Website information security management system

Website information security management system

Information release registration system

In the information source access to implement security protection technical measures to ensure the operation of the network security and information security;
Our company is a virtual host access, the system to do a good job of user permissions setting work, can not open its information directory other than the operation of the directory.
Registration and archiving of departments and individuals entrusted with the release of information.
The information provided by the information source department shall be reviewed, and no content shall appear in violation of the "Measures for the Management of the Security Protection of the International Network of Computer Information Networks".
Found to have violated the "Computer Information Network International networking security protection Management Measures" situation, should retain the relevant original records, and within 24 hours to the local public security organs.

Information content review system

1, we must seriously implement the information release audit management work, to prevent violations of the "Computer information network International networking security protection Management Measures".

(2) Carefully check the information provided by the information source department that publishes information on this website, and there shall be no content that endangers national security, divulges state secrets, infringes on the interests of the state, the society, the collective and the legitimate rights and interests of citizens.

(3) Establish a sound review and inspection system for columns that publish public comments on news bulletin boards, etc., and check them regularly to prevent comments that violate the "Measures for the Security Protection and Management of Computer Information Networks for International Networking".

4. Once found on this website, users make, copy, consult and disseminate the following information:

Inciting resistance, undermining the Constitution and the implementation of laws and administrative regulations

Inciting secession and undermining national unity
Inciting ethnic hatred, ethnic discrimination and undermining national unity
Fabricate or distort facts, spread rumors and disturb social order
Promote feudal superstition, obscenity, pornography, gambling, violence, murder, terror, and instigation of crime
Openly insulting others or fabricating facts to slander others
Damage the credibility of state institutions
Other violations of the Constitution, laws, administrative regulations, in accordance with the relevant provisions of the State, delete the network containing the above content of the address, directory or close the website. The original records shall be kept and reported to the local public security organs within 24 hours.

Information monitoring, saving, clearing and backup system

In order to promote the health, safety and efficient application and development of the company's website, maintain the stability of the state and social society, and prevent the occurrence of various illegal and criminal acts, according to the provisions of the "Computer Information Network International Internet Security Protection Management Measures", this system is formulated:

1. The system applies to the publication of information on this website and the publication of information on the website by department personnel.

2. Strictly implement national and local information security regulations.

3. The information published by the website itself must be carefully checked to eliminate the content that implies the following behaviors:

(1) inciting resistance to, or undermining the implementation of the Constitution and laws and administrative regulations;

(3) inciting secession and undermining national unity;

(4) inciting ethnic hatred, ethnic discrimination and undermining ethnic unity;

(5) Fabricating or distorting facts, spreading rumors and disturbing social order;

(6) Promoting feudal superstition, obscenity, pornography, gambling, violence, murder, terror, and instigation of crime;

(7) Openly insult others or fabricate facts to slander others;

(8) damage the reputation of state organs;

(9) Other violations of the Constitution, laws and administrative regulations.

If the website staff quotes information from others, they must indicate the source.
Website personnel to publish information, must first go through the process of verification, the content of its publication to check, filter, limit. If you find harmful information on other websites, you should take the initiative to report it.
Website personnel to publish information, must be manually checked daily.
The website information database must be backed up once every 7 days, and the data query should be guaranteed within 30 days.

Virus detection and network security vulnerability detection system

In order to ensure the normal operation of the company's website, prevent all kinds of viruses and hacker software from posing threats to our network hosts, and minimize such losses, this system is formulated:

Anti-virus software, anti-hacker software and anti-spam software should be installed in the computers of all access departments, and the software should be upgraded regularly.
It is strictly forbidden to install virus software and hacker software in the computers of access departments, to attack other networked hosts, and to spread hacker software and virus.
The network management center shall regularly release virus information, detect viruses and security vulnerabilities in the website, and take necessary measures to prevent and control them.
The leased server or the main server in the storage space should be installed with a firewall system to strengthen network security management.
The network management center periodically checks network security and virus detection and handles any problems in a timely manner.
System for reporting illegal cases and assisting in investigation and punishment

1. All access end users shall consciously abide by network regulations, and it is strictly prohibited to use computers to commit crimes.

2, for the computer violations and crimes of the unit, the network security administrator or discovered personnel should promptly stop and immediately report to the network management center, while doing a good job of system protection.

3, for the attacks suffered by the access end users should also report to the network management center, while doing a good job of system protection.

4. Each access terminal user has the obligation to accept the company's network management center and superior department

The supervision and inspection of the door, and should actively cooperate with the investigation and punishment of illegal and criminal incidents.

5. The network management Center shall timely grasp the illegal situation of the access terminal users in the company's network, and regularly report to the network supervisor and the superior competent authorities, and shall assist the competent authorities to do a good job in investigation and punishment.

Website account registration and operation rights management system

1, all qualified individuals must first apply to the company and fill in the relevant information as required before approval can become a website user.

2, has been built to use the website user if it requests to suspend its use for various reasons can be in writing to the administrator to suspend, interrupt its network user services. The period of suspension shall be determined by the departments where it is located according to relevant regulations and actual conditions.

3, any account users enjoy full and equal network access rights. This right does not change due to the sooner or later the account is established and the priority of the connection.

4. No user shall steal others' online accounts without permission.

5, for the server system, all kinds of network equipment should be regularly backup work, to ensure that the system can be restored in time when the failure.

Safety management staff job responsibilities

1. Standardized management of the use of the company's computer and network system according to the regulations on computer and network operation of the information center, and timely prevention of violations.

2, daily maintenance of computer and company network system, do a good job of network equipment inspection and security prevention work, to ensure that the network is unimpeded.

3. Do a good job of data recording, security backup and user management of computer and network systems to ensure the correctness and real-time performance of all types of operation data records.

4. Provide technical support for the company's application of information network, and ensure the environmental requirements for the safe operation of the company's computer and network equipment.

5, do a good job of monitoring the company's Intranet and Internet access, and timely provide information to the relevant information center network management.

6, according to the company's management philosophy, plan, design, produce and manage the company's website, responsible for the company's website information release and daily maintenance.

7. Timely collect dynamic information inside and outside the company, publicize the results achieved by the company through the company website, and expand the influence of the company.

8. Provide technical support for employees to effectively use website resources.

9, responsible for the company's website security protection and operation monitoring, do a good job of website operation data records and security backup, timely provide information to the relevant information center.

Emergency response mechanism and process

For the setting and modification of the website system and various types of network equipment, registration and filing should be done.
In accordance with the provisions of the backup work, with all kinds of security checks, once encountered bad information, in accordance with the relevant provisions of the state, delete the network containing the above content of the address, directory, and retain the original record, within 24 hours to the municipal Public Security Bureau network supervision detachment report.

Zhejiang Fore Intelligent Technology Co., LTD

April 20, 2018