What are the systems of public security network and information security management?

Network security management organization and system

Network security management institutions and rules and regulations are the organization and system guarantee of network security. Network security management system includes personnel resource management, asset and property management, education and training, qualification certification, personnel assessment system, dynamic operation mechanism, daily work norms, post responsibility system, etc. To establish and improve the network security management institutions and various rules and regulations, we need to do the following work well.

1. Improve management organization and post responsibility system.

The security of computer network system involves the security, interests and reputation of the whole system and institution. It is best for the main leaders of the unit to be responsible for the security and confidentiality of the system, and if necessary, set up a special organization, such as the safety management center SOC, to assist the main leaders in management. The security and confidentiality of important units and key departments shall be the responsibility of the security, confidentiality, security and technical departments respectively. Leading bodies and safety organizations of important computer systems, including safety review bodies, safety decision-making bodies and safety management bodies, should establish and improve various rules and regulations.

Improve special safety organizations and personnel. All units shall establish corresponding computer information system security committees, security teams and security officers. Members of the security organization shall be composed of personnel from the competent leadership, public security, information center, personnel, auditing and other departments, and experts from relevant departments may be hired when necessary. Security organizations can also set up special independent certification bodies. The establishment of the security organization and the change of its members should be reported to the public security computer security supervision department regularly. Cases occurring in the computer information system shall be reported to the local public security organs at or above the county level within the specified time, and shall be subject to the supervision, inspection and guidance of the public security organs on the prevention and control of harmful computer data.

Formulate the post responsibility system for all kinds of personnel, and strictly abide by the principles of discipline, management and division of labor. It is forbidden to work in series or at the same time. It is forbidden for programmers to concurrently serve as system operators, and it is forbidden for system administrators, terminal operators and system designers to mix posts.

Full-time safety management personnel are specifically responsible for the implementation of the regional safety policy of this system to ensure the long-term effectiveness of the safety policy: responsible for the installation and maintenance of software and hardware, daily operation monitoring, recovery of safety measures and risk analysis in case of emergency. Responsible for the security of the whole system, authorization, modification, authority, password, violation report, alarm record processing and console log audit of the whole system, and report to the competent leader in time when major problems cannot be solved.

Security auditors monitor the operation of the system, collect all kinds of illegal access to system resources, and record, analyze and deal with illegal events. When necessary, report the audit events to the competent department in time.

Security personnel are responsible for non-technical routine security work, such as security around the system, office security, access verification, etc.

2. Improve the safety management rules and regulations.

It is very important to establish and improve safety management rules and regulations and implement them conscientiously. Commonly used network security management rules and regulations include the following seven aspects:

1) system operation and maintenance management system. Including equipment management and maintenance system, software maintenance system, user management system, key management system, access control management and duty system, various operating procedures and norms, and regular inspection or supervision system of various administrative departments. The computer room in the confidential place shall stipulate the system that two people enter and leave, and a single person is not allowed to operate the computer in the computer room. The computer room door is double locked, which ensures that the computer room can be opened with two keys at the same time. The information processor is dedicated to the special plane and is not allowed to be used for other purposes. When the terminal operator leaves the terminal for some reason, he must exit the login screen to avoid being illegally used by other people.

2) Computer machining control management system. Including the compilation and control of data processing flow, the management of program software and data, the management of copy transplantation and storage media, the standardization of file records and the management of communication network system.

3) Document management. All kinds of vouchers, documents, account books, statements and written materials must be properly kept and strictly controlled; Cross-check bookkeeping; The information possessed by all kinds of personnel should be consistent with their responsibilities. For example, terminal operators can only read terminal operating procedures and manuals, and only system administrators can use system manuals.

4) Management system of operation management personnel. Establish and improve the management system of various related personnel, mainly including:

(1) Specify the specific use and operation of the computer or server, and define the job responsibilities, authority and scope;

(2) Programmers, system administrators and operators are separated, and they do not mix posts;

(3) It is forbidden to carry out work-related operations on the machine where the system is running;

(4) Do not run the program beyond the authority, and do not refer to irrelevant parameters;

⑤ When the system runs abnormally, it should be reported immediately;

⑥ Establish and improve the management system for engineering and technical personnel;

⑦ When transferring relevant personnel, corresponding safety management measures should be taken. Take back the key, hand over the work, change the password and cancel the account immediately when the personnel are transferred, and declare their confidentiality obligations to the transferred personnel.

5) Computer room safety management rules and regulations. Establish and improve the rules and regulations of computer room management, often carry out safety education and training for relevant personnel, and conduct regular or random safety inspections. Computer room management rules and regulations mainly include: computer room guard management, computer room safety work, computer room hygiene work, computer room operation management, etc.

6) Other important management systems. It mainly includes: system software and application software management system, data management system, password management system, network communication security management system, virus prevention management system, security level protection system, network electronic announcement system user registration and information management system, and foreign exchange maintenance management system.

7) Risk analysis and safety training

① Conduct risk analysis on a regular basis, and formulate emergency recovery plans and schemes for sudden disasters. Such as the contact information of key technicians, obtaining backup data and organizing system reconstruction.

② Establish a safety assessment training system. In addition to the assessment of key positions and new employees, we should also regularly carry out legal education, professional ethics education and computer security technology update education and training.

For personnel engaged in important information such as national security, military secrets, financial or personnel files, we should pay more attention to safety education and choose reliable and high-quality personnel.

3. Adhere to the system of cooperation and exchange.

Today, with the rapid development of computer network, it is facing severe security problems. Maintaining Internet security is a global knowledge and responsibility, and the responsibility of network operators is even more important. They should pay close attention to this and play a positive role in the internet, including being responsible for the vast number of users, including teenagers. Governments at all levels also have the responsibility to create a safe network environment for enterprises and consumers, and also need the joint efforts of industry organizations, enterprises and stakeholders. Therefore, we should vigorously strengthen cooperation and exchanges with relevant business units and security agencies, closely cooperate with * * * to maintain network security, and obtain necessary safety management information and professional technical support and update in time. At home and abroad, we should further strengthen exchanges and cooperation, broaden the channels of international cooperation in network security, and establish multi-level, multi-channel and cooperative mechanisms such as government, network security institutions, industry organizations and enterprises.

Further reading: Network Security Technology and Application (2nd Edition) edited by Jia Tiejun, Machinery Industry Press, Shanghai Excellent Textbook Award.