6 self-inspection reports of network security inspection

Network security check self-inspection report 1

After receiving the Notice of the Education Commission of Banan District of Chongqi

6 self-inspection reports of network security inspection

Network security check self-inspection report 1

After receiving the Notice of the Education Commission of Banan District of Chongqing Municipality on Forwarding the Implementation Plan of the Special Action of Information Network Security Inspection in Banan District, the school immediately implemented the self-examination of relevant departments according to the spirit of the document, and now the self-examination report is as follows:

First, enrich the leading institutions and strengthen the implementation of responsibilities.

After receiving the document notice, the school immediately convened an administrative office meeting to further implement the leading group and working group, and to implement the division of labor and responsible persons (see Annex I for the leading group). The special action of network security inspection in Yudong No.2 Primary School is directed by the school leaders and implemented by the school information center. The Information Center has set up a working group (see Annex 1 for the working group). The members of the working group and their respective divisions carry out management, maintenance and information inspection training, which are implemented layer by layer, and resolutely implement the management principle of who is in charge, who is responsible for operation and who is responsible for use, so as to ensure the absolute security of our campus network and provide a safe and healthy network use environment for all teachers and students.

Two, to carry out safety inspection, timely rectification of hidden dangers.

1, our school network center, function room, computer room, classroom, office, etc. Rules and regulations for use and safety management were established and posted on the wall.

2. The security protection of network center is the most important, which can be divided into physical security, network import and export security and data security. Physical safety mainly refers to fire prevention, theft prevention and physical damage to facilities and equipment. The security of network entrance and exit refers to the security of fiber access firewall, router, core switch and intranet access, and grasp the source well. Data security refers to the data backup of campus network, the processing and reporting of unsafe information and the transfer of information. The information center has an independent management system, such as network update registration, server resources, hard disk distribution statistics, security logs, etc. , easy to find problems and find them in time.

3. We have carried out a special cleaning check on the accounts and passwords of several major website platforms in our school, strengthened the level of weak passwords, and updated and upgraded the application software in time. Our school is a telecom fiber-optic private line accessing the Internet, using Cisco hardware firewall as the first line of defense, then accessing the router, and finally accessing the core switch, which ensures several important filters for our school's network accessing the Internet. The antivirus software of the network center server is the official version, which can be updated regularly and patched every day to eliminate all possible security risks. There are two external servers (FTP server and WEB server) in our school. The FTP server only opens 2 1 port, and all other ports are closed. Similarly, the WEB server only opens port 80, and all other ports are closed. It is convenient for teachers and students to use, while ensuring the absolute security of the network. Due to the great attention and proper management of the leaders of our school, since the establishment of the campus network in 200 1, there is no record of any intrusion into the intranet.

4. Strengthen network security management, conduct a comprehensive security check on all computer equipment connected to the core switches in our school, and upgrade computers with loopholes in operating systems and inadequate anti-virus software configuration to ensure network security.

5. Standardize the process of information collection, review and release, and strictly review the information release to ensure the accuracy and authenticity of the released information content. Check the guest book of our school station, the posts and messages on the second small blog regularly every week, screen unhealthy information, make data backup for problems that reflect the situation, and report to the school in time.

6. In the third week of this issue, our school organized teachers to learn information network laws and regulations at the faculty meeting, to raise teachers' awareness of rational and correct use of network resources, to develop good online habits, and not to do anything that violates information network laws and regulations.

7. It is forbidden to directly connect computers in the office intranet to the Internet. After inspection, we found no behavior of processing, storing and transmitting classified information on non-classified computers, transmitting classified information on the Internet by using e-mail system, and publishing and talking about state secret information in various forums, chat rooms and blogs. And using QQ and other chat tools to spread and talk about state secret information endangers network information security.

Third, the existing problems

1. Because our school has more than 300 network terminals, it is difficult to manage. The school has no extra funds to buy genuine anti-virus software. Now it uses fake or free antivirus software, which brings certain risks to our network security.

There are five servers in our school, but we don't have a set of network management software, so it is difficult to manage them all manually. Therefore, it is inevitable to forget to upgrade the patch at ordinary times, and there are certain security risks inevitably.

3. In school, network administrators can't engage in network management full-time, and generally have to work alone, so their energy in network management is limited, and network management, resource arrangement, and security log records need to be further improved.

In short, in the future work, we will try our best to rectify our own shortcomings and problems, and do our best to do a better job in network security in our school on the existing basis, so as to provide a safe and healthy network environment for all teachers and students. I also earnestly hope that the relevant leaders will give us guidance, thank you.

Network security check self-inspection report 2

In order to conscientiously implement the spirit of the document notice of the Ministry of Public Security on self-examination and self-correction of network security protection of important information systems and key websites, further improve the self-examination of network and information systems in our hospital, improve the security protection ability and level, prevent and reduce the occurrence of major information security incidents, effectively strengthen the security prevention of network and information systems, and create a good network information environment. Recently, our hospital has carried out a self-inspection on the network security of information systems and websites. The self-inspection on the network and information systems in our hospital is now reported as follows:

I. Organize the self-inspection of network and information security.

(A) the overall evaluation of self-examination

In strict accordance with the requirements of the network and information system security inspection of the Ministry of Public Security, our hospital actively strengthens organizational leadership, implements work responsibilities, improves various information system security systems, strengthens daily supervision and inspection, and comprehensively implements information system security precautions. This year, we focused on the following investigations: first, hardware safety, including lightning protection, fire prevention and power connection; The second is network security, including network structure and online behavior management. Third, application security, file transfer system, software management, etc. , forming a good and stable security network environment.

(two) actively organize the deployment of network and information security self-examination.

1, set up a leading organization for self-inspection and coordination of network and information security.

In order to ensure the efficient operation of information systems, straighten out information security management and standardize the construction of information security levels, an information security coordination leading group composed of leaders in charge, competent departments and network management departments was established.

2, clear network and information security self-inspection responsibility departments and positions.

The leaders of our hospital attach great importance to the construction of information system, and hold meetings for many times to clarify the responsible departments of information construction, so as to achieve a clear division of labor and specific responsibilities to people.

3, the implementation of network and information security self-inspection documents or programs.

The responsible departments and staff of information systems conscientiously implement the working documents or plans of the Municipal Industry and Information Committee, formulate a series of rules and regulations according to the characteristics of network and information security inspection, and implement the network and information security work.

4. Hold a work mobilization meeting, organize personnel training, and specially deploy self-inspection of network and information security.

Our hospital holds a work mobilization meeting every quarter, and regularly and irregularly trains and assesses technicians. Technicians conscientiously study and implement the spirit of relevant documents, put information security work in an important position and make unremitting efforts.

Second, the main work of information security

(A) network security management

1, earnestly implement the information security responsibility system.

Our hospital has formulated the corresponding information security responsibility investigation system, assigned posts to people, defined the division of responsibilities, and minimized the information security responsibility accidents.

2. Actively promote the construction of information security system.

(1) Strengthen the construction of personnel safety management system.

Our hospital has established safety management systems such as personnel recruitment, resignation, assessment, safety, education and training, and foreign personnel management, and trained new personnel, strengthened personnel safety management, and conducted irregular assessments.

(2) Strictly implement the computer room safety management system.

Our hospital has formulated the Computer Room Management System to strengthen the management and daily monitoring system for personnel entering and leaving the computer room, strictly implement the computer room safety management regulations, do a good job in fire prevention and theft prevention, and ensure the computer room safety.

(two) the implementation of technical safety precautions

1, network security

Our hospital is equipped with anti-virus software and network isolation card, and has taken security protection measures such as strong password, database storage and backup, mobile storage device management, data encryption, etc., which has clarified the network security responsibility and strengthened the network security work. Computers and networks are equipped with professional anti-virus software, which enhances the effectiveness of anti-virus, anti-attack and anti-leakage. In accordance with the confidentiality provisions, important classified computers are managed with power-on passwords, which are used by special personnel to prevent the mixing of classified and non-classified computers.

2. Information system security.

There is no illegal access of classified computers to the Internet and other information networks, and there is no negligence or disclosure of secrets. The implementation of the leadership review and signature system, where the information uploaded to the website, must be reviewed and signed by the relevant leaders before uploading; The second is to carry out regular security checks, mainly supervising SQL injection attacks, cross-site scripting attacks, weak passwords, operating system patch installation, application patch installation, anti-virus software installation and upgrade, Trojan virus detection, port opening, system management authority opening, access authority opening, webpage tampering, etc., and earnestly keeping a system security diary.

(3) Emergency work situation

1, carry out daily information security monitoring and early warning.

Our hospital has established a daily information security monitoring and early warning mechanism, which has improved the ability to deal with network and information security emergencies, strengthened network information security, formed a scientific, effective and rapid response emergency working mechanism, ensured the physical security, operational security and data security of important computer information systems, and minimized the harm of emergencies to website network and information security.

2. Establish a security incident reporting and response handler.

Our hospital has established and improved a graded emergency management system and improved the daily safety management responsibility system. Relevant departments perform their duties and do a good job in daily management and emergency response. Establish security incident reports and corresponding handling procedures, and carry out different reporting procedures and response handling according to the classification and grading of security incidents.

3, formulate emergency plans, regular drills and constantly improve.

Our hospital has formulated a safety emergency plan, started the corresponding emergency procedures according to the early warning information, strengthened the duty work, and made various preparations for emergency treatment. Exercise the early warning scheme regularly to continuously improve the feasibility and operability of the early warning scheme.

(4) Safety education and training

In order to ensure the safe and effective operation of our hospital's network and reduce virus intrusion, our hospital has trained the related knowledge of network security and system security. During this period, we conducted a detailed consultation on computer-related problems encountered in practical work and got a satisfactory answer.

Three. Network and information security issues

After security inspection, the overall situation of information system security in our unit is good, but there are also some shortcomings:

1, lack of information security awareness. Employees' information security education is not enough, and they lack the initiative and consciousness to maintain information security.

2. Equipment maintenance and update are not timely enough.

3. There are few professional and technical personnel, the information system security force is limited, and the technical level of information system security needs to be improved.

4. The working mechanism of information system security needs to be further improved.

Fourth, network and information security improvement measures

According to the deficiencies found in the self-examination process and the actual situation of our hospital, we will focus on the following aspects for rectification:

First, continue to strengthen information security education for all staff, and improve the initiative and consciousness of doing security work well.

Second, it is necessary to effectively strengthen the implementation of the information security system, check the implementation of the security system from time to time, and seriously investigate the responsibility of the responsible person for causing adverse consequences, so as to improve the safety awareness of personnel.

Third, we should strengthen the training of professional information technology personnel, further improve the technical level of information security work, so that we can further strengthen the security prevention and confidentiality of computer information systems.

Fourth, it is necessary to strengthen the maintenance of lines, systems and network equipment, and at the same time, in view of the rapid development of information technology, increase the updating of system equipment.

Fifth, innovate and improve the working mechanism of information security, further standardize the office order and improve the security of information work.

Verb (abbreviation of verb) Opinions and suggestions on strengthening information security.

We found some management weaknesses in the management process, and we will make improvements in the following aspects in the future:

First, the irregular and exposed lines should be rectified immediately within a time limit to do a good job in rat prevention and fire safety.

The second is to strengthen equipment maintenance and replace and repair faulty equipment in time.