In any enterprise, there are many aspects to security, and they apply to different divisions of the enterprise: manufacturing, shipping, sales, administration, etc. Those of us who work with computers know that we have to think about security just as much as those working in other divisions have to. In each different area, there are threats or dangers which must be protected against. Some of these threats may be specific to a particular department while others are common to several different departments. For each particular threat there may several different measures that can be taken to protect against it. We can divide all measures into three categories: physical, operational and administrative. When we examine each of these categories, we find that they all apply to the security of every division and department of an enterprise, including that of the computer department.
ACM SIGSAC Review – Association for Computing Machinery
Published: Jun 1, 1991