企业信息安全工作实践

The best practice for enterprise information security

信息安全的重要性越来越受到国家和企业的重视,信息安全等级保护相关规范的出现,给各个企业的信息安全工作提供了一个很好的抓手,企业应该针对不同的信息系统,按照要求从定级、备案、安全建设和整改、等级测评五个方面入手开展企业信息安全工作,不仅能满足国家相关要求,也能从技术和管理两个方面开展工作,搭建企业信息化安全体系架构,提升企业的信息安全整体能力。

The importance of information security has been gained a very high attention by the government and enterprises. The regulation of information security classification protection has provided a good guideline for enterprises information security. For different systems, enterprises should start to work based on the following five aspects: classifcation, filing, security system buildup & restrengthen, and evaluation according to the different requirements, so that it not only can meet the relevant requirements of the government, but also can build up the enterprise information security architecture via technology and management aspects, then overall enhance the capability of enterprise information security.