Multilevel security systems working within the framework of a total policy can provide more secure and cost-effective methods of managing information. The multilevel security mode of operation increases flexibility and offers significant cost benefits. Computer security managers need to consider the goals of their organization, the value of the company's information assets, the vulnerabilities of their current system or network, the physical environment in which their system operates, their visitor and personnel screening process, and the potential costs of a security breach. Before determining what their specific needs are, managers must understand some basic terms including least privilege, discretionary access, labeling, mandatory access, accountability, assurance, integrity, and encryption. Beneficial techniques for a computer security program recommended by the author include limiting terminal access, auditing, and limiting log-on attempts.