placed on the system by the designated approving authority. CONTROLLED  SECURITY  MODE.—   A computer system is operating in the controlled security mode when at least some personnel (users) with access to the system have neither a security clearance nor a need-to-know for all classified material then contained in the computer system. However, the separation and control of users and classified material on the basis, respectively,   of   security   clearance   and   security classification  are  not  essentially  under  operating  system control as in the multilevel security mode. Sensitive Unclassified Data Sensitive unclassified data is unclassified data that requires special protection. Examples are data For Official Use Only and data covered by the Privacy Act of 1974. The  Privacy  Act  of  1974  imposes  numerous requirements upon federal agencies to prevent the misuse   of   data   about   individuals,   respect   its confidentiality, and preserve its integrity. We can meet these requirements by applying selected managerial, administrative, and technical procedures which, in combination, achieve the objectives of the Act. The major provisions of the Privacy Act that most directly involve computer security are as follows: e l l Limiting  disclosure  of  personal  information  to authorized persons and agencies; Requiring  accuracy,  relevance,  timeliness,  and completeness of records; and Requiring the use of safeguards to ensure the confidentiality and security of records. To assure protection for AIS processing of sensitive unclassified data, the Navy has established the limited AIS access security mode. A computer system or network is operating in the limited  access  security  mode  when  the  type  of  data being processed is categorized as unclassified and requires the implementation of special access controls to restrict the access to the data only to individuals who by their job function have a need to access the data. Unclassified Data Although  unclassified  data  does  not  require  the safeguards  of  classified  and  sensitive  unclassified  data, it  does  have  value.  Therefore,  it  requires  proper handling  to  assure  that  it  is  not  intentionally  or unintentionally lost or destroyed. AIS MEDIA PROTECTION MEASURES AIS media protection is important because that is where we store data, information, and programs. All data and information, whether classified or not, require some degree of protection. Software also requires protection. You would not want to lose the only copy of a program you had worked 4 months to write, test, and debug. The amount of protection depends on the classification of data, the type of AIS storage media used, the value of the material on it, and the ease with which  the  material  can  be  replaced  or  regenerated.  AIS media includes magnetic tapes, disks, diskettes, disk packs, drums, cathode-ray tube (CRT) displays, hard copy (paper), core storage, mass memory storage, printer  ribbons,  carbon  paper,  and  computer  output microfilm and microfiche. You   are   responsible   for   controlling   and safeguarding (protecting) the AIS media at all times. For purposes of control, AIS media can be divided into two types or categories: working copy media and finished media. You will be working with both. Working copy media is temporary in nature. It is retained for 180 days or less and stays within the confines and control of your activity. Examples of working copy media are tapes and disk packs that are used and updated at frequent intervals and coding forms that  are  returned  immediately  to  the  user  after processing. Finished media is permanent in nature. It includes tapes and disk packs, hard-copy output, or any other AIS media containing data or information to be retained for more than 180 days. Finished media can be released to another activity. For example, a magnetic tape can be  sent  to  another  activity  as  a  finished  media. However,  the  receiving  activity  may  treat  it  as  working copy media if it is kept 180 days or less. Of course, AIS media, whether working copy or finished copy, requires the use of security controls. Security   Controls The security controls we discuss are general in nature and are considered the minimum essential controls for protecting AIS media. Your activity’s standard operating procedures (SOPS) are designed to ensure  that  an  adequate  level  of  protection  is  provided. Classified working copy media must be dated when created, marked, and protected in accordance with the 4-11