Few security managers have received specific training in information security, and corporate management often lacks full understanding of their personal and corporate vulnerability. In addition, users of data centers and networks often do not understand the nature of the threats, potential methods of abuse, and the value of information resources. They often resist security procedures and backup responsibilities that seem to impede their goals. The main threats to computer systems and information integrity are errors, embezzlement, ego, eavesdropping, espionage, enmity, and extortion. Computer security must address all these areas through physical security, authentication of the identity of authorized users, limits on what authorized users can do, encryption of sensitive transmitted and stored information, and audit trails with meaningful accountability. In addition, security measures must be simple and convenient to use.