数据安全运维在税务部门的应用实践
Application practice of data security operation and maintenance in tax departments
宋鹤飞1
作者信息
- 1. 国家税务总局内蒙古自治区税务局,内蒙古呼和浩特 010021
- 折叠
摘要
[目的/意义]全流程数据安全管理在每个行业的信息化、数字化过程中引起重点关注,其中数据运维安全管控是全流程数据安全管理的重要环节之一.[方法/过程]为了防止数据被窃取或被人为破坏,数据运维安全管控需要做到高危操作事前审批、事中敏感数据动态脱敏,并防止非授权导出、事后可审计的闭环管理.[结果/结论]基于内蒙古自治区税务数据运维现状,通过构建统一的数据运维安全管控平台,结合在内蒙古自治区税务局的应用实践,满足"内防窃数"的数据安全要求.
Abstract
[Purpose/Significance]Currently,data security is a risk that every industry must face in the process of informatization and digitization,and data operation and maintenance security control is one of the important links in the entire process of data security management.[Method/Process]In order to prevent the theft or misoperation of core or important data,data operation and maintenance security control needs to achieve pre approval of high-risk operations,dynamic desensitization of sensitive data during the process,and prevention of unauthorized export,as well as closed-loop management that can be audited afterwards.[Results/Conclusion]This article is mainly based on the current situation of tax data operation and maintenance in Inner Mongolia.By constructing a unified data operation and maintenance security control platform,and discussing its application practice in the Inner Mongolia Autonomous Region Tax Bureau,it aims to achieve the data security requirements of"internal theft prevention".
关键词
数据安全/访问控制/安全管控/运维安全/数据库运维Key words
data security/access control/security control/operational security/database Q&M引用本文复制引用
出版年
2024
NETL
NSTL
万方数据