Pro And Cons Of Security Measure Information Technology Essay

Pro And Cons Of Security Measure Information Technology Essay This work requires the student execute a limited research based assignment in Network security. This work should be a conference style paper. Suggested Topics are given below. However, the work should reflect real thought and effort. The grade will be based on the following factors: novelty, depth, correctness, clarity of presentation, and effort. Students can select any other topics relevant to network security other than listed below with the approval of the module leader. In this paper student should explain the Security issues relevant to their topics and should analyze any two of the security tools/measures widely used to overcome those issues. More emphasize is given to the analysis of pros and cons of the security measures followed where a thorough knowledge/understanding of the problem and its countermeasures are gained. Introduction Voice over Internet Protocol also known as Voice over IP, IP Telephony or VoIP and it started by a small company called Vocaltec, Inc in February 1995 from Israel. [Joe Hallock, A Brief History of VoIP] By that time, it will be the first internet phone software. Vocaltec aims are to provide user to makes phone call from one computer to another computer using sound card, microphone and speaker. This VoIP software created by Vocaltec only works when both caller and the receiver have the same setup software installed. VoIP is design for deliver the voice communication and multimedia session over the Internet Protocol and it is also categorized as one of the internet technology, communication protocol and transmission technology. In simpler terms, VoIP converts the voice signal from your telephone into a digital signal that travels over the Internet. There are three types of VoIP tools that are commonly used; IP Phones, Software VoIP and Mobile and Integrated VoIP. The IP Phones are the most institutionally established but still the least obvious of the VoIP tools. Of all the software VoIP tools that exist, Skype is probably the most easily identifiable. The use of software VoIP has increased during the global recession as many persons, looking for ways to cut costs have turned to these tools for free or inexpensive calling or video conferencing applications. Software VoIP can be further broken down into three classes or subcategories; Web Calling, Voice and Video Instant Messaging and Web Conferencing. Mobile and Integrated VoIP is just another example of the adaptability of VoIP. VoIP is available on many smartphones and internet devices so even the users of portable devices that are not phones can still make calls or send SMS text messages over 3G or WIFI.[2] One of the most significant advantages of VoIP (over a traditional public switched telephone network (PSTN also known as a legacy networks) is that one can make a long distance phone call and bypass the toll charge. This integrated voice/data solution allows large organizations (with the funding to make the transfer from a legacy network to a VoIP network) to carry voice applications over their existing data networks. VoIP telephone systems are susceptible to attacks as are any internet-connected devices. This means that hackers who know about these vulnerabilities (such as insecure passwords) can institute denial-of-service attacks, harvest customer data, record conversations and break into voice mailboxes.[26] Another challenge is routing VoIP traffic through firewalls and network address translators. Private Session Border Controllers are used along with firewalls to enable VoIP calls to and from protected networks. For example, Skype uses a proprietary protocol to route calls through other Skype peers on the network, allowing it to traverse symmetric NATs and firewalls. Other methods to traverse NATs involve using protocols such as STUN or ICE. Many consumer VoIP solutions do not support encryption, although having a secure phone is much easier to implement with VoIP than traditional phone lines. As a result, it is relatively easy to eavesdrop on VoIP calls and even change their content.[27] An attacker with a packet sniffer could intercept your VoIP calls if you are not on a secure VLAN. However, physical security of the switches within an enterprise and the facility security provided by ISPs make packet capture less of a problem than originally foreseen. Further research has shown that tapping into a fiber optic network without detection is difficult if not impossible. This means that once a voice packet is within the internet backbone it is relatively safe from interception. There are open source solutions, such as Wireshark, that facilitate sniffing of VoIP conversations. A modicum of security is afforded by patented audio codecs in proprietary implementations that are not easily available for open source applications[citation needed]; however, such security through obscurity has not proven effective in other fields.[citation needed] Some vendors also use compression, which may make eavesdropping more difficult.[citation needed] However, real security requires encryption and cryptographic authentication which are not widely supported at a consumer level. The existing security standard Secure Real-time Transport Protocol (SRTP) and the new ZRTP protocol are available on Analog Telephone Adapters (ATAs) as well as various softphones. It is possible to use IPsec to secure P2P VoIP by using opportunistic encryption. Skype does not use SRTP, but uses encryption which is transparent to the Skype provider[citation needed]. In 2005, Skype invited a researcher, Dr Tom Berson, to assess the security of the Skype software, and his conclusions are available in a published report.[28] The Voice VPN solution provides secure voice for enterprise VoIP networks by applying IPSec encryption to the digitized voice stream. The IAX2 protocol also supports end-to-end AES-256 encryption natively. Traditional enterprise telecommunications networks used to be viewed as relatively secure because you practically needed to be within physical reach to gain access to them. Sure, things like toll fraud and war dialing were problematic, but those were easily remedied by longer or more complicated passwords and other access controls. The age of converged networks has changed that with voice now traveling over IP networks (VoIP). These converged networks inherit all the security weaknesses of the IP protocol (spoofing, sniffing, denial of service, integrity attacks, and so on). In addition, voice quality and confidentiality are potentially affected by common data network problems such as worms and viruses. Converged networks also offer an array of new vectors for traditional exploits and malware, as each IP endpoint becomes a potential point of network entry. Internet telephony refers to communications services-voice, fax, SMS, and/or voice-messaging applications-that are transported via the Internet, rather than the public switched telephone network (PSTN). The steps involved in originating a VoIP telephone call are signaling and media channel setup, digitization of the analog voice signal, encoding, packetization, and transmission as Internet Protocol (IP) packets over a packet-switched network. On the receiving side, similar steps (usually in the reverse order) such as reception of the IP packets, decoding of the packets and digital-to-analog conversion reproduce the original voice stream.[1] VoIP systems employ session control protocols to control the set-up and tear-down of calls as well as audio codecs which encode speech allowing transmission over an IP network as digital audio via an audio stream. The codec used is varied between different implementations of VoIP (and often a range of codecs are used); some implementations rely on narrowband and compressed speech, while others support high fidelity stereo codecs. Technical review In term of security issues, VoIP encounter numerous of issues reported and some of it can lead into big loss to a company. Below are some of the security issues that discuss in this research. Service Theft The most basic thing a hacker can do with your VoIP service is to steal it. In doing so, the perpetrator can make free calls and possibly start off a new VoIP telephony business of his/her own at amazingly cheap ratesjust like the first criminal who was charged with hacking VoIP 1. Service theft is relatively easy with VoIP because the Session Initiation Protocol (SIP) that is used for authentication in VoIP calls does not use encryption by default. Identity Theft Close on the heels of service theft is the risk of identity theft. If someone can steal a service, they have everything else they need to steal the identity of the person(s) using the service. Accounts as basic as utilities and as critical as financial loans are often tied to a specific phone number. If all else fails, the hacker can, at a minimum, gather sig-nificant information about the target individual(s) to be able to take the next step towards stealing the persons identity. Eavesdropping One might remember when tapping a phone required some serious instruments that needed to be installed at the right places while at the same time the person bugging the phone would have to make sure that nobody watches him/her in action. This procedure is a lot easier with VoIP. The instrument might still look like a phone and work like a phone, but tapping this phone is not at all difficult for someone with the right knowhow and tools and the wrong intentions. Hackers today can take control over several VoIP features such as voicemail, call forwarding, caller ID, call forward-ing, calling plan selection, and billing details. Stealing the VoIP service to enable free calls is actually much less prof-itable and desirable for hackers. Instead, with businesses increasingly using VoIP, sensitive corporate information is now the target. VoIP packets flow over networks like packets of data that can be sniffed just like regular data pack-ets. These packets can then be merged together to play the voice conversation in a normal media player software. Mix VoIP hacking with corporate espionage and you end up with a very lucky and enabled hacker. Vishing Vishing is the criminal practice of using social engineering over the telephone system, most often using features facilitated by Voice over IP (VoIP), to gain access to private personal and financial information from the public for the purpose of financial reward. What if you were to receive a call from your bank or your credit card company that had an automated voice at the other end asking you to enter your debit/credit card number, PIN, and other details? Chances are you might comply with the request. Better still, if you were the person making the call to your phone banking number then these chances are actually quite high considering the fact that you were the person making the call. In both these cases, a Vishing attack could have been launched using VoIP that could lead you to believe that youre calling an entity that you trust. Specifically in the second case, redirecting your call to a Visher would actually be much easier if you use a VoIP based phone. Denial of Service One VoIP hacking method that can cause significant frustration and losses to businesses is the Denial of Service. As the name suggests, the main aim of the hacker is to ensure that your organization is denied the usage of your VoIP telephony service. Voice calls made by an organization can be manipulated, tampered, and even dropped. Hackers can even flood the target VoIP infrastructure with several call-signaling SIP messages. Many times, these DoS attacks are actually a smokescreen for hackers to plant malware or even take control of systems in the background. Spyware and Malware VoIP infrastructure rests on the same architecture as a normal computer system. Essentially, the issues that a normal computer system can face are quite applicable to VoIP infrastructures as well. Top of the list is spyware and malware. Consider the example of a software application that is used to enable VoIP telephony. A user would have to run this software over a computer, a PDA, an iPhone, or such. This introduces the vulnerabil-ity of falling prey to viruses, spyware, malware, worms, and just about all forms of malicious code. SPAM Spam exists with VoIP, although it is known as SPIT or Spam over Internet Telephony. While more typically just an annoyance, SPIT does at times carry viruses and malware, just like spam. While the occurrence of SPIT is not very common today, trends definitely dictate that SPIT is heading in the direction of SPAM. VoIP telephone systems are susceptible to attacks as are any internet-connected devices. This means that hackers who know about these vulnerabilities (such as insecure passwords) can institute denial-of-service attacks, harvest customer data, record conversations and break into voice mailboxes.[26] Another challenge is routing VoIP traffic through firewalls and network address translators. Private Session Border Controllers are used along with firewalls to enable VoIP calls to and from protected networks. For example, Skype uses a proprietary protocol to route calls through other Skype peers on the network, allowing it to traverse symmetric NATs and firewalls. Other methods to traverse NATs involve using protocols such as STUN or ICE. Many consumer VoIP solutions do not support encryption, although having a secure phone is much easier to implement with VoIP than traditional phone lines. As a result, it is relatively easy to eavesdrop on VoIP calls and even change their content.[27] An attacker with a packet sniffer could intercept your VoIP calls if you are not on a secure VLAN. However, physical security of the switches within an enterprise and the facility security provided by ISPs make packet capture less of a problem than originally foreseen. Further research has shown that tapping into a fiber optic network without detection is difficult if not impossible. This means that once a voice packet is within the internet backbone it is relatively safe from interception. There are open source solutions, such as Wireshark, that facilitate sniffing of VoIP conversations. A modicum of security is afforded by patented audio codecs in proprietary implementations that are not easily available for open source applications[citation needed]; however, such security through obscurity has not proven effective in other fields.[citation needed] Some vendors also use compression, which may make eavesdropping more difficult.[citation needed] However, real security requires encryption and cryptographic authentication which are not widely supported at a consumer level. The existing security standard Secure Real-time Transport Protocol (SRTP) and the new ZRTP protocol are available on Analog Telephone Adapters (ATAs) as well as various softphones. It is possible to use IPsec to secure P2P VoIP by using opportunistic encryption. Skype does not use SRTP, but uses encryption which is transparent to the Skype provider[citation needed]. In 2005, Skype invited a researcher, Dr Tom Berson, to assess the security of the Skype software, and his conclusions are available in a published report.[28] The Voice VPN solution provides secure voice for enterprise VoIP networks by applying IPSec encryption to the digitized voice stream. The IAX2 protocol also supports end-to-end AES-256 encryption natively. Securing VoIP To prevent the above security concerns government and military organizations are using Voice over Secure IP (VoSIP), Secure Voice over IP (SVoIP), and Secure Voice over Secure IP (SVoSIP) to protect confidential and classified VoIP communications.[29] Secure Voice over IP is accomplished by encrypting VoIP with Type 1 encryption. Secure Voice over Secure IP is accomplished by using Type 1 encryption on a classified network, like SIPRNet.[30][31][32][33][34] Public Secure VoIP is also available with free GNU programs.[35] [edit]Caller ID Caller ID support among VoIP providers varies, although the majority of VoIP providers now offer full Caller ID with name on outgoing calls. In a few cases, VoIP providers may allow a caller to spoof the Caller ID information, potentially making calls appear as though they are from a number that does not belong to the caller[36] Business grade VoIP equipment and software often makes it easy to modify caller ID information. Although this can provide many businesses great flexibility, it is also open to abuse. The Truth in Caller ID Act has been in preparation in the US Congress since 2006, but as of January 2009 still has not been enacted. This bill proposes to make it a crime in the United States to knowingly transmit misleading or inaccurate caller identification information with the intent to defraud, cause harm, or wrongfully obtain anything of value [37] [edit]Compatibility with traditional analog telephone sets Some analog telephone adapters do not decode pulse dialing from older phones. They may only work with push-button telephones using the touch-tone system. The VoIP user may use a pulse-to-tone converter, if needed.[38] [edit]Fax handling Support for sending faxes over VoIP implementations is still limited. The existing voice codecs are not designed for fax transmission; they are designed to digitize an analog representation of a human voice efficiently. However, the inefficiency of digitizing an analog representation (modem signal) of a digital representation (a document image) of analog data (an original document) more than negates any bandwidth advantage of VoIP. In other words, the fax sounds simply do not fit in the VoIP channel. An alternative IP-based solution for delivering fax-over-IP called T.38 is available. The T.38 protocol is designed to compensate for the differences between traditional packet-less communications over analog lines and packet based transmissions which are the basis for IP communications. The fax machine could be a traditional fax machine connected to the PSTN, or an ATA box (or similar). It could be a fax machine with an RJ-45 connector plugged straight into an IP network, or it could be a computer pretending to be a fax machine.[39] Originally, T.38 was designed to use UDP and TCP transmission methods across an IP network. TCP is better suited for use between two IP devices. However, older fax machines, connected to an analog system, benefit from UDP near real-time characteristics due to the no recovery rule when a UDP packet is lost or an error occurs during transmission.[40] UDP transmissions are preferred as they do not require testing for dropped packets and as such since each T.38 packet transmission includes a majority of the data sent in the prior packet, a T. 38 termination point has a higher degree of success in re-assembling the fax transmission back into its original form for interpretation by the end device. This in an attempt to overcome the obstacles of simulating real time transmissions using packet based protocol.[41] There have been updated versions of T.30 to resolve the fax over IP issues, which is the core fax protocol. Some newer high end fax machines have T.38 built-in capabilities which allow the user to plug right into the network and transmit/receive faxes in native T.38 like the Ricoh 4410NF Fax Machine.[42] A unique feature of T.38 is that each packet contains a portion of the main data sent in the previous packet. With T.38, two successive lost packets are needed to actually lose any data. The data you lose will only be a small piece, but with the right settings and error correction mode, there is an increased likelihood that you will receive enough of the transmission to satisfy the requirements of the fax machine for output of the sent document. [edit]Support for other telephony devices Another challenge for VoIP implementations is the proper handling of outgoing calls from other telephony devices such as Digital Video RecordersDVR boxes, satellite television receivers, alarm systems, conventional modems and other similar devices that depend on access to a PSTN telephone line for some or all of their functionality. These types of calls sometimes complete without any problems, but in other cases they fail. If VoIP and cellular substitution becomes very popular, some ancillary equipment makers may be forced to redesign equipment, because it would no longer be possible to assume a conventional PSTN telephone line would be available in consumers homes. Improving Your VoIP The key to securing a VoIP infrastructure is to remember that it involves sending voice over the Internet Protocol (IP). So, the way to secure it is quite similar to the way you deal with an IP data network. Here are the key aspects to keep in mind when securing a VoIP infrastructure Encryption VoIP packets, by default, are transmitted in clear-text and so encryption is vital to ensure confidentiality. VoIP in-frastructures based on Secure Real-time Transport Protocol (SRTP) take a step ahead of the unencrypted SIP and en-sure that VoIP traffic privacy and confidentiality is maintained. Alternatively, encryption in the form of Transport Layer Security (TLS) or Internet Protocol Security (IPSec) can also make a great difference. Network Design A basic rule of thumb to remember is to logically separate voice and data networks. The best case scenario would be to let the VoIP infrastructure have its own isolated network with only the minimum necessary interactions with other sub-networks via secure firewalls. Having dedicated VoIP servers with audited and hardened operating systems and all unnecessary services disabled is the next step to fortifying your VoIP infrastructure. Soft Phones Soft phones add to an administrators misery by offering another end point that needs to be secured. The ideal solu-tion is to avoid using Soft phones altogether. If they must be used, ensure that they are fully hardened and patched at all times. While it adds an additional bur-den, it is absolutely paramount to the security of the VoIP infrastructure. Hard Phones Hard phones offer a great alternative to soft phones, especially when coupled with private branch exchange (PBX) systems running on a hardened and, preferably, dedicated server. Periodic checks and updates are essential to ensure that the IP-PBX and IP Phone firmware is fully patched. Physical Security This is an often understated aspect of VoIP security. While an organization can spend countless hours and resources securing the medium of transmission, it is critical to also ensure the physical security of the enabling infrastructure components like the hard phones, the VoIP servers, and any other device that directly or indirectly supports the VoIP infrastructure. Physical security can become the Achilles heel of your VoIP infrastructure if it is not respected. Defaults and Passwords More often than not, default passwords and settings are not secure. These defaults are created with a generic scenario in mind and will most likely not fit the requirements and customization that your organization demands. It is impor-tant to replace all default passwords with strong passwords that are at least eight characters long, and employ a com-bination of uppercase letters, lowercase letters, numbers, and special characters. This should be further bolstered by good password policies and robust identity management. Voice Messaging Systems and Storage One typical area that is easy to miss is the security of calls that are stored on voice messaging systems. Ensure that the voice message boxes of all users require that the password be changed each time the service is used. It might cause a bit of inconvenience, but it will also offer a mile of improved security. It is also important to secure the storage of voice messages by performing periodic checks and audits to look for exploitable holes. Vulnerability Assessments Last, but most important, a periodic vulnerability assessment of the VoIP infrastructure can ensure that no holes have emerged due to the ever-changing nature of business requirements and the networks that support them. Inde-pendent audits can often provide useful insights into the state of the VoIP infrastructure and serve as an additional piece of evidence of due diligence in the regulatory compliance armory. Make VoIP Work For You VoIP has truly been a genuine money saver for businesses all over the world and the world is a smaller place, in part thanks to VoIP technology. The security issues around VoIP are serious and very real. However, taking the right steps and countermeasures can truly help your organization make the most of VoIP. The Internet is like alcohol in some sense. It accentuates what you would do anyway. If you want to be a loner, you can be more alone. If you want to connect, it makes it easier to connect. Research Methodology Secondary resources such as journal, white paper and thesis are being use in this research to analyze and further study in order to produce this research. Evaluation VoIP Sniffing Tools VoIP Scanning and Enumeration Tools VoIP Fuzzing Tools VoIP Sniffing Tools AuthTool Tool that attempts to determine the password of a user by analyzing SIP traffic. Cain Abel Multi-purpose tool with the capability to reconstruct RTP media calls. CommView VoIP Analyzer VoIP analysis module for CommView that is suited for real-time capturing and analyzing Internet telephony (VoIP) events, such as call flow, signaling sessions, registrations, media streams, errors, etc. Etherpeek general purpose VoIP and general ethernet sniffer. ILTY (Im Listening To You) Open-source, multi-channel SKINNY sniffer. NetDude A framework for inspection, analysis and manipulation of tcpdump trace files. Oreka Oreka is a modular and cross-platform system for recording and retrieval of audio streams. PSIPDump psipdump is a tool for dumping SIP sessions (+RTP traffic, if available) from pcap to disk in a fashion similar to tcpdump -w. rtpBreak rtpBreak detects, reconstructs and analyzes any RTP session through heuristics over the UDP network traffic. It works well with SIP, H.323, SCCP and any other signaling protocol. In particular, it doesnt require the presence of RTCP packets. SIPomatic SIP listener thats part of LinPhone SIPv6 Analyzer An Analyzer for SIP and IPv6. UCSniff UCSniff is an assessment tool that allows users to rapidly test for the threat of unauthorized VoIP eavesdropping. UCSniff supports SIP and Skinny signaling, G.711-ulaw and G.722 codecs, and a MITM ARP Poisoning mode. VoiPong VoIPong is a utility which detects all Voice Over IP calls on a pipeline, and for those which are G711 encoded, dumps actual conversation to separate wave files. It supports SIP, H323, Ciscos Skinny Client Protocol, RTP and RTCP. VoIPong ISO Bootable Bootable Live-CD disc version of VoIPong. VOMIT The vomit utility converts a Cisco IP phone conversation into a wave file that can be played with ordinary sound players. Wireshark Formerly Ethereal, the premier multi-platform network traffic analyzer. WIST Web Interface for SIP Trace a PHP Web Interface that permits you to connect on a remote host/port and capture/filter a SIP dialog. VoIP Scanning and Enumeration Tools EnableSecurity VoIPPack for CANVAS VoIPPack is a set of tools that are designed to work with Immunity CANVAS. The tools perform scans, enumeration, and password attacks. enumIAX An IAX2 (Asterisk) login enumerator using REGREQ messages. iaxscan iaxscan is a Python based scanner for detecting live IAX/2 hosts and then enumerating (by bruteforce) users on those hosts. iWar IAX2 protocol Wardialer Nessus The premier free network vulnerability scanner. nmap the premier open source network port scanner. Passive Vulnerability Scanner The Tenable Passive Vulnerability Scanner (PVS) can find out what is happening on your network without actively scanning it. PVS detects the actual protocol, various administrative interfaces, and VoIP scanner(s). Currently includes over 40 VoIP checks. SCTPScan This tool enumerates open SCTP ports without establishing a full SCTP association with the remote host. You can also scan whole networks to find SCTP-speaking machines. SIP Forum Test Framework (SFTF) The SIP Forum Test Framework (SFTF) was created to allow SIP device vendors to test their devices for common errors. SIP-Scan A fast SIP network scanner SIPcrack SIPcrack is a SIP protocol login cracker. It contains 2 programs, SIPdump to sniff SIP logins over the network and SIPcrack to bruteforce the passwords of the sniffed login. Sipflanker Sipflanker will help you find SIP devices with potentially vulnerable Web GUIs in your network. SIPSCAN SIPSCAN is a SIP username enumerator that uses INVITE, REGISTER, and OPTIONS methods. SIPVicious Tool Suite svmap, svwar, svcrack svmap is a sip scanner. It lists SIP devices found on an IP range. svwar identifies active extensions on a PBX. svcrack is an online password cracker for SIP PBX SiVuS A SIP Vulnerability Scanner. SMAP SIP Stack Fingerprinting Scanner VLANping VLANPing is a network pinging utility that can work with a VLAN tag. VoIPAudit VoIP specific scanning and vulnerability scanner. VoIP Fuzzing Tools Asteroid this is a set of malformed SIP methods (INVITE, CANCEL, BYE, etc.) that can be crafted to send to any phone or proxy. Codenomicon VoIP Fuzzers Commercial versions of the free PROTOS toolset Fuzzy Packet Fuzzy packet is a tool to manipulate messages through the injection, capturing, receiving or sending of packets generated over a network. Can fuzz RTP and includes built-in ARP poisoner. Interstate Fuzzer VoIP Fuzzer Mu Dynamics VoIP, IPTV, IMS Fuzzing Platform Fuzzing appliance for SIP, Diameter, H.323 and MGCP protocols. ohrwurm ohrwurm is a small and simple RTP fuzzer. PROTOS H.323 Fuzzer a java tool that sends a set of malformed H.323 messages designed by the University of OULU in Finland. PROTOS SIP Fuzzer a java tool that sends a set of malformed SIP messages designed by the University of OULU in Finland. SIP Forum Test Framework (SFTF) SFTF was created to allow SIP device vendors to test their devices for common errors. And as a result of these tests improve the interoperability of the devices on the market in general. Sip-Proxy Acts as a proxy between a VoIP UserAgent and a VoIP PBX. Exchanged SIP messages pass through the application and can be recorded, manipulated, or fuzzed. Spirent ThreatEx a commercial protocol fuzzer and ribustness tester. VoIPER VoIPER is a security toolkit that aims to allow developers and security researchers to easily, extensively and automatically test VoIP devices for security vulnerabilties. Differences in how security countermeasures are applied Discussion The Advantages and Disadvantages of VoIP VoIP has many advantages over a regular phone service. However, like any emerging technology, there are still a few kinks in the system. However, as standards are developed it becomes more reliab

Business Essay

Convenience Internet marketing enables you to be open for business around the clock without worrying about store opening hours or overtime payments for staff. Offering your products on the Internet is also convenient for customers. They can browse your online store at any time and place orders when it is convenient for them. Reach By marketing on the Internet, you can overcome barriers of distance. You can sell goods in any part of the country without setting up local outlets, widening your target market. You can also build an export business without opening a network of distributors in different countries. However, if you want to sell internationally, you should use localization services to ensure that your products are suitable for local markets and comply with local business regulations. Localization services include translation and product modification to reflect local market differences. Cost Marketing products on the Internet costs less than marketing them through a physical retail outlet. You do not have the recurring costs of property rental and maintenance. You do not have to purchase stock for display in a store. You can order stock in line with demand, keeping your inventory costs low. Personalization Internet marketing enables you to personalize offers to customers by building a profile of their purchasing history and preferences. By tracking the web pages and product information that prospects visit, you can make targeted offers that reflect their interests. The information available from tracking website visits also provides data for planning cross-selling campaigns so that you can increase the value of sales by customer. Relationships The Internet provides an important platform for building relationships with customers and increasing customer retention levels. When a customer has purchased a product from your online store, you can begin the relationship by sending a follow-up email to confirm the transaction and thank the customer. Emailing customers regularly with special, personalized offers helps to maintain the relationship. You can also invite customers to submit product reviews on your website, helping to build a sense of community. Social Internet marketing enables you to take advantage of the growing importance of social media. An article on the Harvard Business School Executive Education website highlighted the link between social networking and online revenue growth. According to the article, a group of consumers that responded most strongly to the influence of social networks generated increased sales of around 5 percent. You can take advantage of this type of influence by incorporating social networking tools in your Internet marketing campaigns.

Is consociational democracy democratic? Essay

Today, democracy is both a pervasive presence and a valued symbol in European politics1. Theorists of the concept generally agree on the fundamental principles of democracy but have tended to differ radically in their conception of popular rule and democratic practices2. Consequently, it was somewhat inevitable that democracy as an ideal emerged in different forms across the diverse societies prevalent in Western Europe. Arend Lipjphart’s seminal work on ‘consociational democracies’3 contributed to democratic theory – concerned primarily with political stability of democratic regimes in plural societies4. The democratic viability of Lipjphart’s theory has recently been called into question however5. What then is ‘democracy’? Establishing the benchmarks of the concept at the outset will allow us to evaluate the extent to which ‘consociational democracy’ can be seen as ‘democratic’. An assessment of the key themes of Lipjphart’s theory – that of ‘grand coalitions’, ‘segmental autonomy’, ‘proportionality’ and ‘minority veto’ respectively – will set the structure to the following discussion. Drawing examples from the Belgian and Swiss ‘consociational’ regimes will provide illustrations of the emerging argument that consociational democracy is undemocratic6. Abraham Lincoln famously described the concept of ‘democracy’ as ‘government of the people, by the people, for the people’7. Lincoln’s prominent phrase encapsulates three fundamental principles, which, roughly translated, mean that we as citizens govern through political parties representing our interests; exercise our choice through franchise to elect those in control; and have the right to hold persons in power accountable for their actions. Moreover, the fourth striking characteristic noted by academics is that democracy represents political stability8. For Lipjphart, â€Å"consociational democracy means government by elite cartel designed to turn a democracy with a fragmented political culture into a stable democracy†9. ‘Grand coalitions’ would be used to prevent cultural diversity from being transformed into â€Å"explosive cultural segmentation†10. Politics, by its very nature, feeds on conflicts arising from social heterogeneity11 and the stability of divided societies often depends on whether the elites of rival subcultures are willing and able to reject confrontation in favour of compromise12. A grand coalition enables political leaders of all the segments of the plural society to jointly govern the country13. Nobel prize winning economist Sir Arthur Lewis endorses the system by arguing that all who are affected by a decision should have the chance to participate in making that decision, because â€Å"to exclude losing groups from participation clearly violates the primary meaning of democracy†14. In this sense, by embracing the notion of grand coalition, consociationalism can be said to be ‘democratic’15. There is, however, evidence to suggest that in practice the principle of ‘grand coalition’ does not adhere closely to the benchmarks of democracy. The Belgian governmental arena has overall remained fairly closed to non-pillar parties, which seems to contradict the very essence of grand coalition government16. In Switzerland, even though the major parties are represented on roughly proportional grounds in the Federal Council, the representatives are not always those nominated by the party17. Does this lie comfortably with the initial conception of democracy as government ‘of the people’? What of accountability? Since the Federal Council makes its decisions in a collegial manner, no party can hold its representative government directly responsible18. The Swiss consociational system cannot therefore be said to be truly accountable to the electorate – contrary to one of the fundamental principles of democracy19. Moreover, the Swiss referendum system has often highlighted flaws inherent in a ‘grand coalition’. Although the outcome of a policy decision is one of ‘amicable agreement’ among the elite, it might be opposed by 49% of the electorate at referendum20. Papadopoulos argues that the major problem stems from the fact that, since some decisions are taken at the end of the process by popular vote, it effectively excludes any further appeal or bargaining21. Can the ‘grand coalition’ system truly coincide with the democratic principle of representativeness if binding collective decisions may be taken on very small popular majorities?22 Furthermore, since accommodating strategies are not always effective, they are more easily gridlocked23 and potentially unstable24. Consequently, it seems that elite accommodation does not fulfil its proposed stabilising function and thus does not conform to the ultimate proposition of democratic stability. In all democracies power is necessarily divided to some extents between the central and non-central governments in order to avoid a concentration of power25. The ‘consociational’ school, inspired by the writings of Tocqueville, sees decentralisation of power as the essence of democratic government26. The principle of ‘segmental autonomy’ seeks to ensure that decision-making authority is, as much as possible, delegated to the separate subdivisions of society whereas issues of common interest are decided jointly. In contrast with majority rule, it may be characterised as â€Å"minority rule over the minority itself in matters that are their exclusive concern†27. This follows from Jan-Erik Lane’s proposition that all societal groups will respect the rules of democracy if they have autonomy over their own affairs28. Federalism is the best-known method of giving segmental autonomy to different groups in society. Segmental autonomy may also be provided on a non-territorial basis which is of particular relevance to plural societies where distinct sub-societies are not geographically concentrated. Such non-territorial autonomy characterised the Belgian system prior to its transformation into a federal state in 1993. Switzerland is also a federal state in which power is divided between the central government and a number of cantonal governments. Both systems, according to Tocqueville’s analysis, are conducive to democracy. It is evident that one of the subsidiary characteristics of segmental autonomy in the form of federalism is that the smaller component units are overrepresented in the federal chamber – their share of legislative seats exceeds their share of the population29. The maximum extension of this principle seems to be equality of representation regardless of the component units’ population. Such parity is evident in Switzerland where two representatives stand for each canton. Can an overrepresentation of minorities be truly democratic if it disregards the will of the majority? Moreover, the form segmental autonomy takes in the Netherlands is that pillar organisations in areas such as education, health care and housing are recognised and financed by the government. Each organisation has considerable influence in the running of their policy sector, but the increasing intervention of the state in imposing standards means that â€Å"the organisations that are autonomous in name are, in practice, quasi-governmental agencies†30. Thus, it can be argued that the pillars are to an extent no longer democratically representative of the societies they act for. What of democratic stability? In the Swiss context, highly decentralised federalism has been accused of being a hindrance of effective government31 and Belgium’s new system of federal consociationalism is bipolar, which is not always a good condition for its smooth operation32. â€Å"There can be no doubt that the adoption of a system of elected administrative officers plays a most vital part in the process of democracy†33. The notion of ‘proportionality’ serves as the basic standard of political representation34. The rule of proportionality, said to be so central to the ‘politics of accommodation’, attempts to ensure that all parties have access to state resources35. Indeed, it seems that if partisan conflict is multi-dimensional, a two-party system must be regarded as an â€Å"electoral straight jacket that can hardly be considered to be democratically superior to a multi-party system reflecting all of the major issue alternatives†36. Moreover, in two-party systems the party gaining an overall majority will tend to be overrepresented in parliament, whereas votes translate into seats proportionally through the adoption of proportional representation37. The Swiss consociational system, takes representation a step further through referenda, whereby the public effectively have a veto on state policy38. Thus, with regard to representation, it would seem that consociational democracy acquires the higher democratic ground. On the other hand, even if we concede that ‘proportionality’ is more ‘representative’, it is implicit that a defining characteristic of consociational democracy is the absence of competition since the campaigning is directed at the mobilization of the sub-cultural constituency, not at competition with other parties. Competition between parties is, however, a defining feature of democracy39, stemming from the notion of freedom and choice. Can non-competition be equated with absence of choice and thus be seen as undemocratic? Conversely, certain academics have argued that in its pure form the system of proportional representation â€Å"generally backfires and may turn out to be the kiss of death†40. Indeed, party volatilities may have significant consequences for the political process in consociational democracies41. The Swiss party system is highly fragmented42, and the increasing fractionalisation of the party system in Belgium has led to high volatility elections and instability43. Does this adhere to the democratic notion of stability? Moreover, in the Swiss context it may be argued that referendums are basically majoritarian in their effects, because they are usually decided by simple popular majorities. Indeed, it has been suggested that, due to the inability to discuss matters emerging in referenda, they are bound to be more dangerous than representative assemblies to minority rights44. Additionally, statistics show that the level of participation in Swiss referenda has been low – often below 50 per cent of those eligible to vote45. In the light of some assertions that ‘too many referenda kill democracy’46, can this aspect of proportionality in Swiss politics be described as democratic? The ‘grand coalition’ system of government serves to give each societal segment a share of power at the central level. There is no provide a guarantee, however, that the policy will not be outvoted by a majority when its primary objectives are contested47. The purpose of a ‘minority veto’48 in consociational democracies is to provide such a guarantee. The ‘minority veto’ tool provides a strong system of checks and balances and reinforces the notion of separation of powers at the heart of government. Indeed, academics have noted that Belgium’s federal state is â€Å"replete with checks and balances†49, and the notion of separation of powers in both Belgium and Switzerland manifests itself through a bicameral legislature with equal legislative powers. Consequently, it may be argued that the ‘minority veto’ sustains the democratic principle of holding the government to account. Does ‘mutual veto’ work in practice? One of the ‘rules of the consociational game’ was ‘the government’s right to govern’ with the corollary that the parties should not interfere thus allowing the government to â€Å"rise above inter-subcultural strife†. To a considerable degree, this â€Å"aloofness from party politics has given way to a politicisation of the cabinet by the governing parties†50, making the minority veto principle largely redundant. However, when it does have an effect, the reciprocal control of power inherent in mutual veto often results in mutual obstruction and blocked decision-making. Swiss constitutional amendments, for example, must be approved by a majority of the cantons – which effectively gives the smallest cantons, with less than 20 per cent of the population, a potential veto51. It is implicit in Switzerland that good solutions are often difficult to reach because the Federal council â€Å"does not observe the implicit rules of the accommodation game†52. Can a system that disregards the wishes of the majority be truly democratic? Some have even commented that â€Å"to admit the minority veto as a major and normal means of limiting power is to admit a shuddering principle†53. If you reward divisiveness through veto power, you institutionalise those divisions. In this light, Lipjphart’s machinery seems to engender â€Å"consensus-braking than consensus-making†54. Divisiveness and instability can hardly be reconciled with the traditional concept of democracy. Is consociational democracy democratic? Assessing the main themes of Lipjphart’s concept has highlighted â€Å"fundamental weaknesses† in consociational theory55. Even though ‘grand coalitions’ seek to represent all groups in society, the collegial manner of decision-making raises problems of accountability. ‘Segmental autonomy’ may be praised in theory, but it seems that in practice, smaller pillars tend to become institutionalised through heavy regulation at central level, thus negating the democratic essence of the notion. The concept of ‘proportionality’ aims at a fair distribution of power, yet the party volatilities produced as a result can hardly be conducive to democratic stability. Academics of the consociational school argue that ‘minority veto’ resolves the accountability deficit inherent in grand coalition government since it provides a system of checks and balances. On the other hand, critics contest that mutual veto encourages gridlock and frustration at the heart of administrations. The Swiss and Belgian experience has shown that consociational democracies tend to be stable, but are they stable because they are consociational56? At the very least, empirical evidence highlights a ‘democratic deficit’ in consociational theory57. 1 What democracy is and is not, p.70 2 http://www.xrefer.com/entry/343784 3 http://www.keele.ac.uk/depts/spire/Staff/Pages/Luther/researchint.htm 4 Politics and Society in Western Europe, lane + ersson, p.156 5 http://www.xrefer.com/entry/343729 6 Consociationalism has been practiced in Belgium and Switzerland since 1945 and 1943 respectively. Note: It has been argued that the Swiss model does not strictly fit into the consociational mould (Barry, Review article), but for the purpose of this analysis we will discuss Switzerland due to its grouping as one of the four original identified ‘consociational’ societies (Paul Pennings, party elites in divided societies, p.21, also Kenneth D Mc Rae p.520) 7 http://www.xrefer.com/entry/343784 8 ‘On Liberty’, J.S. Mill, Cambridge University Press, 1989 9 Sited in Politics and Society in W Europe, lane + ersson p.157 10 The odd fellow, Switzerland, p.135 11 Politics and society in Western Europe, Neo Taqu. p.2 12 http://www.keele.ac.uk/depts/spire/Staff/Pages/Luther/researchint.htm 13 Arend Lipjphart, Consociation and Federation p.500 14 W. Arthur Lewis, Politics in West Africa (London: George Allen and Unwin, 1965) p.64 15 Since 1959, Switzerland has been governed by a grand coalition of the four major political parties. The Belgian state is also maintained according to Luther’s framework of vertical linkage within the subcultures as well as engagement in overreaching accommodation to bridge the gap between the pillars (From consociation to federation, Belgium, p.104) 16 From consociation to federation, Belgium, p.98. In Belgium, to an increasing extent, the system of consociational accommodation became the ‘system’ of Christian Democrat and socialist cooperation. In 1999, the ‘natural’ centre left coalition has been in power for twelve years 17 Brian Barry, review article, p.482 18 The odd fellow, Switz, p.154 19 Indeed, it has been said that power and strict accountability for its use are the essential constituents of good government. Woodrow Wilson, Congressional Government: A study in American Politics (New York: Meridian Books, 1956) p.186 20 Brian Barry, review article, p.483 21 The odd fellow, Switz, p.138 22 In a multi-party system without a majority party, the coalition’s programme will be a compromise between the individual party platforms – a compromise made by political leaders instead of mandated directly by the voters. (Democracies, p.110) 23 Comparative constitutional engineering, p.71 24 Party Elites in divided societies, paul pennings, p.22 25 Democracies p.169 26 Politics and Society in Western Europe, Ersson + Lane, p.169 27 Lipjphart, consociation and federation, p.500 28 Lipjphart, consociation and federation, p.500 29 Democracies, p.173 30 Party elites in divided societies, Rudy Armstrong, p.124 31 The Swiss Labyrinth, p.25 32 From consoc. To fed. Belgium, p.107 33 European democracy between the wars, p.23 34 Consociation and federation, Lipjphart, p.501 35 Parties, Pillars, Rudy B. Andeweg, p.129 36 Democracies, p.113 37 Democracies, p.151. The two-party ‘leader’s bias’ was strongly illustrated in the UK in 1997, with Labour gaining 65 per cent of British seats on 45 per cent of the vote, while the Conservatives were under-represented in the commons (Dunleavy, Developments in British Politics p.147) 38 Indeed, Switzerland has developed â€Å"the theory and practice of the referendum to a pitch to which no other nation has begun to match† (Butler and Ranney, eds., Referendums:A Comparative Study of Practice and Theory (Washington, D.C.: American Enterprise Institute, 1978) p.5 39 What democracy is and is not p.70 40 Comparative constitutional engineering, p.73. It has been said that the dispersal of power across several minority parties adds profusion to confusion, Ibid. p.71 41 paul pennings, party elites, p.38 42 The odd fellow, p.141 43 From consociation to federation, Belgium, p.93. In ‘Democracy or Anarchy?’ Ferdinand A Hermens warned of the dangers proportional representation posed to the survival of democracy, arguing that the instability created by the latter would invoke the rise of autocratic regimes. (F.A. Hermens, Democracy or Anarchy? Astudy of Proportional Representation (New York: Johnson Reprint Corporation, 1972) p.293) 44 Democracies, p.31 45 The Swiss Labyrinth, p.5 46 The Swiss Labyrinth, p.5 47 Consociation and Federation, Lipjphart, p.501 48 Note: The term ‘minority veto’ will be used interchangeably with ‘mutual veto’ 49 From consociation to federation, Belgium, p.103. The Belgian constitution can only be changed by two-thirds majorities in both chambers of the legislature. This rule is effectively a minority veto where a minority or a combination thereof controls at least a third of the votes in one chamber. 50 Parties, Pillars and the Politics of accommodation, Andweg p.127 51 Democracies, p.190 52 The Swiss Labyrinth, p.27 53 Comparative Constitutional Engineering, p.71 54 Comparative constitutional engineering, p.72 55 http://www.sagepub.co.uk/journals/details/issue/abstract/ab013998.html 56 http://www.xrefer.com/entry/343729 57 Craig and De Burca p.155

The Awesome World of Entrepreneurship Essay - 1218 Words

The history of entrepreneurship has been existing in the United States for decades. During the 1607 during the 19th century, the first Virginia Company sent three ships across the Atlantic and unloaded 109 passengers in Jamestown, Virginia (Gordon 1). They were embarked on a new business enterprise that they hoped would be profitable (Gordon 1). Their business was known as a joint-stock company that allowed people to invest in enterprises without running into the risk of losing everything if there business did not succeed (Gordon 1). Later in life, the Virginia Company failed to become successful by making every mistake they could make which caused them to go broke and most entrepreneurs then fail (Gordon 2). Even though there was failure,†¦show more content†¦There are many local colleges like: Babson College, Brigham Young University, University of Berkeley, California, Massachusetts Institute of Technology, University of Michigan, University of Chapel Hill, North Carolina , University of Pennsylvania, University of Southern California, Stanford University, and Washington University in St. Louis offer undergraduate and graduate courses for future entrepreneurs (Epstein 1). Then, theres the University of Chicago, and Harvard University who offer graduate courses and the University of Houston and Princeton University who offers undergraduate course. What if there was a path to take in order to become an entrepreneur? First, you have to start with hard work, dedication, late night, continuous research, networking, sales skills, and thinking outside of the box (Mellon 1). Its also very important to choose related jobs that are similar to entrepreneurship like: being an owner, manager, director, president, and chief executive officer (http://uncw.edu/career/entrepreneurship.html). Those kind of people organize and operate the risk for business ventures like an entrepreneur according to the American Heritage Dictionary. Then, theres also a few skills that y ou should follow in order to become an entrepreneur. Those skills are being able to multitask, willing to do things, and having the tolerance for risk takingShow MoreRelatedA Brief Biography of Entrepreneurship Essay1397 Words   |  6 PagesIntroduction In times of crisis, the economy needs new ideas to bring about a change to reactive safely the economy and provide more confidence to the customers. Entrepreneurship plays an important role in the sustainable growth in the economy performance. Innovation and creativity have been never easy, however, in a globalized world that is struggling to recover from a major economic crisis, they play a vital role to recover the economy, becoming the new core competencies of corporations,Read MoreGlobal Business Plan: Taskrabbit972 Words   |  4 Pagesincome. This is another good indication that Task Rabbit has the potential to succeed in Australia given it has flourished thus far in the United States. The Australian economy is a capitalist nation and is a large driver and support for entrepreneurship and innovation. The growth of their economy can partly be attributed to entrepreneurs who have created many jobs with their start up companies. With all these jobs and more people having less time to take care of their personal and administrativeRead MoreMultinational Company1144 Words   |  5 PagesThe Pepsi Cola company of the U.S operates in 114 countries. An MNC operates through a parent corporation in the home country. (3) Oligopolistic Structure : Through the process of merger and takeover, etc., in course of time an MNC comes to assume awesome power. This coupled with its giant size makes it oligopolistic in character. So it enjoys a huge amount of profit. (4) Spontaneous Evolution : One thing to be observed in the case of the MNCs is that they have usually grown in a spontaneous and unconsciousRead MoreCreating An Economic Area Of Higher Productivity And Greater Yield1480 Words   |  6 Pagesmanagement in an effort to shift their small business’s economic resources to an area of higher productivity and greater yield. By using 5 different sources, one can acquire a better understanding of what these terms mean, how they apply to the world of entrepreneurship, and how to best utilize these items in a way that allows a company to maximize their revenue and increase their company’s brand image. Throughout this paper, the company LizardBox will be showcased as well as the means by which this companyRead MoreWhy Am I Business Major? Essay1263 Words   |  6 Pages Why Am I Business Major? Dalanà © Smith To enter into the world of business it is best to earn a two-year associate’s degree in business management. Earning this can offer you opportunities. You would start from ground level and progress in the company buy furthering your education and obtaining a bachelor’s degree. Most companies who are hiring are looking for people who have at least a four year bachelor’s degree, which makes this the best choice. For top-level spots, you will most definitelyRead MoreWhy Do You Go An Online Business? Essay1294 Words   |  6 PagesSome hear about startups being bought for millions by big companies, and hatch plans to start their own internet business. Others nurture online business ideas that they think will shake the web for long-time before taking the leap of entrepreneurship. While there is nothing bad in dreaming big, it is important to keep the realities of starting and running an online business in mind. When it comes to starting a web business, there are hundreds of details to be mastered but let’s just focus on 11CsRead MoreWhat Are Start Ups?2790 Words   |  12 Pages 2 C. Identifying opportunities Doug Neal, the Executive Director of the Center for Entrepreneurship, University of Michigan College of Engineering, Ann Arbor attempted to distinguish 6 different techniques through which Entrepreneurs identify opportunities upon which they build their businesses from observing patterns of behaviour and approach of various entrepreneurs spanning over 100 years (Entrepreneurship: Spotting Opportunities, 2014). 2. C.1 Better faster Cheaper smaller This refersRead MoreInternet Helps Women Entrepreneurs Overcome Hurdles1389 Words   |  6 Pagessaid Monosoff, who has also authored six books for entrepreneurs including, The Mom Inventors Handbook and Secrets of Millionaire Moms. Female Entrepreneurs Growing in Numbers Women now represent nearly a third of all entrepreneurs across the world, and their numbers are expected to keep growing. From 1997 to 2014, in the U.S. alone, women-owned companies grew by 68 percent at a time when all businesses grew by only 47 percent, according to 2014 data published by Womenable and American ExpressRead MoreLiterature Review And Critical Analysis3749 Words   |  15 PagesDirector of the Center for Entrepreneurship, University of Michigan College of Engineering, Ann Arbor attempted to distinguish 6 different techniques through which Entrepreneurs identify opportunities upon which they build their businesses (Entrepreneurship: Spotting Opportunities, 2014). These 6 techniques which may not represent all approaches were arrived at from observing patterns of behaviour and approach of various entrepreneurs spanning over 100 years (Entrepreneurship: Spotting OpportunitiesRead MoreGolda Meir Reached for the Stars Essay1560 Words   |  7 Pagesplatform to see a mire d of key words in this chapter’s sociology list: ascribed status, role expectation, role exit, role conflict, and achieved status. Meir’s story turns these words into real world examples and finally leaves the reader, as it did for me, with an awesome feeling that one person can change the world. I for one am glad that no one ever told her not to reach for the stars. Ascribed status, as noted in Sociology in Our Times the Essentials, 8th Edition, by Diana Kendall, is a social position