HP OpenVMS Guide to System Security: OpenVMS Version 8.4 > Chapter 1 Understanding System Security
Each site has unique security requirements. Some sites require only limited measures because they are able to tolerate some forms of unauthorized access with little adverse effect. At the other extreme are those sites that cannot tolerate even the slightest probing, such as strategic military defense centers. In between are many commercial sites, such as banks.
While there are many considerations in determining your security needs, the questions in “Event Tolerance as a Measure of Security Requirements” can get you started. Your answers can help determine the levels of your security needs. Also see the “Site Security Policies” for a more specific example of site security requirements.
If you can tolerate most of the events listed, your security requirements are quite low. If your answers are mixed, your requirements are in the medium to high range. Generally, those sites that are most intolerant to the listed events have very high levels of security requirements.
When you review your site's security needs, do not confuse a weakness in site operations or recovery procedures as a security problem. Ensure that your operations policies are effective and consistent before evaluating your system security requirements.