U.S. flag

An official website of the United States government, Department of Justice.

NCJRS Virtual Library

The Virtual Library houses over 235,000 criminal justice resources, including all known OJP works.
Click here to search the NCJRS Virtual Library

IS THERE A COMPUTER CRIMINAL WORKING FOR YOU?

NCJ Number
66099
Journal
Industry Week Volume: 200 Issue: 1 Dated: (JANUARY 8, 1979) Pages: 68-72,74,76
Author(s)
J H SHERIDAN
Date Published
1979
Length
7 pages
Annotation
SOME SECURITY PROCEDURES FOR COUNTERING COMPUTER THEFT AND DAMAGE ARE DESCRIBED.
Abstract
SECURITY TECHNIQUES CAN MINIMIZE LOW-LOSS, HIGH-FREQUENCY INCIDENTS, INCLUDING PROGRAMMING MISTAKES AND FAULTY DATA INPUT. PHYSICAL SECURITY PROCEDURES, SUCH AS ISOLATING THE COMPUTER ROOM AND RESTRICTING ACCESS TO IT AND RIGID ENFORCEMENT OF PROCEDURAL SAFEGUARDS, ARE BASIC PROTECTIVE TOOLS. ADMINISTRATIVE APPROACHES RANGE FROM CAREFUL PREEMPLOYMENT SCREENING OF PERSONNEL TO STRICT RULES PROHIBITING PROGRAMMERS FROM RUNNING THE PROGRAMS THEY DEVISE. ADDITIONALLY, BUILT-IN SOFTWARE MECHANISMS CAN CURB UNAUTHORIZED ACCESS TO COMPUTERS FROM TERMINALS. DEVISING A COST-EFFECTIVE COMPUTER SECURITY PLAN REQUIRES ANALYZING THE VARIOUS TYPES OF THREATS TO A COMPUTER SYSTEM, THE VALUE OF EACH ASSET TO BE PROTECTED, AND THE PROBABILITY THAT A PARTICULAR LOSS MIGHT BE INCURRED. IN ASSESSING VULNERABILITY, PEOPLE IN THE HIGHEST POSITIONS OF TRUST WHO COULD ACCIDENTALLY OR INTENTIONALLY CAUSE THE GREATEST AMOUNT OF HARM SHOULD BE IDENTIFIED. LIMITED SECURITY RESOURCES SHOULD THEN BE ALLOCATED TOWARD THE GREATEST THREATS. AVAILABLE SOFTWARE SECURITY CAN ERECT BARRIERS TO WOULD-BE COMPUTER CRIMINALS AND HELP DETECT ABUSES AFTER THEY OCCUR. WITH A COMPUTERIZED AUDIT TRAIL, THE SYSTEM CAN HELP PREVENT INSIDERS FROM MAKING CHANGES IN DATA AND THE WAYS DATA ARE HANDLED. HOWEVER, THE MECHANISM THAT DOES THE AUDITING IS VULNERABLE. A COMBINATION OF PROCEDURAL CONTROLS AND PHYSICAL PROTECTION CAN HELP GUARD AGAINST MISUSE OF THE AUDITING MECHANISM. A CHECKLIST FOR DETERMINING VULNERABILITY, A PROFILE OF THE COMPUTER CRIMINAL, AND RECENT TECHNOLOGICAL ADVANCES IN COMPUTER SECURITY ARE INCLUDED. (RCB)