According to the importance of information system application business and its actual security requirements, protection should be implemented in different levels, categories and stages to ensure the normal operation of information security and system security and safeguard national interests, public interests and social stability. The core of hierarchical protection is to classify information systems, especially business application systems, and build, manage and supervise them according to standards. The state applies laws and technical norms to strengthen the supervision of information security level protection. Highlight key points and ensure the safety of important information resources and important information systems.
The main contents of the hierarchical protection system:
& gt Information security level protection refers to the management and protection of state secret information, proprietary information of legal persons and other organizations and citizens, and public information classification; Information systems should be protected at different levels according to application fields and business security fields.
Information security products used in the> system should be subject to hierarchical license management.
& gt The grading system shall be implemented in the grading license management of safety service qualification.
& gt Respond to and handle different levels of information security incidents in information systems.
Why do you want to engage in grade protection?
& gt protect enterprise security applications. The hierarchical protection of information security is an objective demand: the establishment of information system is designed and established for the needs of social development and social life, and it is a reflection of social composition, administrative organization system and its business system. This system is hierarchical and hierarchical. Therefore, information security protection must conform to the objective existence.
> classified protection is the development law of information security: according to the application fields of institutional business, it is an objective law that must be followed to protect and manage by layers, classification and classification, and to promote the construction of classified protection system in stages.
What is the function of level protection?
It refers to the hierarchical security protection of the proprietary information of national security, legal persons, other organizations and citizens, as well as the information systems that disclose information and store, transmit and process these information, the hierarchical management of information security products used in information systems, and the hierarchical response and disposal of information security incidents in information systems.
Classification of level protection:
There are five levels, the lowest level and the highest level.
The first level: user independent protection level;
The second level: system audit protection level;
Level 3: protection level of safety signs;
The fourth level: structured protection level;
Level 5: Access Authentication Protection Level "
Summary: As for the simple analogy at all levels, you can think like this. Generally, the general county-level system is about 1-2, with cities above level 2 and important points around level 3. Most provincial offices are level 3, and important points can be level 4, but not many. National ministries and commissions are above level 4, and national security is level 5.