THERE IS A GROWING AWARENESS OF THE IMPORTANCE OF SECURITY IN COMPUTER SYSTEMS. THIS RESULTS FROM THE INCREASING USE OF COMPUTERS, STORIES OF COMPUTER FRAUD AND DESTRUCTION OF INSTALLATIONS, AND THE INTEREST IN PRIVACY ASPECTS OF DATABANKS. THIS PUBLICATION LISTS THREATS TO COMPUTER SYSTEMS AND SUGGESTS POSSIBLE SAFEGUARDS. IT IS INTENDED TO GIVE INITIAL GUIDANCE TO THOSE CONCERNED WITH SECURING THEIR OWN INSTALLATIONS AND COVERS A VERY WIDE FIELD. THE AUTHORS BEGIN WITH A DETAILED INTRODUCTION TO THE PROBLEM OF COMPUTER SECURITY, DESCRIBING THE VARIOUS THREATS AND CLASSIFYING THEM INTO THREE AREAS - COMPUTING FACILITIES, FILES, AND COMPUTER TERMINALS AND COMMUNICATIONS. THE BULK OF THE DOCUMENT CONSISTS OF EXPLANATIONS OF APPROPRIATE INDIVIDUAL COUNTERMEASURES DESIGNED TO SAFEGUARD THESE THREE SYSTEM AREAS. A COST-EFFECTIVENESS MATRIX IN THE APPENDIX HIGHLIGHTS THE EFFECTS OF VARIOUS SECURITY TECHNIQUES AS APPLIED TO DIFFERENT TYPES OF RISKS, WITH NEGLIGIBLE, LOW, OR HIGH COST LEVELS. IT IS INTENDED AS A QUICK GUIDE AND SYNOPSIS. THE APPENDIX ALSO CONTAINS A GLOSSARY, LIST OF REFERENCES, AND A QUESTIONNAIRE WHICH SERVES AS A CHECKLIST FOR VARIOUS ASPECTS OF DATA SECURITY.