Vietnam: 03 methods of surveillance of information system security

According to Circular No. 31/2017/TT-BTTTT of the Ministry of Information and Communications of Vietnam, methods of surveillance of information system security are specified as follows:

- Surveillance shall be carried out directly (direct surveillance) or indirectly (indirect surveillance). A manager of an information system may carry out surveillance or use surveillance services. If necessary, according to capacity, situation and actual resources, the manager of an information system may request relevant authorities affiliated to the Ministry of Information and Communications to provide assistance in surveillance in conformity with actual resources.

- Direct surveillance is the surveillance carried out by installing equipment for analyzing dataflow (surveillance), directly collecting information from log files and warnings about information security intrusions, risks and incidents. A direct surveillance shall include the following activities:

+ Analysis and collection of information on cyber information security. To be specific:

• Analyzing and surveillance cyber information security of network transmission lines or information flow at internet ports using equipment capable of analyzing network transmission lines to detect information security intrusions, risks and incidents such as equipment for detecting or preventing intrusions in conformity with entities under surveillance (Ex: IDS, IPS, Web Firewall, etc.);

• Collecting log files and cyber information security warnings expressing the operation of applications, information system and information security equipment.

+ Consolidation, synchronization, verification and processing of information on cyber information security to detect cyber information security intrusions, risk and incidents or remove inaccurate information.

- Indirect surveillance is surveillance carried out through techniques for collecting information from relevant information sources; inspecting and surveillance of entities under surveillance for determining their operation and capacity to satisfy and connect with other relevant factors to detect cyber information security intrusions, risks and incidents. Indirect surveillance includes the following activities:

+ Collection, analysis and verification of information about cyber information security intrusions, risks and incidents related to entities under surveillance collected from relevant information sources;

+ Remote or direct inspection and review of entities under surveillance for assessing situation and detecting cyber information security intrusions, risks and incidents able to be used, intruded or damaged.

More details can be found in Circular No. 31/2017/TT-BTTTT of the Ministry of Information and Communications of Vietnam, which takes effect from January 15, 2018.

-Thao Uyen-

>> CLICK HERE TO READ THIS ARTICLE IN VIETNAMESE