Time flies and hard work has come to an end. Looking back at the efforts during this period, there are defects. Make a summary and write a self-inspection report. So do you really know how to write a self-inspection report? The following is a self-inspection report on enterprise network security (selected 5 articles) carefully compiled by me for your reference, hoping to help friends in need.
Enterprise Network Security Self-inspection Report 1 In order to further strengthen the network information security of radio and television industry and safeguard public interests and national security, according to the spirit of the Notice of the State Administration of Press, Publication, Radio, Film and Television on Launching a Large-scale Inspection of Network and Information Security in Radio and Television Industry, our bureau attached great importance to it, immediately convened a special meeting, carefully deployed the self-inspection action of network and information security of radio and television industry in our city, organized special classes, and made a thorough investigation on the production, broadcast, transmission and coverage of related networks and information systems of radio and television programs in our city. The self-inspection is now reported as follows:
First, the deployment of self-inspection work
(1) Learn the document and grasp the spirit. Hold a special meeting in time, conscientiously study and implement the relevant documents and meeting spirit of the Provincial Radio and Television Bureau and Yichang Radio and Television Bureau on carrying out radio and television network and information security inspection, carefully deploy self-inspection work, and formulate self-inspection implementation plans.
(2) Organize special classes and act quickly. Zhijiang city Radio and Television Network and Information Security Self-inspection Working Group was established, with Xiong Guangfu, Party Secretary and Director of the Bureau (Taiwan), as the leader, and Liu Xiaoli, member and deputy director of the Bureau (Taiwan), as the deputy leader. The members of the self-inspection working group are composed of people who are familiar with business, have information security knowledge and strong technical ability, and the business backbone of technical support institutions.
Second, the self-inspection work
(1) information security management
1. The information security system is sound and the responsibilities are implemented. A leading group for information system security management was set up, and the person in charge of security management and the security administrator were implemented. A series of information system security management systems have been established, such as computer room access security management system, security administrator post responsibilities, account use registration and operation authority management system, information inspection, preservation, cleaning and backup system, safety education and training work system, information release audit system, radio and television program replay review system and so on. The operation manager of each system strictly follows the system in daily operation. The bureau (station) regularly and irregularly inspects and assesses the implementation of various safety systems by operators, and makes timely rectification when problems are found, effectively avoiding safety accidents caused by improper operation of operators. The safe and stable operation of various information systems ensures the safety of the system without accidents.
2. Asset management personnel are responsible for standard operation. Formulated relevant regulations on equipment distribution, use, maintenance, maintenance and scrapping, established equipment subsidiary ledger and equipment in-out ledger, and insisted on taking stock once every six months to ensure the consistency of accounts and the safety and integrity of assets.
3, the implementation of information security funds, earmarking. The bureau (Taiwan) allocates special funds for information security construction management every year. This year, the cost of information security protection facilities construction, operation and maintenance, and information security-related inspection, evaluation and management will be included in the annual budget. This year's budget is 6.5438+0.5 million yuan, and 88,000 yuan has been paid so far.
(II) Technical protection
Network boundary security protection measures are in place. The actual network connection is consistent with the network topology diagram, and the safety area is divided according to the importance. Proper isolation measures are adopted in different areas, and the external network is connected with the internal network through secure encrypted transmission. The configuration of safety functions is reasonable and effective. Important data transmission and storage security protection measures have been formulated. Important data is encrypted, stored and backed up as required.
(3) Emergency work situation
The emergency mechanism is perfect. We have formulated an information security plan, an emergency plan for safe broadcasting of radio and television, and a work plan for preventing natural disasters. We have set up a safety broadcasting group, a technical support group, an emergency repair group and a logistics support group, which are in charge of by special personnel, and backup important signals and data as required to ensure the smooth progress of security work.
(4) Safety education and training
Conduct regular or irregular information security education and training for network administrators, system administrators and staff, and make them understand the basic protection knowledge of information security and master the basic skills of information security through special lectures, questions and answers, etc. At present, three professional trainings have been conducted.
Third, the existing problems and risk analysis
(A) the problems existing in the radio and television broadcast control system
1, the broadcast player has no spare player. The daily broadcast time of the radio station is about 17 hours, and only one announcer is working. If the radio station breaks down, it can only stop broadcasting for maintenance, and the signal of the whole city will be interrupted.
The TV station of Zhijiang Village Channel is not ready to broadcast. The daily broadcast duration of Zhijiang Village Channel is about 16 hours, mainly for rural needs. If the broadcaster fails, it will directly lead to the suspension of broadcasting and signal interruption.
(2) Problems in signal access or wireless transmission system
1. The wireless launch system equipment is aging and lacks spare parts. The basic environment of the computer room is poor, so it is necessary to further strengthen technical transformation and improve the basic guarantee level.
2. Insufficient investment in radio and television network information and safe broadcasting. The dual-channel configuration and backup equipment failed to meet the requirements of the detailed rules for the implementation of Decree No.62 of the State Administration of Radio, Film and Television, and there are weak links in safe broadcasting, so network security needs to be further strengthened.
(3) Problems in power supply system
1. Although there are dual power supplies in the computer room of the Radio and Television Bureau, there is no ups power supply. According to the current power calculation, at least one 3-phase 6 kV ups power supply should be provided to meet the power supply requirements of the whole computer room (analog TV front end, optical fiber transmission system, broadcast TV broadband front end, etc.). ).
2. There is no dual power supply in the sports road machine room. Although there is a generator as a backup power supply, the power of the generator is too small (1992), the voltage is low and the frequency is unstable, which can not meet the current demand. After the mains power is cut off, it is impossible to supply power to high-power equipment such as wireless transmitters. We must solve the problem of double power supply (standby power supply) to ensure the normal work of the computer room.
The risks of editing and spreading network viruses
In order to facilitate the work, our bureau will network the relevant offices according to the actual needs. Due to the irregular management and convenient work of some departments, the illegal use of mobile storage devices will bring viruses into the network, leading to the failure of some machines and the paralysis of the whole network.
(five) risk detection through safety technology.
At present, we have not entrusted a third party to carry out safety technology testing, testing tools and penetration testing.
Four. Rectification measures and work suggestions
First, further establish and improve the network information security related systems, and strictly implement them. When problems are found, solve them in time, and do not conceal or shirk.
Second, continue to implement the "responsibility system for top leaders" and the duty system for leading cadres. Bureau (Taiwan) leading group members should implement the division of labor, personally supervise and direct, and ensure the safety of radio and television programs and the smooth transmission network.
Third, increase investment in radio and television networks and information security, and purchase and update standby machines for wireless transmitters, standby machines for radio and television broadcasting, and safety technology testing instruments and equipment. Coordinate with relevant departments to quickly solve the problems existing in the power supply system and ensure the power supply demand of the broadcasting room.
Fourth, strengthen the internal management and coordination of bureaus (stations), put an end to illegal use of mobile storage devices, and prevent viruses from being brought into the network and affecting information security.
Fifth, strengthen information security management and operator training, enhance confidentiality awareness and safety awareness, and improve the business skills of network information security staff.
Self-inspection Report on Enterprise Network Security 2 According to the spirit of the document "Notice on Carrying out Special Inspection of E-government Network Information Security and Network Management in XX City" issued by Nanxin Lianfa [XX] No.4, our bureau actively organized and implemented the self-inspection on network security infrastructure construction, network security prevention technology and network information security and confidentiality management, and made a profound analysis on our bureau's network information security construction. The self-inspection is now reported as follows:
First, strengthen leadership and set up a leading group for network and information security.
In order to further strengthen the security management of global network information systems, our bureau has set up a leading group for the security and confidentiality of network and information systems, which is headed by the director and has an office, so that the division of labor is clear and the responsibilities are specific to people. Ensure the smooth implementation of network information security.
Second, the current situation of network security in our bureau
1997, the statistical information automation construction of our bureau has gradually developed from a small local area network to a four-level interconnected network with the national bureau, the autonomous regional bureau and the county bureau. Cisco 7600 and 3600 switches are used in the network core, 3com4226 switch is used in the data center, and 3com4226 switch, Cisco 2924 switch and Lenovo Tiangong ispirit 1208e switch are used in the acquisition layer. The total number of wired access points can exceed 150, and about 80 have been used at present. The backbone of the data center is gigabit switching, and 100 megabytes are switched to the desktop. Internet export is provided by the Municipal Information Office, which is a double 100-megabit optical fiber; It is directly connected to the statistics bureau of the autonomous region with 2 trillion optical fibers, and the statistics bureaus of counties and districts and three development zones are connected to the network of the statistics bureau of the autonomous region from the Internet with Tianrongxin virtual private network software, with a total bandwidth of 4 trillion, and then connected to our bureau. Horizontally, actively promote the interconnection between the Municipal Bureau of Statistics and the government network. At present, it has realized optical fiber connection with more than 100 municipal party and government departments and 12 county and district governments. Our bureau uses Tianrongxin hardware firewall to protect the network, uses Weisi network isolation card and file self-defense software to protect key computers, and installs genuine Kingsoft Internet Security antivirus software to prevent and control viruses on computers around the world.
Three, my bureau network information security management
In order to do a good job in informatization construction and standardize statistical informatization management, our bureau has specially formulated the Rules and Regulations on Informatization of xx Municipal Bureau of Statistics, which has made detailed provisions on informatization management, internal computer security management, computer room management, computer room environmental security management, computer and network equipment management, data and information security management, network security management, computer operator management, website content management and website maintenance responsibility, and further standardized our bureau's information security management.
In view of computer security work, our bureau has formulated a confidential computer management system, and computer users have signed the post responsibility letter of xx Municipal Bureau of Statistics, so that whoever uses the computer will be responsible for the strict and standardized management of the data and information generated in our bureau's intranet.
In addition, our bureau organizes relevant computer security technical training on a global scale every year. Comrades at the computing station also actively participated in the training of computer security technologies such as the Municipal Information Office, which improved the skills and awareness of network maintenance and security protection and effectively guaranteed the normal operation of our statistical information network.
Fourth, the lack of network security and corrective measures
At present, there are still the following shortcomings in the network security of our bureau: First, the awareness of security prevention is relatively weak; Second, the virus monitoring ability needs to be improved; Third, unexpected events such as malicious attacks and computer virus attacks are not handled in time.
In view of the current deficiencies in the network security of our bureau, the following rectification measures are put forward:
1, strengthen the training of computer operation technology and network security technology in our bureau, and strengthen the awareness of computer operators on network virus and information security;
2. Strengthen the study of computer technology and network technology by comrades in the computer station of our bureau, and constantly improve the technical level of computer professionals in our bureau.
Enterprise Network Security Self-inspection Report 3 According to the spirit of the superior network security management document, Taojiang County Education Bureau set up a network information security leading group. Under the leadership of the group leader, Deputy Director Zeng, we made plans, defined responsibilities and implemented them, and conducted a comprehensive investigation on the network and information security of our system. Finding, analyzing and solving problems ensures the good operation of the network and provides a powerful information support platform for the development of education in our county.
First, strengthen leadership and set up a leading group for network and information security.
In order to further strengthen the security management of network information systems in the whole system, our bureau has set up a leading group for the security and confidentiality of network and information systems, with a clear division of labor and specific responsibilities to people. The leader of the safety work leading group is Zeng, the deputy leader is Wu Wanfu, and the members are Liu, Su Yu. The division of labor and their respective responsibilities are as follows: Deputy Director Zeng is the first person responsible for the security and confidentiality of computer networks and information systems in our bureau, and is fully responsible for the management of computer networks and information security. Wu Wanfu, director of the office, is in charge of computer network and information security management. Liu is responsible for the daily affairs of computer network and information security management, and receives information and documents issued by higher education authorities. Wang Zhichun is responsible for the daily coordination and supervision of computer network and information security management. Su Yu is responsible for network maintenance and daily technical management.
Second, improve the system to ensure that network security work has rules to follow.
In order to ensure the normal operation and healthy development of the computer network of our system, strengthen the management of campus network and standardize the network use behavior, according to the relevant provisions of the Measures for the Administration of Computer Network of Education and Scientific Research in China (for Trial Implementation) and the Notice on Further Strengthening the Network Security Management of Taojiang County's Education System, and the Measures for the Administration of Network Security of Taojiang County's Education System, an online information publishing and auditing registration form, an online information monitoring and inspection system, and Taojiang have been formulated.
Third, strengthen management and strengthen network security technical preventive measures.
The computer network of our system has strengthened technical preventive measures. First of all, Kaspersky firewall is installed to prevent viruses and reactionary bad information from invading the network. The second is to install Rising and Jiang Min antivirus software. The network management will upgrade the virus database of antivirus software every week, upgrade the antivirus software in time, and solve the problems immediately when found. Third, the network is connected with the lightning protection network of the office building. The computer department strengthens doors and windows, buys fire extinguishers and puts them in a conspicuous position to ensure the lightning protection, theft prevention and fire prevention of the equipment and ensure the safety and integrity of the equipment. The fourth is to update the system and software of the server in time. Fifth, pay close attention to CERT news. Sixth, timely backup important documents and information resources. Create a system recovery file.
The network security leading group of our bureau conducts a comprehensive inspection on the implementation of environmental safety, equipment safety, information safety and management system of the whole system computer room, school office computers, multimedia classrooms and school audio-visual classrooms every quarter, so as to promptly correct existing problems and eliminate potential safety hazards.
Enterprise Network Security Self-inspection Report 4 After receiving the Notice of xx City Informatization Leading Group Office on Carrying out Network and Information Security Inspection in Key Areas issued by the Municipal Informatization Leading Group Office, the leaders of the High-tech Zone Management Committee attached great importance to it, promptly convened relevant personnel to implement them one by one according to the requirements of the documents, carefully arranged self-inspection, and conducted research on the computer network and information security work equipped by government ministries and commissions. The self-inspection is now reported as follows:
First, leaders attach great importance to it, and the organization and system are perfect.
In recent years, the network and information security work in high-tech zones has been improved day by day. Management Committee leaders attach great importance to the construction of computer management institutions. In line with the guiding ideology of "controlling the source, strengthening inspection, clarifying responsibilities and implementing the system", a network security working group with the deputy director of the management Committee as the director and the office director as the person in charge was established, and there was a special information administrator. All uploaded information is reviewed by the director of the office. Under the supervision and guidance of relevant departments, High-tech Zone Association has established and improved the safety management responsibility system, computer and network safety management regulations and file confidentiality system in accordance with the Regulations on the Safety Protection of Computer Information Systems in People's Republic of China (PRC) and the Administrative Measures for the Prevention and Control of Computer Viruses, effectively preventing computer information systems from being kept secret for a long time and eliminating unsafe signs in the bud.
According to the requirements of the document, the High-tech Zone formulated the emergency plan for the security emergencies of the portal website of the High-tech Zone in time, and organized emergency drills according to the emergency plan.
Two, strengthen safety education, strengthen the regular inspection and supervision of safety education.
In every step of network and information work in high-tech zones, information security education is put in the first place, which makes all the staff of the management committee realize that computer security protection is an organic part of the central work of high-tech zones. Under the new situation, network and information security will also become an important part of creating "safe, harmonious and high-tech". In order to further improve the awareness of network security, we often organize personnel to check the computer security protection of relevant ministries and bureaus. Through inspection, we found that some personnel have a weak sense of safety, and the system of a few computer operators has not been implemented enough. In this regard, according to the inspection contents in the inspection plan, we criticize the unqualified ministries and bureaus and make rectification within a time limit. When installing anti-virus software, all ministries and bureaus use anti-virus software approved by the competent department of the state to kill the virus in time. They do not use unknown and non-antivirus software, USB flash drives and other carriers, do not visit illegal websites, and consciously strictly control and block the source of viruses. When the computer equipment of the unit is sent for repair, there will be a designated person to follow up. When computers are scrapped, storage carriers such as hard disks will be removed or destroyed in time.
Third, the information security system is improving day by day.
In the management of network and information security, we have established the idea of managing personnel by system, and formulated the relevant system of network information security, requiring the uploaded content provided by the ministries and bureaus of the High-tech Zone Management Committee to be submitted to the information administrator after being reviewed and signed by the heads of the ministries and bureaus, and uploaded after being reviewed and approved by the office director; The main contents are uploaded after being issued by the leaders of the Management Committee, and used as the internal control system of the computer network in the High-tech Zone to ensure the confidentiality of website information.
According to the requirements of the Notice, the website of Hi-tech Zone has mainly done the above work in the past, but there are still some aspects that need to be improved urgently.
First, we should further strengthen the contact with the municipal government information center in the future.
In order to find the gap and make up for the shortcomings in the work.
Second, it is necessary to further strengthen the computer security awareness education and prevention skills training for the staff of the High-tech Zone Management Committee, improve their awareness of prevention, fully realize the seriousness of computer network and information security cases, and truly integrate computer security protection knowledge into the improvement of staff's professional quality.
Third, we should further improve the network and information security management system, improve the working skills of managers, and often hire professionals to train managers, so as to truly integrate the learned knowledge into the network and information security protection work, instead of passing it on easily; Do a good job in the combination of civil air defense and technical defense, and really set up an invisible barrier between network and information security.
Enterprise Network Security Self-inspection Report 5 In order to ensure the network and information security of the tax system, we will further strengthen the management of network news publicity and effectively prevent the occurrence of unexpected events such as deliberate attacks, destruction of network information systems, and dissemination and pasting of illegal information. According to the principle of "whoever is in charge is responsible, who is responsible for running and who is responsible for using", the work will be implemented to people. The National Bureau set up an information security inspection working group, which is responsible for the security inspection of the offices of the National Bureau, and mainly adopts the combination of self-inspection of each office and spot check of some offices to carry out network security cleaning inspection.
I. Current situation and risks
With the development of information construction of local tax system in Yili prefecture, the pattern of collection and management based on computer network has been formed. The four-level wide-area network of General Administration-District Bureau-Prefecture (city) Bureau-County (city) Bureau has been established, and gradually extended to grassroots tax collection units, and the construction process of local tax system network has been gradually accelerated. At present, the local tax system in Yili Prefecture has more than 700 WAN nodes and more than 700 networked computer devices. At the same time, in order to improve the efficiency of tax collection and management, better publicize tax work and serve taxpayers, the tax authorities of counties (cities) have established Internet access websites according to their work needs. At the same time, networking and information exchange have been partially realized with other government departments. In a word, the network and information system have become an important part of the whole tax system and an important infrastructure related to the national economy and people's livelihood.
With the rapid development of tax information construction, network and information security risks are gradually exposed. First, with the development of taxation and the requirements of business system, tax authorities at all levels have gradually realized networking and information exchange with relevant external departments. In addition, in order to facilitate taxpayers to pay taxes, Xinjiang local tax system has opened internet declaration, online inquiry and other services, and the local tax system network has changed from a completely closed intranet in the past to a network logically isolated from the external network and the Internet. Second, most of the key equipment in the network and information system, such as hosts, routers, switches and operating systems, are made of foreign products, which poses great technical and security risks. Third, the level of computer application operators in the system is uneven, and due to insufficient funds, safety protection equipment and technical means are not satisfactory. Fourth, hostile forces and criminals are eager to move under the drive of interests, which poses a great threat to the important financial departments of the country. The above aspects constitute the main risks of tax system network and information security.
Two, establish and improve the network and information security organization.
In order to ensure that the network and information security work is taken seriously and the measures can be implemented in time, the local taxation bureau of Yili Prefecture has set up a leading group for network and information security:
Team leader:
Members:
The leading group has an office, which is responsible for daily work. The director is Che, director of the Information Office, and the deputy director is Wang Shoufeng, deputy director of the office. Members: Wang Hongxing, Liu Zhonghui, Zhong Wang and Wang Hua.
Three, establish and improve the network and information security system and rules and regulations.
The Network and Information Security Office is responsible for reviewing and monitoring information published on internal and external websites in the name of the Organization; The Information Office is responsible for the maintenance and technical support of the website and the monitoring and maintenance of other application information systems; The finance department is responsible for relevant financial support; The agency service center is responsible for the monitoring and maintenance of infrastructure such as electricity, air conditioning, fire prevention and lightning protection.
The Office of Network and Information Security is responsible for the coordination in case of emergency, and according to the severity of the incident, drafting a report to the leading group, the public security department or the superior department or informing the whole system; It is also responsible for the monitoring and prevention, emergency treatment and data and system recovery of various websites, application systems and database systems, as well as the security prevention, emergency treatment, network recovery and post-event traceability of network systems. In order to do a good job in the self-inspection of network security in the national tax system, the Information Office conducted network security knowledge training for network administrators of the whole system through video training on August 10. And deploy network security self-inspection work.
Various security systems have been established and improved, including (1) log management system; (2) Safety audit system; (3) Data protection, safe backup and disaster recovery plan; (4) Access control system in important areas such as computer room; (5) Use and maintenance system of hardware, software, network and media; (6) The management system for the confidentiality of accounts, passwords and communications; (7) Management system for prevention, discovery, reporting and removal of harmful data and computer viruses. (8) Provisions on the use and management of personal computers.
Four, Ili Prefecture Local Taxation Bureau computer network management.
(1) Install a firewall in the LAN. At the same time, each computer is equipped with Rising antivirus software, which is uniformly configured by the regional bureau. In view of the lack of registration numbers, we applied to the regional bureau for 300 registration numbers. At present, Rising antivirus software online version can online 550 computers at the same time, which basically meets the needs of Yili local tax system. 95% of intranet computers in the whole state have installed desktop audit system, and some units have reached 100%. Regular installation of system patches has strengthened the effectiveness of anti-tampering, anti-virus, anti-attack, anti-paralysis, anti-leakage and so on.
(2) Secret-related computers and all computers in the local area network have strengthened their password settings, requiring that the startup password, document processing password and collection and management software password must be composed of not less than 8 digits of letters and numbers. There are also authentication and access control between computers.
(3) The intranet computer has no illegal access to the Internet or other information networks; The special computer for online newspaper installed in the self-service declaration area of the tax service hall of each unit is managed and checked by the network administrator every day to prevent illegal activities from being carried out by using the online newspaper machine.
(4) Professional anti-virus software for mobile storage devices has been installed, and virus scanning must be carried out before connecting mobile storage devices to computers. U disk virus isolator is equipped for computers of tax service offices, management departments and other units that often receive foreign data.
(5) The security of applications, services, ports and links on the server has been checked and strengthened.
;