What Does an MIS Executive Do?
The so-called MIS (Management Information System) system mainly refers to a system that performs daily business operations. This system is mainly used to manage the required records, and to perform related processing on the recorded data, and timely reflect the processed information to the manager's set of network management systems.
- The MIS system is usually used for system decision-making. For example, you can use the MIS system to find urgent problems that need to be solved and feedback the information to the upper management staff in time so that they can understand the progress or deficiencies of the current work development. In other words, the ultimate purpose of the MIS system is to enable managers to understand the current status of the company in a timely manner and grasp the future development path [1]
- MIS (Management Information System) system is a system composed of people, computers, and other peripheral devices that can collect, transfer, store, process, maintain, and use information.
- Is an emerging science whose main task is to make the most of modern computers and
- A complete MIS should include:
- Even after legal users enter the system, the resources and extent of their use should be limited to ensure the security and reliability of information in the case of shared resources. Information systems mainly use data access control mechanisms to determine what users can do under what conditions and what operations can be performed on system resources in what scope. Through data access control, on the one hand, it can provide users with a lot of convenience, both to share system resources and not to interfere with data outside their powers due to misoperation; on the other hand, it can prevent the illegal acts of unauthorized power.
- The basic method of data access control is to grant certain operation permissions to specific users, that is, to authorize users [2]
- The purpose of data encryption is to prevent confidential data from being leaked due to illegal copying and theft of storage media, as well as eavesdropping of information transmission lines. In the system, confidential data is stored in encrypted transmission and other security technologies.
- The encryption system consists of two parts: encryption and decryption. Encryption is the replacement of information data into a form that cannot be directly understood, and decryption is to restore the encrypted information data to the original readable form.
- Encryption technology is an active defense method. When encrypting data, pay attention to the protection of the key, otherwise, any encryption is meaningless. There are many methods and algorithms of encryption technology, and their development and decryption technology are complementary and mutually reinforcing.
- A firewall is a security isolation between two or more networks. It is used to ensure the security of local network resources. It usually consists of multiple systems including software and hardware. All internal and external connections in the system are forced through this protection layer, accepted for inspection and filtering, and only authorized communications are allowed to pass. The firewall, as a shield that isolates the inside and outside of the system network, is characterized by not blocking the normal flow of information, but also strictly controlling the information that does not flow out, which is a control technology.
- The principle of firewall technology is to protect information and structure by maximizing external shielding on relatively clear network boundaries. The implementation technology of the firewall system generally includes packet filtering technology and proxy service technology. Packet filtering is based on router technology. The principle is that the packet filtering router selects IP packets and filters out certain IP address packets according to the network security guidelines of specific organizations to protect the internal network. Proxy service technology uses a high-level application gateway as a proxy server. It first performs a security check on any external network application connection request, and then connects with the application server of the protected network. Proxy technology enables bidirectional monitoring of internal and external network information flow.
- A firewall is a passive defense technology. Because it assumes the boundaries and services of the network, it is difficult to effectively control internal illegal access. The firewall cannot prevent attacks that do not pass through the firewall, cannot prevent attacks by human factors, and cannot prevent virus-infected software and file transfers.
- Intrusion detection refers to the detection of intrusions or intrusions into the system by operating on behaviors, security logs or audit data or other available information. It collects information and analyzes several key points in the computer system or network computer system to find out whether the system or network has violated security policies and showed signs of being attacked.
- In terms of data source classification, intrusion detection can be divided into host-based intrusion detection (HIDS) and network-based intrusion detection (NIDS). HIDS detects intrusions by analyzing behaviors on specific hosts, and its data sources are usually system and application audit logs or system behavior data. NIDS generally analyzes and detects intrusions by analyzing network traffic, network packets, and protocols, extracting patterns / features from a large number of network packets, and then performing corresponding analysis.
- In terms of intrusion detection technology, it is mainly divided into anomaly detection and misuse detection. Anomaly detection technology observes the activity of the subject according to the anomaly detector, and then simulates the contours of normal activities of these activities. By comparing the current contours with simulated normal contours to determine abnormal behaviors, it can detect unknown intrusions. Misuse detection technology builds misuse models through known intrusions, and matches the user's current behavior with these intrusion models to enable rapid detection.
- Host-based intrusion detection can collect information from the monitored hosts to analyze the behavior of the host with a fine granularity and be able to accurately determine the processes and users who perform malicious acts on the operating system [3] .