NCJ Number
55168
Journal
DATA PROCESSING Dated: (JANUARY-FEBRUARY 1975) Pages: 11-14
Date Published
1975
Length
3 pages
Annotation
PROBLEMS OF COMPUTER SECURITY ARE DISCUSSED, AND SUGGESTIONS TO INCREASE SECURITY ARE PRESENTED.
Abstract
THE PROBLEM OF COMPUTER SECURITY HAS TWO BASIC MANAGEMENT RESPONSIBILITIES, THE FIRST IS TO ENSURE THAT THE COMPUTER WORKS AND CONTINUES TO WORK AT MAXIMUM EFFICIENCY, AND THE SECOND SECURITY REQUIREMENT IS THAT THE SYSTEMS RUN ON THE COMPUTER FILL ONLY THEIR INTENDED PURPOSE. THIS SECOND REQUIREMENT COVERS THE PREVENTION OF FRAUD AND ESPIONAGE. THE CONTINUED EFFICIENT WORKING OF THE COMPUTER REQUIRES THE PROTECTION OF EQUIPMENT AND DATA AGAINST PHYSICAL HAZARDS. SUCH SECURITY MEASURES COULD INCLUDE THE USE OF PROTECT RINGS TO PREVENT ACCIDENTAL ERASURE OF VITAL DATA, REGULAR CLEANING OF EQUIPMENT, THE PROVISION OF MEDIA STORAGE DESIGNED TO MINIMIZE ACCIDENTAL DAMAGE, AND REGULAR PREVENTIVE MAINTENANCE. THE DUPLICATION OF COMPUTER FILES IS ALSO RECOMMENDED AS IS THE USE OF A FIREPROOF SAFE. STEPS TO PREVENT POWER SHORTAGES SHOULD ALSO BE TAKEN. IN THE EVENT OF A CATASTROPHE, TWO GOALS SHOULD BE KEPT IN MIND. THE FIRST IS TO ENSURE THE SURVIVAL OF ESSENTIAL DATA, AND THE SECOND IS TO CONTINUE TO PROVIDE SERVICES TO CUSTOMERS. WILLFUL MISUSE OF THE COMPUTER PRESENTS A DIFFERENT PROBLEM. COMPUTER STUDIES HAVE SHOWN THAT COMPUTER FRAUD IS RAMPANT. THIS REPORT ADVOCATES CONTROLLING THE PHYSICAL ACCESS TO THE COMPUTER AND ITS DATA. IT IS RECOMMENDED THAT THE COMPUTER ROOM ITSELF BE TURNED INTO A SAFE. SEVERAL DIFFERENT KINDS OF LOCKING DEVICES MAY BE EMPLOYED. THE MOST COMMON METHOD IS TO ISSUE KEYS OR CARDS TO AUTHORIZED PERSONNEL. MORE COMPLEX METHODS MAY INVOLVE RECORDING ALL ACCESSES AND USING AN ALARM TO SIGNAL UNAUTHORIZED USE. IN ADDITION, ATTEMPTS ARE BEING MADE TO USE FINGERPRINTS OR VOICEPRINTS INSTEAD OF KEYS AND CARDS. ATTENTION SHOULD ALSO BE PAID TO THE DISCRETE USE OF COMPUTER PASSWORDS. PHOTOGRAPHS AND REFERENCES ARE PROVIDED. (AUTHOR ABSTRACT MODIFIED -MLC)