NCJ Number
100247
Journal
Computer Security Journal Volume: 3 Issue: 2 Dated: (Winter 1985) Pages: 69-76
Date Published
1985
Length
8 pages
Annotation
In 1984, an anonymous questionnaire was completed by 301 computer security professionals from large businesses and Government agencies who were attending a security conference. They responded to questions posed to obtain an overview of security and privacy practices as they relate to personal computers and office automation (OA).
Abstract
Responses suggest that most professionals believed that it is significantly harder to apply security and privacy measures in the OA environment than in traditional EDP areas. While a majority of respondents felt that senior management was aware of privacy and security issues, few felt their organizations were providing adequate financial support or taking active steps to assess security, formulate policy, or audit performance. Insufficient training and education of end-users was viewed as a factor contributing to security risks. Responses concerning physical and technical security measures in use suggested that relatively low-level safeguards are being applied in OA settings. A third of the organizations did have plans to survey practices and conditions relevant to OA privacy and security, and security professionals indicated they wanted to install significant and responsive policies. This, coupled with increasing managerial awareness of the issues, suggests that organizational support for control measures will probably grow as issues are better publicized and exposures are identified.