What are regulations on ensuring the information security of the computer network system of the Ministry of Natural Resources and Environment of Vietnam?

What are regulations on ensuring the information security of the computer network system of the Ministry of Natural Resources and Environment of Vietnam? - image from internet

According to Clauses 2 and 3, Article 7 of the Regulation on Ensuring Information Security of the Ministry of Natural Resources and Environment issued with Decision 3210/QD-BTNMT in 2018, the regulations for ensuring information security for computer network systems are as follows:

Ensuring information security when using computers:

- Individuals are only allowed to install valid software from the authorized agency's list of approved software on the computer provided by their unit. They are not allowed to install or uninstall software without the consent of the IT department. Regularly update software and operating systems.

- Anti-malware software shall be installed and automatic database updates shall be enabled. If any signs of malware infection are detected on the computer, it must be shut down and reported directly to the IT department for timely resolution.

- Only reliable websites/online applications and information relevant to their function, responsibilities, and authority are allowed to be accessed. The security of information access accounts and not share passwords or personal information with others shall be maintained.

Ensuring information security for computer network systems:

- The internal network system (LAN) must be designed to be partitioned according to basic functions (following separate information security policies), including user network zone, network zone connecting to the Internet and other networks, public server network zone, internal server network zone, and administrative server network zone. Data exchange between network zones must be managed and monitored by network devices and security devices.

- Units under the Ministry participating in the connection and use of the wide area network (WAN) of the Ministry of Natural Resources and Environment have the responsibility to ensure information security for their internal network system and devices when connecting to the wide area network. They must report incidents or malicious activities, intrusions to the IT and Data Resource Department for handling. Regularly back up information and shared data stored on the wide area network. Do not disclose methods (registration names, passwords, utilities, support files, and other means) for accessing the wide area network to other organizations or individuals. Do not attempt to access unauthorized areas in any form.

- Units under the Ministry must apply necessary technical measures to ensure information security in Internet connection activities, at least meeting the following requirements: having a firewall system and internet access protection system, supporting concurrent connections, supporting common virtual private network technologies, and having integrated hardware encryption to increase data encryption speed and protect the system against Denial of Service (DDoS) attacks. Filter and disallow access to suspected news sites containing malicious code or inappropriate content.

- Data transmission lines, internet connections, and LAN/WAN cable systems must be installed in sealed conduits or ducts to restrict unauthorized access. Disconnect unused Ethernet ports, especially in shared working areas of agencies and units.

Above are regulations on ensuring the information security of the computer network system of the Ministry of Natural Resources and Environment of Vietnam.

Best regards!