As governments, organizations, and individuals increasingly rely on desktop, and laptop computers, other connected devices (handheld, smart phone, Blackberry, etc) and the Internet they lose control of the information processing that was present in the traditional data center. As the control of computing information moves to the personal computer and remote sites via networking, it is essential that managers understand the threats to this information and create security plans that will meet this new challenge. Computer security controls work with a different set of variables than those used for mainframes and LANs. For example, control over program changes, data security, system documentation, backup, recovery plans, and system testing are inherent in most mainframe (LAN) environments. However, desktops, laptop, and handheld computer systems seldom have this protection. One of the most critical security issues, one that has been compounded by the wireless, portability and LAN/WAN revolutions, is a lack of awareness, by executives and users, to the vulnerability of their critical and sensitive information. Other threats include computer and component theft, vandalism and sabotage. Computers have unique security problems that must be understood for effective implementation of security measures. …
