Breaches of computer security may be hardware- or software-led. While computer hardware is vulnerable to internal attack, such attack requires a breach of a variety of security barriers. Of greater significance is hardware vulnerability to external invasion by illegal traffic on the communications system. Software becomes vulnerable when intruders gain access through the ability to break a code that is intended as a barrier against unauthorized use. To protect against computer crime, it is necessary to provide a way to prevent disclosure of data or processes, manipulation of data or instructions, destruction of data or cancellation of messages, and alteration of data or messages. Security management requires evaluation of hardware and software, personnel functions, data entry and archiving and backup procedures, transaction monitoring, and system logging procedures. Additional protection can be provided by the use of ciphers for the reversible transformation of data. Message authentication and proper selection and training of personnel also are of vital importance. Finally, because computer security measures can be time consuming and costly, security expenditures must be balanced against realistic estimates of losses to computer fraud or related crimes. 26 references.