eliminate, rename, send, and move files allowing good file management (an example is QDOS). Others allow users to
condense badly fragmented disks. This occurs with frequent erasures and saves on the same hard drive or diskette.
Condensing the storage area reduces the probability that a diskette or hard drive's file allocation table will lose its
electronic mind (and map) of where files are stored. Some packages can recover accidentally erased files and even
accidental reformats of a hard drive (examples are Norton Utilities and MACE). But, the user in the latter case must
prepare for this loss by previously running Mace, which establishes a copy of the hard drive file's allocation table into a
special file. After an accidental reformat, the user can use the program to replace the file allocation table and recover
most of the files.
Physical security of critical hardware and software can be provided several ways. First, smaller machines such as PC's
can be secured to heavy objects with cables and bolts. For the few small businesses using mid range or
microcomputers, the equipment can be kept in secured, locked rooms, Copies of key data and systems files can be
stored in a safe. Frequent back ups of data should be stored separately and securely in a safe. Backups and separate
copies enable the small business to replace lost files and more quickly resume operations. In addition, these procedures
allow the small business to erase virus contaminated or altered data and system files. These procedures will some losses
and limit opportunistic thieves but not the determined ones.
Small businesses can provide access security by limiting machine use to those employees who have a need to use them.
In addition, they should use every security technique provided by the software program. For example, most advanced
word processing systems allow users to password protect user created data files.(12) The problem with such software
protection is that they will foil the opportunistic insider or outsider but not a knowledgeable one. An experienced
hacker can find the password with a utility package and disable it.
Some new products are available that provide both physical and access security. An example is a security system by
Interlock with software on an additional internal board that recognizes physical keys, user identification numbers, and
user passwords. Previously authorized employees with the proper key, identification number, and password can access
the computer. The software also logs the users' identification number, length of use, and the programs or files accessed
by the user. A security administrator authorizes employee keys, passwords, identification number, and access to
certain specified programs or files. Another product by Micronyx uses a "security kernel," that is stored on an
additional board and restricts access, use, input, output, and labels user files.(3) To be effective, such kernels should be
transparent to the users, control the disk operating system, and be invisible to hacker's armed with utility packages.(4)
Data and Communication Security
Some small businesses are using high technology to provide a "niche" for themselves with computer communication
links. This includes small franchises connected to their national office, local credit bureaus, small independent financial
institutions, and small businesses with remote sites. While these communication links allow them to provide unique,
fast services, it exposes them to unique computer losses. First remote sites generally have less experienced operators,
less security, and are more exposed than the central processing unit.(9) Communication links expose the small business
to someone illegally obtaining access and disrupting services, destroying data, or diverting financial transactions for
personal gain. The best protections are physical and access security besides data encryption. Physical and access
security limit users to authorized employees who have a legitimate need to access the system. Data encryption prevents
the hacker from interpreting the communicated transactions and altering, destroying, or diverting them for personal
gain. IBM and the National Security Agency developed an algorithm for data encryption standard (DES) devices.(l)
This security measure requires hardware and software installed at both ends of the communication link that
electronically scramble (encrypt) the data and de-encrypt it at the receiving end. Costs range from inexpensive sets
($600 for two) to very expensive, over $10,000.(1)
A problem with encryption is the need to transmit the mathematical algorithm either physically or electronically to both
ends of the communication link. This allows encryption and de-encryption with the same algorithm. Obviously, this
transmission must be made safely without compromising the algorithm or the whole process is negated.
Local Area Networks
Some small businesses have installed Local Area Networks (LANS) to tie together separate hardware. LANS enable
users to share information, data, and programs in a multi-office small business. Examples of LAN users are small
medical offices, real estate offices, credit bureaus, small banks, or other small professional offices. While LANS allow
mutual sharing and eliminate the need for multiple copies, they expose these files and programs to unauthorized access.
Required security measures include: file passwords, DOS file restrictions (such as read only), user designated storage
areas, user passwords, user identification numbers, and logs of use.
Methods Beyond the Scope and Budges of Most Small Businesses
Some methods are beyond the needs and budgets of most small businesses at the present. Such methods utilized by
large organizations and government security organizations include verifying: fingerprints, signatures, palm prints, hand
geometry, eye blood vessels, voice prints, and coded user cards.
The purpose of a risk audit is to determine which of the above risks and security measures apply to the individual small
business. The audit should examine the small business's potential exposures, types of hardware, software, employee
use, outsider access, sensitivity of the data, cost to replicate data, physical access of hardware, access to software, and
computer communication links.
Appendix A contains an audit check list for small businesses. This check list directs the small business owner to
specific areas that warrant attention. Any answers that are no's need to be examined and corrected.
After the audit is completed the small business needs to make an honest appraisal of the probability and effect of a loss
occurring for each type of risk. Most large organizations calculate the annual expected loss from each risk. Annual
expected losses per risk equal the probability of a loss times the dollar cost of the loss. Large organizations with large
numbers of equipment and employees can calculate probabilities and average losses. Most small businesses do not have
enough losses per category to calculate meaningful loss and probability data. Sometimes the probability of a particular
loss may be very low but any occurrence would entail severe losses. An example is a small word processing service
maintaining all their customer files on a hard drive. While the probability of a hard drive failure during any particular
day is low, eventually every mechanical device will fail. Consequently, the small business needs to determine
what,risks would cripple, disrupt their service, lose a client, or endanger their survival despite the low probability of an
Developing the Appropriate Security
At the conclusion of the risk audit, the small business owner has a better assessment of their security risks. The next
step is to develop security measures appropriate for that small business and its particular situation. For example, small
businesses with a few stand alone pc's that are secured in a safe environment and how have few users and limited
applications should utilize the top four security precautions in Table 1. If the equipment is in open areas with
unsupervised access all Table 1 precautions should be implemented. Open access increases the risk of unauthorized
misuse or sabotage.
As the business's use of computers increases, more employees have access, and more functions are automated, the
small business's exposures increase. Consequently, all the precautions in Table 2 should be used. The systems that
protect the machine, limit use, limit use to specific functions, and log users are particularly effective.
Many small business now tie together several machines into LANS. While LANS allow users to share software and
data files, unauthorized access, sabotage, and the potential for misuse increase. A developed and enforced company
policy will discourage some misuse. Limited access, software restrictions, user passwords, and logs of user
identification numbers are required.
If the business includes dial up access to any national organization or from remote sites to its equipment, then the
business needs security devices that verify users, check phone numbers, and call back only pre-approved phone
numbers. If sensitive or financial data is transmitted, then it should be encrypted.
Developing Security Environments
Wood et al.(13) and Perry(9) believe that all organizations need to develop an organization wide environment that
makes every employee conscious of security, involved in security, and willing to implement the necessary security
steps. Because employee enthusiasm for any program dissolves over time, the small business owner continually needs
to train and remind employees. While large businesses can afford separate security departments, the owner-operator
must assume the responsibility of being the chief security officer. Delegation to a subordinate is possible but creates an
additional risk if the subordinate is untrustworthy.
Insurance and Legal Coverage
Insurance will cover most types of hardware and software losses caused by traditional losses such as fire, theft, and
water, but not losses from employee accidents or negligence.
Several federal and state laws provide legal coverage. These types of laws provide for prosecution of unauthorized
access, unauthorized use, misuse, theft, disruption of business services, fraud, and obtaining money under false
pretenses.(13) Small business owners should check to see which laws, if any, are operable in their states. In addition,
owners should prosecute computer crimes with the vigor they prosecute shoplifting crimes.
If the Small Business has the following:
POTENTIAL SECURITY HARDWARE SOFTWARE EXPOSURES PRECAUTIONS -Stand alone -Word proc.- -
Negligence, -Company Policy PCs dual essing carelessness on Security and floppy and a developed hard drive -Some
safety Accounting conscious environment -Few employ- -Some Cus- ees tomer -Back up files, Records -Accidental
backup copies erasure of and utility needed files packages to reformat hard drive
-Back up copies stored in safe place -Hard drive or diskette failure or -Restricted format and access sabotage -
Supervision -Unauthorized access -DOS and software protection
-Cable with locks, Motion detectors, Keys to power switch -Theft of PC -Check for viruses before use
-Public domain software
LEVEL TWO If the Small Business has this Hardware and Software POTENTIAL SECURITY HARDWARE
SOFTWARE EXPOSURES PRECAUTIONS
-Several PC's -Word Proc- -All in Table 1 -All in Table 1 essing plus: plus: -Many employees -Accounting -Sensitive -
Original and Data files and frequent financial data backups stored -Financial in separate Data safe loca- -Customer tion
records -Higher risk of -Regular employee training, accident or orientation, sabotage Highly developed security
conscious atmosphere TABLE THREE
HARDWARE/ SECURITY SOFTWARE SOFTWARE PRECAUTIONS
-Many PC's -Multiple uses -All in Tables 1 and 2
-Company policy -Mini on LAN security computers -Software -Dial up access protections -Terminals tied to a LAN -
User passwords POTENTIAL EXPOSURES -Restricted -Network dial up access hookups -All in levels 1 and 2 -Front
end security -Data and files defense that on a LAN verify ID, password and -Outside call back the Hackers user
-Financial data -Data that can be encryption diverted
HARDWARE SOFTWARE EXPOSURES SECURITY PRECAUTIONS Mini-computer Above All above or
midrange. Dial-in-access Outside Password policy (Hackers) Regular password changes of employees who leave or are
Software packages that restrict access by user or by function
Dial-back software security (expensive)
Administration for passwords, authorized phone numbers
(1) Cooper, J.A., Computer Security Technology, (Lexington, Mass: Lexington Books, 1984), pp. 58-78.
(2) Elmer-Dewitt, P., "Invasion of the Data Snatchers," Times, Sept. 26, 1988, pp. 62-66.
(3) Goode, W.M., "Computer Security Systems Help Firms Protect Vital Records," Dallas Fort Worth Business
Journal, August 10- August 16, 1987, p. 20.
(4) Goode, W.M., "A Kernel and a Label: Two Vital Components of a PC Security System" The Government Micro
Users' Catalog' vol. 2, no. 5, 1987, pp. 33-35 .
(5) Juris, R., "Keeping Out the Insiders," Computer Decisions, vol. 18, no. 25, 1986, pp. 48-49.
(6) Kluepfel, H.M., "Computer Security: Shift Into High Gear," Security Management, vol. 30, no. 9, 1986, pp. 116-
(7) Kupsch, J., "Computer Instruction For Today's Businessworld," Journal of Education for Business, vol. 62, no. 8,
1987, p. 376-377.
(8) Naisbett, J., Megatrends, (New York: Warner Books, Inc., 1984), pp. 5-6.
(9) Perry, W.E., Management Strategies for Computer Security (Boston, Mass: Butterworth Publishers, 1985), pp. 44.
(10) Radding, A. "Plans for a Safer System," Computer Decisions, vol. 19, no.7, 1987, pp. 36-38.
(11) "Rapid Spread of Virus Confirms Real Fears About Danger to Computers,"'Aviation Week and Space Technology,
vol.129, no. 20, p. 44.
(12) Wordperfect Corporation, Wordperfect For IBM Personal Computers, (Orem, Utah:Wordperfect Corp., 1988). pp.
(13) Wood, C.C., Banks, W.W., Guarro, S.B., Garcia, A.A., Hampel, V.E., and ,Sartorio, H.P., Computer Security; A
Comprehensive Controls Checklist, (New York: John Wiley and Sons, 1987), pp. 40-44.
IMPACT OF FOREIGN INVESTMENT IN U.S. LAND ON SMALL
Samuel K. Moak, Virginia State University
Laurie F. Sattler, Florida Institute of Technology
James E. Turner, Virginia State University
This paper presents the reasons for increasing foreign investment in U. S. farmland, the direction of these investments
and potential impact on small farmers and the farm economy. Relatively lower prices of U. S. farmland, highly
productive land, and safe investment opportunities in land have induced foreign investment. Foreign investment trends
indicate a continuing upward direction at slightly higher than the current level of 12 million acres of land. The potential
negative impact of foreign investment on small farmers and the farm economy appears to outweigh the positive effects
of this foreign invasion into U. S. farmland. The considerations on price, interest rates, and global trade are key factors
in our analysis. The federal government should continue to monitor and regulate foreign investment in U. S. farmland,
because of its direct effect on the farm economy as well as national security, especially in time of food shortages and
Since the end of World War II, American businesses have been the major investors in foreign countries. American
businessmen have exported their knowledge and technology, and gained economic benefits as well as helping foreign
nations. However, over the past twenty years, that trend has been steadily reversing. The 1973 oil crisis, as a turning
point in time, was a major contributing factor for this change. The oil crisis of 1973 had a significant impact on U.S.
industrial power and the farm sector. At the same time, Japanese and Europeans were steadily reorganizing their
industries and becoming more competitive in global markets . As a result, foreign investors became more active in
the world economy with increased focus on investment in U.S. industries and farmland. While this investment has
indeed enhanced the American economy and created new employment, a growing concern has been expressed over
increased foreign investment in U.S. agricultural land.
Throughout time, land ownership has been a basis of wealth and stability for a nation. Small farmers were considered
the bulwark of democracy and political stability in this country. The land is almost synonymous with the nation itself.
These premises are still true today. Especially in an age of continuous technological changes,, land use and production
of goods have taken on a new value and meaning to small farmers. No doubt, fertile U.S. land has induced foreign
interest as a means to enhance and stabilize their own agricultural economy. This has sparked a growing concern as to
the direction foreign investment is making toward U.S. farmland and the potential impact on our farm economy,
especially on small farmers. Conditions of the world economy, coupled with land restrictions in their own countries,
have provided strong incentives for foreigners to invest in American farmland, some of the richest and most fertile
farmland in the world.
The focus of this paper is to provide the reasons for foreign investment in U.S. agricultural land, the direction of
foreign investment, and an analysis of the impact this investment may have on small farmers.
REASONS FOR INVESTMENT
In recent years, foreign investment in U.S. farmland has steadily risen. It is of importance to know the reasons foreign
investment has taken place so that policy makers in Washington, DC will generate appropriate economic and legislative
First, many foreign countries are geographically smaller in land mass in comparison to the United States. As a result,
their population per acre is greater, forcing them to seek land elsewhere to accommodate economic objectives .
Second, the price of land in these countries is naturally very high compared to American agricultural land. The
relatively lower price of U.S. farmland is a great inducement to many of these countries.
Foreign countries undoubtedly have placed more of a premium on land acquired outside their saturated country as a
means of stabilizing their economy and agricultural production.
Third, foreign investors are aware that U.S. land values have steadily increased over the past three decades, making
land a sound investment venture in a safe environment. Foreign investment in U.S. land can be considered as a hedge
against worldwide inflation, and as insurance against political and economic uncertainties at home .
Fourth, foreign investors are also attracted to the U.S. as an investment opportunity because of its stable political and
DIRECTION OF FOREIGN INVESTMENT
In the early 1970's, the exact amount of acreage owned by foreigners was not readily available due to a lack of
reporting laws at the federal governmental level. However, in the late 1970's, public concern grew at an alarming rate
upon the discovery and publicity surrounding some major foreign purchases of U.S. farmland.
One of the outstanding cases involved the selling of the 5,200 acre Zukerman farm located in the rich San Joaquin
River Delta of California for 5.8 million dollars to foreign investors from Italy. In response to the public outcry,
President Jimmy Carter signed the Agricultural Foreign Investment Disclosure Act of 1978 (AFIDA). This law
required foreign investors to report their current landholdings, future purchases, leases, and sales to the U.S.
Department of Agriculture. While the law has improved the tracking of foreign investment in U.S. farmland, it has not
discouraged foreign investment.
It was reported that approximately 2 billion dollars of farmland sales, estimated as 21 percent of all U.S. farm sales in
1977, involved foreign purchases. By the end of 1979, the first year after AFIDA was enforced, it was reported that
foreigners bought 5.2 million acres of U.S. farmland.
At the beginning of the 1980's, foreign purchase of U.S. farmland increased rapidly. In 1983, 14 million acres of
farmland was owned by foreign investors, an all time record for a single year. This represented 1 percent of the total
amount of farmland in the United States. Figure 1 shows foreign investment trends in U.S. land for the period 1974
through 1988. After reaching the peak of a single year in 1983, foreign investment declined slightly and has leveled.
The reasons for this leveling since 1985, can be explained by the facts that many states restricted foreign purchase of
land and a global economy weakened during this period.
----------------------------------------------------------------------- Figure 1. Foreign Investment in U.S. Farmland 1974-88
(Millions of Acres)
1974 - 5 million acres 1978 - 5.5 million acres 1982 - 14 million acres 1985 - 12 million acres 1987 - 12.25 million
acres 1988 - 12.5 million acres
Source: Debraal, P. J. Foreign Ownership of U. S. Agricultural Land Through December 31, 1988. U. S. Department of
Agriculture. Washington, D. C., April, 1989. ----------------------------------------------------------------------
In the latter part of the 1980's, foreign investment increased slightly from the 1985 level. Foreign individuals and
entities owned 12.5 million acres of U.S. farmland in 1988 . This figure represents 99,,100 acres more than was
reported in 1987. The trend seems to indicate continuous influx of foreign investment in U.S. farmland at the present
level , for the foreseeable future.
CONCENTRATION OF FOREIGN OWNED LAND
In 1980, almost half of all states had some form of legislation restricting foreign ownership of U. S. farmland. In 1978,
Missouri passed one of the most restrictive laws, stating that a nonresident alien could not acquire more than 5 acres of
land for the purpose of farming. However, many states still have very little regulation against foreign ownership of
Documents you may be interested
Documents you may be interested