BIBLIOGRAPHY OF COMPUTER SECURITY ARTICLES 1983 THROUGH 1988 (Note: A bibliograpghy is now being developed to encompass 1989.) AUTHORS SPECIFIED ABUSE/MISUSE/CRIME AUTHOR: Associated Press TITLE OF ARTICLE: Jury Selection In 1st "Virus" Trial Begins NAME OF PERIODICAL: Washington Post VOLUME OF PERIODICAL: NUMBER OF PERIODICAL: 277 ISSUE DATE: September 7, 1988 PAGE NUMBER(S): C1 CATEGORY: Abuse/Misuse/Crime DESCRIPTION: This article is about a programmer accused of using a computer "virus" to sabotage thousands of records at his former work place. AUTHOR: Atkinson, L.V. TITLE OF ARTICLE: Fraud: Input Data Most Vulnerable NAME OF PERIODICAL: Computerworld UK VOLUME OF PERIODICAL: 2 NUMBER OF PERIODICAL: 21 ISSUE DATE: September 2, 1981 PAGE NUMBER(S): 10 CATEGORY: Abuse/Misuse/Crime DESCRIPTION: Article discusses a survey which found that the major danger to computers was the alteration of input data. AUTHOR: Baker, R.H. TITLE OF ARTICLE: Lining Up Computer Crooks NAME OF PERIODICAL: Micro Communications VOLUME OF PERIODICAL: 2 NUMBER OF PERIODICAL: 5 ISSUE DATE: May 1985 PAGE NUMBER(S): 18-22 CATEGORY: Abuse/Misuse/Crime DESCRIPTION: This article looks at crime patterns of microcomputer users breaking into mainframes. Ways in which these patterns can be learned and then stopped is discussed. AUTHOR: Bequai, A. TITLE OF ARTICLE: What to do About Crime in the Electronic Office NAME OF PERIODICAL: Office VOLUME OF PERIODICAL: 101 NUMBER OF PERIODICAL: 1 ISSUE DATE: January 1985 PAGE NUMBER(S): 101-104 CATEGORY: Abuse/Misuse/Crime DESCRIPTION: This article discusses the important role that auditing computer systems plays in preventing crimes and abuse. AUTHOR: Betts, M. TITLE OF ARTICLE: Government's Computers "Highly Vulnerable" to Abuse NAME OF PERIODICAL: Computerworld VOLUME OF PERIODICAL: 18 NUMBER OF PERIODICAL: 40 ISSUE DATE: October 1984 PAGE NUMBER(S): 4 CATEGORY: Abuse/Misuse/Crime DESCRIPTION: Discusses how highly vulnerable the federal government's computers are to abuse, and a congressman who is seeking to change that vulnerability. AUTHOR: Blakeney, S. TITLE OF ARTICLE: Computer Crime: A Worldwide Concern NAME OF PERIODICAL: Computerworld VOLUME OF PERIODICAL: 17, 18 NUMBER OF PERIODICAL: 52, 1 ISSUE DATE: December 26, 1983, January 1984 PAGE NUMBER(S): 57-60 CATEGORY: Abuse/Misuse/Crime DESCRIPTION: This article looks at computer crime as a worldwide problem. The most common types of computer crimes are given along with the estimated losses in various countries throughout the world. AUTHOR: Bologna, Jack TITLE OF ARTICLE: Computer Related Crime: The Who, What, Where, When, Why and How NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 10 NUMBER OF PERIODICAL: 1 ISSUE DATE: Winter 1986 PAGE NUMBER(S): 19-23 CATEGORY: Abuse/Misuse/Crime DESCRIPTION: This article looks at computer related crime from the perspectives of the individual criminal, environmental factors, organization cultures, incidence rate, and security countermeasures. AUTHOR: Bramer, W.L. TITLE OF ARTICLE: Computer and Data Security is Battle Cry to the '80s NAME OF PERIODICAL: Office VOLUME OF PERIODICAL: 103 NUMBER OF PERIODICAL: 3 ISSUE DATE: March 1986 PAGE NUMBER(S): 78-82 CATEGORY: Abuse/Misuse/Crime DESCRIPTION: This article discusses the number of organizations that are looking at their security procedures and programs to deter computer abuse. The three main causes of security problems are described. AUTHOR: Carey, Cameron TITLE OF ARTICLE: Data Access Control: Help or Hindrance NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 11 NUMBER OF PERIODICAL: 4 ISSUE DATE: Fall 1987 PAGE NUMBER(S): 18-20 CATEGORY: Access Control DESCRIPTION: This article discusses limiting access to data and how to make access control protection more of a help than a hindrance by developing a set of priorities about various classes of data. AUTHOR: Edwards, M. TITLE OF ARTICLE: The Sting in a Micro's Tail NAME OF PERIODICAL: Practical Computing VOLUME OF PERIODICAL: 6 NUMBER OF PERIODICAL: 12 ISSUE DATE: December 1983 PAGE NUMBER(S): 108-109 CATEGORY: Abuse/Misuse/Crime DESCRIPTION: How criminals exploit information technology is described in this article along with ways to stop them. AUTHOR: Elmer-Dewitt, Phillip TITLE OF ARTICLE: Invasion of the Data Snatchers! NAME OF PERIODICAL: Time Magazine VOLUME OF PERIODICAL: 123 NUMBER OF PERIODICAL: 13 ISSUE DATE: September 26, 1988 PAGE NUMBER(S): 62-67 CATEGORY: Abuse/Misuse/Crime DESCRIPTION: Discusses the current threat to computer systems posed by computer viruses. Computer viruses are defined and several examples of viruses are given. AUTHOR: Johnson, B. TITLE OF ARTICLE: Criminal Minds Keep Pace with Technology. Stop, Thief! NAME OF PERIODICAL: Computerworld VOLUME OF PERIODICAL: 15, 16 NUMBER OF PERIODICAL: 52, 1 ISSUE DATE: December 28, 1981, January 4, 1982 PAGE NUMBER(S): CATEGORY: Abuse/Misuse/Crime DESCRIPTION: This article looks at some of the common problems that the DP industry faces today including computer security, asset protection, and computer fraud prevention. AUTHOR: Kluepfel, Henry M. TITLE OF ARTICLE: Computer Security for the Abuser Friendly Environment NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 9 NUMBER OF PERIODICAL: 2 ISSUE DATE: November/December 1984 PAGE NUMBER(S): 16-20 CATEGORY: Abuse/Misuse/Crime DESCRIPTION: This article discusses the underlying lack of adequate controls in computer systems and their relation to computer abuse and crime. AUTHOR: Kull, D. TITLE OF ARTICLE: How to Make Even E.F. Hutton Listen NAME OF PERIODICAL: Computer Decisions VOLUME OF PERIODICAL: 17 NUMBER OF PERIODICAL: 18 ISSUE DATE: September 1985 PAGE NUMBER(S): 42-50 CATEGORY: Abuse/Misuse/Crime DESCRIPTION: The most effective way for an organization to prevent breaches in a computer system is to plug the holes that have already been used to violate the system and identify the intruders. AUTHOR: Lasden, Martin TITLE OF ARTICLE: Computer Crime NAME OF PERIODICAL: Computer Decisions VOLUME OF PERIODICAL: NUMBER OF PERIODICAL: ISSUE DATE: June 1981 PAGE NUMBER(S): 104-106, 108 112, 116, 118, 120, 122, 124 CATEGORY: Abuse/Misuse/Crime DESCRIPTION: This article discusses actual computer crimes that have taken place and the factors that escalate the risk of an organization from these types of crime. AUTHOR: Lucas, D. TITLE OF ARTICLE: The Invisible Enemy NAME OF PERIODICAL: Business Computing and Communication VOLUME OF PERIODICAL: NUMBER OF PERIODICAL: ISSUE DATE: February 1985 PAGE NUMBER(S): 18-20 CATEGORY: Abuse/Misuse/Crime DESCRIPTION: This article describes how home computer users are breaking into some of Britain's mainframe computers. Various procedures that can protect against intrusion are also discussed by the author. AUTHOR: McKibbin, W.L. TITLE OF ARTICLE: Who Gets The Blame For Computer Crime NAME OF PERIODICAL: Infosystems VOLUME OF PERIODICAL: 30 NUMBER OF PERIODICAL: 7 ISSUE DATE: July 1983 PAGE NUMBER(S): 34-36 CATEGORY: Abuse/Misuse/Crime DESCRIPTION: MIS managers are ultimately responsible for the security of their computers. Since they are responsible they should make sure upper management is aware of the vulnerabilities of their computers. AUTHOR: Mylott, T.R. TITLE OF ARTICLE: Computer Security and the Threats from Within NAME OF PERIODICAL: Office VOLUME OF PERIODICAL: 101 NUMBER OF PERIODICAL: 3 ISSUE DATE: March 1985 PAGE NUMBER(S): 45-46, 190 CATEGORY: Abuse/Misuse/Crime DESCRIPTION: This article explains that the greatest computer-related danger to a company may be from internal threats by employees. AUTHOR: White, L. TITLE OF ARTICLE: Data Security - You Can't Work Without It NAME OF PERIODICAL: Computerworld VOLUME OF PERIODICAL: 19 NUMBER OF PERIODICAL: 11A ISSUE DATE: March 1985 PAGE NUMBER(S): 27-30 CATEGORY: Abuse/Misuse/Crime DESCRIPTION: The problem of the disgruntled employee or ex-employee who sabotages a computer system is seen as more of a threat than an outside hacker. AUTHOR: Zalud, Bill TITLE OF ARTICLE: Security and DP Cooperate to Attack Computer Crime NAME OF PERIODICAL: Security VOLUME OF PERIODICAL: 24 NUMBER OF PERIODICAL: 10 ISSUE DATE: October 1987 PAGE NUMBER(S): 52-56, & 58 CATEGORY: Abuse/Misuse/Crime DESCRIPTION: This article stresses teamwork as computer crime becomes a company fact of life by effectively cuts across a number of functional areas. ACCESS CONTROL AUTHOR: Avarne, Simon TITLE OF ARTICLE: How to Find Out a Password NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 12 NUMBER OF PERIODICAL: 2 ISSUE DATE: Spring 1988 PAGE NUMBER(S): 16-17 CATEGORY: Access Control DESCRIPTION: This article gives examples of how to discover someones password and discusses weaknesses of traditional passwords. AUTHOR: Betts, M. TITLE OF ARTICLE: NBS Releases Standards For Managing Password Security NAME OF PERIODICAL: Computerworld VOLUME OF PERIODICAL: 19 NUMBER OF PERIODICAL: 28 ISSUE DATE: July 1985 PAGE NUMBER(S): 19 CATEGORY: Access Control DESCRIPTION: This article talks about how the National Bureau of Standards has completed a two- part publication dealing with password systems. AUTHOR: Bowmen, Terry TITLE OF ARTICLE: Undercarpet Fiber Optics NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 11 NUMBER OF PERIODICAL: 2 ISSUE DATE: Spring 1987 PAGE NUMBER(S): 23-26 CATEGORY: Access Control DESCRIPTION: This article discusses how fiber optics offer better security than copper cable undercarpet. It also includes how to plan an undercarpet system. AUTHOR: Clyde, Allen R. TITLE OF ARTICLE: Insider Threat on Automated Information Systems NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 11 NUMBER OF PERIODICAL: 4 ISSUE DATE: Fall 1987 PAGE NUMBER(S): 11-14 CATEGORY: Access Control DESCRIPTION: This articles discusses activities to detect sources of abuse that are not widely implemented. AUTHOR: Davidson, Thomas L. and White, Clinton E. Jr. TITLE OF ARTICLE: How to Improve Network Security NAME OF PERIODICAL: Infosystems VOLUME OF PERIODICAL: 30 NUMBER OF PERIODICAL: 6 ISSUE DATE: June 1983 PAGE NUMBER(S): 110-112 CATEGORY: Access Control DESCRIPTION: This article discusses the need to protect network systems using software locks, authorization schemes, logs, and data encryption. AUTHOR: Diamond, F.H. TITLE OF ARTICLE: Computer Network Security: The Need Was Never Greater NAME OF PERIODICAL: Office VOLUME OF PERIODICAL: 102 NUMBER OF PERIODICAL: 2 ISSUE DATE: August 1985 PAGE NUMBER(S): 94-99 CATEGORY: Access Control DESCRIPTION: This article discusses the advantages of using the callback approach in computer networks to prevent hackers from getting onto a system. AUTHOR: Fisher, M.J. TITLE OF ARTICLE: New Security Device "Fingers" Culprit NAME OF PERIODICAL: MIS Week VOLUME OF PERIODICAL: 6 NUMBER OF PERIODICAL: 35 ISSUE DATE: September 1985 PAGE NUMBER(S): 12 CATEGORY: Access Control DESCRIPTION: This article describes a new product that uses a fingerprint device to verify a user's identity and then allow access on the computer system. AUTHOR: Horgan, J. TITLE OF ARTICLE: Thwarting The Information Thiefs NAME OF PERIODICAL: IEEE Spectrum VOLUME OF PERIODICAL: 22 NUMBER OF PERIODICAL: 7 ISSUE DATE: July 1985 PAGE NUMBER(S): 30-41 CATEGORY: Access Control DESCRIPTION: Many organizations are protecting their communication output from electronic interception by trying to detect and foil the surveillance using a variety of methods. AUTHOR: Jackson, Carl B. TITLE OF ARTICLE: Passwords: Comments from the Information Systems Security Association NAME OF PERIODICAL: Security VOLUME OF PERIODICAL: 24 NUMBER OF PERIODICAL: 7 ISSUE DATE: July 1987 PAGE NUMBER(S): 105 CATEGORY: Access Control DESCRIPTION: Discusses relevant security issues and how to bring an appropriate degree of LAN information security to your organization. AUTHOR: Kontur, J.S. and Letham, L. TITLE OF ARTICLE: Locking Up System Security NAME OF PERIODICAL: Electronic Week VOLUME OF PERIODICAL: 58 NUMBER OF PERIODICAL: 7 ISSUE DATE: February 18, 1985 PAGE NUMBER(S): 68-72 CATEGORY: Access Control DESCRIPTION: This article describes a system that cannot be broken into by unauthorized users. It uses a random-number generator and encryption logic. AUTHOR: Korzeniowski, P. TITLE OF ARTICLE: Security Dynamics Releases Two- Part Security System NAME OF PERIODICAL: Computerworld VOLUME OF PERIODICAL: 19 NUMBER OF PERIODICAL: 42 ISSUE DATE: October 1985 PAGE NUMBER(S): 19, 23 CATEGORY: Access Control DESCRIPTION: This article discusses a product Security Dynamics has designed that is an inexpensive security protection device which keeps hackers out of systems. AUTHOR: McCarthy, Charles J. TITLE OF ARTICLE: Passwords NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 10 NUMBER OF PERIODICAL: 4 ISSUE DATE: Fall 1986 PAGE NUMBER(S): 13-14 CATEGORY: Access Control DESCRIPTION: This article discusses the two primary password configurations passwords defined by user, and passwords assigned to a user. It shows the differences between these two from a security view. AUTHOR: Meason, Robert TITLE OF ARTICLE: System Security at the Terminal NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 10 NUMBER OF PERIODICAL: 4 ISSUE DATE: Fall 1986 PAGE NUMBER(S): 16-17 CATEGORY: Access Control DESCRIPTION: This article discusses considerations of MIS management protection of the processor from access by unauthorized users. AUTHOR: Muzerall, Joseph V. and Carty, Thomas J. TITLE OF ARTICLE: COMSEC and Its Need for Key Management NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 11 NUMBER OF PERIODICAL: 2 ISSUE DATE: Spring 1987 PAGE NUMBER(S): 11-14 CATEGORY: Access Control DESCRIPTION: This article explains the establishment of a standard set of protection mechanisms for both the classified and private user communities. AUTHOR: Schiller, Michael TITLE OF ARTICLE: Security at the Touch of a Finger NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 9 NUMBER OF PERIODICAL: 6 ISSUE DATE: July/August 1985 PAGE NUMBER(S): 15-17 CATEGORY: Access Control DESCRIPTION: This article discusses using biometric security systems for high-tech solutions to access control problems. AUTHOR: Schmonsees, Robert J. TITLE OF ARTICLE: Identification and Authentication: The Security Challenge of the 80's NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 9 NUMBER OF PERIODICAL: 4 ISSUE DATE: March/April, 1985 PAGE NUMBER(S): 22-23 CATEGORY: Access Control DESCRIPTION: This article discusses the computer security issues of identification and authentication showing the common problems and offering some suggestions for improving by random passcode. AUTHOR: Stieglitz, M. TITLE OF ARTICLE: Security For Shared Resources NAME OF PERIODICAL: Micro Communications VOLUME OF PERIODICAL: 2 NUMBER OF PERIODICAL: 6 ISSUE DATE: June 1985 PAGE NUMBER(S): 19-26 CATEGORY: Access Control DESCRIPTION: This article discusses data security products and procedures for network use. Includes description of encryption techniques that are now popular. AUTHOR: Wood, Charles Cresson TITLE OF ARTICLE: A New Approach to Computer User Authentication NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 10 NUMBER OF PERIODICAL: 4 ISSUE DATE: Fall 1986 PAGE NUMBER(S): 21-26 CATEGORY: Access Control DESCRIPTION: This article gives a new approach to authentication called dial-guard. It addresses the two problems of password/users IDs not providing sufficient security and identifying the location of dial-up users. AUTHOR: Wood, Charles Cresson TITLE OF ARTICLE: Information Security with One-Way Functions NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 9 NUMBER OF PERIODICAL: 5 ISSUE DATE: May/June 1985 PAGE NUMBER(S): 14-16 CATEGORY: Access Control DESCRIPTION: This article explains how one-way functions can be used to safeguard information that is too sensitive to be protected via encryption. AUDIT AND EVALUATION AUTHOR: Berman, A. TITLE OF ARTICLE: Evaluating On-Line Computer Security NAME OF PERIODICAL: Data Communications VOLUME OF PERIODICAL: 12 NUMBER OF PERIODICAL: 7 ISSUE DATE: July 1983 PAGE NUMBER(S): 145-152 CATEGORY: Audit and Evaluation DESCRIPTION: The security problems that have arisen because of on-line processing are discussed in this article. Covered are the two ways to obtain a secure on-line system. AUTHOR: Betts, M. TITLE OF ARTICLE: U.S. Agency Faces Probes, Boosts Security After Audit NAME OF PERIODICAL: Computerworld VOLUME OF PERIODICAL: 19 NUMBER OF PERIODICAL: 24 ISSUE DATE: June 1985 PAGE NUMBER(S): 8 CATEGORY: Audit and Evaluation DESCRIPTION: This article discusses an audit report issued by the inspector general of the U.S. Department of the Interior in March 1985 which revealed inadequate controls over passwords, faulty operating procedures, and lack of audit trails by the Denver Service Center. AUTHOR: Bologna, Jack TITLE OF ARTICLE: Forensic Accounting NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 8 NUMBER OF PERIODICAL: 6 ISSUE DATE: July/August 1984 PAGE NUMBER(S): 16-20 CATEGORY: Audit and Evaluation DESCRIPTION: This article identifies the skills and competency of a forensic accountant. AUTHOR: Flach, Joseph P. TITLE OF ARTICLE: Increasing Programming Efficiency While Preventing the "F" Word NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 11 NUMBER OF PERIODICAL: 4 ISSUE DATE: Fall 1987 PAGE NUMBER(S): 15-17 CATEGORY: Audit and Evaluation DESCRIPTION: This article gives examples of ways to identify fraudulent code in a production program. AUTHOR: Gaydasch, Alexander TITLE OF ARTICLE: Postimplementation Audits - A Quick, Easy Approach NAME OF PERIODICAL: Data Management VOLUME OF PERIODICAL: NUMBER OF PERIODICAL: ISSUE DATE: February 1983 PAGE NUMBER(S): 54, 55, 69 CATEGORY: Audit and Evaluation DESCRIPTION: This article describes post- implementation audits and how they help to determine whether a computer system has met its original criteria. CONTINGENCY PLANNING AUTHOR: Cabell, D. TITLE OF ARTICLE: Network Backups NAME OF PERIODICAL: Micro Communications VOLUME OF PERIODICAL: 2 NUMBER OF PERIODICAL: 6 ISSUE DATE: June 1985 PAGE NUMBER(S): 14-18 CATEGORY: Contingency Planning DESCRIPTION: This article describes how the only way to protect a LAN, micro, mini, or mainframe from a complete system crash is adequate backup. AUTHOR: Ciura, J.M. TITLE OF ARTICLE: Vital Records Protection: Identifying Essential Information NAME OF PERIODICAL: Information Management VOLUME OF PERIODICAL: 19 NUMBER OF PERIODICAL: 2 ISSUE DATE: February 1985 PAGE NUMBER(S): 11 CATEGORY: Contingency Planning DESCRIPTION: This article suggest that the best way to resume business activity after an emergency or disaster is to have a vital records protection program. AUTHOR: Clauss, Karl H. TITLE OF ARTICLE: How To Move A Data Center and Avoid a Disaster NAME OF PERIODICAL: Infosystems VOLUME OF PERIODICAL: NUMBER OF PERIODICAL: ISSUE DATE: December 1981 PAGE NUMBER(S): 46-48, 50 CATEGORY: Contingency Planning DESCRIPTION: This article describes how ARCO Oil and Gas Company moved their computer center to a new location and the points a company should consider when moving a data center. AUTHOR: Dobberstein, M. TITLE OF ARTICLE: To Have and Not to Have a Disaster NAME OF PERIODICAL: Computer Decisions VOLUME OF PERIODICAL: 17 NUMBER OF PERIODICAL: 18 ISSUE DATE: September 1985 PAGE NUMBER(S): 102-126 CATEGORY: Contingency Planning DESCRIPTION: This article deals with the importance of actually testing contingency plans to see if they work. AUTHOR: Minoli, D. TITLE OF ARTICLE: Backup Needs Merit Special Attention NAME OF PERIODICAL: Computerworld VOLUME OF PERIODICAL: 19 NUMBER OF PERIODICAL: 15 ISSUE DATE: April 1985 PAGE NUMBER(S): 91, 96 CATEGORY: Contingency Planning DESCRIPTION: This article focuses on the merits of backing up a data center to prevent a major disaster from critically affecting a company. AUTHOR: Pujals, J.M. TITLE OF ARTICLE: What is a Contingency Plan? NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 12 NUMBER OF PERIODICAL: 1 ISSUE DATE: Winter 1988 PAGE NUMBER(S): 19-23 CATEGORY: Contingency Planning DESCRIPTION: This article tells how to construct a contingency plan and goes over the major mandatory steps that have to be taken to end up with a workable product. AUTHOR: Raimondi, D. TITLE OF ARTICLE: E.F. Hutton Underscores Practicality in Backup Plan NAME OF PERIODICAL: Computerworld VOLUME OF PERIODICAL: 19 NUMBER OF PERIODICAL: 15 ISSUE DATE: April 1985 PAGE NUMBER(S): 19 CATEGORY: Contingency Planning DESCRIPTION: Describes how E.F. Hutton has built a new computer room as part of its disaster recovery plan. AUTHOR: Rames, David TITLE OF ARTICLE: Recovering From Disasters NAME OF PERIODICAL: Computer Decisions VOLUME OF PERIODICAL: NUMBER OF PERIODICAL: ISSUE DATE: September 1981 PAGE NUMBER(S): 108-110, 112, 114, 120, 122, 124, 126-131, 188-189 CATEGORY: Contingency Planning DESCRIPTION: Described in this article are criteria for developing an emergency backup plan and examples of emergency backup alternatives. AUTHOR: Scoma, Louis TITLE OF ARTICLE: How Secure Is Your Computer Operation From A Disaster NAME OF PERIODICAL: Office VOLUME OF PERIODICAL: NUMBER OF PERIODICAL: ISSUE DATE: August 1981 PAGE NUMBER(S): 96, 98 CATEGORY: Contingency Planning DESCRIPTION: The failures of companies to protect their computer centers is discussed along with the need for recovery systems to serve as backup security. AUTHOR: Wolbrecht, J.E. TITLE OF ARTICLE: Can Your Records Storage Center Stand a Disaster NAME OF PERIODICAL: Office VOLUME OF PERIODICAL: 102 NUMBER OF PERIODICAL: 3 ISSUE DATE: September 1985 PAGE NUMBER(S): 112-113 CATEGORY: Contingency Planning DESCRIPTION: A manager's responsibility to protect a records storage center by recognizing vulnerable areas and making them more secure is discussed. DATABASE MANAGEMENT AUTHOR: Pieper, Oscar R. TITLE OF ARTICLE: Voice Authentication Wages A War on Data Base Fraud NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 8 NUMBER OF PERIODICAL: 6 ISSUE DATE: July/August 1984 PAGE NUMBER(S): 12-13 CATEGORY: Data Base Security DESCRIPTION: This article reviews the present state of voice authentication technology and how it applies to secure data bases from bogus intruders. ENVIRONMENTAL SECURITY AUTHOR: Lemke, Fred H. TITLE OF ARTICLE: Blackouts and Computer Power Protection NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 12 NUMBER OF PERIODICAL: 2 ISSUE DATE: Spring 1988 PAGE NUMBER(S): 19-23 CATEGORY: Environmental Security DESCRIPTION: This article is a study that was taken to see emerging patterns of blackouts that may be useful in helping evaluate your level of blackout vulnerability and then set up appropriate levels of power protection for your electronic systems. AUTHOR: Lemke, Fred H. TITLE OF ARTICLE: Computer Power Protection NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 8 NUMBER OF PERIODICAL: 4 ISSUE DATE: March/April 1984 PAGE NUMBER(S): 31-33 CATEGORY: Environmental Security DESCRIPTION: This article gives examples of how to protect your facility against the harmful effects of an electrical power outage. AUTHOR: McGowan, Kevin J. TITLE OF ARTICLE: Computer Power Protection NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 9 NUMBER OF PERIODICAL: 5 ISSUE DATE: May/June 1985 PAGE NUMBER(S): 21-25 CATEGORY: Environmental Security DESCRIPTION: This article looks at understanding AC power conditions in data processing site preparation and its criticality for preventing future computer downtime and disruptions. GENERAL SECURITY AUTHOR: Beitman, L. TITLE OF ARTICLE: A Practical Guide To Small Business Computer Security NAME OF PERIODICAL: Office VOLUME OF PERIODICAL: 96 NUMBER OF PERIODICAL: 2 ISSUE DATE: August 1982 PAGE NUMBER(S): 86, 90 CATEGORY: General Security DESCRIPTION: This article gives advice on how to obtain computer security in a small business environment. A checklist is included that will help to prevent accidental and intentional harm to a system. AUTHOR: Collins, J.A. TITLE OF ARTICLE: Continuous Security Control Clamps Down on Abuse NAME OF PERIODICAL: Data Management VOLUME OF PERIODICAL: 23 NUMBER OF PERIODICAL: 5 ISSUE DATE: May 1985 PAGE NUMBER(S): 56-59 CATEGORY: General Security DESCRIPTION: The need for computer access is discussed in this article that suggest that such access should be a management, security-oriented process. Computer security guidelines are also given. AUTHOR: Coontz, Constance TITLE OF ARTICLE: Protection through Isolation NAME OF PERIODICAL: Security Management VOLUME OF PERIODICAL: 31 NUMBER OF PERIODICAL: 11 ISSUE DATE: November 1987 PAGE NUMBER(S): 53-55 CATEGORY: General Security DESCRIPTION: This article discusses compartmentalizing valuable data on dedicated PCs or small computer systems to help protect it from hackers and moles. AUTHOR: Gazarek, Kenneth F. TITLE OF ARTICLE: Cabinets for Electromagnetic Interference/Radio-Frequency Interference and TEMPEST Shielding NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 9 NUMBER OF PERIODICAL: 6 ISSUE DATE: July/August 1985 PAGE NUMBER(S): 12-13 CATEGORY: General Security DESCRIPTION: This article discusses the electromagnetic interference and radio-frequency interference control options, designing and building metal cabinets that provide effective shielding. AUTHOR: Lobel, J. TITLE OF ARTICLE: Third Decade of Concern NAME OF PERIODICAL: Computerworld VOLUME OF PERIODICAL: 16 NUMBER OF PERIODICAL: 6 ISSUE DATE: February 8, 1982 PAGE NUMBER(S): 1D/31-34 & 36 CATEGORY: General Security DESCRIPTION: The author looks at some of the issues associated with distributed data processing including privacy, crime, and security. AUTHOR: Miskiewicz, J. TITLE OF ARTICLE: DP Security: A Delicate Balance NAME OF PERIODICAL: Computer Decisions VOLUME OF PERIODICAL: 17 NUMBER OF PERIODICAL: 8 ISSUE DATE: April 1985 PAGE NUMBER(S): 104-106 CATEGORY: General Security DESCRIPTION: This article discusses the delicate balance between protecting vital resources in a data processing facility and enhancing productivity. AUTHOR: Moulton, R. TITLE OF ARTICLE: Prevention: Better Than Prosecution NAME OF PERIODICAL: Government Data Systems VOLUME OF PERIODICAL: 10 NUMBER OF PERIODICAL: 6 ISSUE DATE: November/December 1981 PAGE NUMBER(S): 20 & 22-23 CATEGORY: General Security DESCRIPTION: The focus of this paper is on deterrence of computer abuse, whether it is unintentional or intentional. AUTHOR: Parker, D.B. TITLE OF ARTICLE: The Many Faces of Data Vulnerability NAME OF PERIODICAL: IEEE Spectrum VOLUME OF PERIODICAL: 21 NUMBER OF PERIODICAL: 5 ISSUE DATE: May 1984 PAGE NUMBER(S): 46-49 CATEGORY: General Security DESCRIPTION: Discussed in this paper are both the need for new computer security methods and the attainable limits that can be reached by computer security. AUTHOR: Rosch, W. TITLE OF ARTICLE: Three Products Help Cork Computer Leaks, Feature Blocked Access, Disk-File Encryption NAME OF PERIODICAL: PC Week VOLUME OF PERIODICAL: 2 NUMBER OF PERIODICAL: 18 ISSUE DATE: May 1985 PAGE NUMBER(S): 122-124 CATEGORY: General Security DESCRIPTION: This article discusses a trio of products to help prevent unauthorized access to a computer system. AUTHOR: Rosen, Richard D. and Dvorsky, James TITLE OF ARTICLE: Portable Data Carrier Technology NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 12 NUMBER OF PERIODICAL: 1 ISSUE DATE: Winter 1988 PAGE NUMBER(S): 9-19 CATEGORY: General Security DESCRIPTION: This article presents an overview of the general field of portable data carrier technology. Included are not only smart cards but other devices and systems that are beginning to emerge in the marketplace. AUTHOR: Srinivasan, C.A. and Dascher, P.E. TITLE OF ARTICLE: Computer Security and Integrity: Problems and Prospects NAME OF PERIODICAL: Infosystems VOLUME OF PERIODICAL: 28 NUMBER OF PERIODICAL: 5 ISSUE DATE: May 1981 PAGE NUMBER(S): 5 Pages CATEGORY: General Security DESCRIPTION: Various aspects of computer security are discussed including data security, data privacy, data integrity, etc. AUTHOR: Weller, Reginald H. TITLE OF ARTICLE: Off-Site Data Storage: A Changing Industry NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 9 NUMBER OF PERIODICAL: 5 ISSUE DATE: May/June 1985 PAGE NUMBER(S): 18-20 CATEGORY: General Security DESCRIPTION: This article discusses selecting a backup site while meeting the criteria of integrity, reliability, access, reasonable cost, appropriate location, good security, and comprehensive insurance coverage. AUTHOR: Wright, J.R. Jr. TITLE OF ARTICLE: User Responsibility for Security NAME OF PERIODICAL: Government Data Systems VOLUME OF PERIODICAL: 15 NUMBER OF PERIODICAL: 1 ISSUE DATE: December 1985 through January 1986 PAGE NUMBER(S): 52-55 CATEGORY: General Security DESCRIPTION: This article looks at the circular "Management of Federal Information Resources" printed by the Office of Management and Budget. This circular provides guidance to Federal Managers concerning computer security and the associated responsibilities. AUTHOR: Zimmerman, J.S. TITLE OF ARTICLE: Is Your Computer Insecure? NAME OF PERIODICAL: Datamation VOLUME OF PERIODICAL: 31 NUMBER OF PERIODICAL: 10 ISSUE DATE: May 1985 PAGE NUMBER(S): 119-120 CATEGORY: General Security DESCRIPTION: This article challenges widely accepted notions concerning computer security. It suggest that people's views should be changed so that the challenge will be making a security system work instead of beating it. LAW AND ETHICS AUTHOR: Bequai, August TITLE OF ARTICLE: Federal Computer Crime Legislation is Needed NAME OF PERIODICAL: Data Management VOLUME OF PERIODICAL: NUMBER OF PERIODICAL: ISSUE DATE: May 1981 PAGE NUMBER(S): 22-24 CATEGORY: Law & Ethics DESCRIPTION: The ways criminals use loopholes in our present criminal justice system is discussed along with a history of computer crime legislation. AUTHOR: Betts, M. TITLE OF ARTICLE: Reagan Systems Security Directive Under Attack NAME OF PERIODICAL: Computerworld VOLUME OF PERIODICAL: 19 NUMBER OF PERIODICAL: 27 ISSUE DATE: July 1985 PAGE NUMBER(S): 1 CATEGORY: Law & Ethics DESCRIPTION: This article discusses why members of congress are concerned over how the National Security Decision Directive 145 on computer security could be abused by military and intelligence officials. AUTHOR: Bigelow, R.P. TITLE OF ARTICLE: Computer Security And Law NAME OF PERIODICAL: Infosystems VOLUME OF PERIODICAL: 29 NUMBER OF PERIODICAL: 12 ISSUE DATE: December 1982 PAGE NUMBER(S): 84 CATEGORY: Law & Ethics DESCRIPTION: This article looks at how a memo from the legal department should be structured concerning the protection of assets. AUTHOR: Hagopian, Greg TITLE OF ARTICLE: Planning and Implementing a Security Package NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 10 NUMBER OF PERIODICAL: 4 ISSUE DATE: Fall 1986 PAGE NUMBER(S): 17-20 CATEGORY: Law & Ethics DESCRIPTION: This article discusses vendor selection and legal issues. AUTHOR: Roberts, J.E. TITLE OF ARTICLE: Filing Software Copyrights NAME OF PERIODICAL: Computerworld VOLUME OF PERIODICAL: 19 NUMBER OF PERIODICAL: 36 ISSUE DATE: September 1985 PAGE NUMBER(S): 116 CATEGORY: Law & Ethics DESCRIPTION: This article describes how copyrighting software is accomplished and what copyrighted software means. MICROCOMPUTER SECURITY AUTHOR: Koelle, Jim TITLE OF ARTICLE: What's in the Cards? NAME OF PERIODICAL: Security VOLUME OF PERIODICAL: 23 NUMBER OF PERIODICAL: 12 ISSUE DATE: December 1986 PAGE NUMBER(S): 42-44, and 46 CATEGORY: Microcomputer Security DESCRIPTION: This article discusses microchips and how they promise to revolutionize access card technology with fast, calculating, and advanced memories. AUTHOR: Rhodes, B. TITLE OF ARTICLE: Micro Security That Makes Sense NAME OF PERIODICAL: Computer Decisions VOLUME OF PERIODICAL: 17 NUMBER OF PERIODICAL: 9 ISSUE DATE: May 1985 PAGE NUMBER(S): 72, 74-76 CATEGORY: Microcomputer Security DESCRIPTION: This article describes security procedures that can be used by employees to solve microcomputer security problems. AUTHOR: Zimmerman, J.S. TITLE OF ARTICLE: P.C. Security: So What's New NAME OF PERIODICAL: Datamation VOLUME OF PERIODICAL: 31 NUMBER OF PERIODICAL: 21 ISSUE DATE: November 1985 PAGE NUMBER(S): 89-92 CATEGORY: Microcomputer Security DESCRIPTION: This article looks at the problems data security officers are going to encounter even as they implement safeguards for micros. PHYSICAL SECURITY AND HARDWARE AUTHOR: Call, B. TITLE OF ARTICLE: Buttress Against Computer Crime NAME OF PERIODICAL: PC Week VOLUME OF PERIODICAL: 2 NUMBER OF PERIODICAL: 18 ISSUE DATE: May 1985 PAGE NUMBER(S): 111, 115 CATEGORY: Physical Security & Hardware DESCRIPTION: The physical protection of computers is becoming an area of interest for more organizations. The increased number of physical security devices illustrates this point and is discussed in this article. AUTHOR: Epner, S.A. TITLE OF ARTICLE: Computer Security: Plenty of Questions but No Easy Answers NAME OF PERIODICAL: Office VOLUME OF PERIODICAL: 101 NUMBER OF PERIODICAL: 3 ISSUE DATE: March 1985 PAGE NUMBER(S): 74-76 CATEGORY: Physical Security & Hardware DESCRIPTION: This article covers the physical security of computer equipment including air conditioning and power to pass cards and security guards. PRIVACY AUTHOR: Jordan, Halmuth TITLE OF ARTICLE: The Search for Privacy NAME OF PERIODICAL: Security Management VOLUME OF PERIODICAL: 31 NUMBER OF PERIODICAL: 11 ISSUE DATE: November 1987 PAGE NUMBER(S): 32-36 CATEGORY: Privacy DESCRIPTION: This article focuses on some of the difficulties the legal profession is having by looking at American and West German law regarding electronic surveillance. RISK MANAGEMENT AUTHOR: Armstrong, James R. TITLE OF ARTICLE: Protecting the Corporate Data NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 9 NUMBER OF PERIODICAL: 4 ISSUE DATE: March/April, 1985 PAGE NUMBER(S): 16-17 CATEGORY: Risk Management DESCRIPTION: This article discusses how most alternative off-site lack the environmental control, security and accessibility needed. Includes a discussion on things to consider in selecting an off-site storage facility. AUTHOR: Bologna, Jack TITLE OF ARTICLE: Disaster/Recovery Planning: A Qualitative Approach NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 8 NUMBER OF PERIODICAL: 4 ISSUE DATE: March/April 1984 PAGE NUMBER(S): 11-15 CATEGORY: Risk Management DESCRIPTION: Developing a disaster/recovery plan usually involves a detailed quantitative risk analysis; the author offers a more qualitative approach that is less time consuming and will obtain a higher level of commitment from management, D/P staff, and users. AUTHOR: Bologna, Jack TITLE OF ARTICLE: Industrial Security In a Nutshell: A Risk by any Other Name NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 9 NUMBER OF PERIODICAL: 5 ISSUE DATE: May/June 1985 PAGE NUMBER(S): 12-13 CATEGORY: Risk Management DESCRIPTION: This article discusses properly understanding risk and how the opposite side of risk is opportunity for growth and development. AUTHOR: Bologna, Jack TITLE OF ARTICLE: Risk Assessment Guidelines for Fidelity Insurance NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 9 NUMBER OF PERIODICAL: 4 ISSUE DATE: March/April, 1985 PAGE NUMBER(S): 18-20 CATEGORY: Risk Management DESCRIPTION: This article is a review of the adequacy of asset protection plans, policies, procedures and controls to enlighten top management. AUTHOR: Helsing, Cherly W. TITLE OF ARTICLE: Disaster Recovery Options NAME OF PERIODICAL: Security VOLUME OF PERIODICAL: 24 NUMBER OF PERIODICAL: 7 ISSUE DATE: July 1987 PAGE NUMBER(S): 100-103 CATEGORY: Risk Management DESCRIPTION: This article has suggestions on how to find a recovery plan that fits your firm without damaging your profits. AUTHOR: Linden, Jack TITLE OF ARTICLE: Automated EDP Risk Analysis and Management NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 9 NUMBER OF PERIODICAL: 1 ISSUE DATE: September/October 1984 PAGE NUMBER(S): 16-18 CATEGORY: Risk Management DESCRIPTION: This article gives a cost effective first step in developing a successful computer security program using a cost benefit analysis approach. AUTHOR: Schweig, Barry B. TITLE OF ARTICLE: Decision Matrix: A Risk Handling Decision Aid NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 8 NUMBER OF PERIODICAL: 4 ISSUE DATE: March/April 1984 PAGE NUMBER(S): 16-18 CATEGORY: Risk Management DESCRIPTION: This article discusses conceptualizing a decision-matrix as an integral component of a risk management process. AUTHOR: Vernick, Paul R. TITLE OF ARTICLE: Providing Data Processing Recovery Backup NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 9 NUMBER OF PERIODICAL: 4 ISSUE DATE: March/April, 1985 PAGE NUMBER(S): 14-16 CATEGORY: Risk Management DESCRIPTION: This article covers some of the major emergency and recovery planning options available that need to be considered prior to the occurrence of any serious emergency. SECURITY MANAGEMENT AUTHOR: Bologna, Jack TITLE OF ARTICLE: Security Planning: The "Tapps" Method NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 10 NUMBER OF PERIODICAL: 4 ISSUE DATE: Fall 1986 PAGE NUMBER(S): 7-11 CATEGORY: Security Management DESCRIPTION: This article covers a system approach to assets protection. It discusses an analytical process called Total Assets Protection Planning System (TAPPS) which consist of organization, structure and mandate of the security function. AUTHOR: Bologna, Jack TITLE OF ARTICLE: Selling Computer Security to Top Management NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 8 NUMBER OF PERIODICAL: 5 ISSUE DATE: May/June 1984 PAGE NUMBER(S): 13-16 CATEGORY: Security Management DESCRIPTION: This article discusses positive motivational impact, minimizing risk, and cost feasibility in selling computer security to top managers. AUTHOR: Bologna, Jack TITLE OF ARTICLE: Why the Corporate Security Function is Being Downsized NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 11 NUMBER OF PERIODICAL: 2 ISSUE DATE: Spring 1987 PAGE NUMBER(S): 20-21 CATEGORY: Security Management DESCRIPTION: This article discusses the disbanding and dilution of corporate security functions and how this effects the security of a firm. AUTHOR: Goldstein, Bruce TITLE OF ARTICLE: Information Security: The Information Resource Management Approach NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 8 NUMBER OF PERIODICAL: 5 ISSUE DATE: May/June 1984 PAGE NUMBER(S): 18-22 CATEGORY: Security Management DESCRIPTION: This article addresses information as a asset that must be protected as any other asset. It also discusses information research management providing the framework for a comprehensive information security program. AUTHOR: Harris, N.L. TITLE OF ARTICLE: Rigid Administrative Procedures Prevent Computer Security Failure NAME OF PERIODICAL: Data Management VOLUME OF PERIODICAL: 22 NUMBER OF PERIODICAL: 12 ISSUE DATE: December 1984 PAGE NUMBER(S): 13-14, 16 CATEGORY: Security Management DESCRIPTION: The best way to keep a security program from failing is the use of strict administrative procedures. This article also discusses why some systems fail. AUTHOR: Reber, Jan TITLE OF ARTICLE: The Essence of Industrial Espionage NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 10 NUMBER OF PERIODICAL: 1 ISSUE DATE: Winter 1986 PAGE NUMBER(S): 24-25 CATEGORY: Security Management DESCRIPTION: This article discusses understanding espionage by a characteristic all spies have in common "access to the target". SOFTWARE AND OPERATING SYSTEM SECURITY AUTHOR: Adler, Stacy TITLE OF ARTICLE: 7 Myths of Computer Security NAME OF PERIODICAL: Security VOLUME OF PERIODICAL: 24 NUMBER OF PERIODICAL: 1 ISSUE DATE: January 1987 PAGE NUMBER(S): 50-52 CATEGORY: Software & Operating System Security DESCRIPTION: This article covers consultants that clear misconceptions about data protection software. AUTHOR: Edwards, J. TITLE OF ARTICLE: Ends in Sight for the Copy-Protection Debate NAME OF PERIODICAL: PC Week VOLUME OF PERIODICAL: 3 NUMBER OF PERIODICAL: 1 ISSUE DATE: January 1986 PAGE NUMBER(S): 101 & 105 CATEGORY: Software & Operating System Security DESCRIPTION: This protection of software from unauthorized use may be coming to an end as Microsoft Corporation has decided to lift the protection from several of its software programs. AUTHOR: Koreniowski, P. TITLE OF ARTICLE: Adapso Making Progress on Software Protection Device NAME OF PERIODICAL: Computerworld VOLUME OF PERIODICAL: 19 NUMBER OF PERIODICAL: 24 ISSUE DATE: June 1985 PAGE NUMBER(S): 8 CATEGORY: Software & Operating System Security DESCRIPTION: This article discusses how the Association of Data Processing Service Organizations (ADAPSO) is getting ready to announce its progress in creating a software authorization mechanism. AUTHOR: Schriever, Joe F. TITLE OF ARTICLE: Structuring for Security NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 9 NUMBER OF PERIODICAL: 1 ISSUE DATE: September/October 1984 PAGE NUMBER(S): 14-16 CATEGORY: Software & Operating System Security DESCRIPTION: This article is a set of guidelines that will remove ambiguities as to what will be done by whom to provide system security. TRAINING AND AWARENESS AUTHOR: Bezdek, J. TITLE OF ARTICLE: Across-the-Board Training Protects Data NAME OF PERIODICAL: Computerworld VOLUME OF PERIODICAL: 18 NUMBER OF PERIODICAL: 44 ISSUE DATE: October 1984 PAGE NUMBER(S): SR-10 CATEGORY: Training & Awareness DESCRIPTION: This special report covers the four areas that a training program in computer security needs to include. These are plant physical security, logical security, administrative security, and the legal and social aspects of security training. AUTHOR: Bound, W.A.J. TITLE OF ARTICLE: Security Protecting Information Resources and Media NAME OF PERIODICAL: Information Management VOLUME OF PERIODICAL: 18 NUMBER OF PERIODICAL: 8 ISSUE DATE: August 1984 PAGE NUMBER(S): 18-19 CATEGORY: Training & Awareness DESCRIPTION: This article discusses what a manager must consider when designing an office security program to protect against the four vulnerabilities of a system: personnel, physical, administrative, and technical. AUTHOR: Johnston, R.E. TITLE OF ARTICLE: What You Need To Know NAME OF PERIODICAL: Infosystems VOLUME OF PERIODICAL: 32 NUMBER OF PERIODICAL: 1 ISSUE DATE: January 1985 PAGE NUMBER(S): 56 CATEGORY: Training & Awareness DESCRIPTION: Outlined in this article are those things that should be considered when establishing a computer security program or updating an existing program. AUTHOR: Leuser, K.G. TITLE OF ARTICLE: Security Programs: Only as Good as We Make Them NAME OF PERIODICAL: Office VOLUME OF PERIODICAL: 100 NUMBER OF PERIODICAL: 2 ISSUE DATE: August 1984 PAGE NUMBER(S): 91-92 CATEGORY: Training & Awareness DESCRIPTION: Discusses how an effective security program helps to foil or discourage people with dishonest intentions. Looks at the office administrator's domain to identify areas of potential vulnerability. AUTHOR: Weber, A. TITLE OF ARTICLE: Effective Security Programs Start with Awareness NAME OF PERIODICAL: Data Management VOLUME OF PERIODICAL: 23 NUMBER OF PERIODICAL: 11 ISSUE DATE: November 1985 PAGE NUMBER(S): 34-35 CATEGORY: Training & Awareness DESCRIPTION: Educating end users is the key to helping prevent crime and computer abuse in an organization. AUTHORS NOT SPECIFIED ABUSE/MISUSE/CRIME AUTHOR: Not Specified TITLE OF ARTICLE: Computer "Hacking" is No Longer Just a Lark NAME OF PERIODICAL: Office VOLUME OF PERIODICAL: 102 NUMBER OF PERIODICAL: 3 ISSUE DATE: September 1985 PAGE NUMBER(S): 90-95 CATEGORY: Abuse/Misuse/Crime DESCRIPTION: Computer hackers will use computers to obtain information and resell it, use it for blackmail, extortion, and espionage. This article discusses techniques for preventing hackers from getting on a system, and monitoring them if they are discovered. AUTHOR: Not Specified TITLE OF ARTICLE: Computer Security: The Menace is Human Error NAME OF PERIODICAL: Office VOLUME OF PERIODICAL: 99 NUMBER OF PERIODICAL: 3 ISSUE DATE: March 1984 PAGE NUMBER(S): 119-120 CATEGORY: Abuse/Misuse/Crime DESCRIPTION: This article stresses that managers should understand that data security is a people problem and not a computer problem. People are the ones that either accidentally or intentionally misuse a computer system. AUTHOR: Not Specified TITLE OF ARTICLE: Internal Security NAME OF PERIODICAL: PC Week VOLUME OF PERIODICAL: 2 NUMBER OF PERIODICAL: 18 ISSUE DATE: May 1985 PAGE NUMBER(S): 89-91, 106-107 CATEGORY: Abuse/Misuse/Crime DESCRIPTION: Experts feel that local computer access is more prone to intrusion than long-distance access. This article discusses how insiders in a company are the ones most likely to abuse a computer system. AUTHOR: Not Specified TITLE OF ARTICLE: Reporting Computer Crime NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 8 NUMBER OF PERIODICAL: 6 ISSUE DATE: July/August 1984 PAGE NUMBER(S): 20-21 CATEGORY: Abuse/Misuse/Crime DESCRIPTION: This article presents a suggested format for a final report to use in documenting actions surrounding a computer crime. ACCESS CONTROL AUTHOR: Not Specified TITLE OF ARTICLE: Communications and Systems Security NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 9 NUMBER OF PERIODICAL: 3 ISSUE DATE: 1985 Buyer's Directory PAGE NUMBER(S): 11-13 CATEGORY: Access Control DESCRIPTION: This article discusses a wide variety of communications and system security protection methods. Includes encryption, fiber optics, key management, optical links, electrical emanations, and dial-up access protection devices. AUTHOR: Not Specified TITLE OF ARTICLE: Computer Communications Security Lexicon NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 11 NUMBER OF PERIODICAL: 2 ISSUE DATE: Spring 1987 PAGE NUMBER(S): 22-23 CATEGORY: Access Control DESCRIPTION: This article is an update containing some new added security definitions of terms and phrases. AUTHOR: Not Specified TITLE OF ARTICLE: Controlling Access To Your Data NAME OF PERIODICAL: Personal Computing VOLUME OF PERIODICAL: 9 NUMBER OF PERIODICAL: 9 ISSUE DATE: September 1985 PAGE NUMBER(S): 60-72 CATEGORY: Access Control DESCRIPTION: Explains measures that can be taken to protect what's in a computer. Focuses not only on vandals, but also on people who accidentally harm the computer. AUTHOR: Not Specified TITLE OF ARTICLE: Dial-Up Access Security Products NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 9 NUMBER OF PERIODICAL: 2 ISSUE DATE: November/December 1984 PAGE NUMBER(S): 21-24 CATEGORY: Access Control DESCRIPTION: This article presents some new dial-up access security products and their major features. AUTHOR: Not Specified TITLE OF ARTICLE: Enhancements Out For Barrier Security Devices NAME OF PERIODICAL: Computerworld VOLUME OF PERIODICAL: 18 NUMBER OF PERIODICAL: 35 ISSUE DATE: August 1984 PAGE NUMBER(S): 51 CATEGORY: Access Control DESCRIPTION: This article discusses the password protection device designed by International Anasazi, Inc. that will limit access on dial-up lines. AUTHOR: Not Specified TITLE OF ARTICLE: Firesign Unwraps Security Feature NAME OF PERIODICAL: MIS Week VOLUME OF PERIODICAL: 5 NUMBER OF PERIODICAL: 23 ISSUE DATE: June 1984 PAGE NUMBER(S): 24 CATEGORY: Access Control DESCRIPTION: This article discusses Firesign Computer Company's product that provides for network security by its password system. AUTHOR: Not Specified TITLE OF ARTICLE: Security Computer Outsmarts Colorado Bandits NAME OF PERIODICAL: Data Management VOLUME OF PERIODICAL: 19 NUMBER OF PERIODICAL: 7 ISSUE DATE: July 1981 PAGE NUMBER(S): 17-18 CATEGORY: Access Control DESCRIPTION: This article looks at the effectiveness of a security system that controls access to several high-rise buildings in Colorado. AUTHOR: Not Specified TITLE OF ARTICLE: Security Lock Ready for PCs NAME OF PERIODICAL: MIS Week VOLUME OF PERIODICAL: 6 NUMBER OF PERIODICAL: 26 ISSUE DATE: July 1985 PAGE NUMBER(S): 30 CATEGORY: Access Control DESCRIPTION: The hard disk security product "Knight Data Security Manager" is discussed. This product allows password protection in a PC. CONTINGENCY PLANNING AUTHOR: Not Specified TITLE OF ARTICLE: Automated Contingency Planning NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 8 NUMBER OF PERIODICAL: 4 ISSUE DATE: March/April 1984 PAGE NUMBER(S): 22 CATEGORY: Contingency Planning DESCRIPTION: This article presents a special purpose software package CHI/COR that deals with the job of documenting the resources needed to implement a disaster recovery plan. AUTHOR: Not Specified TITLE OF ARTICLE: Contingency Planning and the Law NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 8 NUMBER OF PERIODICAL: 4 ISSUE DATE: March/April 1984 PAGE NUMBER(S): 17-18 CATEGORY: Contingency Planning DESCRIPTION: This article reviews the Foreign Corrupt Practices Act and its requirement for record keeping and internal controls. Other potential legal liabilities are also reviewed. ENVIRONMENTAL SECURITY AUTHOR: Not Specified TITLE OF ARTICLE: Computer Power and Environmental Controls NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 9 NUMBER OF PERIODICAL: 3 ISSUE DATE: 1985 Buyer's Directory PAGE NUMBER(S): 13 CATEGORY: Environmental Security DESCRIPTION: This article discusses common power anomalies and equipment available to overcome them. GENERAL SECURITY AUTHOR: Not Specified TITLE OF ARTICLE: Computer Back-up Facilities NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 8 NUMBER OF PERIODICAL: 4 ISSUE DATE: March/April 1984 PAGE NUMBER(S): 19-22 CATEGORY: General Security DESCRIPTION: This article discusses the options of back-up sites including cold sites, hot sites, or empty shell, or fully equipped recovery sites. Also refers to the extent of equipment, space, and services provided by these back-up facilities. AUTHOR: Not Specified TITLE OF ARTICLE: Computer Security: Issues and Answers NAME OF PERIODICAL: Datamation VOLUME OF PERIODICAL: NUMBER OF PERIODICAL: ISSUE DATE: September 15, 1984 PAGE NUMBER(S): 16 Pages CATEGORY: General Security DESCRIPTION: This 16-page section sponsored by the Computer Security Institute contains several articles that cover a variety of computer security issues. AUTHOR: Not Specified TITLE OF ARTICLE: Computer Security: Issues and Answers NAME OF PERIODICAL: Datamation VOLUME OF PERIODICAL: NUMBER OF PERIODICAL: ISSUE DATE: September 15 1985 PAGE NUMBER(S): 24 Pages CATEGORY: General Security DESCRIPTION: This advertisement section contains eight articles that discuss a variety of computer security issues. The authors include FBI Director William Webster and Department of Defense Computer Security Center Director Robert Brotzman. AUTHOR: Not Specified TITLE OF ARTICLE: Making The Case For Computer Security Pure and Simple NAME OF PERIODICAL: Datamation VOLUME OF PERIODICAL: NUMBER OF PERIODICAL: ISSUE DATE: September 1983 PAGE NUMBER(S): CATEGORY: General Security DESCRIPTION: This section of Datamation is sponsored by the Computer Security Institute and covers a broad range of computer security issues in several different articles. AUTHOR: Not Specified TITLE OF ARTICLE: Personal Computers vs. Data Data Security: the Two Need Not Be Incompatible NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 12 NUMBER OF PERIODICAL: 1 ISSUE DATE: Winter 1988 PAGE NUMBER(S): 24-26 CATEGORY: General Security DESCRIPTION: This article discusses the threat of data loss either intentional or unintentional. It examines the significant risks and the data security policies to lower these risks. AUTHOR: Not Specified TITLE OF ARTICLE: Protecting Information and Interest NAME OF PERIODICAL: Computer Management VOLUME OF PERIODICAL: NUMBER OF PERIODICAL: ISSUE DATE: October 1981 PAGE NUMBER(S): 33-34, 36 CATEGORY: General Security DESCRIPTION: Suppliers, consultants, and services related to computer security are listed in this directory. AUTHOR: Not Specified TITLE OF ARTICLE: Simple Security Precautions Ensure Information Safety NAME OF PERIODICAL: Computerworld VOLUME OF PERIODICAL: 19 NUMBER OF PERIODICAL: 17 ISSUE DATE: April 1985 PAGE NUMBER(S): SR-38 CATEGORY: General Security DESCRIPTION: This article applies many of the security precautions for mainframes to the microcomputer. MICROCOMPUTER SECURITY AUTHOR: Not Specified TITLE OF ARTICLE: Memo: Disaster Plan For Microcomputer Users NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 8 NUMBER OF PERIODICAL: 4 ISSUE DATE: March/April 1984 PAGE NUMBER(S): 27-29 CATEGORY: Microcomputer Security DESCRIPTION: This article is in the form a memo containing a microcomputer disaster recovery checklist. It address issues that should be taken in contingency plans. PHYSICAL SECURITY AND HARDWARE AUTHOR: Not Specified TITLE OF ARTICLE: Media Safes: Countering the Threats of Fire NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 9 NUMBER OF PERIODICAL: 6 ISSUE DATE: July/August 1985 PAGE NUMBER(S): 18-20 CATEGORY: Physical Security & Hardware DESCRIPTION: This article is a review of critical basic information on how to select fire resistant media safes. RISK MANAGEMENT AUTHOR: Not Specified TITLE OF ARTICLE: Protecting The World's Largest Computer User NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 8 NUMBER OF PERIODICAL: 4 ISSUE DATE: March/April 1984 PAGE NUMBER(S): 25-26 CATEGORY: Risk Management DESCRIPTION: This article discusses a new high security off-site storage facility opening in Beltsville, Maryland. It also address concern with the lack of proper security storage today. SECURITY MANAGEMENT AUTHOR: Not Specified TITLE OF ARTICLE: Computer Security Awareness: Organizations and Senior Management Concerns NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 8 NUMBER OF PERIODICAL: 5 ISSUE DATE: May/June 1984 PAGE NUMBER(S): 12-13 CATEGORY: Security Management DESCRIPTION: This article gives the result of a survey of general security and computer security personnel, EDP auditors, and internal auditors to determine the computer security awareness of their company and senior management. AUTHOR: Not Specified TITLE OF ARTICLE: Records Storage and Management NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 8 NUMBER OF PERIODICAL: 4 ISSUE DATE: March/April 1984 PAGE NUMBER(S): 23-25 CATEGORY: Security Management DESCRIPTION: This article addresses the questions which records should be stored off-site, and how can an off-site facility be evaluated? It also provides an overview of areas to consider. SOFTWARE AND OPERATING SYSTEM SECURITY AUTHOR: Not Specified TITLE OF ARTICLE: Computer Security Software NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 9 NUMBER OF PERIODICAL: 1 ISSUE DATE: September/October 1984 PAGE NUMBER(S): 19-24 CATEGORY: Software & Operating System Security DESCRIPTION: This article provides information for using access control software to protect the terminals, the data and the system itself from unauthorized use. AUTHOR: Not Specified TITLE OF ARTICLE: Computer Security Software NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 9 NUMBER OF PERIODICAL: 3 ISSUE DATE: 1985 Buyer's Directory PAGE NUMBER(S): 17-18 CATEGORY: Software and Operating System Security DESCRIPTION: This article addresses a wide variety of computer security software programs and their different uses. AUTHOR: Not Specified TITLE OF ARTICLE: Protecting Software With Escrow Services NAME OF PERIODICAL: Data Processing & Communications Security VOLUME OF PERIODICAL: 8 NUMBER OF PERIODICAL: 5 ISSUE DATE: May/June 1984 PAGE NUMBER(S): 22-24 CATEGORY: Software & Operating System Security DESCRIPTION: This article addresses some of the problems and answers for protecting software that concerns major management today.  Downloaded From P-80 International Information Systems 304-744-2253