role and responsibilities, staff will have different assets and operation in computer network and computer alone. By using the top-down process, the executive have greatest assets than other staff in the companies. For Administrator or ITSC department head, the servers operation can be done without prior notice. And for each department head, this system will give them the different assets mainly based on role and responsibilities. For instances, it can be done by Financial head which is operation of accounting software and any others operation concerning with financial system but for the head of Sale department, the above processes are cannot be done. The process that can be done is the one concerning with role of the clients. Although executives will have the widest asset of computer network, they cannot change the TCP/ IP address nor other operations that are concerning with administrators assets. Therefore, with a precise role-based access control system, it can be defined which level can do what kind of operation on computer and computer network. 3.2 User Authentication Authentication is the process of identifying the users who they are with something they know (password or something else). According to the security need of enterprise, authentication process differs from the one that does not need as much as the former. Authentication process is mainly based on the identify verification and registration process on user. John Seam is the new staff and needs to show her identity such as ID Card, birth certificate and passport for authentication registration process to do. After they are all gotten and the enterprise will investigate the identifications of hers have criminal record or something else. After this process, enterprise accepts her registration and takes the secret thing she know such as fingerprint and other biometric things and password and enterprise provide the username to get the permission to do operation of enterprise. If John Seam provides the false identity and the enterprise accept it, the person acting ad John can positively get p ermission of enterprise. Therefore, in summary, authentication is only as good as the weakest point of chain. According to the security level needs of enterprises, the authentication process can be grouped into 16 groups which are Password Authentication, Single Sign On Authentication, Lightweight Directory Access Protocol (LDAP) Authentication, Access Control Authentication, Network Authentication, Biometric Authentication, Strong Authentication, Transaction Authentication, Federated Authentication, PKI Authentication, Security Token Authentication, Smart Card Authentication, Authentication Management, Wireless Authentication, Document Authentication and Outsourcing Authentication. Password Authentication Password authentication is the common method of authentication process in various enterprises and it is the weakest and critical process too. In password authentication, user needs username and password to log in into computer. Password length, type of character and password duration and password management is now critical to enterprises. Password, how long they are, can easily be cracked by hacker and thus password is really weakest authentication process of enterprises. Single Sign On Authentication Single Sign On (SSO), Reduced Sign On (RSO) and Enterprise Single Sign On (ESSO) make the user not have to remember so many passwords and id. SSO is the architecture for stronger risk of information and other things. Enterprises uses SSO in information that needs to have stronger security. When user or black user login into the computer by id and password for lower risk of security, if other high risk information or application is accessed, the SSO software needs more password or biometric or other security enhanced thing to user who accessed it. Thus SSOA is more secure than password authentication. Lightweight Directory Access Protocol Authentication Nowadays, most enterprises use Lightweight Directory Access Protocol (LDAP) to handle the central authentication. LDAP directories, such as Active Directory, Sun One Directory, Novel e-Directory and other vendors, provide a low cost way of doing fast identity look-ups and authentication as compared to traditional databases. However, today, enterprises use virtual LDAP that contain one or more database or directory that is integrated to authentication. The LDAP is the critical identity authentication that can lead to access control authentication. Access Control Authentication Access control is the process of accepting the identity to get the permission to access the information physically or electronically. With LADP directory, single sign on and access control, most enterprises build the smart card for staff which can use to keep the working time and their access to the LADP directory management. As the access control has its own database directory, it can reduce the database directory for storing information Network Authentication Network authentication is the process of accepting the user ability to authenticate the network as well as their authorization. Biometric Authentication Biometric Authentication is the one which takes part of the body to get access to information and program. This authenticates by scanning the users finger print, retina scan and other things. Strong Authentication Strong authentication means having higher trust of an authentication. This includes digital certificate, security token and biometric method. Some enterprises use combination of these methods including the password for the information that needs higher security and critical to enterprises. Transaction Authentication Transaction authentication is the process of using other authentication determinants to verify an identity. It is often used between customer and financial institution. Federated Authentication Federated Authentication is the permission to get into the enterprise from outside from trusted website which also contains SAML, Liberty Alliance, Web Services Federation and Shibboleth. PKI Authentication Public key infrastructure (PKI) is another way of authentication process. The user is getting the digital certificate which is given by a Certificate Authority (CA) which is needed to present during the PKI authentication process and contains level of assets. Security Token Authentication This kind of process is used to authenticate who you are. During the login process but for more high risk , signal sign on process, the user needs to enter the number which is token with his user name. Although it is more secure than password and id, it makes the enterprise more costly than login process. Smart Card Authentication Smart card authentication is another form of token process, which is login by digital certificate, containing the information about the user and its level of asset. Nowadays, smart cards are used to get permission in physical things such as building, room and facility. Authentication Management Authentication management is overall process of all authentication process. Wireless Authentication As wireless is most common network infrastructure of enterprises, authenticating wireless network becomes more and more secure because wireless can be breached easily. But to form secure wireless network, authentication should be combined multi authentication process. Document Authentication Formerly separate document authentication systems are now becoming intertwined with enterprise identity and authentication mechanisms. Gone are the days of relying upon mostly passwords to authenticate users trying to open document. Outsourcing Authentication Many modern enterprises have outsourced portions of their authentication development, maintenance and troubleshooting. If done well it can save the enterprise money. If done poorly, it can create security holes or, cause enterprise failures. For Philadelphia Inc, the authentication processing is done according to the risk and critical of information and program. For computers that are used by staff are covered by password and id only but when want to access file on server or on network, authentication is done by LADP process. Changing of the software or document on the database server will not be allowed. When want to upload or share folder within enterprises, authentication of biometric process of fingerprint should be used. But sharing data within enterprises can only be done by head of the department. For more secure-need departments such as Financial and Administrator, authentication of security token will be used when accessing the information. For server room and other department room, smart card authentication will be used to enter the room. According to the changes of level of security al all time, the authentication process will also be changed to be more secure and flexibility. 3.3 Firewall Firewall technology is first introduced in 1990 and it improves sustainably and nowadays it is really essential technology for network infrastructure. The early firewall is pocket filter firewall improves to nowadays it can filter all networks layers. Firewall technology is used in companies even in home where use internet from Internet Service Provider (ISP). For firewall that is often used in network can control the network traffic and security posture. Nowadays, the network environment is defined by context of internet connectivity and IP address. But the computer that does not have any network can also use firewall. For instance, the enterprise that does not connect to internet also uses firewall to restrict the information going in and out of the internal network or more simply intranet. If company installs the firewall properly or has proper firewall environment, it will have more secure than others which do not have. To define the different firewall platforms, its different ca pabilities can be compared in term of Open System Interconnect (OSI) layers which has seven layer The OSI Model is the abstraction of network and network devices and show how the computer system communicate within the firewall. Layer 1, labeled Physical, shows the actual physical communication hardware and media such as Ethernet. And layer 2 represents the layer at which network traffic delivery on Local Area Networks (LANs) occurs. Layer 2 is also the first layer that contains addressing that can identify a single specific machine. The addresses are assigned to network interfaces and are referred to as MAC, or Media Access Control addresses. An Ethernet address belonging to an Ethernet card is an example of a Layer 2 MAC address. Layer 3 is the layer that accomplishes delivery of network traffic on Wide Area Networks (WANs). On the Internet, Layer 3 addresses are referred to as Internet Protocol (IP) addresses; the addresses are normally unique but in circumstances involving Network Address Translation (NAT), it is possible that multiple physical systems are represented by a single Layer 3 IP address. Layer 4 identifies specific network applications and communication sessions as opposed to network addresses; a system may have any number of Layer 4 sessions with other systems on the same network. Terminology associated with the TCP/IP protocol suite includes the notion of ports, which can be viewed as end points for sessions: a source port number identifies the communication session on the originating system; a destination port identifies the communication session of the destination system. The upper layers (5, 6, and 7) representing end-user applications a nd systems, are shown here for illustration purposes only. The first and basic firewall is pocket filter firewall which can control the functionality of for communication session and system address. This is done by the rule set which control the functionality of access control. Basically this fire mainly work at the layer 3 (Network) of OSI model. The second firewall is Stateful Inspection Firewall which is modified by the addition of the layer 4 (Transport) of OSI model, in short adding TCP/IP protocols which make the firewall processing difficult. The next one, Application-Proxy Gateway firewall is formed by combination of lower layer and upper layer (layer 7- Application) of OSI model to control the passing of the packet by software-control. As different types of firewalls have different advantages and disadvantages, for fulfill the users needs, nowadays used hybrid firewall technologies to get more secure and advanced protection to support the datagram of the user. For Philadelphia Inc, it was attacked severely by some kinds of network virus and thus the IT head makes ma draw a network diagram to support the companys needs. In Philadelphia Inc, there are 13 departments, above mentioned, and thus more than 1000 computers are in. The each of the departments is in each one floor of 15 storied building, and thus the wireless internet access can be used without being confused. For the security of Inc. the firewalls are used and antivirus program, Norton, will be used and also boundary pocket filter is used. For more understandable, please refer to the networking diagram. From the figure, the internet got from Internet Service Provider (ISP) in fig is filtered by Boundary pocket filter which is also called Boundary Router prevents the Denial of Access, and other attacks. Another reason is it can improve the speed and flexibility and it can filter the traffic of network which is sometimes used by attacker to flood. In summary it can control any attack that takes advantages of weakness of TCP/IP. After filtered, the internet will be again scan by main firewall which can also protected from access of any attackers and also virus. Before distributed to departments, it is again filter by internal firewall which can again filter any threats that are not protected by main firewall. After scanning, it will be distributed departments, clients. For internal DNS Servers, they are linked via optical cable to get access from one department to another so that information can be transferred without delay. For executives, they will get the internet access directly from External DNS Server through internal firewall to reach internal DNS server to arrive the executives office. This is because they will even get the internet access although departments do not get the network access. The most common firewall environment implementation is known as DMZ network or DeMilitarized Zone network, which has two or more firewall that are connected in only network, which is most common in enterprises network. DMZ network can employ the departments to access the information externally or internally, which is common in Virtual Private Network (VPN). But it can also provide the attachment of network to be easier accessing to information from one department to another. However, it should not be placed outside or network that has only one firewall as it can provide clients to access information easier and thus attackers can easily penetrate it. Therefore, this is placed between firewall and router. In all internal and external, antivirus program and other preventing programs will be used and thus they will scan all incoming and outgoing information to be more secure and trust. Although the main DNS server will be placed in IT and Sever Controlling Department, other internal DNS servers will be in each department. For each of departments sever technicians from IT and SC Department will always check for performance and other essential things. The access point will be places in the centre of each floor so that all clients either on right or left will get the internet access For servers, technicians will maintain once a week for all servers in the Inc. to be better performance. And they will also backup all essential information in some kind of median, especially in database server. All information will be back up in database server so that if something happens to clients, information can be gotten from database server. 3.4 Virus Protection Virus which can get into your computer in many forms such as sperm, Trojan and many others is protected by antivirus (anti mean opposite) program. Thus what does antivirus do? Antivirus program scans the computer hard disk to search the virus. But before you search your computer with antivirus program, you should firstly update the your antivirus program definition or signature to ensure to get the threats in the computer which are released by latest model. For Philadelphia Inc, Norton Internet Security will be used. Norton is one of the most famous and trusted program in the world. Moreover, Norton can catch the latest virus in a short time. Thus, to prevent the data in Inc, the most trusted antivirus program, Norton Internet Security, will be used. About Norton Internet Security 2010 The Norton Internet Security can proof its security by various awards that it got during 2008. The Norton Internet Security contains all antivirus things and other essential things that need for internet users. Therefore, although the Norton Antivirus and Norton Internet Security are produced by the same cooperation, Symantec, the Norton Internet Security is more suitable for users who have internet and network access as it contains full protection of internet and network. Features of Norton Internet Security 2009 In Norton Internet Security, the key technologies are really the needs of customers. It can fulfill the customers needs and desire. The key technologies are Antivirus Spyware protection, Two-way firewall, Identity protection, Antphishing Network security Botnet protection Rootkit detection Browser protection Internet worm protection Intrusion prevention OS and application protection Web site authentication Pulse updates Norton Insight SONAR behavioral protection Antispam Parental Controls confidential information blocking In Norton Internet Security 2010, the features that won over the other programs are uncountable. Among these, the first one is Engineered for Speed. The Norton Internet Security scan all hard disk and network in a minute and catch the virus to maximum amount as it uses the Norton TM Technology of Intelligence-driven. The second one is that it is really to download updates in a minute and downloads will do automatically for 5-16 minutes so that the most popular virus and antispam and other vulnerability cannot be accessed. The next one is securing network, spam blocking and parental control so that the Norton Internet Security has no security hole. Another famous feature is SONAR (Symantec Online Network Advanced Response) which can detects threats and proactively found unknown security risk on your computer. It can detect virus and other malicious things in a second. When the threats or others are found the warning message appears in the left corner of the computer screen Therefore, no sooner did you use removeable disk, you do not need to scan manually. Norton will scan automatically and will show the warning message to know user the security risk had been removed. Another feature is that computer system performance can be checked by clicking Flip Screen on the Norton interface so the interface will flip to show the computer performance graph Another feature is Norton Insight Application Ratings. From help file of the Norton Internet Security, Norton wrote about the Application Ratings as below. The Norton Insight Application Ratings feature allows the smart scanning of files on your computer. It improves the performance of Norton Internet Security scans by letting you scan fewer files without compromising the security of your computer. A Norton Internet Security Scan can identify threats on your computer by following ways: The Blacklist technique At regular intervals, Norton Internet Security obtains definition updates from Symantec. These updates contain signatures of known threats. Each time when Norton Internet Security obtains the definition updates, it performs a scan of all of the files that are available on your computer. It compares the signature of the files against the known threat signatures to identify threats on your computer. The Whitelist technique Norton Internet Security obtains specific information about the Files of Interest and submits the information to Symantec during idle time. The information includes such things as file name, file size, and hash key. Symantec analyzes the information of each File of Interest and its unique hash value and provides a trust level to the file. The Symantec server stores the hash value and trust level details of the Files of Interest. The server provides the details immediately after you open the Norton Insight Application Ratings window. Even the slightest modification of the file causes a change in the hash value and the trust level of the file. Typically, most Files of Interest belong to the operating system or known applications, and they never change. These files do not require repeated scanning or monitoring. For example, Excel.exe is a file that never changes but you always scan it during a normal security scan. Source: From Norton Internet Security 2010 Help About Application Ratings Another is Network Security Map. In this map, all computers and their security status are shown in separate computer picture labeled with computer name. It can also show the remote connection In Norton Internet Security, it contains smart firewall and other network essential things to scope the users needs. Since Norton possesses the famous name and have a strong production of network and others that are needed and suitable for either personal users or enterprises-level users. Therefore, to be more secure the Incs network, famous and most trusted Norton Internet Security 2010 must be chosen. The following figure shows networks setting. Note: At the time of writing this assignment, Norton Internet Security 2010 is only beta version. 3.5 Accessing the Internet Internet is the network which is a set of combination of networks that cover all over the world. As there is internet in the world, we can know the news or events that occur in one part of the country can be known from the other part of the network. Thus nowadays, internet is more and more popular. In accessing internet, there are three basic types. They are Mail only: This allow you only to use mail send and receive but by this mail gateway, you can access to FTP, HTTP, Gopher and WWW but only text only and non-interactive. Shell account: This let you to get access into another computer which is also connect to the internet. Direct account: This is the ultimate form of internet which can get the internet access directly from the internet service provider to get access the internet in your computer. Although there are many types of computer access, many computers get access to the internet by directly plugging into the LAN, WAN or leased circuit but such internet needs gateways and access points which can cost. For home user, they access the internet by dial-up type, which is use phone line and modern and call the Internet Service Provider (ISP) to get the internet access via phone line. In Philadelphia Inc, internet connection is spreading through the company via wireless which does not need to plug in or to use wire to get access the internet. When there are so many departments and computers in Inc, cable internet access cannot be suitable and thus wireless internet is used. Task 4 Acceptable Use Policies 1.Executive Summary This policy is mainly emphasis on restricting the staffs behavior to protect the Philadelphia Inc. databases and information. This policy is address to privacy of staff and data integrity of Philadelphia Inc. 2.Scope This policy will apply to all staff, temporaries and all people who access to the Inc Network. It also apply to all computer that is used and administrator by Inc. This policies is to get more secure network and restrict the behavior. 3.Responsibilities The below responsibilities are all concerned with all staff in the Inc. When access to the data and program and network of Inc, it is firstly know that there will not have any expectation of privacy of users as all users-watched webpage or email or even Instant Message will be check for incs copyright product information and other plan which will start in soon future. Users are prohibited the unlawfully installing, using, investigating, storing, uninstalling on incs computers or administered computers. You want to install software you purchased, you should contact administrator providing the license and other evidence that your program is not under law. Users should have responsible if you access the data by easing or modifying which is not user. But this kind of action strongly prohibited if the other person do not have prior notice. If you want to do this kind of action you should first authorization to get access. Users should know that all data in the Inc. is purpose of business and references only. It is permitted for personal use, if it meets the criteria below; Does not create security or legal risk to Inc., Does not interface with work productivities, Does not save data in removable devices for illegal purpose. 4.1 Policy for Access the World Wide Web (WWW) Staff should not visit the webpage that are not concerning with the organization. It is your responsibility if something happens to computer or Incs network. Staff should not use web-based mail from the Incs network as many viruses can get into the organization infrastructure. It is strongly prohibited to use personal email (more detail in Email Policy). When you want to download some documents or software, firstly you should check your downloaded website is secure or not. If firewall does not allow downloading your file as it can contain some kind of threat by scanning the downloaded file, dont attempt to off the firewall and start your download. You do not have any permission to do such a dangerous action. You have limit time access to internet in the work time but you can reach the internet during break time or in over working time. You cannot visit or download any kind of pornographic website or other immortal, ethnical and illegal and also including the sport website under any circumstances. Doing such action can lead the disciplinary actions or up to termination of employment. All staff activities on internet will be logged to check individual in future to know what kind of websites visited and it will check any privacy matter such as web-based mail to know whether you do the restricted action or not. No offensive or harassing material must be made via Incs network. And also no personal advertising should be made. This internet access is mainly emphasis on the business purpose and staffs enhancing global communication only and not for personal use or purpose. All data and information that is critical to Inc should not be transferred to the outside or other competitive companies. Anyone found done that kind of action must be fired at once. Disciplinary Actions If someone found breaking or broke the above policy will have strong action according to its action, whether it is critical or not. Actions including termination of employment, dismissal of intern and volunteers and termination of employment relation in the case of contact consult or employment. Additionally, individuals are subject to Philadelphia Incs Information Resource access privilege, civil and criminal prosecution. 4.2 Electronic Mail Usage Policy Scope The following policies are established to appropriate use of electronic mail that is occupied by Inc. Policies The purpose of email establishment in Inc. id for using in business purpose only and email cannot be used personally. Incs confidential information and files and other related things must not be shared outside of the Incs area. Being done that kind of action will result in the termination of employment. You should keep in mind when you want to forward email not concerning with business to your family, friends or relatives; you firstly need to consider that you are wasting the businesss invaluable time. You should not use Incs email account to forward or read pornographic or any sexual letter which can be addressed according to sexual harassment policies of the city and state. All personal email, non-business email, must not be forwarded or sent using business email account will get the disciplinary action up to termination of job. This companys email is not own of staff and staff cannot have expectation of ownership of email. The Inc has right to modify, delete, clear and block the email that sent via Incs email account. Therefore all staff from the executive to the lowest level of Inc should be communicated in ethical and acceptable manners. Subscription to any non-business relation things should not be done in company emails account as this purpose if for company use only. But it will be allowed if subscript to business concerning things such as book or newspapers or something else. E-mail chain letters are not to be originated, forwarded or otherwise distributed using any City resource under any circumstances. An e-mail chain letter is defined as any message sent to one or more recipients that directs the recipient to forward it to one or more other recipients and contains some promise of reward for forwarding it or threat of consequences for not doing so. You should know that all of your information that sent or received in Incs account can be check as the Inc has the right to do such things by specific IT staff. Therefore, you should keep all of your private data in your own computer only not in the organizations computer. Disciplinary Actions If someone found breaking or broke the above policy will have strong action according to its action, whether it is critical or not. Actions including termination of employment, dismissal of intern and volunteers and termination of employment relation in the case of contact consult or employment. Additionally, individuals are subject to Philadelphia Incs Information Resource access privilege, civil and criminal prosecution. 4.3 IM and Chat Policy Scope To use the Instant Messaging (IM) as an effective communication of staff of the organization, the follow policies are established to be followed strictly Policies The organization Instant Messaging is for purpose of communication between staff and customers, in short for business purpose only and not for personal use. This is also applied to chat room. When you communicate with customers or within each staff, you should not use any harassed words that can reduce the other persons standard. In chat room, you should not write any things concerning with sexual activities or other rude sentences. You should not write or say any confidential information of the organization as in the IM and chat room, all written information can be copied. This kind of action is strongly prohibited. When you chart with other people, you should consider the other people time and thus dont talk too long, it means that you are chatting during work time. You should not also talk political and other things, tasteless jokes, etc, in the IM as you are wasting the other persons invaluable time. Disciplinary Actions If someone found breaking or broke the above policy will have strong action according to its action, whether it is critical or not. Actions including termination of employment, dismissal of intern and volunteers and termination of employment relation in the case of contact consult or employment. Additionally, individuals are subject to Philadelphia Incs Information Resource access privilege, civil and criminal prosecution.

Essay on Population Growth and Standard of Living - 945 Words

Population Growth and Standard of Living Recently, the human population on this planet surpassed an amazing milestone. In the year 2000 it hit 6 billion, and without a sign of slowing down, continue to increase at an unprecedented pace. After taking nearly 3 million years to reach our first 1 billion, it has taken us only 11 years to raise our population the most recent billion (from 5 to 6). This rate of growth can be graphically interpreted as a J-shape pattern. If the past is any indication of the future, this means that while our rate of growth is high right now (a net increase of almost 87 million annually), it will continue increase to no end. But is there a limit to how big the population on Earth can truly be? While many agree†¦show more content†¦We also are currently having trouble supplying adequate housing, health care, education, and many other components of a reasonable standard of living. If we cannot provide these amenities now for 6 billion people in the world, can we expect to provide them for 8 t o 10 billion in the 21st century. (Southwick, 161) On the opposite end of the argument lie optimistic ecologists like Julian Simon. Simon believes that there is no population crisis and no environmental crisis that is due to the rapid growth of humans. He believes, in what many scientists call, a tech fix. He asserts that population growth, economic growth, and a resource rich-world coupled with modern technology will produce greater prosperity and better health for increasing numbers of people. (Soutwick, 160) Simons theory has come true before. For example, when the growth of our human population started to slow during the time of the nomad, humans realized agriculture could support more people, and thus, the Agricultural Revolution took place. In addition, advances in agricultural and industrial technology have effectively increased the size of the globe over the last two centuries, in terms of the maximum population which it will support. (Dolan, 58) That is to say, a tech fix for 8 billion people down the road might not be as ea sy, but there are plenty of brilliant minds currently in the world who could ultimately figure out a solution to the problems that an increase in populationShow MoreRelatedEssay about Can the World Sustain an Increasing Population?925 Words   |  4 Pagesattitudes to the population policy, some of them tend to delay the increase of population while others introduce policies to encourage childbirth. After centuries of continual growth, which started at the first industrial revolution, the global population reached over 7 billion individuals in 2013. Research by Ezeh, Bongaarts and Mberu (2012) states that increasing population is a threat to individuals and societies by bring problems based on unsatisfied demand. The â€Å"increasing population† in this essayRead MoreThe Current World s Population1409 Words   |  6 Pagess population is approximately seven billion people, and the amount of time that it takes for the population to increase by another billion is decreasing w ith each billion. According to the World Population Data sheet, there will be about eight billion people by the year 2020, and this is due to its continuation of growth (Southwick 159). A clear understanding of the causes and what might possibly happen is the first step to dealing with the population crisis. The world s human population hasRead MorePopulation Control1497 Words   |  6 PagesPopulation Control Population growth, a topic most likely insignificant to the common man, but the world’s population growth and control of that population growth is necessary for our overall survival. The issue has been discussed due to fear of the world becoming overpopulated. Experts and nations alike have monitored this recent growth in our population to predict any struggle that may occur before it is encountered. If the world becomes overpopulated, the limited amount of resources we haveRead MoreEssay on Economic Growth and Development894 Words   |  4 PagesEconomic growth is a necessary but not sufficient condition of economic development. There is no single definition that encompasses all the aspects of economic development. The most comprehensive definition perhaps of economic development is the one given by Todaro: ‘Development is not purely an economic phenomenon but rather a multi – dimensional process involving reorganization and re orientation of the entire economic and social system. Development is a process of improving the qualityRead MoreThe Rise Of The Standard Of Living1738 Words   |  7 Pagesare involved in the constant quest to improve their economic growth that in turn would pave a way for the increase in the standard of living. This is especially true for under-developed and developing economies that have immense growth potential and need to exploit their available resources through prudent policy measures and structural reforms to improve the standard of living of the people. However, this increase in the standard of living leads to increased consumption of goods and services that tendsRead MoreDiscuss the extent to which economic growth may benefit the economy888 Words   |  4 Pagesï » ¿Discuss the extent to which economic growth may benefit the economy. (18) Economics growth is, it the short run an increase in real GDP and in the long run an increase in the productive capacity of an economy (the maximum output that the economy can produce). GDP stands for Gross Domestic Product which is the country’s production of goods and services valued at market price in a given time period. Real GDP is when these figures are corrected for inflation using a base year (The UK uses 2003 asRead MoreHow Growth Can Make Us Worse Off1196 Words   |  5 PagesHow growth can make us worse off by Ross Gittens Outline: This article discusses the economic growth within the australian economy and its effects. It is stated that the Australian economy’s economic growth is driven mostly by immigrants rather than natural increase. The business bible shows a growth of average of 1.42 per cent being the weakest in the past 15 years. Slower growth in the economy leads to slower growth in GDP, lower standard of living, harder to reduce budget deficit and reducedRead MoreSimilarities And Differences Between China And Australia1236 Words   |  5 PagesSimilarities and Differences between China and Australia’s Economies Introduction The Chinese and Australia economies have many similarities and differences, including the size of the economies, growth rates, unemployment, inequality, standard of living, environmental issues and the roles the different governments have in influencing and modifying these factors of the economy. Size of Economy The GDP is the total market value of goods and services in an economy over a period of time. China’s GDPRead MoreUnstable Urbanization Between The Years 2017 And 20501276 Words   |  6 PagesSingletary Dudek English IV H 2nd 9 March 2017 UNSTABLE URBANIZATION Between the years 2017 and 2050, â€Å"the United Nations projects that global population will increase significantly by nearly 2.5 billion people putting the global population at around an estimated 9 to 10 Billion people† (Jiang). In the near future it is predicted that the global urban population will nearly double if not possibly triple in size. Which will create a global imbalance in quality of life and put an even greater strain onRead MoreGlobal Environmental Issues Of The World1540 Words   |  7 Pagesbecomes more intense as the world s population—and our use of natural resources—keeps booming(1). It should be noted that there are 7 continents (Asia, Africa, South America, North America, Europe, Australia and Antarctica) and 196 countries without including sub-nations and islands in the world. This is not shocking to people as the world dynamics cannot be completely studied as population trends change from time to time due periodic occurrences. Populati on debates like this are why, in 2011, National