A study on information security management system and implementation of a secure enterprise network

• Main Authors: Tung-Sheng Cheng, 鄭東昇
• Other Authors: Chi-Chun Lo
• Format: Others
• Language: zh-TW
• Published: 2005
• Online Access: http://ndltd.ncl.edu.tw/handle/09270525524389613259

碩士 === 國立交通大學 === 管理學院碩士在職專班資訊管理組 === 93 === A lot of organizations are dependent on IT resources，and believe that they are reliable. However, the online security question will become more intricate、influential and expand constantly with time. Once the security of company's assets will be endangered and caused the calamitous consequence, the losses will be difficult to estimate to shut down for several days. Today all make the decision under the incomplete information that should be followed. The standard can lighten the difficulty caused because of incomplete information. Course that the standard can reduce the range and demand of simplifying information chosen and make policy. This research is based on draft new national standard CNS 17799（ISO/IEC 17799：2005（E））that enterprises have already implement to analysing control measure project improved to remain in enterprise information security system. And the solution「Architecture design for enterprise security patch management」is proposed in the relevant control measure of the standard and it can be used to support the information security with feasible environment for use. To examine from the new structure can increase the upgrade rate of the server from 85% to 99%, and reduce the update time of workstation from 1394 man-day to 32 man-day. The solution is well approved for malice code protection. Because electronic commercial activity is frequent day by day，the online security certainly will become the successful key that the human trading activity of future make the transition. It is obstacles difficult to dispel in the development in science and technology of information that electronic virus and system are invaded. This research is by analysing the control measure that enterprise's online security should be adopted. While hoping for personal who is engaged in enterprise's online security planning，can make the foundation and plan in accordance with this result of study.