Ministry of Post and Telecommunications directs to strengthen information security on the Internet

The Minister of Post and Telematics has just issued Official Letter No. 03/2007 / CT-BBCVT requesting agencies, organizations and enterprises to enhance information security on the Internet.

In the past time, the information security situation on the Internet has been complicated. Many websites were hacked, content changed.

Some Vietnamese information sites using international domain names are lost or redirected, viruses and spam spread strongly. Some networks with Vietnam's IP address due to the spread of viruses or spam have been banned from international connections, banned from electronic transactions .

According to a preliminary survey, up to 80% of electronic information sites have many loopholes in information security, many information systems are still defective, not updated and properly cared for, resulting in Unfortunate incidents affecting electronic administrative services, e-commerce and other forms of information technology applications. Awareness of the risk of information insecurity and the damage caused by network incidents of many agencies, organizations and enterprises is still limited.

Network security 2006: unstable from many sides.

In order to enhance information security on the Internet, limiting the possible adverse consequences for electronic information sites, especially of state agencies, organizations and enterprises nationwide, on 23/23 July 2, the Minister of Post and Telematics issued Official Letter No. 03/2007 / CT-BBCVT requesting agencies, organizations and enterprises:

1. Strictly abide by the law on post, telecommunications and Internet, the Law on Information Technology, the Law on electronic transactions; responsible for ensuring information security in Internet activities; comply with information security requirements of the Ministry of Post and Telecommunications, the Ministry of Public Security and competent state agencies according to the provisions of law.

2. Agencies and organizations engaged in Internet activities must:

a) Review, inspect and evaluate equipment systems for the storage, supply and transmission of information; assess the current status of protection systems and measures to ensure information security. Prioritize the use of domestic connections, '.vn' domain names to ensure safety for the website.

b) Develop procedures and regulations to ensure information security for information systems, refer to safety management standards TCVN 7652, ISO 27001. Ensure traceability and restore information in case incident.

c) Regularly coordinate with relevant agencies and organizations providing network security services to update the latest information security measures.

3. Telecommunication and internet enterprises strengthen inspection and close supervision of equipment under management; not to take advantage of or let others take advantage of social order and disorder; equipment and software systems put into use on the Internet comply with the provisions of Section 2b.

4. Enterprises that provide value-added services on the Internet (hosting, mail, FTP .) must have measures to ensure information security.

5. Units and individuals need to report incidents and risks of unsafe information to local Post and Telecommunications Departments and Vietnam Computer Emergency Rescue Center (VNCERT) under the Ministry of Post and Telecommunications Telecommunications.

6. Organizations, businesses participating in the Internet or providing network security services must strictly implement the coordination of VNCERT Center in responding to Internet incidents in Vietnam. cooperating with VNCERT Center in checking and evaluating capacity to ensure network safety in their units when there are signs or risks of network insecurity.

7. Units attached to the Ministry of Post and Telematics under their functions and tasks shall have to appoint capable officials to coordinate with VNCERT in fighting and preventing online attacks; conducting professional training, updating information security for agencies, organizations and individuals in need.

8. VNCERT Center quickly implemented a system to collect information and advice through the Internet; assume the prime responsibility for, and coordinate with concerned agencies in, formulating and implementing training plans on information security professional training to meet practical needs of agencies, organizations and enterprises; strengthening propaganda to raise public awareness about the responsibility of ensuring information security in telecommunications and Internet activities.

9. Vietnam Internet Network Information Center (VNNIC) is responsible for strengthening the management of national domain names '.vn', IP addresses according to regulations; strengthen security and security for national domain name server system; coordinate with functional units to provide information on domain names as required.

10. The Department of Post and Telecommunications shall strengthen the state management on information security assurance in Internet activities according to their assigned competence; guide telecommunications and internet enterprises and internet agents in the locality to strictly abide by the provisions of law on Post and Telecommunications and internet; speeding up inspection, inspection and timely handling, resolving information security violations; consolidate organization, improve staff capacity to meet implementation requirements.

The heads of agencies and units directly under the Ministry, the Post and Telecommunications Department, the agencies and organizations engaged in Internet activities shall have to organize and implement this Directive and send the actual results report. present to the Ministry of Post and Telematics (VNCERT Center) at the end of the first quarter of 2007; In the course of implementation, if any problems arise, report them to the Ministry of Post and Telematics for consideration and settlement.