A, the classification of computer data

(1) core business data. It refers to the core and key data generated in the process of business operation-all customer information and all transaction elements, that is, the production data processed by the front-office integrated business system according to the original summons, which is primitive, basic and decentralized. This kind of data constitutes the basis of the management and development of rural credit cooperatives and the premise of all accounting treatment and accounting.

(2) Derivative business data. It is the extension and supplement of core business data, the summary or classification of relevant data of integrated business system, the program data generated after being extracted and processed by professional system programs, or the data entered by computer and stored in the database of independent program system according to information such as account books and statements, which has the characteristics of systematicness, standardization and continuity.

(3) Electronic document data. It is an electronic document made by common office software, photo software and other tools and stored in computer equipment. Corresponding to paper documents, it is easy to edit, modify, transmit and copy. This kind of data is stored in word documents (or wps documents), excel tables (or Jinshan tables), Notepad (or Wordpad), slides and picture files. It is the electronic form of documents, instructions, reports, plans, summaries and various statistical tables, covering all aspects of daily management.

Second, computer data security

(1) Security status of core business data. At present, rural credit cooperatives have all realized comprehensive networking, and manual operation and stand-alone outlets have become history. Theoretically, the security of core business data is also greatly enhanced. By adopting advanced "warehousing technology" and relying on optical fiber communication lines, it is stored in the server of the Information Technology Center of the Provincial Associated Press, and synchronized backup is implemented in the Nanyang Disaster Recovery Center, so that the probability of data loss or damage is almost zero.

However, in actual work, the core business data is not "impregnable", and the risks endangering data security still exist, mainly in the following aspects:

First, the operating environment is abnormal. In the process of handling business, if the front desk suddenly loses power, or the communication times out, the terminal crashes, etc. , the submitted data may be lost, there will be inconsistency between the front desk and the central server, or the information to be printed is incomplete.

Second, the password (or password) is poorly managed. For operations related to core business data, passwords (or passwords) can be used everywhere in daily work. For ordinary tellers, passwords are required for boot login, teller sign-in and business authorization. For system administrators, system management and network maintenance will involve a lot of password authentication. If these passwords (or passwords) are not well managed or protected, it is obvious that data security will be threatened.

The third is illegal operation. Illegal operation sometimes brings serious consequences, which may lead to the leakage or tampering of important data, thus leading to computer cases. Such as: revealing customer identity or deposit information to others; Implementation of accounting sterilises or cancels transactions that have not been filed; Reporting the loss, unfreezing or freezing without supervision; Temporary leave, sign-off at the end of business, etc. are not strictly implemented. It may give criminals an opportunity to inadvertently provide them with the conditions to steal customer information or transfer account funds through technical means.

(2) The security status of derivative business data. Derivative business data depends on professional accounting system or management program (such as report management system, 1 104 system engineering, credit five-level classification program, etc.). ), and these systems or programs are generally independent of the intranet environment, and there is no dedicated remote centralized storage server, so the security risks faced by their computer data are more prominent. Mainly reflected in the following aspects:

One is a virus attack. In many cases, the damage of computer virus to derivative business data is almost fatal, which will not only make the program itself unable to start, but also lead to discontinuity or even loss of related data; Viruses can also occupy system resources, leading to computer crash or program crash, resulting in the loss of data just entered or being summarized.

The second is the basic institutional environment. The operating environment of these professional accounting programs and management systems all uses the Windows operating system developed by Microsoft. Although the Windows operating system is simple to operate, it has many loopholes, poor stability and security, and restart and forced shutdown occur from time to time. The instability of the basic system environment will inevitably pose a potential threat to the operation of professional accounting procedures and management systems and corresponding data.

The third is the program upgrade. The business of rural credit cooperatives is developing constantly, and the management is becoming more and more refined. Statistical caliber and accounting indicators will also change, and relevant professional accounting procedures and management systems need to be upgraded or partially changed in time. Program upgrade is a process of optimizing and updating the program itself, and it is an extension or abandonment of the original function. This process is actually more or less accompanied by risks.

(3) The security risks of electronic document data.

One is a virus attack. Some Trojan viruses specially destroy document files, so that the document can't be opened normally or the content instantly becomes a bunch of garbled words.

Second, improper operation. If improper operation causes computer crash, restart, program rigidity and other phenomena, it will bring many "disasters" to the documents being processed; Deleting document data by mistake will make the previous labor achievements go down the drain.

The third is poor protection. As a financial enterprise, a considerable part of documents of rural credit cooperatives should also be kept strictly confidential, such as business operation status, financial information report, inspection and handling opinions, network technical data, salary files, development strategic planning, business publicity plan, project implementation steps, etc. Although paper written materials can be taken seriously and properly kept, the initial electronic documents are slightly careless, and there is a risk of data leakage. In addition, with the popularity of the Internet, the proliferation of cyber attack tools and the increasingly rampant hacking activities, it may also be stolen by competitors or external lawless elements in various ways.

Third, the risk prevention of computer data

(1) Risk prevention of core business data. It is very important to ensure the security of core business data.

First, strengthen management, guide operators to standardize operations, abide by computer operating procedures, and ensure the safety of computer data;

Second, strengthen inspection and punishment to minimize the occurrence of illegal computer operations;

Third, science and technology management is combined with financial management, credit management and safety management, and systems and norms complement each other and penetrate each other, reducing or even blocking the possibility of relevant personnel changing business data and system parameters without restraint or evading supervision, building an internal control and prevention system to protect computer data security; Fourth, improve safety awareness and keep important data such as technical parameters and network addresses strictly confidential; Fifth, it is equipped with a firewall to isolate the internal and external networks, effectively preventing network attacks and external intrusions; Sixth, implement the authorization system for large transactions, clarify responsibilities, strengthen supervision, ensure the safety of funds, and prevent cases from happening.

(2) Risk prevention of derivative business data and electronic document data.

The application environment of these two types of data is similar, and the risk prevention is similar. Strengthen the prevention and control of computer viruses, which have become the "number one killer" threatening the security of computer data, and are rampant with the help of the Internet and storage devices.

Strengthening the prevention and control of computer viruses mainly includes the following aspects:

First, every computer should install mainstream anti-virus software, and scan and clean the files before they are delivered or edited, so as to cut off the main channels of virus transmission.

The second is to back up computer data. Derivative business data needs to be backed up, such as its database, original program installation package and upgrade patch. If the system on which this kind of data depends has backup and recovery functions, it should be used first; Electronic document data only need to be copied and classified and saved.

To ensure the effectiveness of data backup:

First, pay attention to the way of backup: you can use a combination of local direct backup and remote backup;

Second, pay attention to the backup opportunity: electronic document data can be backed up regularly on a monthly or quarterly basis as needed; In addition to routine backup, derivative business data should be backed up before program changes or upgrades.

The third is to strictly control the maintenance and disposal of computers. When a computer has a serious fault, it sometimes needs to be maintained or repaired by a computer company. The science and technology department should check the situation and take measures to prevent the hard disk data from leaking to the outside world, such as removing the hard disk before sending it for repair or sending it to the whole maintenance process; When computers have been in service for a long time and can no longer meet the needs of business or office applications, they need to be eliminated. Before disposal, all data on the hard disk should be cleared, and tools are usually used to "format" the hard disk.

The fourth is password restriction and data encryption. For derivative business data, strict passwords are required.

These professional accounting procedures and management systems often have login passwords, which need to be properly kept and replaced regularly; For electronic document data, it is necessary to encrypt some important documents. You can use the functions of office software to set passwords that restrict browsing and passwords that restrict modification.

Fifth, improve safety awareness and develop good electronic office habits.

Try not to edit documents directly on the USB flash drive; Open the security settings of word software and excel programs, such as "Auto Save", "Allow Background Save" and "Keep Copy"; Before emptying the "Recycle Bin", open it to check whether there are any important data to be kept or files deleted by mistake to be restored; Don't put important documents on your computer's "desktop" or "My Documents"; Foreign files and downloaded files should be scanned for viruses before opening.

;