All units shall formulate and organize the implementation of their own network and information security management rules and regulations according to the relevant laws, regulations and work requirements of network and information security. It is necessary to clarify all kinds of responsibilities in network and information security work, standardize the internal control and management system of computer information network system, and earnestly do a good job in network and information security work of this unit.
Second, strengthen the management of network and information security.
All units should set up a leading group for the application and management of computer information network system, which is responsible for guiding, coordinating, inspecting and supervising the construction, application, management and maintenance of computer information network system. It is necessary to establish a post responsibility system for the application and management of computer information network systems in this unit, clarify the leaders in charge, implement the responsible departments, carry out their duties, and make unremitting efforts, and earnestly perform information security duties in accordance with the principle of "who is in charge, who runs and who uses".
Three, strict implementation of computer network management regulations.
All units should improve their awareness of computer network safety, prohibit classified computers from connecting to the Internet and other public information networks, prohibit storing and processing classified information on non-classified computers, and prohibit cross-use of mobile storage media between classified and non-classified computers. The office intranet must be physically isolated from public information networks such as the Internet, and technical protection measures such as identity authentication, access control and security audit should be strengthened to effectively monitor illegal operations and prevent illegal downloading of confidential and sensitive information. Processing, transmitting and forwarding confidential and sensitive information through Internet e-mail and instant messaging tools.
Fourth, strengthen the review and supervision of information release on websites and WeChat public platforms.
When publishing information on the Internet through portal websites and WeChat public platforms, all units shall follow the principles of confidentiality and confidentiality, and establish a strict censorship system in accordance with the Regulations on the Openness of Information and relevant regulations. Check the information published on the website, including: whether the online information is classified; Whether it is appropriate to release online information at present; Whether the words, data, charts and images in the information are accurate, etc. Without the permission of the leader of the unit, it is strictly forbidden to publish information on the Internet in the name of the unit, and it is strictly forbidden to exchange and disseminate confidential information. Adhere to the review first, then open, first instance and comprehensive review. The review of the network information release of each unit shall be implemented by the leaders in charge and the departments.
Discipline of news reporting on major emergencies and sensitive events (cases), if it is really necessary, in principle, do not publicize and report news articles on sensitive events (cases) such as ethnic, religious, military, environmental protection, anti-corruption, human rights, family planning, crackdown activities, terrorism cases, natural disasters, public arrests related to violence, trial of cases, non-religious faculty members, beards, masked robes and so on.
Five, organize the network and information security inspection.
All units should focus on a network security cleaning and self-inspection in the near future. Carefully analyze the security threats and risks of office network, portal website and WeChat public platform, formulate and organize the implementation of various network and information security work plans of the unit, and eliminate information security risks in time as required. All units should strengthen the supervision and inspection of network and information security, find problems, plug loopholes and eliminate hidden dangers in time; The problems found in the self-examination should be thoroughly checked and strictly controlled, and corrected immediately. Units with serious problems should be seriously rectified.
How to Strengthen Network Security Management
1 Formulate laws, regulations and policies on network security management.
Laws and regulations are an important code of conduct and an effective way to realize orderly management and social fairness and justice. The network is increasingly inseparable from our lives, and the governance of the network environment must be regulated by the rule of law. Many countries in the world have formulated laws and regulations on network security management to regulate network order and behavior. The Ministry of Industry and Information Technology has formulated the Administrative Measures for the Security Protection of Communication Networks in view of the security problems of network communication in China. It is clearly stipulated that network communication institutions and units have the responsibility to effectively classify network communication science. According to the degree of damage that network units may suffer, they should be classified according to their grades, which will damage economic development and social system construction, national security and public interests. Telecommunications management departments can organize relevant personnel to conduct audit and evaluation according to the classification. The executing agency, that is, the network communication unit, should rate the substantial effectiveness of the network unit according to the actual problems. In view of the above provisions, we can realize that the premise of ensuring network security must have scientific and reasonable management systems and methods. The network computer system is equivalent to a big tree. If something goes wrong with the branches of the big tree, it will inevitably affect its growth. The following figure is a schematic diagram of the network domain name management analysis system.
It can be seen that the first-level domain name is divided into several subdomains, which are closely connected with the next-level domain name through the upper-level domain name, and the next-level domain name is awarded to the next-level domain name department. Prevent the first-level management organization from being too broad in system, leading to aimless management. Decentralize power through hierarchical management. Maintain the limited operation of network security and ensure the all-round and healthy development of all levels under the scientific and standardized network system.
Some developed countries have implemented a series of management regulations for network security and operation, and strengthened network security performance through laws, which also shows that countries attach importance to network security issues. For example, Canada has promulgated regulations on consumer rights in e-commerce and cyber security law. Some countries in Asia have also enacted laws such as e-mail laws to protect network security. Japan's Ministry of Internal Affairs and Communications also focuses on legislation, which clearly stipulates wireless local area networks, and it is strictly forbidden for users to accept cracking network data and encrypting information on their own. Penalties and measures have also been formulated for those who violate the regulations. Protect the security of encrypted information with legal weapons. More than a decade ago, Japan promulgated the Personal Intelligence Law, which prohibited cyber violence and pornography. Strictly guard against network environment and network security problems, and reduce the occurrence of juvenile delinquency.
It can be said that the protection network of network security is first of all the laws and regulations to protect network information security, and the network security problem has become an urgent problem. Every network user should live in harmony with the computer network, be able to do introspection and self-alarm, and not use the network to do illegal things.
Adopt the most advanced network management technology.
Sharp tools can do a good job. If we want to ensure a safe and stable network environment, we must adopt advanced technical management means. 20 1 1 The password of 6 million users of China's largest software development alliance website was stolen, and the password of 5 million users of Renren, a well-known domestic netizen exchange and interaction platform, was stolen, and many other websites have experienced such a network security tragedy. The most important reason is that the user database is still using the old plaintext management method, and the new and safer user account management method has not been applied in time. This is reflected in the statement that the user account of CSDN website was leaked: "The early use of plaintext passwords on CSDN website was brought by integration and verification with a third-party chat program, and the programmers never dealt with it again. Until April 2009, the programmer at that time modified the password storage method and changed it to an encrypted password. However, some old plaintext passwords have not been cleared. At the end of August, 2065438+00, all passwords in the account database were cleared. On 20 1 1 New Year's Day, we upgraded the account management function of CSDN and used strong encryption algorithm. The account database was migrated from SQL Server on Windows Server to MySQL database on Linux platform, which solved various security problems of CSDN account. " Through the above cases, we know that it is extremely important to adopt advanced network management and development technologies and platforms to ensure the security of network applications and avoid catastrophic losses. At the same time, we should also study and develop new methods and technologies to avoid network security. We must reach the realm that there are people outside, and there is a sky outside, in order to win a complete victory in the defense of network security. Ensure the normal operation of the network optimization environment.
3 Choose excellent network management tools
Excellent network management tools are the basis of the security and effectiveness of network management. Advanced network management tools can promote the real implementation of network management laws and regulations, ensure the integrity of network users and effectively guarantee the implementation of information supervision.
In a family, parents and children are inseparable from communication. Communication is like a pipeline through which both positive and negative sides can be transmitted. So is the network system. Children are addicted to the online world, watching pornographic performances and playing games on unscrupulous websites, all of which need the shielding of network technology and network tools. There are also some phishing websites, as well as spam and advertisements, which need to be handled with the help of an effective network information system security system. Ensure smooth and safe network speed. Network management tools and software can play this role. Now let's look at several management system models:
Different models and versions of network software systems are put forward according to the difference of network requirements. The process of network use requires us to have a stable and safe network information system.
The change of network environment also puts forward different requirements for network security tools, which requires that the network interface must be able to meet the needs of different people, especially network customers and single network customers, by effectively dividing the network security level. In a company, a small network interface can meet the needs of all departments of the company, and it is their demand to ensure the smooth operation of the internal network. Therefore, it is very necessary to choose a high-quality network management software and tools.
4 Select qualified network managers.
Network management is like a locomotive with good performance, but only people with excellent technical operation can undertake the heavy responsibility of making it play a good role. Advanced network management tools and technologies, some operators can't use or are not good at using them, and their thinking mode is outdated, which will only bring more negative effects to network security, fail to guarantee the stability of network security, and lay hidden dangers for safe operation.
4. 1 Must know the basic knowledge of network.
Generally speaking, network technology is the basis for the effective operation of computer network system. Must be familiar with the basic knowledge of network computer, network system architecture, network maintenance and management, internal LAN, effective prevention and control of network viruses and other basic operational knowledge. In addition, network managers should have solid theoretical knowledge and operational skills, and be proficient in network equipment, security, management and field development and application, without blank areas. The maintenance and operation of computer network also requires network managers to have corresponding professional qualification certificates, which can also explain the level reached by managers. Implement effective management in terms of network requirements and network performance.
4.2 Familiar with network security management regulations
Network managers must be familiar with the relevant security management measures formulated by the state and protect network security through weapons of laws and regulations. As the basis and standard of their work, it is necessary and capable to do their duty to maintain network security.
4.3 Strong sense of responsibility
Different from ordinary management positions, network security problems may occur at any time. This puts forward higher and more practical requirements for network managers. In order to have keen observation and quick decision-making ability, and put forward effective countermeasures to minimize network security problems, network managers must have a strong sense of responsibility. The problem can be solved within 8 hours, so as not to affect the future network operation.