We continue on the prevention of information leakage
Technical precautions against network leakage: First, identity authentication. The identification of the user by the computer is mainly to check the password input by the user. The use of the resource information by the legitimate user in the network also has the problem of using the right, so the use of the password must be strictly managed. Of course, there are other methods for identifying the user, such as using magnetic cards, fingerprints, sounds, retina images, etc. to authenticate the user. The second is to monitor the alarm. A detailed record of the working conditions of legitimate users in the network, the number of attempts and time for illegal users to enter the network. The telephone number and the like are recorded and an alarm is issued to trace the whereabouts of the illegal user. The third is encryption. The information is encrypted and stored in the computer with a special call password. In this way, after the thief breaks through the general password and enters the computer, the information cannot be called out. In the process of information transmission, the information is encrypted, and the thief is ignorant even if the signal is intercepted.
Preventive measures against media leaks: First, prevent copying. Anti-copy technology is actually a special mark for the media, such as special marks such as laser spots, perforations, and fingerprint technology on the disk. The second is encryption. Encrypt the files in the media so that they cannot be called up in the usual way. The third is degaussing. It is best to physically smash media that is no longer in use.
Administrative management
1. Establish a strict computer room management system, prohibiting unrelated personnel from entering and leaving the computer room casually. The central control room of the network system should have a strict access system. At the same time, the location of the equipment room must be safe and reliable, and the equipment room of important departments must have the necessary monitoring facilities.
2. Specify the hierarchical use rights. First, the computer center and computer data are classified into different levels, and different management measures are taken. The secret information cannot be processed in the open computer center. The high-level data cannot be processed in the computer center with low level of confidentiality; the low-level computer room cannot perform high-level operations. In system development, system analysts, programmers, and operators should be separated from each other so that the number of people who know the whole is as small as possible.
3. Strengthen the management of the media. Media containing secret documents shall be managed in accordance with the same level of confidential documents, and their copying, printing, lending, storage, destruction, etc. shall be subject to relevant regulations. Do not mix secret files and public files in the same floppy disk. If files with different confidential levels are recorded at the same time, they should be managed with the highest level of confidentiality. At the same time, the disk that temporarily stores the secret files during the operation and the waste paper printed during the debugging operation should be properly handled.
4. Strengthen the management of staff. Because the equipment is manipulated by people, the system is formulated and followed by people. The issue of personnel must first firmly establish a concept of confidentiality, so that it recognizes the importance and urgency of secrecy in the new era, thereby enhancing the awareness of keeping state secrets. We must do a good job in the selection and daily inspection of personnel, and do not use it unsatisfactorily; we must do a good job in intellectual investment, continuously improve the scientific and technical level of the use and management personnel, so that they can truly understand the performance of all equipment and master the prevention of leaks. Knowledge and preventive measures; use and create opportunities to expand their knowledge, enhance initiative, reduce blindness, to prevent leaks due to ignorance; also establish reward and punishment system, regular assessment, reward and punishment, and improve incentive mechanism.
Today, computer networks are also widely used in defense, military, educational science, finance, telecommunications, and commercial fields, including huge economic or national interests. Therefore, the security and confidentiality of computer information is a crucial thing. Was attracted attention.