Current location - Recipe Complete Network - Catering franchise - On self-inspection report of campus network information security
On self-inspection report of campus network information security
Inadvertently, the work has come to an end. Looking back on the work during this period, I have gained a lot and learned some shortcomings. Let's act at once and write a self-inspection report. Then do you know how to write a formal self-inspection report? The following is a self-inspection report on campus network information security compiled by me for your reference only. Let's have a look.

The self-inspection report on campus network information security 1 Licheng No.6 Middle School website was revised and launched in September, 20xx. Since the launch of the new website, our school has always attached great importance to the work of network information security system, set up a special leading group, and established and improved the network security and confidentiality responsibility system and related rules and regulations, which are under the unified responsibility of Director Xie of the school, and all departments are responsible for their own network information security work. Strictly implement the provisions on network information security and confidentiality, and take various measures to prevent security-related incidents. Generally speaking, our school has done a solid and effective job in network information security and confidentiality.

I. Network security situation

The first is network security. Our school is equipped with anti-virus software, and adopts security protection measures such as strong password, database storage and backup, mobile storage device management, data encryption, etc., to clarify network security responsibilities and strengthen network security work.

Second, the information system security implements the leadership audit signature system. Any information uploaded to the website must be reviewed and signed by the relevant leaders before uploading; Second, conduct regular security checks, hire technicians from website production companies, mainly supervise SQL injection attacks, cross-site script attacks, weak passwords, operating system patch installation, application patch installation, antivirus software installation and upgrade, Trojan virus detection, port opening, system management authority opening, access authority opening, webpage tampering, etc., and carefully keep a system security diary.

Third, do a good job of extranet, website and application software in daily management? Five-layer management? , are you sure? Confidential computers don't surf the internet, and computers that surf the internet don't involve secrets? The management, maintenance and destruction of CD-ROM, hard disk, U disk and mobile hard disk shall be carried out in strict accordance with the confidentiality requirements. Focus on it? Three major security? Inspection: First, hardware safety, including lightning protection, fire prevention, theft prevention and power connection; The second is network security, including network structure, security log management, password management, IP management, online behavior management and so on. Third, application security, including website, email system, resource management, software management, etc.

Second, the school hardware equipment is running normally.

Every terminal in our school has installed anti-virus software, and the application of system-related equipment has also been standardized. The use of hardware equipment conforms to the relevant national product quality and safety regulations, the hardware operation environment of the unit meets the requirements, and the basic equipment such as printer accessories and ribbon racks are original products. Lightning protection grounding wire is normal, defective lightning protection socket has been replaced, lightning protection equipment is basically stable, and there is no lightning accident; UPS is running normally. The website system is safe and effective, and there are no security risks at present.

Third, strictly manage and standardize equipment maintenance.

Our school practices computers and their equipment? Who uses, manages and is responsible? Management system. We insist on management? System manager? . The second is to strengthen information security education and improve employees' computer skills. At the same time, the publicity of network security knowledge was carried out in the school, which made all the staff realize that computer security protection is? Three defenses and one insurance? An inseparable part of work. Moreover, under the new situation, computer crime will become an important part of security work. In terms of equipment maintenance, a network equipment fault register and a computer maintenance table are specially set up to register equipment faults and maintenance and deal with them in time. For foreign maintenance personnel, it is required to be accompanied by relevant personnel, and their identity and handling situation should be registered to standardize the maintenance and management of equipment.

Four. Website security and maintenance

Our school has relevant requirements for website security. 1. Log in to the background with a password lock with exclusive authority; Second, upload files in advance to detect pathogens; Third, the website adopts module and authority maintenance, and regularly enters the background to clean up junk files; Fourth, the website is updated by a special person.

Verb (abbreviation of verb) safety education

In order to ensure the safe and effective operation of our school's network and reduce virus intrusion, our school has trained the related knowledge of network security and system security. During this period, everyone consulted in detail about computer-related problems encountered in practical work and got satisfactory answers.

Six, self-examination problems and rectification opinions

We found some weak links in the management process, and will improve in the following aspects in the future.

(1) The security protection equipment of the website is still insufficient, and there is only a firewall attached to the router without hardware firewall equipment, which is a security risk.

(two) to strengthen equipment maintenance, timely replacement and maintenance of faulty equipment.

(3) During the self-examination, it was found that individual personnel were not aware of computer security. In the future work, we will continue to strengthen computer security awareness education and prevention skills training, so that employees can fully realize the seriousness of computer cases. Combine civil air defense with technical defense, and do a good job in network security of the unit.

Does the campus network information security self-inspection report 2 seek to be implemented? Notice of the General Office of the Provincial Department of Education on the submission and implementation? (The letter number [20xx] 12 comes from Hubei Provincial Department of Education). Notice of Huangshi Education Bureau on carrying out the network and information security inspection of the whole city's education industry? (Huang Jiaoxin [20xx] No.25), comprehensively strengthen the network and information security work in our school. The education department of our school organized a self-inspection on the security of our school's network, information system and website, and now the self-inspection situation is notified as follows:

First, the status quo of school network and information security

The network center building of our school was built in 20xx, with 20M optical fiber access, and the network covers the whole campus (including staff quarters, office buildings, new and old teaching buildings). 20xx 10 Due to aging equipment and high network operation and maintenance costs, all the staff dormitory networks are disconnected, and individual teachers apply to join China Telecom or other network providers. At present, the network of office buildings and teaching buildings in our school is running normally.

The overall situation of network and information security in our school is good. The school has always attached importance to information security and has always regarded information security as the key content of information work. The network information security work is well organized, with clear responsibilities, standardized daily management and maintenance, and more attention is paid to the training of system administrators and network security technicians of information systems (websites), which basically ensures the continuous, safe and stable operation of campus network information systems (websites). However, it needs to be further strengthened and improved in network security management, technical protection facilities, website construction and maintenance, and information system level protection.

Second, the network information security work

1, network information security management organization

In order to strengthen the leadership of network and computer system security management and external publicity, guide and urge all teachers and students to surf the Internet safely, green and scientifically, publicize through the website window, and expand the social influence of our school, the network information security management organization is established. The school has a network information security management organization, with the school leaders as the team leader and the directors of each office and grade as the team members, who are directly responsible for the security of the office information system and website information content. As the operator of the campus network, the network administrator undertakes the technical protection and technical guarantee of information system security.

2. Daily security management of information system (website)

Does the school have it? Campus network management system? 、? What is the responsibility of a network administrator? 、? Computer classroom management system? 、? Maintenance and management measures of software and hardware in computer room? 、? What is the responsibility of the person in charge of the computer room? 、? Student computer management system? 、? Computer room electrical safety system? And a series of rules and regulations. Each system (website) can basically implement the responsible person according to the requirements, and better fulfill the system of uploading and signing website information, data confidentiality and tamper-proof system of information system. Daily maintenance of operating specifications, so as to prevent weak password, modify it regularly, strictly protect personal computers, back up data regularly, check security logs regularly, and keep abreast of the system (website) status to ensure normal operation.

3, information system (website) technical protection

The school has a network center computer room with waterproof, moistureproof and antistatic protection measures. Regularly check the security vulnerabilities of servers, network devices and security devices, update the operating system and patches in time, configure password policies to ensure the update frequency, and regularly back up important systems and data.

Three, the main problems found by self-examination.

Compared with the specific inspection items in the Notice, there are still some problems in the information security work of our school:

1. security management: network administrators are part-time, so it is difficult to ensure their energy input. They haven't logged into their own management system (website) for a long time, so they can't keep abreast of the security incidents that have happened. The daily management and maintenance of some systems (websites) are not standardized, and there are still problems such as weak administrator password, insufficient attention to data backup, and poor awareness of information confidentiality.

2. Technical protection: campus network security technical protection facilities are still insufficient, such as the lack of data center security defense system and audit system, the lack of security detection facilities, and the inability to check the security and hidden dangers of servers and information systems (websites).

3. Application system (website): Some application systems (websites) have design defects and security xxxx, which are prone to safety accidents.

Fourth, the rectification measures

In view of the existing problems, the school will conduct serious research and deployment.

1, further improve the network information security management system and standardize the daily management and maintenance procedures of information systems and websites. Strengthen the technical training of network administrators and improve their safety awareness and technical ability.

2. Continue to improve the technical protection facilities for network information security, regularly conduct xxxxxxxx and hidden trouble investigation on servers and operating systems, and establish a targeted active protection system.

3. Strengthen emergency management, revise emergency plans, strengthen cooperation with network computer companies, and do emergency drills to minimize the impact of safety accidents.

Self-inspection report on campus network information security 3 i. Overall evaluation of network and information security

This year, the municipal and municipal bureaus attach great importance to information security and put it on the important agenda. In order to standardize information disclosure and implement the relevant regulations on information security, they set up an information security leading group, implemented the management organization, put a special information office in charge of the daily management of information security, and defined the leaders in charge, leaders in charge and specific managers of information security.

We have established and improved daily information management, information security protection management and other related work systems, and strengthened information security education. The information security work leading group regularly or irregularly inspected the information security work in our city, promptly rectified the problems found, further standardized the information security work, and ensured the effective development of information security work, and made new progress in the information security work in our city.

Second, the main work of network and information security

(a) to strengthen leadership, clear responsibilities, do a good job in network and information security organization and management. In order to standardize and strengthen the information security work, the municipal leaders attach great importance to this work, and set up an information security work leading group with the mayor in charge as the team leader, the bureau-level leaders in charge of information work as the deputy team leader and the relevant municipal units as members. It has achieved a clear division of labor and the responsibility lies with people. A leadership system and working mechanism have been formed, in which the competent leaders take overall responsibility, the specific managers take the main responsibility, manage at different levels, and implement at different levels, so as to effectively implement the information security work.

(2) Do a good job in the daily management of network and information security. According to the actual work, our bureau has established and improved the information system security self-inspection system, information system security responsibility system, computer and network security management and other related systems, and further standardized and institutionalized the information security work.

(3) Implement network and information security protection management. The management system of non-confidential computers and the management system of non-confidential mobile storage media have been perfected and improved. A firewall is installed on the computer, and professional antivirus software is installed at the same time, which strengthens the effectiveness in tamper-proof, virus-proof, attack-proof, paralysis-proof, and leak-proof. The network terminal has no illegal access to information networks such as the Internet, and the unit has not installed wireless devices such as wireless networks, but has installed professional anti-virus software for mobile storage devices.

(four) the development of information security emergency management mechanism. Combined with the actual situation, the city has initially established an emergency plan, established an electronic document and information submission system (for trial implementation) and a post responsibility system for electronic documents and information submission, strictly controlled the receipt and delivery of documents, and improved the system of point, repair, number and sign; The information administrator updates the system and software in time, backs up important files and information resources in time, and recovers data.

(5) Safety education and training are being carried out step by step. In the second half of this year, our city plans to train all computer users in network and information security operations and explain some network security knowledge.

(six) seriously carry out information security inspection. The Municipal Information Security Leading Group will regularly or irregularly inspect the network and information security work in our city, and rectify the problems found in time to ensure the effective development of information security work.

Three, the network and information security self-inspection found the main problems and rectification.

According to the specific requirements of Hengshui 20xx Network and Information Security Inspection Scheme, we also found some deficiencies and situations that need to be rectified during the self-inspection.

1。 There is a problem. In the process of self-examination, there are mainly the following situations: First, insufficient investment. Due to the lack of professional and technical personnel in our city, the municipal finance has limited funds to invest in information system security, and the investment in network and information security construction is limited; Second, the rules and regulations system has been initially established, but it is still not perfect, failing to cover all aspects of the security of related information systems; Third, in the event of computer virus attacks and other emergencies, it is not handled in time.

2。 Correct this situation. In view of the above problems, we will do four things well? Continue? . First, continue to improve and implement the information security work system, check the implementation of the information security work system from time to time, and seriously investigate the responsibility of the responsible person for causing adverse consequences, so as to improve the safety protection awareness of information personnel; The second is to continue to do a good job in the implementation of the system. While further improving the network and information security system, arrange special personnel to closely monitor and solve possible information system security accidents anytime and anywhere; Third, continue to strengthen the safety awareness education of leading cadres and network information personnel in the city, and improve the initiative and consciousness of doing a good job in information security; Fourth, continue to strengthen the timely maintenance, maintenance and update of the city's information lines and information systems.

Four. Opinions and suggestions on network and information security work

It is suggested that provinces and cities should give more guidance to information security work in counties and cities, regularly carry out information security education and training, and constantly improve the modernization level of information security work, so as to help staff further strengthen the prevention and confidentiality of network and information security; It is suggested that all provinces and cities increase capital and technical investment in information security work to ensure the smooth development of work and information security.

?