clicks:37
2022-07-27 07:32:00
Confidentiality agreement

1. It is not allowed to connect confidential computers and networks to the Internet and other public information networks

Hidden danger analysis secret related computers and networks are directly or indirectly connected to the Internet and other public information networks, which may be planted with "Trojan horse" secret stealing programs by overseas intelligence agencies to steal secrets.

Preventive countermeasures classified computers and networks must be physically isolated from the Internet and other public information networks, that is, there is no information transmission channel with the Internet and other public information networks.

2. Do not cross use USB flash drives and other removable storage media between classified computers and non classified computers

Hidden danger analysis when removable storage media such as USB flash drives are used on non secret related computers, they may be implanted with "Trojan horse" secret stealing programs. When this mobile storage medium is used on the classified computer again, the "Trojan horse" secret stealing program will be automatically copied to the classified computer, and the classified information in the classified computer will be packaged and stored on the mobile storage medium. When the mobile storage medium is connected to the computer connected to the Internet again, the confidential information will be automatically sent to the specific host controlled by the overseas intelligence agency, resulting in the leakage of secrets.

Preventive measures secret related USB flash drives and other mobile storage media shall not be used on non secret related computers; Non classified mobile storage media, mobile phones, digital cameras, MP3, MP4 and other electronic products with storage functions shall not be used on classified computers.

3. It is not allowed to copy data on the Internet and other public information networks to classified computers and networks without taking protective measures

Hidden danger analysis without taking protective measures, when downloading data from the Internet and other public information networks and copying it to secret related computers and networks, computer viruses, especially "Trojan horse" secret stealing programs, may be copied to secret related computers and networks at the same time, which has serious hidden danger of leakage.

Preventive countermeasures if it is really necessary to copy the data on the Internet and other public information networks to secret related computers and networks, necessary protective measures should be taken, such as using disposable CD-ROM recording and downloading, setting up an intermediate machine, or using information one-way import equipment approved by the national confidentiality administration department.

4. It is not allowed to illegally set the password of secret related computers

Hidden danger analysis if the password of the classified computer is not set in accordance with the confidentiality regulations, it is easy to crack. Once the password is cracked, the cracker can pretend to be a legitimate user and enter the classified computer to steal information.

The password of the security related computer shall be set in strict accordance with the confidentiality regulations: the length of the password for processing secret level information shall not be less than 8 bits, and the replacement cycle shall not exceed 1 month; The combination of IC card or USB key and password is used to process confidential information, and the length of password is not less than 4 digits; If only password mode is used, the length shall not be less than 10 digits, and the replacement cycle shall not exceed 1 week; When setting the password, it is necessary to adopt the mixed preparation of multiple characters and numbers. Strong identification methods such as physiological characteristics (such as fingerprint and iris) should be used to process top secret information.

5. Do not install software or copy other people's files on secret related computers without authorization

Hidden danger analysis installing software on secret related computers without authorization, especially the software downloaded from the Internet, may also install computer viruses, especially "Trojan horse" secret stealing programs, into secret related computers, bringing hidden dangers of leakage. Copying others' files at will also carries the same risk.

Preventive countermeasures: the installation of software or copying of other people's documents and materials on classified computers must be approved, and necessary virus detection and killing shall be carried out, especially the detection and killing of "Trojan horse" secret stealing programs.

6. Do not use wireless peripherals for classified computers

Hidden danger analysis classified computers use wireless peripherals such as wireless mouse and wireless keyboard. Classified information will be transmitted in the air with wireless signals, which is very easy to be intercepted by others, resulting in disclosure.

Preventive countermeasures: the classified computer should use wired peripheral equipment.

7. Confidential computers and mobile storage media shall not be mailed through ordinary mail channels or illegally handed over to others for use and custody

Hidden danger analysis: sending classified computers and mobile storage media through ordinary mail channels or handing them over to others for use and custody in violation of regulations will make classified carriers lose effective confidentiality protection and have hidden dangers of disclosure.

Preventive countermeasures carefully implement the confidentiality management regulations on the use of classified carriers, and do not send classified carriers through ordinary mail channels or hand them over to others for use and custody in violation of regulations.

8. Do not take secret related laptop and mobile storage media out without authorization

Hidden danger analysis it is easy to lose or be stolen when carrying secret related laptop and mobile storage media out, which has serious hidden danger of leakage.

Preventive Countermeasures under normal circumstances, it is not allowed to carry secret related laptops and mobile storage media out. If it is really necessary to carry out the examination and approval procedures, effective management measures should be taken to ensure that confidential laptops and mobile storage media are always under close monitoring. At the same time, security technology protection measures such as strong identity authentication and encryption of confidential information shall be taken.

9. It is not allowed to hand over the computers, mobile storage media, fax machines, copiers and other office automation equipment that handle confidential information to external personnel for maintenance without authorization

Hidden danger analysis computers, mobile storage media, fax machines, copiers and other office automation equipment that deal with classified information are important classified carriers. Unauthorized maintenance by external personnel may make the stored classified information out of control.

Preventive countermeasures: computers, mobile storage media, fax machines, copiers and other office automation equipment for handling confidential information should be maintained within the unit, and there should be special personnel on site to supervise; If it is really necessary to send out for maintenance, the information storage components should be removed or professional declassification should be carried out.

10. It is not allowed to sell, give away or discard secret related computers and other office automation equipment that have not been professionally sold

After the classified information in office automation equipment such as hidden danger analysis classified computer is simply deleted or formatted, it can still be recovered by technical means. Therefore, there is a serious hidden danger of leakage if it is handled without professional disclosure.

Preventive countermeasures 1. Before selling, giving away or discarding classified computers and other office automation equipment, equipment that meets the national confidentiality standards should be used to remove confidential information or internal sensitive information to ensure that it will not be restored; 2. Send confidential computers and other office automation equipment to be eliminated to the destruction organization authorized by the confidentiality administration department or the designated underwriting unit for destruction.

11. It is not allowed to connect the multifunctional all-in-one machine processing confidential information with ordinary telephone lines

The multifunctional machine for hazard analysis has the functions of fax, scanning, printing, copying and information storage. The multifunctional all-in-one machine that processes confidential information is connected with the ordinary telephone line, which may transmit confidential information to the public communication network, or be remotely controlled by overseas intelligence agencies through the ordinary telephone line to steal the information stored in the machine, resulting in the leakage of secrets.

Preventive countermeasures the multifunctional all-in-one machine for handling confidential information must be disconnected from ordinary telephone lines.

12. It is not allowed to equip and install video and audio input devices on computers connected to the Internet in secret places

Hidden danger analysis if the computer connected to the Internet in the classified places is equipped with and installed with video and audio input devices, the overseas intelligence agencies may remotely control the computer through the Internet, start the video and audio input devices to steal photos and eavesdrop on the classified places, resulting in the leakage of secrets.

Preventive countermeasures computers connected to the Internet in secret places shall not be equipped with and installed with video and audio input equipment.

13. Do not bring mobile phones into important classified places

Hidden danger analysis mobile phones have the function of network positioning, which can be brought into important classified places and easily expose classified targets. When the mobile phone is in the call state in important classified places, it will simultaneously transmit the surrounding voice information. Even if the mobile phone with eavesdropping software is turned off or on standby, it can turn into a call state without ringing or screen display, and become a eavesdropper.

Preventive Countermeasures before entering important classified places, put the mobile phone into the shielding cabinet of the mobile phone. Mobile phone jammers for confidential meetings can also be used to shield mobile phone signals in secret places.

14. It is not allowed to store and process confidential information on computers connected to the Internet and other public information networks

Hidden danger analysis stores and processes classified information on computers connected to the Internet and other public information networks, which is equivalent to placing classified information in public places without security protection, providing an opportunity for others, especially overseas intelligence agencies, to obtain classified information.

Preventive measures: do not store and process confidential information on computers connected to the Internet and other public information networks.

15. It is not allowed to store and process confidential information on the non confidential office network

Hidden danger analysis non classified office network lacks security protection measures. If confidential information is stored and processed, there is a great risk of disclosure.

Preventive measures: do not store and process confidential information on the non confidential office network.

16. Confidential information shall not be posted on government portal websites

Hidden danger analysis government portal is an information publishing platform built on the Internet. Publishing classified information on government portal is equivalent to publishing classified information on the Internet.

Preventive measures strictly abide by the information disclosure and confidentiality review system, and conduct strict confidentiality review on the information to be published on the government portal to ensure that confidential information is not online.

17. Computers with wireless interconnection function shall not be used to process confidential information

Hazard analysis a computer with wireless interconnection function can automatically connect to the wireless network when it is turned on, and may be remotely controlled by others. Even if you close the networking program, you can also use technical means to activate it through the wireless network to steal information. At the same time, wireless Internet transmission signals are exposed in the air. It can be intercepted by any equipment with receiving capability.

Preventive countermeasures for computers dealing with confidential information, wireless interconnection devices such as wireless network cards must be removed and wireless networking channels must be cut off; Those that cannot be removed shall not be used to process confidential information.

18. Do not use personal computers and mobile storage media to store and process confidential information

Hidden danger analysis personal computers and mobile storage media cannot be managed according to national confidentiality regulations, and are often connected to the Internet, which may be infected with computer viruses, or implanted with "Trojan horse" secret stealing programs to store and process confidential information, with great risk of disclosure.

Preventive measures do not use personal computers and mobile storage media to store and process confidential information, and do not bring personal computers and mobile storage media into important confidential places.

19. It is not allowed to use office automation equipment that has not been tested by confidential technology in key departments and parts of confidentiality

Hidden danger analysis office automation equipment, especially imported equipment, may be installed with secret stealing devices, which may lead to potential leakage.

Preventive countermeasures office automation equipment used to process confidential information shall be purchased randomly and tested for security and confidentiality technology.

20. Do not use ordinary fax machines, telephones and mobile phones to transmit or talk about confidential information

Hidden danger analysis uses ordinary fax machines, telephones and mobile phones to transmit or talk about confidential information, that is, to transmit confidential information through public information networks, which may be intercepted or eavesdropped by others.

Preventive countermeasures use communication methods that meet the confidentiality requirements to transmit confidential information, and do not involve state secrets in ordinary fax machines, telephones and mobile phone communications.