(1) Strictly review the newly developed management information system project and execute it in strict accordance with the budget.
(2) The user's demand target in the demand specification must be achieved.
(3) Meet the predetermined quality standards.
(4) The management information system shall establish corresponding systems and business operation documents.
2. Hardware security measures
The hardware equipment or auxiliary equipment selected for the computer room should be stable and reliable, with excellent performance, low electromagnetic radiation and as low as possible requirements for environmental conditions. The equipment can resist earthquake, moisture, electromagnetic radiation interference and static electricity, and has the automatic protection ability of over-voltage, under-voltage and over-current, and has good grounding protection measures.
3. Environmental safety measures
(1) Reasonably plan the location of the central computer room and the computer rooms of all departments, and strive to reduce the opportunities for irrelevant personnel to enter.
(2) The computer room has taken fire prevention, waterproof, moisture-proof, antimagnetic, dustproof, lightning protection, anti-theft and other measures, and set up a fire alarm device.
(3) The power supply is safe and stable.
(4) Install air conditioning equipment to adjust indoor temperature, humidity and cleanliness.
(5) anti-static and radiation protection.
4. Security measures of communication network
(1) adopts secure transport layer protocol and secure hypertext transfer protocol to ensure the security of data and information transmission.
(2) Using firewall technology.
(3) Active defense means with encryption.
(4) VPN (Virtual Private Network) technology is adopted.
5. Software security measures
Software is the main factor and means to ensure the normal operation of management information system.
(1) Choose a safe and reliable operating system and database management system.
(2) Establish a security protection subroutine or an access control subroutine, make full use of the security measures provided by the operating system and the database management system, strengthen the identification and inspection of users, and control the access rights of users.
(3) Try to use the object-oriented development method and modular design idea to encapsulate a certain kind of function, so as to better isolate the module from the subsystem and avoid the error propagation after the error occurs.
(4) Carry out safety inspection and test on all working procedures, find unsafe factors in time and gradually improve them.
(5) Adopt mature software security technologies, including software encryption technology, software solidification technology, installation of high-performance anti-virus cards, anti-virus software, hard disk recovery cards, etc. , in order to improve the system security protection ability.
6. Data security measures
Data security management is the core of management information system security.
(1) data access control
Access control usually adopts the following two measures.
① Identify and verify users accessing the system.
(2) Determine user access rights.
(2) data encryption