Information Technology Reference
In-Depth Information
company, for example, data might be collected and tabulated on pa
per, organized into folders and file drawers, protected by fireproof
vaults, and monitored by police patrols and guards. These measures
ensured that authorized personnel could work with the data, but
that personal or sensitive information could not circulate. A limited
availability of specific pieces of information made it easy to monitor
their safety, but it also led to some difficulties. The primary difficul
ties can be divided into three categories:
1.
Physical threats
: Files might be damaged or destroyed by
physical means, such as fire or water.
2.
Insiders
: People within the company—employees with authoriza
tion to work with the data—might copy or memorize informa
tion and bring it with them for outside circulation.
3.
Outsiders
: People outside the company might physically break
into buildings and disturb the files.
To protect against these problems, a company could make sure
that their vaults were built fireproof, waterproof, and so on; that
the backgrounds of workers were checked and monitored; and that
security guards patrolled the buildings. They could also enforce spe
cial procedures that would limit both access to data and the move
ment of documents in order to supply further protection.
Today we might have many of the same goals for reliability and
security of data in computers as generations before us did for their in
formation, but data access and manipulation in computers involve
programs, operating systems, operating personnel, and intercon
nected hardware components. Each computer may store a vast
amount of information, and these data may be shared potentially by
all machines within a network. The range of security issues, therefore,
must extend to each of these areas as well as to the data themselves.
Let's begin this chapter by discussing data reliability. Today's
problems are generally similar to those in earlier times, although the
nature of electronic media adds subtleties and sophistication. The
availability and control of data become complicated, however, when
we consider that computers might crash or malfunction or that com
puters may be interconnected in networks. Many old problems still
arise, but opportunities for data loss and for security violations are
much harder to control. Ultimately, security in any age depends upon
the actions of people and how they handle the responsibilities and
trust they are given.
