Network security rectification work report

# Report # Introduction A work report refers to the work, practices, experiences and problems of the unit, department and region reported to the superior. The following is the network security rectification report, welcome to read!

The first network security rectification work report

First, enrich the leading institutions and strengthen their responsibilities. After receiving the document notice, the school immediately held an administrative office meeting to further implement the leading group and working group, and to implement the division of labor and responsible persons. The XX Second Small Network Security Inspection Special Action is commanded by the school leaders and implemented by the school information center. The Information Center has set up a working group, and the members of the working group and their respective division of labor implement hierarchical management, maintenance, information inspection and training, and resolutely implement the management principle of "who is in charge, who is responsible for operation and who is responsible for use" to ensure the absolute security of our campus network and provide a safe and healthy network use environment for all teachers and students.

Two, to carry out safety inspection, timely rectification of hidden dangers.

1, our school's "network center, function room, computer room, classroom, office" has established rules and regulations for use and safety management, and all the rules are posted on the wall.

2. The security protection of network center is the most important, which can be divided into physical security, network import and export security and data security. Physical safety mainly refers to fire prevention, theft prevention and physical damage to facilities and equipment; Network access security refers to-> fiber access firewall; Router->; The security of core switch and intranet access, grasp the source; Data security refers to the data backup of campus network, the processing and reporting of unsafe information and the transfer of information. The information center has an independent management system, such as network update registration, server resources, hard disk distribution statistics, security logs, etc. , easy to find problems and find them in time.

3. We have carried out a special cleaning check on the accounts and passwords of several major website platforms in our school, strengthened the level of weak passwords, and updated and upgraded the application software in time. Our school is a telecom fiber-optic private line accessing the Internet, using Cisco hardware firewall as the first line of defense, then accessing the router, and finally accessing the core switch, which ensures several important filters for our school's network accessing the Internet. The antivirus software of the network center server is the official version, which can be upgraded regularly and patched every day to eliminate all possible security risks. There are two external servers (FTP server and WEB server) in our school. The FTP server only opens 2 1 port, and all other ports are closed. Similarly, the WEB server only opens port 80, and all other ports are closed. It is convenient for teachers and students to use, while ensuring the absolute security of the network. Due to the great attention and proper management of the leaders of our school, since the establishment of the campus network in 200 1, there is no record of any intrusion into the intranet.

4. Strengthen network security management, conduct a comprehensive security check on all computer equipment connected to the core switches in our school, and upgrade computers with loopholes in operating systems and inadequate anti-virus software configuration to ensure network security.

5. Standardize the process of information collection, review and release, and strictly review the information release to ensure the accuracy and authenticity of the released information content. Check the guest book of our school station, the posts and messages on the second small blog regularly every week, screen unhealthy information, make data backup for problems that reflect the situation, and report to the school in time.

6. In the third week of this issue, our school organized teachers to learn information network laws and regulations at the faculty meeting, to raise teachers' awareness of rational and correct use of network resources, to develop good online habits, and not to do anything that violates information network laws and regulations.

7. It is forbidden to directly connect computers in the office intranet to the Internet. After inspection, we found no behavior of processing, storing and transmitting classified information on non-classified computers, transmitting classified information on the Internet by using e-mail system, and publishing and talking about state secret information in various forums, chat rooms and blogs. And using QQ and other chat tools to spread and talk about state secret information endangers network information security.

Third, the existing problems

1. Because our school has more than 300 network terminals, it is difficult to manage. The school has no extra funds to buy genuine anti-virus software. Now it uses fake or free antivirus software, which brings certain risks to our network security.

There are five servers in our school, but we don't have a set of network management software, so it is difficult to manage them all manually. Therefore, it is inevitable to forget to upgrade the patch at ordinary times, and there are certain security risks inevitably.

3. In school, network administrators can't engage in network management full-time, and generally have to work alone, so their energy in network management is limited, and network management, resource arrangement, and security log records need to be further improved.

In short, in the future work, we will try our best to rectify our own shortcomings and problems, and do our best to do a better job in network security on the existing basis, so as to provide a safe and healthy network environment for all teachers and students. I also earnestly hope that the relevant leaders will give us guidance, thank you.

Chapter II Network Security Rectification Work Report

In order to further strengthen the information system security management in our hospital, strengthen the awareness of information security and confidentiality, and improve the level of information security, according to the requirements of the Notice of the Provincial Health Planning Commission on the Supervision and Inspection of Health System Network and Information Security in XX Province, the leaders of our hospital attached great importance to it, set up a special management organization, held a meeting of heads of relevant departments, studied deeply, and conscientiously implemented the spirit of the document. Fully aware of the importance and necessity of carrying out self-inspection on network and information security, the dean in charge made detailed arrangements for self-inspection, was responsible for arranging and coordinating relevant inspection departments, supervising and inspecting projects, establishing and improving the hospital network security and confidentiality responsibility system and related rules and regulations, strictly implementing various provisions on network information security, and conducting special inspections on network information security of all departments in the hospital. The self-inspection is now reported as follows: 1. Basic situation of hospital network construction.

Hospital information management system (HIS system) was upgraded by XX Technology Co., Ltd. in XX. Our technicians are responsible for the upgraded foreground maintenance, and the technicians of XXX Technology Co., Ltd. are responsible for the background maintenance and accident handling.

Second, the self-inspection work

1, computer room safety inspection. Computer room safety mainly includes fire safety, electricity safety, hardware safety, software maintenance safety, door and window safety and lightning protection safety. The server room of hospital information system is built in strict accordance with the standard of computer room, and the staff insist on fixed-point inspection every day. The system server, multi-port switch and router are all protected by UPS power supply, which can ensure the normal operation of the equipment for 3 hours under the condition of power failure and will not damage the equipment due to sudden power failure.

2. LAN security check. It mainly includes network structure, password management, IP management, storage media management, etc. Each operator of HIS system has his own login name and password, and is given the corresponding operator authority. The account operated by others shall not be used, and the management system of "who uses, who manages and who is responsible" shall be implemented for the account. Hospital LANs have fixed IP addresses, which are uniformly distributed and managed by the hospital. You can't add new IP without permission, and unassigned IP can't connect to the hospital LAN. The USB interfaces of all computers in the local area network of our hospital are fully enclosed, which effectively avoids poisoning or leakage caused by external media (such as U disk and mobile hard disk).

3. Database security management. Our hospital adopts the following data security measures:

(1) Separate the part of the database that needs to be protected from other parts.

(2) Adopt authorization rules, such as account number, password, authority control and other access control methods.

(3) The database account password shall be managed and maintained by special personnel.

(4) Database users must change their passwords every six months.

(5) The server adopts virtualization for security management. When the current server has problems, switch to another server in time to ensure the normal operation of the client business.

Third, emergency response.

The server of HIS system in our hospital is safe and stable, equipped with large UPS power supply, which can ensure the server to run for about six hours in the case of large-scale power failure. Our hospital's HIS system has just been upgraded, and the server has not been down for a long time. However, the hospital has formulated an emergency plan and trained charging operators and nurses. If the HIS system can't operate normally due to a large-scale and long-term power outage in the hospital, manual charging, bookkeeping and medicine distribution will be temporarily started to ensure the normal and orderly diagnosis and treatment activities. When the HIS system returns to normal operation, invoices and fees will be supplemented.

Fourth, the existing problems

The network and information security work in our hospital has been done carefully, and there has never been a major security accident. All systems are running stably, and all businesses can run normally. However, the self-examination also found shortcomings, such as the lack of information technology personnel, limited information security force, incomplete information security training, insufficient awareness of information security, and insufficient initiative and consciousness of individual departments to maintain information security; Insufficient emergency drills; The condition of computer room is poor; Individual departments have low computer equipment configuration and long service life.

The third network security rectification work report

College leader: According to the unified deployment and requirements of the college, we conducted a safety self-inspection on the network computer room in key safety parts, as follows:

There are four main security risks:

First, the power supply line has been running under high load for 10 years, showing signs of aging. Once the core of the line is exposed, there will be short circuit and fire threat.

Second, the air conditioner is a domestic machine, which can't control the humidity and is not suitable for continuous operation. It always stops when the temperature is slightly higher, forcing managers to check whether it stops every weekend. The result of inspection shows that when the temperature reaches above 30 degrees, the probability of downtime is about 30%, which is very harmful to the server, not only affecting the operating efficiency, but also negatively affecting the service life of the server.

Thirdly, the wiring space in the front and back of the cabinet is narrow, and the strong current and weak current cannot be separately wired, and there is no pdu power distributor, which is also a hidden danger of wire mixing and fire prevention.

Fourth, the safety alarm facilities are not complete, and there is a lack of fire prevention, anti-theft, waterproof, temperature, humidity, power supply status and other sensing alarm devices indoors.

The above four specific rectification measures have been included in the Implementation Projects and Requirements for the Relocation and Expansion of the Network Host Room.

The fourth network security rectification work report

In order to ensure the network and information security of the tax system, further strengthen the management of network news propaganda, and effectively prevent the occurrence of unexpected events such as deliberate attacks, destruction of network information systems, and dissemination and pasting of illegal information. According to the principle of "whoever is in charge is responsible, who is responsible for running and who is responsible for using", the work will be implemented to people. The National Bureau set up an information security inspection working group, which is responsible for the security inspection of the offices of the National Bureau, and mainly adopts the combination of self-inspection of each office and spot check of some offices to carry out network security cleaning inspection. I. Current situation and risks

With the development of information construction of local tax system in Yili prefecture, the pattern of collection and management based on computer network has been formed. The four-level wide-area network of General Administration-District Bureau-Prefecture (city) Bureau-County (city) Bureau has been established, and gradually extended to grassroots tax collection units, and the construction process of local tax system network has been gradually accelerated. At present, the local tax system in Yili Prefecture has more than 700 WAN nodes and more than 700 networked computer devices. At the same time, in order to improve the efficiency of tax collection and management, better publicize tax work and serve taxpayers, the tax authorities of counties (cities) have established Internet access websites according to their work needs. At the same time, networking and information exchange have been partially realized with other government departments. In a word, the network and information system have become an important part of the whole tax system and an important infrastructure related to the national economy and people's livelihood.

With the rapid development of tax information construction, network and information security risks are gradually exposed. First, with the development of taxation and the requirements of business system, tax authorities at all levels have gradually realized networking and information exchange with relevant external departments. In addition, in order to facilitate taxpayers to pay taxes, Xinjiang local tax system has opened internet declaration, online inquiry and other services, and the local tax system network has changed from a completely closed intranet in the past to a network logically isolated from the external network and the Internet. Second, most of the key equipment in the network and information system, such as hosts, routers, switches and operating systems, are made of foreign products, which poses great technical and security risks. Third, the level of computer application operators in the system is uneven, and due to insufficient funds, safety protection equipment and technical means are not satisfactory. Fourth, hostile forces and criminals are eager to move under the drive of interests, which poses a great threat to the important financial departments of the country. The above aspects constitute the main risks of tax system network and information security.

Two, establish and improve the network and information security organization.

In order to ensure that the network and information security work is taken seriously and the measures can be implemented in time, the local taxation bureau of Yili Prefecture has set up a leading group for network and information security:

Team leader: omitted

Member: omitted

The leading group has an office, which is responsible for daily work. The director is Che, director of the Information Office, and the deputy director is Wang Shoufeng, deputy director of the office. Members: Wang Hongxing, Liu Zhonghui, Zhong Wang and Wang Hua.

Three, establish and improve the network and information security system and rules and regulations.

The Network and Information Security Office is responsible for reviewing and monitoring information published on internal and external websites in the name of the Organization; The Information Office is responsible for the maintenance and technical support of the website and the monitoring and maintenance of other application information systems; The finance department is responsible for relevant financial support; The agency service center is responsible for the monitoring and maintenance of infrastructure such as electricity, air conditioning, fire prevention and lightning protection.

The Office of Network and Information Security is responsible for the coordination in case of emergency, and according to the severity of the incident, drafting a report to the leading group, the public security department or the superior department or informing the whole system; It is also responsible for the monitoring and prevention, emergency treatment and data and system recovery of various websites, application systems and database systems, as well as the security prevention, emergency treatment, network recovery and post-event traceability of network systems. In order to do a good job in the self-inspection of network security in the national tax system, the Information Office conducted network security knowledge training for network administrators of the whole system through video training on August 10. And deploy network security self-inspection work.

Various security systems have been established and improved, including (1) log management system; (2) Safety audit system; (3) Data protection, safe backup and disaster recovery plan; (4) Access control system in important areas such as computer room; (5) Use and maintenance system of hardware, software, network and media; (6) The management system for the confidentiality of accounts, passwords and communications; (seven) the management system for the prevention, discovery, reporting and removal of harmful data and computer viruses; (8) Provisions on the use and management of personal computers.

Four, Ili Prefecture Local Taxation Bureau computer network management.

(1) Install a firewall in the LAN. At the same time, each computer is equipped with Rising antivirus software, which is uniformly configured by the regional bureau. In view of the lack of registration numbers, we applied to the regional bureau for 300 registration numbers. At present, Rising antivirus software online version can online 550 computers at the same time, which basically meets the needs of Yili local tax system. 95% of intranet computers in the whole state have installed desktop audit system, and some units have reached 100%. Regular installation of system patches has strengthened the effectiveness of anti-tampering, anti-virus, anti-attack, anti-paralysis, anti-leakage and so on.

(2) Secret-related computers and all computers in the local area network have strengthened their password settings, requiring that the startup password, document processing password and collection and management software password must be composed of not less than 8 digits of letters and numbers. There are also authentication and access control between computers.

(3) The intranet computer has no illegal access to the Internet or other information networks; The special computer for online newspaper installed in the self-service declaration area of the tax service hall of each unit is managed and checked by the network administrator every day to prevent illegal activities from being carried out by using the online newspaper machine.

(4) Professional anti-virus software for mobile storage devices has been installed, and virus scanning must be carried out before connecting mobile storage devices to computers. U disk virus isolator is equipped for computers of tax service offices, management departments and other units that often receive foreign data.

Chapter V Network Security Rectification Work Report

According to the spirit of the higher-level network security management document, Taojiang County Education Bureau set up a network information security leading group. Under the leadership of the group leader, Deputy Director Zeng, we made plans, defined responsibilities and implemented them, and conducted a comprehensive investigation on the network and information security of our system. Finding, analyzing and solving problems ensures the good operation of the network and provides a powerful information support platform for the development of education in our county. First, strengthen leadership and set up a leading group for network and information security.

In order to further strengthen the security management of network information systems in the whole system, our bureau has set up a leading group for the security and confidentiality of network and information systems, with a clear division of labor and specific responsibilities to people. The leader of the safety work leading group is Zeng, the deputy leader is Wu Wanfu, and the members are Liu, Su Yu. The division of labor and their respective responsibilities are as follows: Deputy Director Zeng is the first person responsible for the security and confidentiality of computer networks and information systems in our bureau, and is fully responsible for the management of computer networks and information security. Wu Wanfu, director of the office, is in charge of computer network and information security management. Liu is responsible for the daily affairs of computer network and information security management, and receives information and documents issued by higher education authorities. Wang Zhichun is responsible for the daily coordination and supervision of computer network and information security management. Su Yu is responsible for network maintenance and daily technical management.

Second, improve the system to ensure that network security work has rules to follow.

In order to ensure the normal operation and healthy development of computer network in our system, strengthen the management of campus network, and standardize the network use behavior, according to the Administrative Measures for Computer Network of Education and Scientific Research in China (Trial) and the Notice on Further Strengthening the Network Security Management of Taojiang County's Education System, the Administrative Measures for Network Security of Taojiang County's Education System, the Registration Form for Online Information Publishing and Auditing, the Online Information Monitoring and Inspection System, and Taojiang County's.

Third, strengthen management and strengthen network security technical preventive measures.

The computer network of our system has strengthened technical preventive measures. First of all, Kaspersky firewall is installed to prevent viruses and reactionary bad information from invading the network. The second is to install Rising and Jiang Min antivirus software. The network management will upgrade the virus database of antivirus software every week, upgrade the antivirus software in time, and solve the problems immediately when found. Third, the network is connected with the lightning protection network of the office building. The computer department strengthens doors and windows, buys fire extinguishers and puts them in a conspicuous position to ensure the lightning protection, theft prevention and fire prevention of the equipment and ensure the safety and integrity of the equipment. The fourth is to update the system and software of the server in time. Fifth, pay close attention to CERT news. Sixth, timely backup important documents and information resources. Create a system recovery file.

The network security leading group of our bureau conducts a comprehensive inspection on the implementation of environmental safety, equipment safety, information safety and management system of the whole system computer room, school office computers, multimedia classrooms and school audio-visual classrooms every quarter, so as to promptly correct existing problems and eliminate potential safety hazards.