Hunan Telecom Internet Business Research On Information Security Management Model

In the network information security situation is increasingly grim today,with the telecom operators in the field of Internet(instant messaging,media entertainment,etc.)and new business areas(cloud computing,big data,mobile payments,etc.),and industry applications business areas(smart city,020,etc.),the formation of social networking,opening up the trend of the new business,the new technology has emerged,the original information security management tool is lagging behind,in the network data asset protection,content information,user information protection and other aspects of security risks.Based on domestic and international research results ISO/IEC 27005 and other information security management theory and standards,the information security risk management theory as a guide,combined with domestic and international enterprise information security management experience,the Hunan telecom company Internet business information security management model for research,the business of network data assets,the application platform of information content,the user's personal information vulnerability and possible threat analysis,and on the basis of the Internet business on-line,operation,offline three stages of detailed safety planning and risk control.At the same time,it puts forward the suggestion and the implementation plan for the management organization structure design,operation management method and related technology system.Finally,it makes a rational analysis and comprehensive evaluation on the operational effectiveness and reliability of the management mode.With the rapid development of Internet and information security situation,Hunan telecom company's existing information security management mode in the network layer of security is lagging behind,in the application layer and user layer security is missing,it is difficult to meet the needs of the new situation of Internet business development and information security management needs.In this paper,based on the business cycle of risk management model from the business network layer,application layer,user layer three levels,through risk assessment,risk control and risk management to achieve the full range of Internet business management to address the needs of the business operations and development of information security in the enterprise,the information security of other telecom operators or Internet companies has a good demonstration and reference value.