skip navigation

PUBLICATIONS

Register for Latest Research

Stay Informed
Register with NCJRS to receive NCJRS's biweekly e-newsletter JUSTINFO and additional periodic emails from NCJRS and the NCJRS federal sponsors that highlight the latest research published or sponsored by the Office of Justice Programs.

NCJRS Abstract

The document referenced below is part of the NCJRS Virtual Library collection. To conduct further searches of the collection, visit the Virtual Library. See the Obtain Documents page for direction on how to access resources online, via mail, through interlibrary loans, or in a local library.

 

NCJ Number: 97638 Find in a Library
Title: Before Disaster Strikes, Fortify Your Computer
Journal: Security World  Volume:29  Issue:3  Dated:(March 1985)  Pages:35-40
Author(s): H M Kluepfel
Date Published: 1985
Page Count: 6
Format: Article
Language: English
Country: United States of America
Annotation: A discussion of the nature and extent of computer-related crime and abuse accompanies advice on how to develop and implement an effective computer security system.
Abstract: Studies by the American Bar Association, the President's Council on Integrity and Efficiency, and the American Institute of Certified Public Accountants have focused on the types of computer crime, the perpetrators, and the associated security problems. The lack of appropriate technological and personnel-related controls was a common finding. Problems include inadequate password management, improper application of access or usage controls, networking vulnerabilities, improper management and protection of backup files, inadequate protection of sensitive data, and lack of security awareness. Organizations are advised to build in controls when a computer system is being developed or an existing one modified. The involvement of users, data systems managers, programmers, corporate security personnel, and internal auditors is urged. A layered approach is recommended, with physical security measures in the outer ring, administrative procedures in the next layer, personnel controls in the next layer, and use of the computer to protect itself. A written disaster plan is also advised. This should adhere to generally accepted security approaches. It should specify the priorities for critical systems that must operate during recovery and give written instructions for actions to be taken after a disaster. Organizations should conduct tests to ensure that the plan and contingency actions are appropriate. Exhibits list States with computer-related crime statistics, attributes of an abuser-friendly computer system, and components of a computer center disaster recovery plan, as well as diagrams for electronic data processing in and around the computer and for contingency planning for computer systems.
Index Term(s): Computer abuse; Computer crime prevention measures; Computer privacy and security; Computer related crime; Fraud and abuse prevention measures
To cite this abstract, use the following link:
http://www.ncjrs.gov/App/publications/abstract.aspx?ID=97638

*A link to the full-text document is provided whenever possible. For documents not available online, a link to the publisher's website is provided. Tell us how you use the NCJRS Library and Abstracts Database - send us your feedback.