摘要
为提高重要系统的信息安全防护水平,集团公司引进了"安全基线"的概念,从根本上减少被攻击的机会。但各系统与基线的符合程度主要依靠人工抽查的方式,效率低、成本高。因此,本文涉及并实现了一套安全合规管理平台,作为一个辅助进行新设备入网、日常安全检查的自动化系统,及时、全面地发现不满足安全基线的不合规问题,切实提高安全防护水平。
To improve the level of information security of important systems,the company has introduced the concept of“security baseline”radically reduce the chance of being attacked.But the system baseline relevance mainly rely on manual spot check.It is low efficiency and high cost.Therefore,this article involves a security compliance management platform,as an auxiliary network automation of daily safety inspection system,timely and comprehensively non-compliance issues found that does not meet the security baseline,and effectively improve the level of security.
作者
宋志强
陈明杰
吴萌
李效璇
赵亮
SONGZhiqiang;CHENMingjie;WUMeng;LI Xiaoxuan;ZHAOLiang
出处
《电信网技术》
2017年第4期28-33,共6页
Telecommunications Network Technology
关键词
信息安全
安全基线
合规
自动化
information security
security baseline
compliance
automation
