The security departments of cities and counties (including county-level cities and districts, the same below) shall, under the guidance of the higher-level security departments, manage the computer information security work in their respective regions.
The security organs of various organs shall, within the scope of their duties, manage or guide the computer information security work of this system.
State security organs, public security organs and other relevant departments shall, in accordance with the division of responsibilities, do a good job in computer information security. Article 4 The secrecy departments at all levels shall undertake the following duties of computer information secrecy:
(a) to guide, inspect and supervise the confidentiality of computer information within the scope of duties;
(two) in conjunction with the relevant departments to investigate and deal with illegal acts of using computers to disclose state secrets;
(three) to undertake the confidentiality review and registration of the use of computer information systems. Fifth classified computers and their computer rooms shall be subject to safety technical inspection and take safety technical measures. Article 6 Relevant functional departments shall, in accordance with national standards, detect the electromagnetic radiation of classified computers and take corresponding protective measures. Article 7 The use of computers to process information involving state secrets (hereinafter referred to as classified information) and to open a classified information network shall be reported to the secrecy department and the competent business department of the people's government at or above the county level for examination and registration.
A confidential computer shall not access the international information network or the domestic public information network. Article 8 Computer network systems dealing with confidential information shall adopt technical measures such as user identity authentication, access control, data protection and network security monitoring and management. Article 9 Computer network access units shall conduct confidential education for corresponding network users and strictly implement the system of user registration and qualification examination. Article 10 Computer information systems and their users shall strengthen the security management of confidential information sources and establish and improve the following security systems:
Access to the workplace system;
(2) Computer operating system;
(three) to enable the password and user identity management system of information sources.
In addition to the above management system, computer users who handle confidential information should also establish information medium management, security machine and key management system. Eleventh leaders in charge of the computer information network center are responsible for the examination and approval of online information. The system administrator is responsible for the confidential management of network information and monitoring the normal operation of network information; If it is found that state secrets have been leaked, it shall take remedial measures in time and report to the secrecy department and the competent leader. Twelfth computer information network center system administrators and operators at all levels shall receive safety training from the security department. Article 13 When receiving and sending information, users of classified computer information systems must strictly perform the examination and approval procedures, and transmit and process the information in accordance with the regulations on the management of documents with the same classification. Fourteenth computer information systems are strictly forbidden to transmit top secret information. Confidential and confidential information should be marked with "confidential" and "secret" respectively, and transmitted after encryption. Fifteenth classified information transmitted by classified computer information system should be "confidential" and "top secret" is strictly prohibited. Article 16 After the classified information stored in the computer hard disk that is not specially used for processing classified information is processed, the classified information (including backup information and other related classified information) in the hard disk shall be irretrievably deleted immediately. Confidential information that needs to be saved can be transferred to floppy disk, CD-ROM or other removable media.
The media storing classified information shall be marked with the classification according to the highest classification of the stored information, and managed according to the files with corresponding classification. Seventeenth confidential computer information in the print output, the print file should be managed according to the corresponding confidential files; Residual pages, secondary pages and waste pages generated in the printing process should be destroyed in time. Article 18 The maintenance and repair units of classified computers must hold the approval certificate of the secrecy department at or above the municipal level, and have the obligation of confidentiality. Nineteenth people who have made remarkable achievements in computer information security work shall be rewarded by their units or higher authorities. Twentieth security departments or security agencies in violation of these provisions, shall be ordered to stop using computers, rectification within a time limit; It can only be used after being examined and accepted by the security department or security agency. Twenty-first in violation of these regulations, the disclosure of state secrets, in accordance with the "People's Republic of China (PRC) State Secrets Law" and its implementation measures and other relevant provisions. Article 22 These Provisions shall come into force as of 1 February, 9991day.