Although it is never possible to fully prevent the unauthorized use of
information from people with security clearances and access, the use of
security clearance and access is important to ensure that people without
security clearance cannot access the confidential information. In other
words, the concept of `absolute security' is a chimera. It is the nature
of security that makes it necessary to weigh up the threats, the risks, the
harm arising, and the cost of safeguards (Bach, 1986). A balance must be
found between predictable costs and uncertain benefits, in order to select
a set of measures appropriate to the need.
In most of the cases, the risks of security clearance involve on the
personal integrity, trustworthiness, and honesty than the information
systems (IS) security measures. Even if IS security measures are handled
to monitor and control all of the keystrokes of the computers, there are
instances of unauthorized information because of personal negligence, such
as one may leave inadvertently classified material left unattended. Also,
computer diskettes, CDs, carbon paper, and used typewriter ribbons may pose
a problem when doing a security check, as a visual examination of these
items does not tell whether the items contain classified information
Although to prevent the unauthorized use of information, information
can be disaggregated at several locations, without providing networks
communications between these locations. However, this kind of measure is
neither cost-effective nor productive, because where people are trustworthy
and they need such information for authorized uses will have access to such
information in bits and pieces from several locations. It would not only
create time delay in accessing all of the needed information, but it would
create much difficulty in putting all of the information in order.
However, when data are in a datab...