What Is a Computer Security Audit?

The International Standardization Committee's definition is "to protect the data processing system and the technical and management security adopted to protect computer hardware, software, and data from accidental or malicious reasons from being damaged, altered, and exposed."

Computer security definition

The International Standardization Committee's definition is "to protect the data processing system and the technical and management security adopted to protect computer hardware, software, and data from accidental or malicious reasons from being damaged, altered, and exposed."

The definition of the Computer Management and Supervision Department of the Ministry of Public Security of China is "computer security refers to the security of computer assets, that is, computer information system resources and information resources are not threatened and harmed by natural and man-made harmful factors."

Computer security computer storage data security

The most important part of computer security is the security of stored data. Its main threats include: computer viruses, illegal access, computer electromagnetic radiation, and hardware damage.

A computer virus is a covert little program that is attached to computer software. It is the same as other computer programs, but it can damage normal programs and data files. Vicious viruses can crash the entire computer software system and destroy all data. To prevent virus attacks, we must strengthen management, do not access insecure data, use anti-virus software, and update in a timely manner.

Illegal access refers to the theft or forgery of a legitimate identity by a thief, entering a computer system, privately extracting data from a computer, or modifying, transferring, copying, etc. One way to prevent this is to add software system security mechanisms so that thieves cannot enter the system with a legitimate identity. For example, the identification of legal users is increased, the password is increased, and different permissions are provided to users, so that they cannot freely access data areas that should not be accessed. The second is to encrypt the data. Even if the thief enters the system, he cannot read the data without the key. The third is to set up operation logs in the computer to automatically record the reading, writing and modification of important data.

Because the computer hardware itself is a powerful pulse source that radiates into space, such as a small radio station, the frequency ranges from tens of thousands of cycles to hundreds of trillions of cycles. A thief can receive electromagnetic waves radiated from a computer, restore them, and obtain data from the computer. To this end, computer manufacturers have added radiation protection measures, from chips and electromagnetic devices to circuit boards, power supplies, turntables, hard disks, displays and connecting lines, all shielded to prevent electromagnetic wave radiation. Furthermore, the machine room or the entire office building can be shielded. If a shielded machine room is not constructed, a jammer can be used to send out interference signals, so that the receiver cannot normally receive useful signals.

It is also common for computer memory hardware to be damaged, making it impossible to read the computer's stored data. There are several ways to prevent such accidents. One is to periodically copy useful data for storage. Once the machine is faulty, you can copy the useful data back after repairing. The second is to use RAID technology in the computer and store data on multiple hard disks at the same time; in special occasions with high security requirements, dual hosts can also be used. One host has a problem and the other host runs as usual.

Computer security computer hardware security

During the use of the computer, there are certain requirements on the external environment, that is, the environment around the computer should be kept as clean as possible, the temperature and humidity should be appropriate, and the voltage should be stable to ensure the reliable operation of the computer hardware. Another technology of computer security is the reinforcement technology. Computers produced by the reinforcement technology are shockproof, waterproof, and chemically resistant, allowing the computer to operate in the wild in all weather.

From the perspective of system security, computer chips and hardware devices also pose a threat to system security. For example, the CPU and the computer CPU integrate the instruction set of the operating system. These instruction codes are all confidential. We do not know how secure it is. According to the disclosure of relevant information, the CPUs used abroad for China may integrate trap instructions, virus instructions, and have activation methods and wireless receiving instruction agencies. They can use wireless codes to activate CPU internal instructions, causing internal information leakage and catastrophic crash of computer systems. If this is true, our computer systems may be attacked in full during wartime.

Hardware leaks even involve power. The principle of power supply leakage is to transmit the electromagnetic signal generated by the computer along the power line through the mains power line. Using special equipment, the signal can be intercepted from the power line and restored.

Every part in the computer is controllable, so it is called a programmable control chip. If you master the program of the control chip, you control the computer chip. As long as it can be controlled, it is not safe. Therefore, when we use a computer, we must first pay attention to the security protection of computer hardware and do everything we can.

Computer security common protection strategies

(1) Install anti-virus software

For the average user, the first thing to do is to install a set of anti-virus software for the computer, and regularly upgrade the installed anti-virus software, and open the real-time monitoring program of the anti-virus software.

(2) Install personal firewall

Install a personal firewall (Fire Wall) to resist hackers' attacks, and prevent hackers in the network from accessing your computer to the greatest extent, preventing them from changing, copying, and destroying your important information. After installation, the firewall must be configured in detail according to requirements.

(3) Classify passwords and make password settings as complicated as possible

Use different passwords on different occasions, such as online banking, E-Mail, chat rooms, and members of some websites. Different passwords should be used as much as possible to avoid leakage of all data due to one password leak. Important passwords (such as those for online banking) must be set separately and must not be the same as other passwords.

When setting a password, try to avoid using meaningful English words, initials, and easily leaked characters such as birthdays and phone numbers as passwords. It is best to use a combination of characters, numbers, and special symbols. It is recommended to change your password regularly to ensure that even if the original password is leaked, the loss can be minimized.

(4) Do not download unknown software and programs

You should choose a reputable download site to download the software, and centralize the downloaded software and programs in a certain directory on the non-boot partition. It is best to use antivirus software to check for viruses before use.

Do nt open e-mails and their attachments from unknown sources to avoid being infected by virus messages. These virus messages usually attract you to open their attachments with gimmicky headers. If you download or run the attachment, you will be infected. Also do not receive and open files from unknown sources such as QQ and WeChat.

(5) Prevention of rogue software

Select the shareware that will be installed on your computer. When installing shareware, you should carefully read the agreement terms that appear at each step, and pay special attention to the statements about the behavior of installing other software.

(6) Share only when necessary

In general, do not set up folder sharing. If you share files, you should set a password, and close it as soon as you don't need to share. When sharing, the access type should generally be set to read-only. Do not set the entire partition as shared.

(7) Regular backup

The importance of data backup is undeniable. No matter how strict your precautionary measures are, you cannot completely prevent the situation of "one foot high, one foot high". If a fatal attack occurs, the operating system and application software can be reinstalled, and important data can only be backed up by your daily backups. So, no matter how strict precautions you take, don't forget to back up your important data at any time to be prepared!

Computer security computer security management system

In order to strengthen the computer security management of enterprises, institutions and institutions, ensure the normal operation of computer systems, give full play to the benefits of office automation, ensure the normal implementation of work, and ensure the security of confidential information, it is generally necessary to designate a special person to be responsible for the management of the computer room. Computer security management system provides references as follows:

(1) Computer management implements the principle of "who uses who is responsible". Take care of the machine, understand and become familiar with the performance of the machine, and check or clean the computer and related peripherals in time.

(2) Master general knowledge of working software, office software and network use.

(3) There are no special work requirements, and all work must be performed on the intranet. The management and destruction of the work content stored on the storage medium (U-disk, CD-ROM, hard disk, mobile hard disk) must meet the confidentiality requirements and prevent leakage.

(4) Secret-related information must not be processed on the extranet, Internet, or intranet. Secret-related information can only be operated on a separate computer.

(5) Involving computer user names, passwords, and hardware encryption must be kept secret, leakage is strictly prohibited, and password settings must be reasonable.

(6) Computers with wireless interconnection function shall not be connected to the internal network, and shall not operate or store confidential documents or work secret documents.

(7) Non-internal computers must not access the intranet.

(8) Comply with the regulations on Internet use promulgated by the state. It is strictly forbidden to log in to illegal websites; it is strictly forbidden to chat on the Internet, play games, watch movies, and stock speculation during working hours.

(9) Adhere to the "safety first, prevention first" policy, strengthen computer security education, and enhance employees' safety awareness and consciousness. The computer undergoes frequent virus checks. Computer operators find that the computer is infected with a virus and should immediately interrupt the operation and eliminate it in a timely manner. Ensure computer security management.

(10) Shut down immediately after work and cut off the power.