Thesis on Computer Data Security and Risk Prevention in Rural Credit Cooperatives

Paper on computer data security and risk prevention in rural credit cooperatives

1. Classification of computer data

(1) Core business data . It refers to the core and most critical data generated in the business operation process - all customer information and all transaction elements, that is, the production data formed based on the original subpoena and processed by the front-end comprehensive business system, which is original and basic. characteristics of sex and dispersion. This kind of data forms the basis for the operation and development of rural credit cooperatives and is the prerequisite for all accounting processing and accounting.

(2) Derived business data. It is an extension and supplement of core business data. It is a summary or classification of data related to a comprehensive business system. It is program data generated after extraction and processing by professional system programs, or it is entered through a computer based on account books, statements and other data and stored in an independent program. The data in the system database has the characteristics of systematicity, standardization and continuity.

(3) Electronic document data. It is an electronic document produced with commonly used office software, picture software and other tools and stored in computer equipment. It corresponds to paper documents and has the characteristics of easy editing, modification, transmission and copying. This type of data is stored in word documents (or wps documents), excel tables (or Kingsoft tables), notepads (or writing pads), slides and picture files, etc., and is files, requests, reports, plans, summaries and various The electronic form of statistical tables covers all aspects of daily management work.

2. Computer data security

(1) Security status of core business data. At present, rural credit cooperatives have all been fully networked, and manual operations and stand-alone outlets have become a thing of the past. Theoretically, the security of core business data has also been greatly enhanced, using advanced "warehousing technology" and relying on optical fiber communication lines to store it on the server of the Provincial Association Information Technology Center, and implement synchronous backup at the Nanyang Disaster Recovery Center to ensure that the data The probability of loss or damage is almost zero.

However, in actual work, core business data is not "impregnable". Risks that endanger data security still exist, mainly in the following aspects:

First, operations The environment is abnormal. In the process of handling business, if a sudden power outage occurs at the front desk, or communication times out, or the terminal crashes, the submitted data may be lost, and there may be inconsistencies in accounting between the front desk and the central server, or the printed information may not be printed. complete.

The second is poor password (or password) management. For operations involving core business data, the application of passwords (or passwords) can be seen everywhere in daily work. For ordinary tellers, passwords are required for power-on login, teller sign-in, business authorization and other operations; for system administrators, system management and network maintenance will involve the authentication of many passwords. If these passwords (or passwords) are not properly managed or protected, the compromised data security is obvious.

The third is illegal operations. Irregular operations sometimes have serious consequences, and important data may be leaked or tampered with, leading to computer cases. For example: disclosing customer identity or deposit information to others; performing account corrections or canceling transactions without filing them; performing loss reporting, freezing and thawing operations without authorization without supervision; not strictly implementing temporary leave from work and end-of-business sign-out Operations, etc., these may give criminals an opportunity to take advantage of them, and inadvertently provide them with the conditions to use technical means to steal customer information or transfer account funds.

(2) The security status of derived business data. Derivative business data relies on professional accounting systems or management programs (such as report management systems, 1104 system engineering, five-level credit classification programs, etc.), and these systems or programs generally run on a stand-alone computer and are independent of the internal network environment. There is no dedicated remote centralized storage server, so the security risks faced by its computer data are more prominent. Mainly reflected in the following aspects:

First, virus invasion.

Many times, the damage caused by computer viruses to derived business data is almost fatal. Not only will the program itself be unable to boot, but the related data will also be discontinued or even lost; the virus will also occupy system resources, causing the computer to freeze or the program to crash. , causing the data just entered or being summarized to be lost.

The second is the basic system environment. The operating environment of these professional accounting programs and management systems all use the Windows operating system developed by Microsoft. Although the Windows operating system is simple to operate, it has many system loopholes, poor stability and security, and phenomena such as restarts and forced shutdowns occur from time to time. The instability of the basic system environment will inevitably pose a potential threat to the operation and corresponding data of professional accounting programs and management systems.

The third is program upgrade. The business of rural credit cooperatives is constantly developing, and management is becoming increasingly refined. The statistical caliber and accounting indicators will also change, and the related professional accounting procedures and management systems also need to be upgraded or partially modified in a timely manner. Program upgrade is the process of optimizing and updating the program itself, and is the expansion or abandonment of original functions. This process is actually accompanied by more or less risks.

(3) Security risks of electronic document data.

First, virus attack. Some Trojan viruses will specifically target document files to cause damage, making the document unable to be opened normally or causing its content to instantly turn into a bunch of garbled characters.

The second is improper operation. Improper operation will cause computer crashes, restarts, program freezes, etc., which will bring a lot of "disaster" to the documents being processed; accidentally deleting document data will make all the fruits of labor in vain.

The third is poor protection. As a financial enterprise, a considerable part of the document data of rural credit cooperatives should also be strictly confidential, such as business operating status, financial information reports, inspection and processing opinions, network technical information, salary file information, development strategic plans, business promotion plans, projects Implementation steps, etc., although paper written materials can attract attention and be properly kept, there is a risk of data leakage if the initial electronic documents are not careful. In addition, with the popularization of the Internet, the proliferation of network attack tools and the increasingly rampant activities of hackers, there is also the possibility of being stolen by competitors or outside criminals in various ways.

3. Risk prevention of computer data

(1) Risk prevention of core business data. It is very important to ensure the security of core business data.

The first is to strengthen management, guide operators to standardize operations, abide by computer operating procedures, and ensure computer data security;

The second is to increase inspections and penalties to minimize computer corruption The occurrence of illegal operations;

Third, technology management is combined with financial management, credit management, and safety management. The systems and norms complement and penetrate each other, reducing or even preventing relevant personnel from being restrained or evading. Supervise the possibility of changing business data and system parameters, and jointly build an internal control and prevention system to protect computer data security; fourth, improve security awareness and strictly keep important data such as technical parameters and network addresses confidential; fifth, equip firewalls to isolate internal and external network to effectively prevent network attacks and external intrusions; sixth, implement the large-amount transaction authorization system, clarify responsibilities, strengthen supervision, protect fund security, and prevent cases from occurring.

(2) Risk prevention of derivative business data and electronic document data.

The application environments in which these two types of data exist are similar, and their risk prevention aspects are also similar. Strengthen the prevention and control of computer viruses. Computer viruses have become the "number one killer" threatening computer data security. They are wreaking havoc with the help of the Internet and storage devices.

Strengthening the prevention and control of computer viruses mainly includes the following aspects:

First, mainstream anti-virus software must be installed on each computer. Before transferring files or editing documents, First perform virus scanning and removal processing to cut off the main route of virus transmission.

The second is to back up computer data. Derived business data needs to back up its database, original program installation packages, upgrade patches, etc. If the system on which this type of data relies has its own backup and recovery functions, priority should be given to using them; electronic document data only needs to be copied and saved in categories That’s it.

To ensure the effect of data backup:

First, pay attention to the backup method: you can use a combination of local direct backup and off-site backup;

Second, pay attention to Timing of backup: Electronic document data can be backed up regularly on a monthly or quarterly basis as needed; in addition to regular backup of derivative business data, necessary backups must be made before program changes or upgrades.

The third is to strictly control computer maintenance and disposal. When a computer has a serious failure, it sometimes requires a computer company to perform maintenance or repairs. The science and technology department should take special care and take measures to prevent the hard disk data from being leaked to the outside world, such as removing the hard disk before sending it for repair, or stationing during the entire repair process. ; When the computer has been in service for a long time and can no longer meet the needs of business or office applications, it needs to be eliminated. All data on the hard disk must be cleared before disposal. Usually, tools must be used to "format" the hard disk.

The fourth is password restriction and data encryption. For derived business data, strict passwords are required.

These professional accounting programs and management systems often have login passwords, which need to be properly kept and changed regularly; for electronic document data, it is very necessary to encrypt some important documents, and you can use the office The software's own functions set passwords that restrict browsing and passwords that restrict modifications.

The fifth is to improve safety awareness and develop good electronic office habits.

Try not to edit documents directly on the USB flash drive; turn on the security settings of word software and excel programs: such as "auto-save", "allow background saving", "keep copies", etc.; clear the "Recycle Bin" " Open and check beforehand to confirm whether there are important data that need to be retained or accidentally deleted documents that need to be recovered; important documents should not be placed on the computer's "Desktop" or in "My Documents"; external files and downloaded Files are scanned for viruses before being opened. ;