The composition of the security system, the following is a few important components in the security system:
Computer board management system
The computer is discussed and defined in the correct usage of the company's computer resources. Users should be required to read and sign this agreement when they open their accounts. Users have responsibility to protect the information stored in it, and this must be written in the agreement. The user's personal email usage is also written in the agreement. This system needs to answer the following questions:
· Can users access and copy their files that have access to their files;
· Can users modify their files that have write permissions but they don't belong to them;
· Can users copy system configuration files (such as ETC / PassWD and SAM) for personal use or copy to others;
· Can users use the .rhosts file. Which data items can be set;
· Can users share an account;
· The user can copy the copyrightime software.
User Account Management System
The user account management system gives the request for the application and the system account. Computer users in big companies often have accounts in several systems, so this system is very important for them. Batch reading and signing this agreement is a better way to apply for an application for an account. User Account Management System requires a question to question the following questions:
· Who has the right to approve the application for opening an account;
· Who (employee, spouse, child, company visitor, etc.) is allowed to use the company's computer resources;
· Can users open multiple accounts on a system;
· Can users share an account;
· What rights and obligations have users;
· When will accounts are disabled and archived;
Remote access management system
The remote access management system specifies the remote connection method of the company's internal network. This system is very important for today's companies because users and networks may be distributed in the vast area. This system should include the means of remote access to the internal resources allowed, such as Dial (SLIP, PPP), ISDN / Frame Relay, Telnet access, cable TV modem / DSL, and so on. This system needs to answer the following questions:
· Who has the right to use remote access?
· Which connection method is supported (for example, only support broadband modem / DSL or dialing);
• Whether to use an exo-dial-up modem is allowed on the internal network;
· There is no additional requirements on the remote system - such as mandatory anti-virus software and security software;
· Other members in the employee family use the company's network;
• Whether the data that is remotely accessed is restricted.
Information protection management system
The Storage Protection Management System specifies the correct approach when the user is handled, saved, and transmits sensitive data. The main purpose of this system is to ensure that protected information is not modified and disclosed in unauthorized cases. Existing employees of the company must sign this agreement, and new employees must learn this system during post training, and the information protection management system needs to answer the following questions:
· How the sensitive level of information is set;
· Who can access sensitive information;
· How sensitive information is saved and transmitted;
· Which level sensitive information allows printing on a common printer;
· How to delete sensitive information from storage media (shredder, hard disk finishing, floppy disk dismissivity, etc.).
Firewall management system
The firewall management system stipulates the management of firewall hardware and firewall software, which provides for changing the firewall configuration, and the approval procedure of the approval procedure needs to answer the following questions:
· Who has access to a firewall system;
· If you need to change the firewall's distribution, you need to apply for anyone;
· If you need to change the configuration of the firewall, the application will be approved by anyone;
· Which person can see the firewall configuration rules and its access list;
· How long is the inspection cycle of firewall configuration?
Special access management system
The special access management system specifies the application and usage of the system special account (root user account, system administrator account, etc.). This system needs to answer the following questions: · Special access needs to apply for anyone;
· Special access needs to approve anyone;
· What is the password rule of special access?
· How long changes a password;
· What reasons or situations will cause user special access to cancel.
Network connection device management system
The network connection device management system has specified to add new devices to the network, it needs to answer the following questions:
· Who has the right to install the equipment on the network;
· Who is needed to install new devices?
· Who should notify which person should be notified when installing new devices;
· Who is recorded by the increase in network equipment;
· There is no security requirements for new equipment on the network.
Business partner management system
The business partners management system stipulates what kind of security conditions should be available in business buddies. With the development of e-commerce, the company's internal network is increasingly open to business partners, customers, and suppliers. The business partners management system is increasingly important. This regulations have great changes in every business partners agreement, but it needs to answer the following important issues at least:
· Whether each business partner must have a written security system;
· Does every business partner must have a firewall or other network boundary security device;
· How communication communication is carried out (VPN virtual private network on the Internet, leased line, etc.);
· How to make Shenqing if you want to visit the information resources of your business partner.
Other important regulations
You may also need to develop other rules and regulations, such as:
· Wireless network management system - help strengthen security protection measures for wireless networks, including which devices can be wireless, what security measures need to be taken, etc.
· Laboratory management system - If there is a test laboratory in your company, you must use this system to protect internal networks to reduce security. It is best to let the test laboratory use a completely independent homologual connection to make it connect with the company's interior business network.
· Personal Digital Assistant (PDA) Management System - This system classes whether the PDA device is allowed to connect to the company's internal network, how to establish a connection, allowing PDA software to be installed on the company's system. These devices will bring you a lot of support and mixing issues to your technical support.
Customer management system
With this company, the company also provides a general discussion report to our secure protection system to customers, potential customers, and business partners. This helps to showcase the importance and experience of the company's security environment.
