On self-inspection report of campus network information security

Inadvertently, the work has come to an end. Looking back on my work during this period, I have gained a lot and learned some shortcomings. Let's take immediate action and write a self-inspection report. Then do you know how to write a formal self-inspection report? The following is a self-inspection report on campus network information security compiled by me for your reference only. Let's have a look.

The self-inspection report on campus network information security 1 Licheng No.6 Middle School website was revised and launched in September, 20xx. Since the launch of the new website, our school has always attached great importance to the work of network information security system, set up a special leading group, established and improved the network security and confidentiality responsibility system and related rules and regulations under the unified responsibility of Director Xie of the school, and all departments are responsible for their own network information security work. Strictly implement the provisions on network information security and confidentiality, and take various measures to prevent security-related incidents. Generally speaking, our school has done a solid and effective job in network information security and confidentiality.

I. Network security situation

The first is network security. Our school is equipped with anti-virus software, and adopts strong password, database storage and backup, mobile storage device management, data encryption and other security protection measures to clarify network security responsibilities and strengthen network security work.

Second, the leadership review and signature system should be implemented in information system security. Any information uploaded to the website must be reviewed and signed by relevant leaders before uploading; Second, conduct regular security checks and hire technicians from website production companies to supervise, mainly including SQL injection attacks, cross-site script attacks, weak passwords, operating system patch installation, application patch installation, antivirus software installation and upgrade, Trojan virus detection, port opening, system management authority opening, access authority opening, webpage tampering, etc. , and earnestly do a good job of system security diary.

Third, do a good job in the daily management of external networks, websites and application software? Five-layer management? Are you sure? Confidential computers don't surf the internet, and computers that surf the internet don't involve secrets? The management, maintenance and destruction of CD-ROM, hard disk, U disk and mobile hard disk shall be carried out in strict accordance with the confidentiality requirements. Focus on it? Three major security? Inspection: First, hardware safety, including lightning protection, fire prevention, theft prevention and power connection; The second is network security, including network structure, security log management, password management, IP management, online behavior management and so on. The third is application security, including website, email system, resource management, software management, etc.

Second, the school hardware equipment is running normally.

Every terminal in our school has installed anti-virus software, and the application of system-related equipment has also been standardized. The use of hardware equipment conforms to the relevant national product quality and safety regulations, the hardware operation environment of the unit meets the requirements, and the basic equipment such as printer accessories and ribbon racks are original products. The lightning protection ground wire is normal, the defective lightning protection socket has been replaced, the lightning protection equipment is basically stable, and no lightning strike accident has occurred; UPS is running normally. The website system is safe and effective, and there are no security risks at present.

Third, strictly manage and standardize equipment maintenance.

Does our school implement computers and their equipment? Who uses, manages and is responsible? Management system. We insist on management? System manager? . The second is to strengthen information security education and improve employees' computer skills. At the same time, the publicity of network security knowledge was carried out in the school, which made all the faculty realize that computer security protection is? Three defenses and one risk? An inseparable part of work. In addition, under the new situation, computer crime will become an important part of security work. In terms of equipment maintenance, the network equipment fault register and computer maintenance table are specially set up to register equipment faults and maintenance and deal with them in time. For foreign maintenance personnel, it is required to be accompanied by relevant personnel, and their identity and handling situation should be registered to standardize the maintenance and management of equipment.

Four. Website security and maintenance

Our school has relevant requirements for website security. First, use the exclusive permission password lock to log in to the background; Second, upload files in advance to detect pathogens; Third, the website is maintained by modules and permissions, and regularly enters the background to clean up junk files; Fourth, the website is updated by a special person.

Verb (abbreviation of verb) safety education

In order to ensure the safe and effective operation of our school's network and reduce virus invasion, our school has trained relevant knowledge of network security and system security. During this period, everyone had a detailed consultation on the computer-related problems encountered in practical work and got a satisfactory answer.

Six, self-examination problems and rectification opinions

We found some weak links in the management process, and we will make improvements in the following aspects in the future.

(1) The security protection equipment of the website is still insufficient, and only the firewall attached to the router has no hardware firewall equipment, which is a security risk.

(two) to strengthen equipment maintenance, timely replacement and maintenance of faulty equipment.

(3) In the process of self-examination, it was found that individual personnel were not aware of computer security. In the future work, we will continue to strengthen computer security awareness education and prevention skills training, so that employees can fully realize the seriousness of computer cases. Combine civil air defense with technical defense, and do a good job in network security of the unit.

Campus network information security self-inspection report 2 for the implementation? Notice of the Office of the Provincial Department of Education on the implementation of submission? The letter number [20xx]12 comes from Hubei Provincial Department of Education)? Notice of Huangshi Education Bureau on carrying out the network and information security inspection of the whole city's education industry? (Huang Jiaoxin [20xx] No.25), comprehensively strengthen the network and information security work in our school. The education department of our school organized a self-inspection on the security of our school's network, information system and website, and now the self-inspection situation is notified as follows:

First, the current situation of school network and information security

The network center building of our school was built in 20xx, with 20M optical fiber access, and the network covers the whole campus (including staff dormitories, office buildings, new and old teaching buildings). 20xx 10, due to aging equipment and high network operation and maintenance costs, all the staff dormitory networks were disconnected, and individual teachers applied to join China Telecom or other network providers. At present, the network of office buildings and teaching buildings in our school is running normally.

The overall situation of network and information security in our school is good. The school has always attached importance to information security, and has always regarded information security as the key content of information work. The network information security work is well organized, the responsibilities are clear, the daily management and maintenance work are standardized, and more attention is paid to the training of system administrators and network security technicians of the information system (website), which basically ensures the continuous, safe and stable operation of the campus network information system (website). However, it needs to be further strengthened and improved in network security management, technical protection facilities, website construction and maintenance, and information system level protection.

Second, the network information security work

1, network information security management organization

In order to strengthen the leadership of network and computer system security management and external publicity, guide and urge all teachers and students to surf the Internet safely, green and scientifically, and expand our social influence through website window publicity, the network information security management organization is established. The school has a network information security management organization, with school leaders as the team leader and office and grade directors as the team members, responsible for the direct security of office information systems and website information content. As the operator of campus network, the network administrator is responsible for the technical protection and technical guarantee of information system security.

2. Daily safety management of information system (website)

Does the school have it? Campus network management system? 、? What is the responsibility of a network administrator? 、? Computer classroom management system? 、? Maintenance and management measures of software and hardware in computer room? 、? What is the responsibility of the person in charge of the computer room? 、? Student computer management system? 、? Computer room electricity safety system? And a series of rules and regulations. Each system (website) can basically implement the responsible person according to the requirements, and better fulfill the website information uploading and signing system, information system data confidentiality and tamper-proof system. Daily maintenance of operating specifications, prevention of weak passwords and regular changes, strict protection of personal computers, regular backup of data, regular inspection of security logs, timely understanding of the system (website) status, to ensure normal operation.

3, information system (website) technical protection

The school has a network center computer room with waterproof, moisture-proof and anti-static protection measures. It regularly checks the security vulnerabilities of servers, network devices and security devices, updates the operating system and patches in time, configures password policies to ensure the update frequency, and regularly backs up important systems and data.

Three, the main problems found by self-examination.

Compared with the specific inspection items in the Notice, there are still some problems in the information security work of our school:

1. security management: network administrators are part-time, so it is difficult to ensure their energy input. They haven't logged into their own management system (website) for a long time, so they can't keep abreast of the security incidents that have happened. The daily management and maintenance of some systems (websites) are not standardized, and there are still problems such as weak administrator password, insufficient attention to data backup, and poor awareness of information confidentiality.

2. Technical protection: Campus network security technical protection facilities are still insufficient, such as the lack of data center security defense system and audit system, and the lack of security detection facilities, so it is impossible to check the security xxxxxxxx and hidden dangers of servers and information systems (websites).

3. Application system (website): Some application systems (websites) have design defects and security xxxx, which are prone to safety accidents.

Fourth, the rectification measures

In view of the existing problems, the school will conduct serious research and deployment.

1, further improve the network information security management system and standardize the daily management and maintenance procedures of information systems and websites. Strengthen the technical training of network administrators and improve their safety awareness and technical ability.

2. Continue to improve the technical protection facilities for network information security, regularly conduct xxxxxxxx and hidden dangers investigation on servers and operating systems, and establish a targeted active protection system.

3. Strengthen emergency management, revise emergency plans, strengthen cooperation with network computer companies, and conduct emergency drills to minimize the impact of security incidents.

Self-inspection report on campus network information security III. Overall evaluation of network and information security

This year, the Municipal Party Committee and the Municipal Bureau of Industry and Information Technology attached great importance to information security and put it on the important agenda. In order to standardize information disclosure and implement the relevant regulations on information security, they set up an information security leading group, implemented the management organization, put a special information office in charge of the daily management of information security, and defined the leaders in charge, leaders in charge and specific managers of information security.

We have established and improved daily information management, information security protection management and other related work systems, strengthened information security education, and the information security work leading group regularly or irregularly inspected the information security work in our city, rectified the problems found in time, further standardized the information security work, ensured the effective development of the information security work, and made new progress in the information security work in our city.

Second, the main work of network and information security

(a) to strengthen leadership, clear responsibilities, do a good job in network and information security organization and management. In order to standardize and strengthen the information security work, the municipal leaders attach great importance to this work and set up an information security work leading group with the mayor in charge as the team leader, the bureau-level leaders in charge of information work as the deputy team leader and the relevant units directly under the municipal government as members. It has achieved a clear division of labor and the responsibility lies with people. It has formed a leadership system and working mechanism in which the competent leaders take overall responsibility, the specific managers take the main responsibility, manage at different levels, and implement at different levels, effectively implementing the information security work.

(2) Do a good job in daily management of network and information security. According to the actual work, our bureau has established and improved the information system security self-inspection system, information system security responsibility system, computer and network security management and other related systems, and further standardized and institutionalized the information security work.

(3) Implement network and information security protection management. The management system of non-confidential computers and the management system of non-confidential mobile storage media have been perfected and improved. The computer is equipped with a firewall and professional anti-virus software, which strengthens the effectiveness in tamper-proof, anti-virus, anti-attack, anti-paralysis, anti-leakage and so on. The network terminal has no illegal access to information networks such as the Internet, and the unit has not installed wireless devices such as wireless networks, but has installed professional anti-virus software for mobile storage devices.

(four) the development of information security emergency management mechanism. Combined with the actual situation, the city has initially established an emergency plan, established a system for submitting electronic documents and information (for trial implementation) and a post responsibility system for submitting electronic documents and information, strictly controlled the sending and receiving of documents, and improved the system of counting, repairing, numbering and signing; The information administrator updates the system and software in time, backs up important files and information resources in time, and recovers data.

(5) Safety education and training are carried out step by step. In the second half of this year, our city plans to train all computer users in network and information security operation and explain some network security knowledge.

(six) seriously carry out information security inspection. The Municipal Information Security Leading Group will regularly or irregularly inspect the network and information security work in our city, and rectify the problems found in time to ensure the effective development of information security work.

Three, the network and information security self-inspection found the main problems and rectification.

According to the specific requirements in Hengshui 20xx Network and Information Security Inspection Scheme, we also found some deficiencies and situations that need to be rectified during the self-inspection.

1。 There is a problem. In the process of self-examination, there are mainly the following situations: First, insufficient investment. Due to the lack of professional and technical personnel in our city, the municipal finance has limited funds to invest in information system security and limited investment in the process of network and information security construction; Second, the rules and regulations system has been initially established, but it is still not perfect, failing to cover all aspects of the security of related information systems; Third, in the event of computer virus attacks and other emergencies, the handling is not timely enough.

2。 Correct this situation. In view of the above problems, we will do four things well? Continue? . First, we should constantly improve and implement the information security work system, check the implementation of the information security work system from time to time, seriously investigate the responsibility of those responsible for adverse consequences, and raise the awareness of information personnel on security protection; The second is to continue to implement the system. While further improving the network and information security system, arrange special personnel to closely monitor and solve possible information system security accidents anytime and anywhere; Third, continue to strengthen the safety awareness education of leading cadres and network information personnel in the city, and improve the initiative and consciousness of doing a good job in information security; Fourth, continue to strengthen the timely maintenance, maintenance and update of the city's information lines and information systems.

Four. Opinions and suggestions on network and information security work

It is suggested that provinces and cities give more guidance to information security work in counties and cities, regularly carry out information security education and training, and constantly improve the modernization level of information security work, so as to facilitate staff to further strengthen network and information security prevention and confidentiality work; It is suggested that all provinces and cities increase capital and technical investment in information security work to ensure the smooth development of work and information security.

?