Security of Personal Computer Systems: A Management Guide

Get BibTex-formatted data

Author

Dennis D. Steinauer

Entry type

techreport

Abstract

The use of personal computer systems (often called desktop or professional copmuters) in the office and home environment has placed increasingly powerful information system technology in the hands of growing numbers of users. While providing many benefits, the use of such small computer systems may introduce serious potential information security risks. Although considerable progress has been made in security management and technology for large scale centralized data processing systems, relatively little attention has been given to the protection of small systems. As a result, significant exposures may exist which can threaten the confidentiality, integrity, or availability of information resources associated with such systems. To ensure effective protection of these valuable resources, managers, system designers, and users must be aware of the vulterabilities which exist and control measures which should be applied. This report describs management and technicla security considerations associated with the use of personal computer systems. The primary objective is to identify and discuss several areas of potential vulerability and associated protective measures. The issues discussed include: 1. Physical and environmental protection 2. System and data access and control 3. Integrity of Software and data 4. Backup and Contingency planning 5. Auditability 6. Communication protection In addition, a general plan of actioni for the management of personal computer information security is presented. References to additional information, a self-audit checklist, and a guide to security products for personal computers are provided as appendices. In general, the term \"personal computer\" refers to single-user systems. However, most of the discussion in this report applies equally top other types of microprocessor-based systems designed for use in a general office environment (e.g. word processors, workstations, and various types of office and home computer systems).

Date

1985

Key alpha

Steinauer

Publication Date

0000-00-00

1. Introduction 2. Protecting the Equipment 3. System and Data Access Control 4. Software and Data Integrity 5. Backup and Contingency Planning 6. Miscellaneous Considerations 7. Managing the Problem

Keywords

access control, auditability, backup, computer security, contingency planning, cryptology, microcomputers, office automation, personal computers, small computers

Language

English

Location

A hard-copy of this is in Haas

Subject

access control

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Techreport{ Steinauer,
	title = "Security of Personal Computer Systems: A Management Guide",
	author = "Dennis D. Steinauer",
	year = "1985",
	abstract = "The use of personal computer systems (often called desktop or professional copmuters) in the office and home environment has placed increasingly powerful information system technology in the hands of growing numbers of users.  While providing many benefits, the use of such small computer systems may introduce serious potential information security risks.
Although considerable progress has been made in security management and technology for large scale centralized data processing systems, relatively little attention has been given to the protection of small systems.  As a result, significant exposures may exist which can threaten the confidentiality, integrity, or availability of information resources associated with such systems.  To ensure effective protection of these valuable resources, managers, system designers, and users must be aware of the vulterabilities which exist and control measures which should be applied.
This report describs management and technicla security considerations associated with the use of personal computer systems.  The primary objective is to identify and discuss several areas of potential vulerability and associated protective measures.  The issues discussed include:
1. Physical and environmental protection
2. System and data access and control
3. Integrity of Software and data
4.  Backup and Contingency planning
5. Auditability
 6.  Communication protection
In addition, a general plan of actioni for the management of personal computer information security is presented. References to additional information, a self-audit checklist, and a guide to security products for personal computers are provided as appendices.
In general, the term \"personal computer\" refers to single-user systems.  However, most of the discussion in this report applies equally top other types of microprocessor-based systems designed for use in a general office environment (e.g. word processors, workstations, and various types of office and home computer systems).",
	contents = "1. Introduction
2. Protecting the Equipment
3. System and Data Access Control
4. Software and Data Integrity
5. Backup and Contingency Planning
6. Miscellaneous Considerations
7. Managing the Problem",
	keywords = "access control, auditability, backup, computer security, contingency planning, cryptology, microcomputers, office automation, personal computers, small computers",
	language = "English",
	subject = "access control",
}