What does information security management include?

The objects of information security management include goals, rules, organizations and personnel. Information security management refers to the management and protection of information assets by maintaining the confidentiality, integrity and availability of information. It is a series of activities and processes that guide, standardize and manage information security assurance. The content of information security management: 1. Information security risk management; 2. Facility security management; 3. Information security management; 4. Operation security management.

The operating environment of this article: Windows 7 system, Dell G3 computer.

The objects of information security management include goals, rules, organizations, and personnel.

Information security management refers to the management and protection of information assets by maintaining the confidentiality, integrity and availability of information. It is a series of activities and processes that guide, standardize and manage information security assurance.

Contents of information security management

1. Information security risk management

Information security management is a process, not a product. Its essence is Risk Management. Information security risk management can be seen as a process of continuously reducing security risks. The ultimate goal is to reduce security risks to an acceptable level so that users and decision-makers can accept the remaining risks. Information security risk management runs through the entire information system life cycle. The information system life cycle includes five stages: planning, design, implementation, operation and maintenance, and abandonment. There are related risks at each stage and need to be controlled using the same information security risk management methods.

Information security risk management is a coordinated activity to protect information and its related assets and guide and control an organization's related information security risks. my country's "Information Security Risk Management Guide" points out that information security risk management includes six aspects: object establishment, risk assessment, risk control, review and approval, monitoring and review, communication and consultation, of which the first four are the four aspects of information security risk management. The basic steps, monitoring and review and communication and consultation, run through the first four steps.

2. Facilities security management

The security management of facilities includes network security management, security management of confidential equipment, security management of hardware facilities, and site security management.

Management network security management. The information management network is a highly automated networked comprehensive management system used to collect, transmit, process and store information related to the maintenance, operation and management of information systems and networks. It includes functions such as performance management, configuration management, fault management, billing management, and security management. Security management also includes system security management, security service management, security mechanism management, security event processing management, security audit management, security recovery management, etc.

Security management of hardware facilities. Security management of hardware facilities mainly considers configuration management, usage management, maintenance management, storage management, and network connection management. Common network equipment needs to prevent electromagnetic radiation, electromagnetic leakage and natural aging. Hubs, switches, gateway devices or routers also need to be protected from threats such as denial of service, access control, and backdoor flaws. The transmission medium also needs to be prevented from electromagnetic interference, wire eavesdropping and man-made sabotage. Satellite channels, microwave relay channels, etc. need to be protected from channel eavesdropping and man-made sabotage. The management of security equipment mainly includes the management of security performance indicators, the management of working status, the management of security equipment type, quantity, distribution, user status, and key management. Safety management of venue facilities. The security management of computer rooms and site facilities needs to meet national standards such as waterproofing, fire protection, anti-static, lightning protection, radiation protection, and theft prevention. Personnel access control requires taking necessary technical and administrative measures based on the security level and confidentiality scope, and registering the time of entry and exit of personnel and the reasons for entry, etc. Electromagnetic radiation protection requires equipment protection, building protection, regional protection, and magnetic field protection based on technical feasibility and economic rationality.

3. Information security management

According to the needs of information construction and development, information includes three levels of content: First, it is collected, transmitted, processed and stored in networks and systems. Objects, such as technical documents, storage media, various information, etc.; the second refers to the various software used; the third refers to information such as keys and passwords for security management means. Security management of software facilities. Security management of software facilities mainly considers configuration management, use and maintenance management, development management, and virus management. Software facilities mainly include operating systems, database systems, application software, network management software, and network protocols. The operating system is the cornerstone of the entire computer system. Since its security level is not high, it needs to provide different security levels of protection. For database systems, it is necessary to strengthen the security of the database and use encryption technology to encrypt sensitive data in the database. The most widely used network communication protocol at present is the TCP/IP protocol. Due to many security design flaws, it is often exposed to many threats. Network management software is an important part of security management. Commonly used ones include: HP's OpenView, IBM's NetView, SUN's NetManager, etc. Additional security measures are also required.

　Security management of storage media. Storage media include: paper media, magnetic disks, optical disks, magnetic tapes, audio/video tapes, etc. Their security plays a key role in the recovery of information systems, information confidentiality, and anti-virus. Different types of storage media have different security management requirements. The security management of storage media mainly considers storage management, usage management, copy and destruction management, and security management of confidential media. Security management of technical documents. Technical documentation is a written description of all technical issues in the design, development, operation and maintenance of a system or network. Technical documents are managed hierarchically according to the degree of confidentiality of their contents, generally divided into top secret level, confidential level, secret level and public level. The security management of technical documents mainly considers the use, backup, borrowing, destruction, etc. of documents, and a strict management system and relevant responsible persons need to be established.

Secure management of keys and passwords. Keys are the key to encryption and decryption algorithms. Key management is the management of key generation, verification, distribution, storage, use, injection, replacement and destruction. Passwords are an effective means of device management. The generation, transmission, use, storage, and replacement of passwords require effective management and control.

4. Operational security management

The security status of information systems and networks during operation is also an issue that needs to be considered. At present, two security management issues, security audit and security recovery, are often concerned.

security audit. Security auditing refers to management activities that record, analyze, and take corresponding measures regarding security-related situations and events in the operation of a system or network. At present, we mainly conduct audits on operating systems and various key application software. Security audits should be implemented and managed by security agencies at all levels. Security audits can use manual, semi-automatic or automatic intelligent methods. Manual audits generally use auditors to view, analyze, and process audit records; semi-automatic audits are generally automatically analyzed and processed by computers, and auditors make decisions and processes; automatic intelligent audits are generally completed by computers and make judgments with the help of expert systems. Can meet the needs of different application environments.

Safe recovery. Security recovery refers to a series of activities carried out to quickly restore the network and information system to normal and minimize losses when the network and information system receive a catastrophic blow or damage. Security recovery management mainly includes the establishment of security recovery strategies, the formulation of security recovery plans, the testing and maintenance of security recovery plans, and the execution of security recovery plans.

Principles of information security management

Information security management should follow unified security management principles:

(1) Standardization principle: All stages should Follow the requirements of security regulations and formulate security policies based on organizational security needs.

　 (2) Systematization principle: According to the requirements of safety engineering, all stages of the system, including future upgrades, replacements and functional expansions, are comprehensively and uniformly considered.

　 (3) Comprehensive guarantee principle: Comprehensive guarantee of personnel, funds, technology and other aspects;

　 (4) People-oriented principle: Technology is the key, management is the core, improve the technical literacy of managers and moral level.

　(5) Principle of chief responsibility: Only the chief executive can implement safety management

　(6) Precautionary principle: Safety management should focus on prevention and must have a certain degree of forward awareness;

　(7) Risk assessment principle: Conduct regular risk assessments on the system based on practice to improve the security status of the system;

　(8) Dynamic principle: Improve the system based on environmental changes and technological progress System protection capability

　(9) Cost-benefit principle: Adopt appropriate protection measures based on resource value and risk assessment results.

(10) Balanced protection principle: According to the "wooden stick principle", the security strength of the entire system depends on the weakest link. One-sided pursuit of the security strength of a certain aspect has no practical significance for the entire system.

In addition, the following principles should be followed in the specific implementation process of information security management: the principle of decentralization of checks and balances, the principle of least privilege, the principle of separation of powers, the principle of universal participation, the principle of audit independence, etc.

Related recommendations: Server Security

The above is the detailed content of What does information security management include?. For more information, please follow other related articles on the PHP Chinese website!