Network security self-examination report of the Human Resources and Social Security Bureau

Since the construction and operation of the network of the town of Jihe, has always attached great importance to safety, set up a special network security leading group, actively improve the security system, the strict implementation of the management of the provisions of the relevant network security, to take a variety of measures to prevent the occurrence of network security incidents in recent years, no security accidents, to protect the network security, stability and efficient operation, for the The town's work has laid a solid foundation.

1, organizational management

The town attaches great importance to network security work, set up by the main leader as leader, deputy leader of the leaders in charge, station office responsible for members of the. Network security leading group, the leading group set up an office under the specific staff responsible for the office. Held a meeting attended by the leaders in charge, network security functions and key departments in charge of the meeting, the higher level documents were carefully studied, the self-investigation work was carefully deployed, to determine the self-investigation tasks and personnel division of labor, and truly achieve the leadership in place, in place, in place, in place, personnel in place, in place of responsibility. In order to ensure the smooth development of network security work, the town requires all cadres to fully understand the importance of network security work, seriously study network security knowledge, are able to follow the various provisions of network security, the correct use of computer networks and various types of information systems.

2, day-to-day management

In view of the characteristics of network security work, combined with the actual town, developed a series of network security systems and regulations, such as "network security management approach", "videoconferencing management system", "e-government platform operating system operating guidelines". Website information release by a person responsible for, and registration; antivirus software and firewalls are domestic products; website upload information before the local virus detection; prohibited to carry mobile storage media into the e-government platform dedicated computer.

3, protection management

The town's network equipment, servers and other normal operation. All network equipment, information systems, etc. set up high-strength passwords in accordance with the provisions of the regular replacement; carry out regular security checks, mainly on SQL injection attacks, cross-site scripting attacks, weak passwords, Trojan horse virus detection, port openings, system management rights openings, access rights openings, web page tampering, etc. to monitor, carefully check the custody system security.

4, emergency management

Further improve the network security emergency plan, a clear emergency response process, the implementation of emergency technical support team; regular automatic backup of important documents, data.

5, security checks

The system and software and other timely update of patches; anti-virus software and firewall upgrade virus code feature library; regular checking and killing of the website, vulnerability scanning, testing and repair.

Second, the network security work in 20xx

Set up a leading group of network security work in the town of Jihe, fully responsible for network security work; revised and improved the "network security management regulations" and a series of systems; added two new network staff to enrich the technical team; carried out training in network security emergency response. Let the network staff regularly listen to information security education lectures online.

The main problems found in the inspection and the rectification situation

Through this self-inspection, we also found that there are some current problems:

1, part of the cadres of the network security awareness is not strong, the day-to-day operation and maintenance of the lack of initiative and conscientiousness.

2, fewer professional and technical staff, network security knowledge, technology, lack of experience.

3, network security funding is not enough, software and hardware equipment needs to be improved.

4, the rules and regulations are not yet perfect, failing to cover all aspects of network security.

For the problems found in the self-examination process, combined with the actual situation of the town, will be rectified in the following aspects:

1, to further strengthen the town's cadres and network staff of the security awareness education, to improve the initiative to do a good job of security work and conscientiousness, to enhance the awareness of the network security precautions.

2, more to participate in the urban areas and professional organizations organized by the network security technology training, enhance the awareness of security precautions and response capabilities, improve the level of staff and ability to improve the level of network security management.

3, improve the network security system, while arranging specialists, close monitoring, timely detection of network security risks.

4, increase investment, continue to improve network security facilities, from the border protection, access control, intrusion detection, virus protection and other aspects of the establishment of an all-round security system.

Fourth, the network security work of the views and suggestions

1, the urban areas should be frequently organized to convene expert lectures and symposiums and other forms of experience-sharing activities.

2, often organize special training in network security, enhance the awareness of security precautions, improve the professional level of network managers.

1. 20xx Self-inspection report on network security inspection work

2. 20xx Self-inspection report on network security inspection work

3. 20xx Self-inspection report on network security

4. 20xx Self-inspection report on information security of the government network

5. Self-inspection report on information security of the school network

6, Network Public Opinion Analysis Report

In order to further strengthen the security management of our information system, strengthen the awareness of information security and confidentiality, and improve the level of information security, in accordance with the requirements of the Provincial Health Commission's "Notice on the Supervision and Inspection of Network and Information Security of the Health System in the Province of xx" document, the leadership of the hospital attaches great importance to setting up a special management organizational structure and convening the relevant Section in charge of the meeting, in-depth study and seriously implement the spirit of the document, fully aware of the importance and necessity of carrying out network and information security self-inspection work, the self-inspection work to do a detailed deployment, by the competent dean is responsible for arranging, coordinating the relevant inspection departments, supervision and inspection of the project, the establishment of a sound system of responsibility for the hospital's network security and confidentiality and the relevant rules and regulations, and strict implementation of the relevant aspects of the confidentiality of the network information security Various provisions, and for the whole hospital departments of the network information security situation carried out a special inspection, now the self-inspection report is as follows:

First, the basic situation of the hospital network construction

Our hospital information management system in xxxxxxxxxxxxxxxx by ×××× Technology Co., Ltd. on the hospital information management system (HIS system) upgrade . The upgraded front-end maintenance is the responsibility of our hospital's technicians, and the back-end maintenance and outside incident handling is the responsibility of the technicians of ×××× Technology Limited.

Second, self-examination of the work

1, machine room safety inspection. Server room safety mainly includes: fire safety, electricity safety, hardware safety, software maintenance safety, door and window safety and lightning safety and other aspects of safety. Hospital information system server room is strictly in accordance with the standard construction of the server room, the staff adhere to the daily scheduled inspections. System servers, multi-port switches, routers have UPS power protection, which can ensure that in the event of a power outage of three hours, the equipment can run normally, not due to a sudden power outage caused by equipment damage.

2, local network security checks. Mainly includes network structure, password management, IP management, storage media management, etc.; HIS system operators, each with their own login name and password, and assign the appropriate operator privileges, not to use other people's operating accounts, accounts for the implementation of the "who uses, who manages, who is responsible for" management system. The hospital's local area network (LAN) has a fixed IP address, which is uniformly assigned and managed by the hospital, so it is not possible to add a new IP privately, and unassigned IPs cannot be connected to the hospital's LAN. All computer USB ports in the hospital LAN are completely closed, effectively avoiding the occurrence of poisoning or leakage due to external media (e.g. USB flash drive, portable hard disk).

3. Database security management. Our hospital takes the following measures for data security:

(1) Separate the parts of the database that need to be protected from other parts.

(2) Use authorization rules, such as accounts, passwords and access control and other access control methods.

(3) Database account passwords are managed and maintained by specialized personnel.

(4) Database users must change their passwords every 6 months.

(5) The server adopts virtualization for security management, and when the current server has problems, it switches to another server in time to ensure the normal operation of the client's business.

Three, emergency disposal

Our HIS system server operation is safe, stable, and equipped with a large UPS power supply, which can ensure that the server can run for about six hours in the event of a large power outage. Our HIS system has just been upgraded and put on line not long ago, and the server has not had a long downtime, but the hospital has still formulated an emergency handling plan and trained the fee operators and nurses, so that if there is a large-scale and prolonged power outage in the hospital, and the HIS system can not function normally, it will temporarily start charging fees manually, bookkeeping, and issuing medicines to ensure that diagnostic and therapeutic activities can be carried out in a normal and orderly manner, and then make up the time when the HIS system resumes normal work. When the HIS system resumes normal operation, the invoices and charges will be retyped.

Fourth, there are problems

Our hospital network and information security work done more seriously, carefully, has never been a major security incident, the system is stable, the business can run normally. However, the self-examination also found shortcomings, such as the current hospital information technology personnel, information security force is limited, information security training is not comprehensive, information security awareness is still enough, individual departments lack of initiative and conscientiousness to maintain information security; emergency drills to carry out insufficient; poor conditions of the computer room; individual departments of the computer equipment allocation is low, the service period is long.

In the future, we should strengthen the training of information technology personnel, enhance the level of information security technology, strengthen the information security education of all hospital employees, improve the initiative and conscientiousness of maintaining information security, increase the investment in the hospital's information technology construction, enhance the allocation of computer equipment, and further improve the efficiency of the work and the security of the system operation.

I received the city's information technology leading group office issued by the "xx city information technology leading group office on the key areas of network and information security inspection notice", the leadership of the High-tech Zone Management Committee attaches great importance to the timely convening of the relevant personnel in accordance with the requirements of the document, the implementation of the article-by-article, thorough arrangements for self-inspection, the authorities of all ministries and bureaus equipped with computer network and information security work carried out a check, now the self-inspection report is as follows:

First, the leadership attaches great importance to a sound organization, a perfect system

In recent years, the high-tech zone network and information security work through continuous improvement, increasingly sound, the leadership of the management committee attaches great importance to the construction of computer management organization, in line with the spirit of "Control the source, strengthen the inspection, clear responsibility, the implementation of the system" of the guiding ideology, set up by the management committee of the deputy director of the competent, the director of the Office of the person in charge of network security working group, and has a special information management personnel, all uploaded information by the director of the Office of the legitimacy of the review of its accuracy and confidentiality. Under the supervision and guidance of the relevant departments, the Hi-tech Zone will establish and improve the preventive systems such as "Security Management Responsibility System", "Computer and Network Confidentiality Management Provisions" and "Clerical Confidentiality System" in accordance with the "Regulations on the Security Protection of Computer Information Systems of the People's Republic of China*** and the State of China" and the "Measures for the Prevention and Control of Computer Viruses" and other statutes and regulations, so as to put the confidentiality of the computer information system in practice and to Prevention of small and small, to nip in the bud the seeds of insecurity.

In accordance with the requirements of the document, the high-tech zone in a timely manner to develop a high-tech zone portal security emergencies contingency plan, and according to the contingency plan to organize emergency drills.

Second, strengthen the security education, regular inspection and supervision Strengthen the security education

High-tech zone in the development of network and information work in every step of the way to strengthen the information security education to the first place, so that all the staff of the management committee are aware of the computer security and protection of computer security is an integral part of the center of the work of the High-tech Zone, but also in the new situation, the In the new situation, network and information security will also become an important content of creating "Safe Hi-tech, Harmonious Hi-tech". In order to further improve the awareness of network security, we also often organize the relevant departments and bureaus to carry out inspections of computer security protection. Through the inspection, we found that some of the personnel are not strong in security awareness, and a few computer operators do not implement the system enough. In this regard, we criticized the unqualified ministries and bureaus according to the inspection contents in the inspection plan and made rectification within a time limit. When installing antivirus software, all the ministries and bureaus adopt the checking and killing software approved by the national authorities to check and kill the virus at the right time, and do not use software of unknown origin and without antivirus, USB flash drives and other carriers, do not visit illegal websites, and consciously and strictly control and block the sources of viruses. When the unit computer equipment is sent out for repair, there are designated personnel to follow the contact. When the computer is scrapped, the hard disk and other storage carriers are removed or destroyed in a timely manner.

Three, the information security system is getting better

In the network and information security management, we set up a system to manage the thinking of the staff, the development of the network information security related systems, the requirements of the Hi-Tech Zone Management Committee of the ministries and bureaus provided by the uploaded content, by the ministries and bureaus responsible for reviewing the signatures of the person to be reported to the information administrator, the director of the Office of the review and approval of the upload. The director of the Office of the review agreed to upload; major content release reported to the leadership of the management committee after the issuance of the upload, as a high-tech zone computer network internal control system to ensure the confidentiality of the site information.

Against the requirements of the Notice, the website of Hi-tech Zone in the past work, mainly made the above aspects of work, but there are still some aspects to be improved.

First, we must further strengthen the contact with the municipal government information center, in order to find gaps and make up for the shortcomings of the work.

The second is to further strengthen the high-tech zone management committee staff computer security awareness education and preventive skills training, improve the awareness of prevention, fully aware of the seriousness of the computer network and information security cases, computer security and protection knowledge of the real integration of the staff to improve the quality of business.

Third, to further improve the network and information security management system, improve the work skills of managers, often hiring professionals to train managers, the knowledge gained in the network and information security protection work, rather than gently over; to do a combination of human and technological defense, and really set up a network and information security work of an invisible barrier.

The network security self-examination report 5

Tangshan Municipal Public Security Bureau, Tangshan Municipal Bureau of Education "on the strengthening of campus computer information network security management notice" and the Tangshan Municipal Bureau of Education "on the city's education system to improve the management of the network and information security notice" issued after the leadership of the school attaches great importance to the school, from the principal, the secretary of the teachers of every teacher on the battlefield to improve the management of the network of the education system and information security as a matter of national security and security, as a matter of national security and security. Information security as a matter of national security, social stability, a major event to grasp. In order to standardize the safety management of computer information network system on campus, to ensure the safety of the campus network information system and to promote the spiritual civilization of the campus, our school set up a security organization, establish and improve the security management system, strict filing system, to strengthen the network security technology to prevent the strength of the work, and to further strengthen the use of our school computer room and office equipment management, to create a safe use of the Network of the campus environment. The following will be the details of the report as follows:

First, the establishment of the leadership of the principal responsible for the security sector and professional and technical personnel composed of computer information security leading group

Leading group member structure:

Leader:

Deputy Leader:

Members:

Second, the establishment of a sound system of safety and security of the school's computer equipment, the use of the computer room and office equipment to further strengthen the management, creating a safe use of the network of campus environment. Interim Management Measures for Educational Websites and Online Schools", "Measures for the Administration of Internet Information Services" and other laws and regulations to develop a "campus network security management approach" for our school, and at the same time established a "campus network security management responsibility system" (see Annex 1), "Kaiping Teachers' Training School computer use system" (see Annex 2), "Internet information audit system" (see Annex 3), "Internet registration and log retention system" (see Annex 4). System" (see Annex 4), "Internet Information Monitoring Patrol System" (see Annex 5), "Campus Network Abnormal Situation Case Reporting System" (see Annex 6), "Cooperation with Public Security Organs in Checking Illegal and Criminal Cases System" (see Annex 7). The 24-hour Duty System for Campus Websites (see Annex 8). In addition to the establishment of these rules and regulations, we also adhere to our campus network at any time to check and monitor the operation of the mechanism, effectively ensure the safety of the campus network.