Current location - Education and Training Encyclopedia - Graduation thesis - References for Safety Management Innovation (2)
References for Safety Management Innovation (2)
References for safety management innovation II

On the Innovation of Network Information Security Management in County-level Power Supply Enterprises

Under the background that more and more application systems are connected to the information network platform of county-level power supply enterprises, based on the concept of ensuring the safe operation of network information systems, this paper puts forward some ideas and concrete measures for innovating the network information security management of county-level power supply enterprises.

Keywords: power supply enterprises; Network information; safety management

With the comprehensive promotion of power system informatization, informatization has grown into an important driving force to enhance the core competitiveness of power supply enterprises. At present, the "SG 186" information project has been continuously improved, the State Grid Resource Planning System (ERP) has been put into operation, more and more application systems have been connected to the enterprise information network platform, and data exchange between application systems has become increasingly frequent. Therefore, it is an arduous task for us to ensure the safe and stable operation of the internal network information system of power supply enterprises and adapt to the new work requirements of building smart grid and "three sets and five big" systems. To this end, from nine aspects to ensure the safe operation of the network information system.

The first is to improve the mechanism and implement the responsibility.

The healthy development of enterprises is inseparable from strict enterprise system and clear division of responsibilities, and the development of information security is no exception. In order to improve the overall security protection ability of network information system and strengthen the internal information security of the company, Shandong Huimin Power Supply Company established an information security organization, which consists of a leading group and a working group. The main duties of the leading group are: fully responsible for the information security management of the company, leading the implementation of various information security rules and regulations, guiding the development of various information security work of the company, and ensuring that no major information leakage accidents occur in the unit. The main duties of the working group are: to be responsible for publicizing and popularizing the basic protection knowledge of information security; Be responsible for the preparation and implementation of the company's information security protection system, implement the "eight prohibitions" and "five prohibitions" of information security, and ensure that information security accidents do not occur; Responsible for the monitoring, operation, maintenance and management of the company's information security technology, and resolutely implement various information security rules and regulations and the instructions of the leading group.

Second, unified deployment, dual-network dual-machine.

According to the requirements of State Grid Corporation of China and the unified arrangement of Shandong Electric Power Group Corporation and the municipal company, the company implements the unified export of off-network information, realizing the unity of the group company level. Information inside and outside the network to achieve physical separation, dual-network dual-machine, network-specific. It is forbidden for office terminal computers to access the Internet in any way, such as dialing or mobile wireless connection. Installing IPS intrusion prevention equipment at the exit of information external network can actively intercept all kinds of hacker attacks and malicious behaviors in real time, protect the information network architecture from infringement, block the use of unauthorized users and reduce unsafe factors.

The desktop management system is installed in the information intranet, which can effectively control the computers in the intranet. Computer real-name registration is bound with IP address and MAC address, and computer administrators can check the application of intranet computers, the installation of plug-ins and the operation of antivirus software in real time. Enable the mobile storage audit strategy and illegal outreach strategy, strictly control the illegal outreach of intranet devices, register the company's mobile storage media with real names, and strictly control the inflow and outflow of information.

Third, partition definition domain, level protection

The company information system is divided into production control area and management information area, and all business systems are graded to realize independent and differentiated protection among different security domains. Among them, production control area can be divided into control area and non-control area. As a special data network, the dispatching data network is divided into security area I, and different network segments are used to form a separate network. Between it and security area II, a special power forward unidirectional isolation device is adopted. The hardware firewall is installed between the WEB service and the management information area, and the access between them is strictly controlled.

Fourth, pay attention to password setting and data backup.

Password setting is an important part of information security management. All servers and every office computer are required to provide a power-on password, which is not less than 8 digits long and is made up of letters, numbers or special characters. The password should not be the same as the user name and should be changed regularly. In addition, every computer is required to install a screen saver, the screen saver time is set at about 15 minutes, and the password function is used when booting up; Close the remote desktop. This can effectively prevent outsiders from accessing other people's computers or people with ulterior motives from accessing other people's computers remotely. Data Backup and Recovery Computer administrators must back up important data regularly, which is an important means to protect information security. It can effectively prevent data loss caused by virus invasion, operator error deletion and equipment disk failure. Backups should be saved on local disks and remote disks. Important files in personal office computers can be encrypted and stored, and form a backup.

Five, strengthen the deployment and management of anti-virus software

According to the number of computers in the company, purchase and install enterprise antivirus software in a unified way. In order to avoid the conflict of anti-virus software, some plug-ins can't be installed and run normally and files can't be deleted by mistake. Only one anti-virus software can be installed on one machine, and it is forbidden to use any anti-virus software that exceeds the regulations. The company assigns a special person to be responsible for regularly updating the virus database, issues a unified notification of virus database upgrade through the desktop management system, and automatically upgrades the machine virus database, which can effectively prevent network viruses and Trojans.

Six, vulnerability scanning and hidden trouble investigation

Vulnerability scanning system is an automatic security risk assessment tool, which carries out regular, comprehensive and systematic information security risk assessment on the company's information system, finds and analyzes the vulnerabilities of the information system, and makes timely rectification. Conduct self-assessment and rectification on a regular basis. Through self-assessment, we can find out the problems and hidden dangers in the information system in time, and formulate corresponding measures for rectification according to the found problems, which can effectively reduce the hidden dangers of information system security, and then normalize and institutionalize risk assessment. This also fully proves that information management also follows the PDCA process model and is a dynamic and continuous improvement process. The flow chart of information security management is shown in the following figure 1.

Seven, physical security and host security

Every employee in the company has the obligation to protect his office computer, and it is required to turn off the host and monitor after work, which can not only prolong the service life of the machine, but also protect the host hardware equipment, especially in thunderstorm weather, it is best to unplug the power switch. For the server equipment in the computer room, firstly, the environment of the computer room should meet the requirements of wind, rain, lightning and earthquake prevention. Secondly, electronic access control system should be installed at the entrance and exit of the computer room, and outsiders should be strictly registered and accompanied by special personnel. Third, install an environmental monitoring system in the computer room to automatically alarm the computer room fire. If not, adequate fire fighting equipment should be provided to ensure the safe operation of the equipment in the computer room. Finally, the temperature and humidity of the computer room is also an important factor affecting the safe operation of the equipment, so the temperature and humidity adjustment facilities are configured to meet the requirements of "the temperature of the computer room is controlled at 23 2℃ in summer and 20 2℃ in winter" stipulated in the computer room management system.

Computer administrators should strictly control the access management of computer room servers, assign different user names and access rights to different users of operating system and database system, and limit the access rights of default accounts. Without affecting the normal operation and access of the application system, close some services in the service list that may cause the system to be infringed.

Eight. Emergency response and disaster recovery

Establishing a feasible emergency plan and disaster recovery plan can effectively prevent and respond to network and information security emergencies correctly and quickly, minimize the impact and losses, and ensure the safe and stable operation of the network system.

Nine, improve and implement the rules and regulations

Formulate and improve the corresponding network information security management system and measures, and supervise the strict implementation of the company's personnel. Sign information security responsibility letters with departments and employees to ensure the implementation of responsibilities. By organizing employees to watch information security education films and inviting experts to make safety reports in the company, employees' awareness of information security can be improved and their consciousness of observing various rules and regulations of information security can be enhanced.

Guess you like:

1. Examples of innovative papers on safety management

2. Safety management innovation papers

3. Safety management innovation paper

4. Free publication of safety management innovation papers.

5. Safety management papers and references.

Related articles
  • Cherish life. Students write 800 words.
  • How to relieve psychological pressure
  • High school argumentative papers give up their seats
  • A 400-word political paper
  • How to write an educational paper?
  • What are 20 short patriotic quotations?
  • Maternal and child health paper
  • Knowledge about DEM (Digital Elevation Model).
  • Printing and Binding Requirements of Graduation Thesis
  • A scientific and technological paper on steaming chemistry of steamed bread

    • copyright 2024 Education and Training Encyclopedia All rights reserved