1. Network security self-inspection report
According to the spirit of the document "Notice on Carrying out Special Inspection of E-government Network Information Security and Network Management in xx City", our bureau actively organized and implemented it, conducted self-examination on network security infrastructure construction, network security prevention technology and network information security management, and made a profound analysis on our bureau's network information security construction. The self-inspection is now reported as follows: 1. Strengthen leadership and set up a leading group for network and information security.
In order to further strengthen the security management of global network information systems, our bureau has set up a leading group for the security and confidentiality of network and information systems, which is headed by the director and has an office, so that the division of labor is clear and the responsibilities are specific to people. Ensure the smooth implementation of network information security.
Second, the current situation of network security in our bureau
1997, the statistical information automation construction of our bureau has gradually developed from a small local area network to a four-level interconnected network with the national bureau, the autonomous regional bureau and the county bureau. Cisco 7600 and 3600 switches are used in the network core, 3com4226 switch is used in the data center, and 3com4226 switch, Cisco 2924 switch and Lenovo Tiangong ispirit 1208e switch are used in the acquisition layer. The total number of wired access points can exceed 150, and about 80 have been used at present. The backbone of the data center is gigabit switching, and 100 megabytes are switched to the desktop. Internet exports are provided by the Municipal Information Office in a unified way, with dual 100-megabit optical fibers. It is directly connected to the statistics bureau of the autonomous region with 2 trillion optical fibers, and the statistics bureaus of counties and districts and three development zones are connected to the network of the statistics bureau of the autonomous region from the Internet with Tianrongxin virtual private network software, with a total bandwidth of 4 trillion, and then connected to our bureau. Horizontally, actively promote the interconnection between the Municipal Bureau of Statistics and the government network. At present, it has realized optical fiber connection with more than 100 municipal party and government departments and 12 county and district governments. Our bureau uses Tianrongxin hardware firewall to protect the network, uses Weisi network isolation card and file self-defense software to protect key computers, and installs genuine Kingsoft Internet Security antivirus software to prevent and control viruses on computers around the world.
Three, my bureau network information security management
In order to do a good job in informatization construction and standardize statistical informatization management, our bureau has specially formulated the Rules and Regulations on Informatization of xx Municipal Bureau of Statistics, which has made detailed provisions on informatization management, internal computer security management, computer room management, computer room environmental security management, computer and network equipment management, data and information security management, network security management, computer operator management, website content management and website maintenance responsibility, and further standardized our bureau's information security management.
In view of computer security work, our bureau has formulated a confidential computer management system, and computer users have signed the post responsibility letter of xx Municipal Bureau of Statistics, so that whoever uses the computer will be responsible for the strict and standardized management of the data and information generated in our bureau's intranet.
In addition, our bureau organizes relevant computer security technical training on a global scale every year. Comrades at the computing station also actively participated in the training of computer security technologies such as the Municipal Information Office, which improved the skills and awareness of network maintenance and security protection and effectively guaranteed the normal operation of our statistical information network.
Fourth, the lack of network security and corrective measures
At present, there are still the following shortcomings in the network security of our bureau: First, the awareness of security prevention is relatively weak. Second, the virus monitoring ability needs to be improved. Third, unexpected events such as malicious attacks and computer virus attacks are not handled in time.
In view of the current deficiencies in the network security of our bureau, the following rectification measures are put forward:
1, strengthen the training of computer operation technology and network security technology in our bureau, and strengthen the awareness of computer operators on network viruses and information security.
2. Strengthen the study of computer technology and network technology by comrades in the computer station of our bureau, and constantly improve the technical level of computer professionals in our bureau.
2. Network security self-inspection report
According to the spirit of the Notice of Hengyang Municipal People's Government Office on Carrying out Network and Information Security Inspection in Key Areas of the City, on September 10, the Municipal Electric Power Administration took the lead in organizing the self-inspection of the city's government information system. The self-inspection is summarized as follows: 1. Organize the self-inspection of network and information security.
From September 10, led by the Municipal Electric Power Bureau, the current network and information security situation of all units directly under the municipal government was comprehensively investigated. This survey is mainly based on self-examination by all units, supplemented by spot checks by the Municipal Electric Power Bureau. The key points of self-examination include: network maintenance of the power bureau's computer room, password protection and upgrading of party and government maintenance, thorough investigation of information system operation of municipal units, virus detection of municipal units' clients, network data flow monitoring and data analysis of municipal units, etc.
Two. Information security work
Through the efforts of the Electric Power Administration and various units in the first half of the year, our city has mainly completed the following work in network and information security:
1, all systems accessing the municipal e-government network are strictly implemented in accordance with the specifications. Our bureau is based on the information release and audit system of the party and government organs in Changning City, the emergency plan for network and information security in Changning City, and China? Changning "Party and government station on duty reading network system", "China? Changning's "Emergency Management Plan for Party and Government Stations" and other systems require regular safety inspections to ensure that all safety and security measures are put in place.
2. Organize information security training. The municipal government departments and information security technicians were trained on topics such as website penetration attack and protection, virus principle and protection, and their information security skills were improved.
3, strengthen the inspection of the party and government stations. Regularly check the external webpage security of each department's sub-websites, issue security risk scanning reports, and assist and urge relevant departments to carry out security reinforcement.
4. Do a good job in information security in important periods. Take a series of effective measures to implement the 24-hour duty system and safety daily report system, sign information security guarantee letters with key departments, strengthen real-time monitoring of Internet export access, and ensure the security of information systems during xx period.
Three, the main problems found in the self-examination and threat analysis
Through this self-examination, we also found some problems that still exist at present:
1. The rules and regulations of some units are not perfect enough to cover all aspects of information system security.
2. The safety awareness of employees in a few units is not strong enough, and the daily operation and maintenance management lacks initiative and consciousness, and the implementation of rules and regulations is not strict and the operation is not standardized.
3. There is also computer virus infection, especially the security problems caused by mobile storage devices such as USB flash drives and mobile hard disks.
4. Information security investment is insufficient, and risk assessment and level protection need to be strengthened.
5. Information security managers lack information security knowledge and skills and mainly rely on the strength of external security service companies.
Fourth, improvement measures and rectification results
On the basis of careful analysis and summary of the previous self-inspection work of various units, on September 12, our office dispatched three comrades to form an inspection team to conduct spot checks on the security of important information systems of some municipal organs. The inspection team * * * scanned the residence of 18 unit, and carried out security inspection on 15 important business system server, 46 clients, 10 switch and 10 firewall by combining automation with manual work.
The inspection team conscientiously implemented the concept of "inspection is service", and conducted a detailed and thoughtful safety inspection on the spot-checking units in accordance with the requirements of the Notice of Hengyang Municipal People's Government Office on Carrying out Network and Information Security Inspection in Key Areas of the City, and provided a comprehensive safety risk assessment service, which was welcomed and affirmed by the service units. From self-examination and verification to the implementation of management system, from the external security scanning of website to the security detection of important business systems, from the overall network security assessment to the on-the-spot investigation of the physical environment of the computer room, the inspection comprehensively understood the information security situation of each unit, found some security problems, eliminated some security risks in time, put forward targeted rectification suggestions, and urged relevant units to seriously implement the rectification according to the report. Through the information security inspection, all units have further improved their ideological understanding, improved the safety management system, strengthened safety precautions, implemented the rectification of safety issues, and significantly improved the city's safety guarantee capacity.
Verb (abbreviation of verb) Opinions and suggestions on strengthening information security.
In view of the above problems, the city actively carries out rectification, and the main measures are as follows:
1. According to the requirements of the Notice of Hengyang Municipal People's Government Office on Carrying out Network and Information Security Inspection in Key Areas of the City, all units are required to further improve the rules and regulations and put all systems in place.
2. Continue to increase safety education and training for all employees, improve information security skills, and actively and consciously do a good job in safety.
3. Strengthen information security inspection, and urge all units to effectively implement the security system and security measures. Those responsible for safety accidents that lead to adverse consequences should be seriously investigated for responsibility.
4. Continue to improve the information security facilities, closely monitor and monitor the e-government network, and establish an all-round security protection system from the aspects of border protection, access control, intrusion detection, behavior audit, anti-virus protection and website protection.
5. Intensify the promotion of emergency management, set up an emergency support technical team based on the team of information safety officers in the city, strengthen cross-departmental cooperation, improve emergency plans, do emergency drills well, and minimize the impact of security incidents.
3. Network security self-inspection report
According to the Notice of State Taxation Administration of The People's Republic of China on Carrying out Security Inspection of Tax Information System (Guo [20xx] No.397), Notice of Jiangxi Provincial State Taxation Bureau on Carrying out Safe Fee Reduction of Tax Information System (Guo [2011] No.223) and Notice of XX State Taxation Bureau on Carrying out Safety Inspection of Tax Information System (letter [In accordance with the requirements of relevant documents and the principle of "whoever is in charge is responsible, whoever operates is responsible, and whoever uses is responsible", our bureau carried out this special work of information security inspection. Find weak links and security risks, analyze the risks faced by networks and information systems, evaluate the security status of networks and information systems, further strengthen information security awareness, standardize information security management, and effectively ensure the safe operation of tax networks and information systems. The self-inspection is now reported as follows: 1. Clear the competent leaders and specific management personnel in charge of information security inspection, and set up an information security inspection working group to conduct a comprehensive inspection of the information network security of the unit.
Team leader:
Deputy team leader:
Members:
Second, the inspection focus
(1) Management of information center computer room and rural sub-center computer room.
After inspection, the computer rooms of the information center of our bureau and the computer rooms of four rural sub-bureaus have reliable fire-proof and anti-theft facilities, and are equipped with air conditioners, which can adjust the temperature to a suitable range, effectively ensuring the good operation of the equipment. According to the Interim Regulations on the Administration of Computer Rooms of XX County State Taxation Bureau, establish a sanitary duty system to keep the machines, equipment, appliances and floors of the computer room clean, dry and clean.
The main computer room of the information center is equipped with UPS power supply. When the external power supply is interrupted, the UPS power supply will be started immediately, and the generator can be used to generate electricity when necessary, so as to ensure the smooth network for 24 hours and ensure the normal development of tax business.
(2) Application system operation and data backup.
The main application systems of our bureau include FTP and document processing. The server of the application system is stored in the main computer room of the information center, and it is running well at present. Make timely, monthly and annual backups of data generated by server operation, and manage the annual backup data through CD burning and archiving.
(3) Network link and security status
At present, telecommunication lines are the main lines connecting to the network of the municipal bureau, and mobile lines are reserved. When there is a network fault, when there is a line-level fault, the standby line should be started immediately to quickly judge the faulty node and find out the cause of the fault. Once the system fails, organize personnel to recover immediately. In case of network equipment failure, the county bureau usually temporarily and urgently allocates spare turnover equipment to solve it, so as to ensure smooth routing and require that the damaged network equipment be repaired as soon as possible; If it is within the jurisdiction of the telecom or mobile department, contact the telecom or mobile maintenance department immediately and ask the line providing department to conduct a comprehensive operation fault investigation of the transmission equipment and optical fiber lines provided to the national tax system, and formulate corresponding fault handling schemes and corresponding safeguard measures for weak links; At the same time, increase daily operation technical services to ensure that port-level faults are recovered within 10 minutes, equipment-level faults within 2 hours, and line-level faults within 3 hours.
According to the principle that the internal and external networks must be physically isolated, it is forbidden for the internal network office computers to log on to the Internet. If it is really necessary to access the Internet due to actual work needs, the information center will arrange it in a unified way and equip it with special computer equipment to use the Internet, so as to ensure that there is no physical link between the Internet and the internal network of State Taxation Administration of The People's Republic of China when accessing the external network, prevent online virus infection and hacker attacks, and ensure the security of confidential information.
(four) the use and management of personal computers
The management and use of computer equipment shall be subject to the principle that the individual is responsible, and whoever uses it shall be responsible. The IP planning of computer equipment in the county tax system shall be uniformly set by the network management personnel of the county bureau information center, and the "XX County State Taxation Bureau Computer Equipment Identification Card" shall be pasted on each computer equipment, indicating the relevant information. No other unit or individual may modify the computer IP address and name without authorization.
All office computers in the county's national tax system are uniformly installed with the online version of Rising antivirus software, Beixinyuan desktop security protection system and SUS client issued by the provincial bureau, and the latest system patches are installed in time to prevent computer viruses from damaging computers and network equipment; All departments of the county bureau and rural sub-bureaus regularly inspect and disinfect computers, and regularly feed back the results to the information center. When the computer is found to be infected with virus, immediately use anti-virus software to kill the computer, and at the same time use virus detection software to track and analyze it, intercept and isolate it in time, and enter DOS or safe mode for anti-virus removal.
In order to ensure the safe use of each application system, it is stipulated that users of each system must modify the user password, and the default password is prohibited to ensure that the account authority is not stolen or abused by others.
Three, the main problems found in the information security inspection and rectification opinions
According to the requirements of the relevant documents of the superior bureau, we also found some shortcomings in the process of self-inspection, mainly in the following aspects that need to be rectified.
1, lack of safety awareness. A few cadres do not have a strong sense of security and do not pay enough attention to the requirement of changing passwords. Some comrades still use the default password. We should continue to strengthen the safety awareness education for government officials and improve their initiative and consciousness in safety work.
2, the technical level is not high enough, because the computer network information security technology is professional, there is a certain gap from the requirements of the higher authorities on the overall level. In the future, we must strengthen training, improve professional skills, combine civil air defense with technical defense, and regard the technical level of computer security protection as an invisible barrier to protect information security.
3. The working mechanism needs to be improved. In the new era of information explosion, computer technology is changing with each passing day. Innovating the safety working mechanism to meet the needs of development is an inevitable requirement of the new situation of information work, which is conducive to improving the operating efficiency of network information work of organs and further standardizing the office order.
In the future work, our bureau will intensify information security inspection, conscientiously implement technical preventive measures, and special personnel will regularly conduct self-examination on daily use, discover and eliminate hidden dangers of computer information systems in time, and continuously improve the security guarantee ability and information security work level of tax information systems.
4. Network security self-inspection report
In order to further strengthen the information system security management in our hospital, strengthen the awareness of information security and confidentiality, and improve the level of information security, according to the requirements of the Document Notice on the Supervision and Inspection of Health System Network and Information Security in xx Province by the Provincial Health Planning Commission, the leaders of our hospital attached great importance to it, set up a special management organization, and held a meeting of heads of relevant departments to thoroughly study and conscientiously implement the spirit of the document. Fully aware of the importance and necessity of carrying out self-inspection on network and information security, the dean in charge made detailed arrangements for self-inspection, was responsible for arranging and coordinating relevant inspection departments, supervising and inspecting projects, establishing and improving the hospital network security and confidentiality responsibility system and related rules and regulations, strictly implementing various provisions on network information security, and conducting special inspections on network information security of all departments in the hospital. The self-inspection is now reported as follows: 1. Basic situation of hospital network construction.
Hospital information management system (HIS system) was upgraded by xxXX Technology Co., Ltd. in XX. Our technicians are responsible for the upgraded foreground maintenance, and the technicians of xxxx Technology Co., Ltd. are responsible for the background maintenance and accident handling.
Second, the self-inspection work
1, computer room safety inspection. Computer room safety mainly includes fire safety, electricity safety, hardware safety, software maintenance safety, door and window safety and lightning protection safety. The server room of hospital information system is built in strict accordance with the standard of computer room, and the staff insist on fixed-point inspection every day. The system server, multi-port switch and router are all protected by UPS power supply, which can ensure the normal operation of the equipment for 3 hours under the condition of power failure and will not damage the equipment due to sudden power failure.
2. LAN security check. It mainly includes network structure, password management, IP management, storage media management, etc. Each operator of HIS system has his own login name and password, and is given the corresponding operator authority. The account operated by others shall not be used, and the management system of "who uses, who manages and who is responsible" shall be implemented for the account. Hospital LANs have fixed IP addresses, which are uniformly distributed and managed by the hospital. You can't add new IP without permission, and unassigned IP can't connect to the hospital LAN. The USB interfaces of all computers in the local area network of our hospital are fully enclosed, which effectively avoids poisoning or leakage caused by external media (such as U disk and mobile hard disk).
3. Database security management. Our hospital adopts the following data security measures:
(1) Separate the part of the database that needs to be protected from other parts.
(2) Adopt authorization rules, such as account number, password, authority control and other access control methods.
(3) The database account password shall be managed and maintained by special personnel.
(4) Database users must change their passwords every six months.
(5) The server adopts virtualization for security management. When the current server has problems, switch to another server in time to ensure the normal operation of the client business.
Third, emergency response.
The server of HIS system in our hospital is safe and stable, equipped with large UPS power supply, which can ensure the server to run for about six hours in the case of large-scale power failure. Our hospital's HIS system has just been upgraded, and the server has not been down for a long time. However, the hospital has formulated an emergency plan and trained charging operators and nurses. If the HIS system can't operate normally due to a large-scale and long-term power outage in the hospital, manual charging, bookkeeping and medicine distribution will be temporarily started to ensure the normal and orderly diagnosis and treatment activities. When the HIS system returns to normal operation, invoices and fees will be supplemented.
Fourth, the existing problems
The network and information security work in our hospital has been done carefully, and there has never been a major security accident. All systems are running stably, and all businesses can run normally. However, the self-examination also found shortcomings, such as the lack of information technology personnel, limited information security force, incomplete information security training, insufficient awareness of information security, and insufficient initiative and consciousness of individual departments to maintain information security; Insufficient emergency drills; The condition of computer room is poor; Individual departments have low computer equipment configuration and long service life.
In the future, we should strengthen the training of information technology personnel, improve the technical level of information security, strengthen the information security education of hospital staff, improve the initiative and consciousness of maintaining information security, increase the investment in hospital informatization construction, improve the configuration of computer equipment, and further improve the work efficiency and the safety of system operation.
5. Network security self-inspection report
After receiving the Notice of Chongqing Banan District Education Committee on Forwarding the Implementation Plan of Banan District Information Network Security Inspection Special Action, the school immediately implemented the relevant departments to conduct self-examination according to the spirit of the document. The self-inspection is now reported as follows: 1. Enrich the leading institutions and strengthen the implementation of responsibilities.
After receiving the document notice, the school immediately convened an administrative office meeting to further implement the leading group and working group, and to implement the division of labor and responsible persons (see Annex I for the leading group). The special action of network security inspection in Yudong No.2 Primary School is directed by the school leaders and implemented by the school information center. The Information Center has set up a working group (see Annex 1 for the working group). The members of the working group and their respective divisions carry out management, maintenance and information inspection training, which are implemented layer by layer, and resolutely implement the management principle of who is in charge, who is responsible for operation and who is responsible for use, so as to ensure the absolute security of our campus network and provide a safe and healthy network use environment for all teachers and students.
Two, to carry out safety inspection, timely rectification of hidden dangers.
1, our school network center, function room, computer room, classroom, office, etc. Rules and regulations for use and safety management were established and posted on the wall.
2. The security protection of network center is the most important, which can be divided into physical security, network import and export security and data security. Physical safety mainly refers to fire prevention, theft prevention and physical damage to facilities and equipment. The security of network entrance and exit refers to the security of fiber access firewall, router, core switch and intranet access, and grasp the source well. Data security refers to the data backup of campus network, the processing and reporting of unsafe information and the transfer of information. The information center has an independent management system, such as network update registration, server resources, hard disk distribution statistics, security logs, etc. , easy to find problems and find them in time.
3. We have carried out a special cleaning check on the accounts and passwords of several major website platforms in our school, strengthened the level of weak passwords, and updated and upgraded the application software in time. Our school is a telecom fiber-optic private line accessing the Internet, using Cisco hardware firewall as the first line of defense, then accessing the router, and finally accessing the core switch, which ensures several important filters for our school's network accessing the Internet. The antivirus software of the network center server is the official version, which can be updated regularly and patched every day to eliminate all possible security risks. There are two external servers (FTP server and WEB server) in our school. The FTP server only opens 2 1 port, and all other ports are closed. Similarly, the WEB server only opens port 80, and all other ports are closed. It is convenient for teachers and students to use, while ensuring the absolute security of the network. Due to the great attention and proper management of our school leaders, there has been no record of intrusion into the intranet since the establishment of the campus network in 200 1.
4. Strengthen network security management, conduct a comprehensive security check on all computer equipment connected to the core switches in our school, and upgrade computers with loopholes in operating systems and inadequate anti-virus software configuration to ensure network security.
5. Standardize the process of information collection, review and release, and strictly review the information release to ensure the accuracy and authenticity of the released information content. Check the guest book of our school station, the posts and messages on the second small blog regularly every week, screen unhealthy information, make data backup for problems that reflect the situation, and report to the school in time.
6. In the third week of this issue, our school organized teachers to learn information network laws and regulations at the faculty meeting, to raise teachers' awareness of rational and correct use of network resources, to develop good online habits, and not to do anything that violates information network laws and regulations.
7. It is forbidden to directly connect computers in the office intranet to the Internet. After inspection, we found no behavior of processing, storing and transmitting classified information on non-classified computers, transmitting classified information on the Internet by using e-mail system, and publishing and talking about state secret information in various forums, chat rooms and blogs. And using QQ and other chat tools to spread and talk about state secret information endangers network information security.
Third, the existing problems
1. Because our school has more than 300 network terminals, it is difficult to manage. The school has no extra funds to buy genuine anti-virus software. Now it uses fake or free antivirus software, which brings certain risks to our network security.
There are five servers in our school, but we don't have a set of network management software, so it is difficult to manage them all manually. Therefore, it is inevitable to forget to upgrade the patch at ordinary times, and there are certain security risks inevitably.
3. In school, network administrators can't engage in network management full-time, and generally have to work alone, so their energy in network management is limited, and network management, resource arrangement, and security log records need to be further improved.
In short, in the future work, we will try our best to rectify our own shortcomings and problems, and do our best to do a better job in network security on the existing basis, so as to provide a safe and healthy network environment for all teachers and students. I also earnestly hope that the relevant leaders will give us guidance, thank you.