There are ways organization can combat computer crime
Hire trustworthy people
Employers should carefully investing the background of anyone being considered for sensitive computer work. Some people falsify resumes to get jobs. Others may have criminal records. despite the publicity given to groups such as hackers, studies have consistently shown that most computer crimes are committed by insiders.
Beware of malcontents
The types of employee who is most likely to commit a computer crime is one who was recently been terminated or passed over for a promotions, or one who has some reasons to `get even’ with the organization. In cases where an employee has been terminated and potential for computer crime exists, records should be updated immediately to indicate that the person involved is no longer an employee.
Separate employee functions
An employee with many related responsibilities can more easily commit a crime than one with a single responsibility. For example- the person who authorizes adding new vendors to a file should not be the same one who authorizes payments to those vendors.
Restrict system use
People who use a computer system should have access only to the things they need to do their jobs. A computer operator, for example- should be told only how to execute a program and not what the program does. People who need only to retrieve information should not be given updating privileges too.
Limit access to program and data
on many systems, user can restrict access to programs and data with passwords. For example, a user might specify that anyone wanting access to a program named AR- 148 must first enter the password FRED. User can change password frequently and also protect particularly sensitive files with several passwords. Today many organizations use measures such as access cards and sophisticated biometric security devices in place of or in combination with passwords.
Monitor important system transactions
The systems software should include a program for maintaining a log of every person gaining or attempting to gain access to the system.The llog should contain information on the terminal used, the data files and programs used, and the time at which the work began and ended. Such a log allows management to isolate unauthorized system use.
Conduct regular audits
Unfortunately, many crimes are discovered by accident. Key elements of the system should be subjected to regular audits- inspections that certify that system is working as expected -to – ensure that no foul play is taking place.