Rational Thinking Of Network Accounting Security
Abstract: network accounting is a modern accounting mode based on Internet technology. The unlimited space and openness of the Internet threaten potential security risks, and accounting information may be intercepted or tampered with.
The development of network accounting must solve two problems: first, improve the awareness of network security, set up a new concept of information security, and seek security solutions; two, adopt effective security key technology, implement the necessary firewall measures, and establish a control system that adapts to the network accounting system.
Some people say that the safety problem of network accounting is "malignant tumor" in the throat. Although the digestive function of the stomach is very good, nutritious food can not swallow, and it can only be maintained by "catheter".
The popular metaphor shows the most concern of the industry: the bottleneck of the development of Network Accounting - the security problem, which reflects the wish of the people in the industry: the development of network accounting tomorrow - "malignant tumor".
Internet Security: a worrying platform for network accounting, it is well known that the international network is a full ball computer network connected by thousands of different scale networks through voluntary principles and abide by a certain agreement (such as TCP/IP agreement). Network accounting is based on the international network as a platform for accounting and monitoring changes in accounting elements caused by economic activities arising from accounting activities, so as to achieve the current accounting mode of managing economic activities, improving economic returns and achieving accounting objectives.
The infinity of space and time and openness of technology in the Internet provide vast space for virtualization of work place, no record of data, remote data pmission and digitalization of information. It has shown great superiority in today's era, but it also enables some criminals to take advantage of it. This makes users more likely to expose valuable business information, critical commercial applications and private confidential information of company customers than ever before.
Malicious attacks will invade network accounting sites and do all kinds of possible damage, such as manufacturing and spreading destructive viruses or allowing server denial of service.
These attacks can cause service breakdown and confidential information exposure, which eventually leads to the loss of public confidence and the collapse of the implementation of network accounting.
According to media reports, in April 21st last year, anti virus experts intercepted a Trojan horse, which specializes in stealing the username and password of an internet bank. The virus will create executable files, hooks and send module files in the user's computer, and modify the registry.
An ordinary trojan virus, which can bypass the Microsoft security controls and the CA (Certificates Authorities) certificates of online banks in the online banking system with many security technologies, can easily steal user accounts and passwords.
Just when people were suspicious, one day after April 23rd, the anti virus experts of Jiang Min took precautions against the virus. The virus samples were intercepted and tested on the spot. The results showed that the virus successfully intercepted the bank card number and password and sent it out, which was unbelievable.
According to the data, there are nearly tens of millions of Internet banking users in China, and hundreds of billions of funds are circulated through online banks each year. The online banking system that uses various security authentication technologies is so vulnerable to a small Trojan horse that if there is a 100 billion bank gate, it will be completely opened only with a slight push. How can we ensure the safety of millions of users?
With the improvement of computer network technology, the problem of network bandwidth affecting network pmission speed should be basically solved. Broadband access provides a guarantee for online accounting to achieve network accounting. However, the broadband access has hidden infinite killing. Some people have said that broadband access the computer to high-risk areas, asserting that although a bit alarmist, the security problems faced by network users are objective.
According to insiders in the IT industry, some spyware recently can be installed secretly when the user is unaware of the situation. It is difficult to find traces after installation, and secretly send some confidential information to the third. Some ad software can camp on the hard disk. When the attack happens, advertisements will be popped up, and the browser will be directed to some specific web pages to steal user's activity information.
According to the estimate of the national Internet security alliance established by the IT industry and the Department of homeland security, 90% of users who use broadband access will be infected by at least one spyware or advertising software and lead to a series of adverse consequences.
Experts predict that at present there are tens of thousands of spyware and advertising software popular on the Internet.
SANS Institute, an American computer security research center, once studied the "survival time" of computers without any protective measures. The results showed that the average survival time in 2003 was nearly 1 hours, but in 2004 it was less than 20 minutes.
Such a fragile Internet is indeed worrying. Internet Accounting Based on the Internet is more worrying. Can accounting information be guaranteed?
Can trade secrets be guaranteed to be stolen?
Two, security awareness: network accounting development must flow through the river and the information security of network accounting is the core problem that puzzles the development of network accounting.
Under the traditional manual operation mode, the security of accounting information is ensured by strict measures. Under the accounting computerization mode, because most of the single user or financial LAN or enterprise LAN, generally do not connect to the international network, plus the establishment of security key, its security is relatively guaranteed. Under the network accounting mode, the platform of operation is the international Internet, how to drain the river of accounting information security, and play a decisive role in the future development of network accounting.
The author believes that the most important thing is to strengthen the awareness of network security. As analyzed by Zheng Yuqing, executive director of Symantec, China's international security giant, the only way to prevent network threats is to take the initiative to prevent, that is, to deploy the overall network security solution, rather than a simple anti-virus solution.
According to the National 863 counter computer intrusion and anti virus research center, the survey of network security situation in 2004 shows that in recent years, users' attention to network information security management has been generally improved. Among the surveyed users, 80% have full-time or part-time security managers, 12% have established safety organizations, and 2% have hired information security service enterprises to provide professional safety services, but the surveyed users also generally reflect the weak concept of safety.
According to the results of online testing of public welfare activities launched nationwide in 3721 nationwide, the first time many users feel the hidden danger of network security is so close to themselves, which reflects the weakness of network users' safety consciousness.
It is mainly manifested in the following aspects: first, there is a technical blind area on the user's network security solutions; in the face of the diversity, sudden and concealing characteristics of hacker attacks, many users do not know what measures to take to effectively protect their own information security; two, there are some misunderstandings about users' solutions to network security solutions. For example, some people think that network security can be achieved through the implementation of anti-virus products, and the killing viruses are separated from the hacker attacks, ignoring the changing trend of network viruses.
To enhance the awareness of network security, establish a new concept of information security, seek the best security solution, avoid unnecessary losses caused by network security errors, especially for network accounting.
First, we should strengthen the awareness of network security and implement the network accounting information security early warning system.
The operation platform of network accounting is the international network, and most servers and clients use Microsoft Windows system as the operating system. Besides, computer viruses or hacker software and other disrupting procedures mostly use the security vulnerabilities of the operating system or application software, which provides a very favorable condition for the implementation of the early-warning reporting system.
Therefore, the accounting authority should set up a complete network accounting information security early warning system as soon as possible. Relying on the strong strength of the national anti computer intrusion prevention and anti virus research center and the major anti-virus software companies, the network accounting information security problem and the computer virus epidemic situation will be released in time, so as to effectively prevent network accounting information security incidents.
Second, we should enhance users' awareness of network security and do a good job of network accounting information security.
In view of the weakness of users' safety awareness, insufficient attention to network security and the implementation of safety measures, we should carry out multi-level and multi-directional information network security publicity and training, and intensify the inspection of network security precautions, so as to really enhance users' awareness of network security and preventive ability.
Three, security key technology: the development of network accounting must be crawled. The pmission of network accounting data is carried out through the international network. The processing and storage of accounting information are concentrated in the network system, which may be intercepted by some illegal intruders or be tampered with by some ulterior motives.
Therefore, the key technology is the key link in the development of network accounting.
Just imagine, if there are loopholes or hidden dangers in the key technology of network accounting, how can we ensure the confidentiality of information?
Where does data security come from?
The security and key technology of network accounting is the slope that the development of network accounting must climb.
Despite the fact that network accounting has not yet made substantial progress, computerized accounting has made considerable progress.
As far as security key technology is concerned, some problems exposed in the implementation of computerized accounting are of reference to the implementation of network accounting.
The accounting computerization software currently used mainly consists of two major categories: the single version and the network version. It is selected by users according to the scale of their operation and the setting of accounting positions. The single version is only used on a single computer, while the network version runs in the financial LAN or the enterprise LAN, but generally it does not link with the international Internet.
As a result, the possibility that the accounting information is intercepted by the "outsider" in the process of pmission is small, but the case of "insider" unauthorized access to or tampering with accounting information has occurred. Although it is a case, it also exposes the problems existing in the security key technology of computerized accounting.
The author has made special investigations in this regard, and summed up roughly the following situations: first, the encrypted password or password is too simple, only 2-3 characters at most 4-5 characters.
Two is the encryption password or password is too unified, including the boot password, enter the system password, authorization password, Screensaver password and so on use the same character, this is like setting three doors, adding three locks, but using the same key to open the three locks, what are the second door and third door?
The three is that the encrypted password or password is too regular, such as sequence code 12345, repeat code 66666, phone code 138510, display code Legend, keyboard code PHILIPS and so on, which is a guess for nine experienced experts. Four is the function of weakening the password or password, leaving the system for a long time after starting into the system, neither leaving the system nor adding screen savers, such as entering the uninaccessible environment; five, there is a deficiency in the accounting computerization software itself; when the software developers are developing software, they cater to the user psychology unilaterally, and the key module setting is too single.
Compared with accounting computerization, the security key technology of network accounting is not only to solve the problem of static accounting information being unauthorized access or tampering, but also to solve the problem of dynamic accounting information being intercepted in pmission.
The author thinks that we should focus on solving three problems: first, adopt effective security key technology.
In order to prevent illegal intruders from stealing accounting information and unauthorized persons to manipulate data illegally, all data pmitted between clients and servers must be encrypted.
Experts suggest that at least two layers of encryption should be adopted. The first level uses standard SSL protocol to effectively prevent deciphering and tampering. The second layer uses private encryption protocol to effectively prevent ultra vires operation.
Second, implement the necessary firewall measures.
Firewall is a method or technology that separates intranet from public access network (such as Internet). It protects sensitive data of internal network from being stolen and destroyed, and records relevant state information of internal and external communication.
Through firewall technology, implement safety management measures.
Thirdly, establish a control mechanism to adapt to the network accounting system.
Network accounting is different from traditional manual accounting. It is also different from computerized accounting.
- Related reading
Establishment And Implementation Of Financial Reporting Objectives For Venture Capital Enterprises
|The Latest Change Of International Fraud Auditing Standards And Its Enlightenment
|- Fashion shoes | Vans X "Christmas Eve Horror" 2019 Joint Second Hit, The Thrill Is Full Of Temperament.
- Fashion shoes | The New Brand 997S Shoes, New Neon Powder Color Matching, Visual Effects Amazing.
- Fashion shoes | Air Jordan 1 Mid Shoes Brand New Colorful Tiger Stripes Color Release, GS Version
- Collocation | Dandby Nymphs Wear The Fashion Of The National Day Tour. You Must Go From Tian Nan Mei To Haibei.
- Fashion shoes | Air Max 90 Shoes Girls Exclusive Candy Color Distribution, Girl Heart Burst
- Fashion shoes | Reebok Instapump Fury Shoes "Icons" Series Is About To Debut, Reshaping The Classics.
- Fashion shoes | Adidas ZX 4000 Shoes Brand New "I Want, I Can" Theme Color On The Shelf Sale To The Shelf.
- Popular this season | Fashion Trend 2020 Spring And Summer Women'S Printing Trend Summary (1)
- Fashion shoes | Chao Brand AMBUSH X Nike Joint Dunk High Shoes Are Expected To Be Listed In The Summer Of 2020
- Fashion shoes | Rick Ross X Wade X Lining Three Party Joint Understanding 2 ACE Shoes Section Exposure, Relatives And Friends Limited
- Opinions On Net Cash Discount Method
- Comparison Between Tax Payable Method And Tax Impact Accounting Method
- Establishment And Implementation Of Financial Reporting Objectives For Venture Capital Enterprises
- The Latest Change Of International Fraud Auditing Standards And Its Enlightenment
- Focusing On Auditing Risk Criteria To Further Improve China'S Independent Auditing Standards
- On The Four Principles Of Taxation
- Summary Of Recent Cost Management Accounting In China
- New Contents Of Management Accounting -- EVA And Balanced Scorecard
- Internal Factors Of Poor Accounts Receivable Performance
- Successful Collection Of Accounts Payable