The volume focuses on computer-processed information, but also discusses all electronically generated information. The author views protecting computers in data centers as a small part of electronic information security. The book describes the interface of electronic information security with traditional business security emphasizing new requirements for electronic information processing. The book explains information security needs: (1) physical and logical controls of information access; (2) records of all accesses and resistance to attack; (3) effective controls and storage systems; and (4) employee indoctrination regarding their responsibilities relative to the electronic information processing system. The author defines the roles of the electronic security manager and the coordinator. An information security program is a complex matrix consisting of user groups; levels of directive, including executive direction, program management, and local procedures; and protection levels encompassing physical, organizational, logical (software and hardware), and transformational levels (cryptography, passwords). The book gives detailed examples of policy statements and specific standards. It delineates the steps in conducting a security requirements survey and presents a sample survey instrument. The sequence of activities involved in implementing and operating the total security program is discussed, including continuing program development, security reviews, auditing, and planning for emergencies. Probable future developments in computing hardware technology and their impact on security programs are briefly explored. The program described in the volume is currently in operation. Diagrams, an index, 14 references, and 8 recommended readings are provided.