DIFFERENT METHODS OF IDENTIFYING TERMINAL USERS ARE REVIEWED INCLUDING VOICE IDENTIFICATION, PASSWORDS, AND FINGER-LENGTH IDENTIFICATION. AUTOMATIC ALARM PROCEDURES FOR UNAUTHORIZED DATA BASE ENTRY ARE DESCRIBED, AS WELL AS CRYPTOGRAPHY AND STEGANOGRAPHY (THE CONCEALMENT OF THE EXISTENCE OF A MESSAGE). THE SECTION ON PHYSICAL SECURITY DEALS WITH LOCKS, ELECTRONIC SECURITY DEVICES, FIRES, WIRETAPPING AND ELECTROMAGNETIC RADIATION. ADMINISTRATIVE MEASURES INCLUDE CONTROLLING THE ACTIVITIES OF THE PROGRAMMERS, AUDITING SYSTEM TRANSACTIONS, AND SAFEGUARDING VITAL RECORDS THROUGH DUPLICATE STRORGE. THE AUTHOR STRESSES THAT NO COMPUTERIZED INFORMATION SYSTEM CAN BE MADE TOTALLY SECURE. HOWEVER, A RELATIVELY HIGH DEGREE OF SECURITY CAN BE REALIZED THROUGH GOOD PLANNING. APPENDIX CONTAINS SAMPLE PROGRAMS FOR CRYPTOGRAPHY AND SECURITY CHECKLISTS.