e-Liberty Digital Rights

Computer Security Act of 1987

The main goal of the Computer Security Act of 1987 was to secure Federal computers and the data contained therein. In order to do this the National Security Agency was given greater control over computer systems that contained sensitive government information that if damaged, lost, stolen, or destroyed could result in harming the United States, or its interests, whether foreign or domestic. The NSA was also charged with developing and implementing standards for all Federal computer systems. As well as to train personnel who would be working with senstive information on these systems. Personnel were also made subject to further their security training as new technology and threats developed to increase their awareness and understanding of computer security provisions and needs.

The NSA was also made responsible for the following:
-Assisting private firms who sought to further their computer security proficiency.
-Conducting research to develop methods that would increase security provisions.
-Auditing systems to determine if vulnerabilities existed, and to implement solutions to fix any vulnerabilities found.
-Working with other departments in the government such as, the Departments of Defense and Energy to achieve greater security throughout.

The Act also created the Computer System Security and Advisory Board, which operated under the Department of Commerce. The board would consist of eight members from outside the Federal government and four from within the Federal government. Of the eight non-government members four of them could not be employed by any telecommunications producer or entity. At least one of the members from the Federal government had to be a representative of the NSA.

The board was charged with the following duties:

-To identify all emerging issues that would apply to computer system security and privacy.
-To advise the Bureau of Standards and the Secretary of Commerce on computer security issues that relate to the Federal government.
-To report any findings that might be of use to appropriate government committees.

The Act was instituted to protect Federal computer systems from unrestricted or unauthorized use and to develop standards that would aid in securing private information that could potentially be used to harm the Federal government. However, it was not instituted to prevent the system of checks and balances from being carried out and the practices should be outlined by the Bureau of Standards as to what and how each security measure should be implemented. The Act was not in any way intended to withhold information or impede an investigation of the Federal government.