Next: 3.1.3 Systems development process
Up: 3.1 Local Network: Security
Previous: 3.1.1 Principles
Once the automated system is ready to use, decisions must be made
regarding access to the system and the information it contains. For
example, many individuals require the ability to access and view data,
but not the ability to change or delete data. Even when computer
systems have been designed to provide the ability to narrowly designate
access authorities, a knowledgeable and responsible official must
actually make those access decisions. The care that is taken in this
process is a major determining factor of the level of security and
control present in the system. If sensitive data is being transmitted
over unprotected lines, it can be intercepted or passive eavesdropping
can occur. Encrypting the files will make the data unintelligible and
port protection devices will protect the files from unauthorized
access, if warranted.
Denis Arnaud
12/19/1997