NCJ Number
73738
Journal
Security World Volume: 17 Issue: 9 Dated: (September 1980) Pages: 22-26
Date Published
1980
Length
5 pages
Annotation
Traditional security hardware and application procedures can be employed to provide protection for the specialized area of computer operations.
Abstract
Research suggests that adequate physical protection can reduce the computer's exposure to fraud and sabotage. A recent vulnerability study by SRI International of Stanford, Calif., shows that in 25 percent of 668 reported cases of computer crime, the downfall was physical access. First, a thorough risk analysis must be conducted. If warranted, an indepth protection should establish four barriers: the outside perimeter, the building perimeter, the data center perimeter, and access to the data. Ideally, the data center should be isolated and out of the flow of traffic. A number of systems can be applied to control access such as badges, cypher locks, keys, and visual verification. All power and air conditioning systems should be secured, and, in some cases, contained within the data center itself. Different functions may be zoned and protected within the data center. The final barrier controls access to online data through, for example, switching computers or application of personal identification methods. Data processing information, transmitted over a timesharing or network system, can be protected by data encryption, which converts the plain text into cipher text. In addition, remote terminals should be regarded as direct access to the computer and should be protected. Charts and a description of a capsulized computer protection system are included.