Research on electronic information security technology of small and medium-sized enterprises 1
Abstract: With the continuous development of informatization in China, the protection of electronic information security of small and medium-sized enterprises has also become the focus of attention.
Starting from the electronic information security, this paper introduces the informatization construction of small and medium-sized enterprises, summarizes the electronic information security technology, puts forward the main security elements, and finds out the strategies to solve the electronic information security problems of small and medium-sized enterprises.
Keywords: electronic information security technology security elements
There are many enterprise documents circulating in the management information system of enterprises, among which there must be important documents, and some of them are even related to the development prospects of enterprises. If this information is eavesdropped, leaked, tampered with or forged by competitors or lawless elements during network communication, it will seriously threaten the development of enterprises. Therefore, it is of great significance to study the electronic information security technology of small and medium-sized enterprises.
First, the significance of information construction of SMEs
In this network information era, the process of enterprise informatization is developing continuously, and informatization has become the key to enterprise success and an important way to improve management level.
At present, the business activities of enterprises are basically carried out in the form of e-commerce, and information technology is applied in all aspects of production, operation, transportation and sales of enterprises.
For example, collecting information such as the quality, price and origin of raw materials through the network and establishing a raw material information system play a great role in the procurement of raw materials.
Through the analysis of the data, we can get more purchasing suggestions and countermeasures, and realize the level of enterprise electronic informatization.
According to relevant surveys, 82% of small and medium-sized enterprises are still in the stage of promoting corporate image, releasing product and service information and collecting customer information, and less than a quarter of e-commerce applications are related to transactions, which shows that enterprises have not fully developed and utilized business channel information.
The information age of small and medium-sized enterprises has arrived, and enterprises should speed up information construction.
wWW. 1 1665.cOm
Second, electronic information security technology
Encryption technology in electronic information.
Encryption technology can make data transmission more secure and complete. Encryption technology can be divided into symmetric encryption and asymmetric encryption.
Among them, symmetric encryption is usually realized by sequence cipher or block secret, including plaintext, key, encryption algorithm and decryption algorithm.
Asymmetric encryption is different from symmetric encryption. Asymmetric encryption requires two keys, a public key and a private key, which must be used in pairs. Encryption with public key can only be decrypted with corresponding private key.
Encryption with a private key can only be decrypted with the corresponding public key.
Encryption technology can keep the transmitted electronic information confidential.
When sending electronic information, the sender encrypts the sent information with encryption key or algorithm and sends it out. If someone steals information during transmission, they can only get ciphertext, which is incomprehensible.
The receiver can use the decryption key to decrypt the ciphertext and restore it to plaintext.
2. Firewall technology
With the development of network technology, some mail bombs, virus Trojans and network hackers also pose a great threat to network security.
Enterprise informatization makes its network suffer the same threat, and the security of enterprise electronic information is difficult to be guaranteed.
In view of the insecurity of the network, the first protective measure is the firewall.
Firewall also plays a great role in our personal computer, which can prevent non-hackers from invading and tampering with computer information.
3. Authentication technology
Message authentication and identity authentication are two forms of authentication technology. Message authentication is mainly used to ensure the integrity and non-repudiation of information. Users can confirm the authenticity of information and whether it has been modified or forged by a third party through message authentication.
Authentication uses and authenticates the user's identity, including two steps: identification and verification.
Defining and distinguishing the identity of visitors is called identification, and confirming the identity of visitors is called verification.
Users must be authenticated when accessing some non-public resources.
For example, when accessing the grading system of colleges and universities, it must be verified by the student number and password.
Some resources of university libraries can only be accessed through the campus network, and those who are not on the campus network cannot enter unless they apply for a qualified access identity for a fee.
Three, the main security elements of electronic information of small and medium-sized enterprises
1, information is confidential.
In today's network age, it seems that the confidentiality of information is not so easy, but information directly represents the business secrets of enterprises. How to protect enterprise information from theft, tampering, abuse and destruction, and how to use the Internet to transmit information and ensure information security have become important issues that all small and medium-sized enterprises must solve.
2. Validity of information
With the development of electronic information technology, all small and medium-sized enterprises use spreadsheets to transmit information. The effectiveness of information is directly related to the economic interests of enterprises, and it is also a prerequisite for enterprises to trade smoothly.
Therefore, it is necessary to eliminate all kinds of network faults and hardware faults, and control and prevent the potential threats brought by these network faults to ensure the effectiveness of information transmission.
3. Integrity of information
The business strategies of all parties to an enterprise transaction are seriously affected by the information integrity of all parties to the transaction, so it is very important to maintain the information integrity of all parties to the transaction.
In the process of processing information, it is the basis of transactions between enterprises to prevent the random generation and modification of information, prevent the loss of information in the process of transmission, and maintain the integrity of information.
Fourthly, the strategy to solve the problem of electronic information security in small and medium-sized enterprises.
1, building electronic information security management system for small and medium-sized enterprises.
To solve the problem of information security, besides using security technology, we should also establish a set of perfect electronic information security management system to ensure information security management.
Smooth management.
In general small and medium-sized enterprises, the related information management system initially established restricts the security of the information system to a great extent.
If there is something wrong with the security management system, the selection and use of security management technologies and means around this system cannot be carried out normally, and the security of information cannot be guaranteed.
A perfect and strict electronic information security management system has an important impact on the security of information systems.
In the enterprise information system, if there is no strict and perfect information security management system, electronic information security technology and related security tools will not play their due role.
2, the use of enterprise network conditions to provide information security service.
The secondary units of many enterprises are connected to the system through WAN, and the local area network is built in each unit. Enterprises should make use of this good network condition to provide enterprises with a good information security service.
Through the enterprise's network platform, it issues technical standards, safety bulletins and safety regulations, provides information security software download and safety equipment selection, provides online information security education and training, and provides a place for employees to exchange experiences.
3. Regularly evaluate and improve the safety protection software system.
With the development of enterprises, the information application and information technology of enterprises are also developing, and people's understanding of information security issues is also constantly improving with the development of technology. While constantly discovering electronic information security problems, the security protection software system to solve information security problems should also be constantly improved and evaluated regularly.
In a word, the electronic Galaxy security technology of small and medium-sized enterprises includes technology, management, system and other factors. With the continuous development of information technology, not only the office of small and medium-sized enterprises gradually tends to office automation, but also the electronic information security of enterprises has been guaranteed.
References:
[1] text; Application of information security technology in e-government system [J]; Software Guide, 20 10
[2] Yan Bing; Overview and prevention of enterprise information security [J]; Scientific consultation, 20 10
[3] Jiang Wen; On the present situation and trend of information security and technology research in e-commerce [J]; Economic and social development, 20 10
[4] Hao Qingshi; Thoughts on speeding up the informatization construction of enterprises [j]. Computer Engineering Application Technology, 20 12