1) physical security.
Physical security mainly includes environmental security, equipment security, media security and other aspects.
The central computer room of the system dealing with secret information should use effective technical precautions, and important systems should also be equipped with security personnel for regional protection.
2) operational security.
Operational security mainly includes backup and recovery, virus detection and elimination, electromagnetic compatibility.
The main equipment, software, data and power supply of the classified system should be backed up and have the ability to restore the system operation in a relatively short period of time.
The relevant national authorities should be approved by the checking and killing software in time to check and kill the virus, including the server and the client's check and kill the virus.
3) Information security.
To ensure the confidentiality of information, integrity, availability and anti-repudiation is the central task of information security and confidentiality.
4) security and confidentiality management.
Classified computer information system security and confidentiality management, including all levels of management organization, management system and management technology in three areas.
To set up a complete security management organization, set up security and confidentiality management personnel, develop a strict security and confidentiality management system, the use of advanced security and confidentiality management technology for the management of the entire classified computer information system.
The basic content of the level protection system:
Simply put, the network security level protection is a hierarchical protection of the network, hierarchical supervision. There are the following key words: grading. Network operators of information networks, information systems, data and information on the network, in accordance with the importance and the harm suffered by the damage is divided into five levels of security protection, from the first level to the fifth level, increasing by level. Filing. After the level is determined, the second level (including) or more networks to the public security organs for the record, the public security organs of the filing materials and grading accuracy audit, audit and issue a certificate of filing after passing. Construction. The filing unit according to the security level of the network, the national standards for security to carry out security construction and rectification, construction of security facilities, implementation of security responsibilities, the establishment and implementation of network security management system. Measurement and evaluation. The filing unit selects the assessment organization that meets the national requirements to carry out the level assessment. Supervision. The public security organs of the second level of the network to guide the third and fourth level of the network on a regular basis to carry out supervision and inspection.
New features of the network security level protection system 2.0
Since the implementation of the national network security level protection system, it has become the basic system of national network security and basic state policy. With economic and social development and technological progress, the level protection system has entered the 2.0 era.
Network security level protection system 2.0 in 1.0 on the basis of the realization of new technologies, new applications of security protection objects and full coverage of the field of security protection, more prominent technical thinking and three-dimensional prevention, focusing on a full range of proactive defense, dynamic defense, overall protection and precision protection, strengthen "a center, threefold protection The security protection system of "one center, three-fold protection" has been strengthened, and all new technologies and applications related to cloud computing, Internet of Things, mobile Internet, industrial control systems, big data, etc. have been included in the scope of protection.
Legal basis:
Article 23 of the Law of the People's Republic of China on the Preservation of State Secrets stipulates that computer information systems that store and process state secrets (hereinafter referred to as classified information systems) are to be protected on a graded basis according to the degree of classification.
Classified information systems should be equipped with confidential facilities and equipment in accordance with national confidentiality standards. Confidentiality facilities, equipment and classified information systems should be synchronized planning, construction and operation.
Classified information systems should be in accordance with the provisions of the inspection before being put into use.
Cybersecurity Law, Article 21 provides: the state to implement network security level protection system. Network operators shall, in accordance with the requirements of the network security level protection system, perform the following security protection obligations to safeguard the network from interference, damage or unauthorized access, and prevent network data leakage or theft, tampering:
Developing the internal security management system and operating procedures, to determine the person in charge of network security, and to implement the responsibility for the protection of network security; to take preventive measures to prevent computer viruses and network attacks, network intrusion and other hazards to network security.
To take technical measures to prevent computer viruses and network attacks, network intrusion and other acts that jeopardize network security; to take technical measures to monitor and record network operation status and network security events, and to retain relevant network logs for not less than six months in accordance with the regulations;
To take measures such as data categorization, backup and encryption of important data; and other obligations stipulated by laws and administrative regulations.