With the gradual deepening of campus digitization and information construction, the integration of various information resources on campus has entered the stage of comprehensive planning and implementation, such as campus one card in combination with the ongoing construction of identity authentication, personnel, student and engineering MIS and application systems. Through the common identity authentication mechanism, realize the integration and sharing of data management, and make the Campus All-in-one Card system an organic part of campus information construction. Through this organic combination, it lays a foundation for resource sharing among systems.
The high concentration of information makes the security of data more and more valued. As an education industry related to the rise and fall of the country, once the data is leaked, it will have a negative impact on the society and become a hot issue concerned by public opinion and the media. Driven by the huge commercial interests, the database of the education industry has to face the double folder of internal and external threats, especially the illegal "invasion" for the purpose of business, which not only has a serious impact on the public image and authority trust of the school, but also divulges personal information, damages the personal interests of students, and adds disharmony to the cause of education.
Combined with the current security situation faced by the informatization development of colleges and universities, there are mainly the following risks in operation and maintenance management:
1. Management status: the IT system supporting the operation of the university industry is mainly composed of a large number of network equipment, host system and application system. These equipment and systems belong to different departments from the perspective of application. The network equipment and host system have independent user management, authentication and authorization and audit systems respectively, Different system administrators are responsible for the maintenance and management. When facing these systems, the work of maintenance personnel is very complex;
2. Unclear authorization: in this university industry system, the principle of user minimum authority allocation in the best practice of it operation and maintenance cannot be strictly implemented due to the separate authorization of each system. At the same time, with the increase of business systems and users, the user authorization management becomes quite complex and the system security is threatened;
3. Hidden dangers of shared accounts: in order to reduce the complexity and difficulty of management, some accounts are shared by multiple people, the proliferation of these accounts is not easy to control, and security accidents often occur due to such account sharing;
4. Hidden danger of simple password: for maintenance personnel, frequent system switching requires entering user names and passwords of different systems for login. In order to facilitate memory, maintenance personnel often use relatively simple passwords or multiple systems use the same password. In case of emergency, they may also share their user names and passwords with others, These all pose a great threat to the security of the whole system;
5. Lack of centralized log audit: due to the independent operation of each system, the system operation log and operation audit of maintenance personnel can only be carried out independently by system. In case of system failure, the problems must be investigated system by system, and unified and centralized problem investigation cannot be carried out, which greatly reduces the work efficiency and leads to the possibility of loss expansion.