Isigaba sesine sokusabela ngokomzwelo ekushintsheni ukucindezeleka. Kulesi sihloko sizokutshela mayelana nolwazi lwethu lokudlula esigabeni esinesikhathi eside nesingemnandi - mayelana nezinguquko ezinqubweni zebhizinisi lenkampani ukuze kuzuzwe ukuthobelana kwazo nezinga le-ISO 27001.
Ilinde
Umbuzo wokuqala esizibuze wona ngemuva kokukhetha indikimba efaka izitifiketi kanye nomeluleki ukuthi singakanani isikhathi esizosidinga ngempela ukwenza zonke izinguquko ezidingekayo?
Uhlelo lokuqala lomsebenzi lwaluhlelwe ngendlela yokuthi kwakudingeka siluqede phakathi nezinyanga ezi-3.
Yonke into yayibukeka ilula: bekudingekile ukuthi kubhalwe izinqubomgomo ezimbalwa futhi kushintshwe kancane izinqubo zethu zangaphakathi; bese uqeqesha ozakwabo ngezinguquko bese ulinda ezinye izinyanga ezingu-3 (ukuze kuvele "amarekhodi", okungukuthi, ubufakazi bokusebenza kwezinqubomgomo). Kwakubonakala sengathi yilokho kuphela - futhi isitifiketi sasisephaketheni lethu.
Ngaphezu kwalokho, besingeke sibhale izinqubomgomo kusukela ekuqaleni - phela, besinomeluleki, njengoba besicabanga, bekufanele asinike zonke izifanekiso "ezilungile".
Njengomphumela walezi ziphetho, sabele izinsuku ezi-3 ukulungisa inqubomgomo ngayinye.
Izinguquko zobuchwepheshe nazo azizange zibukeke zinzima: kwakudingeka ukusetha ukuqoqwa nokugcinwa kwemicimbi, ukuhlola ukuthi izipele ziyahambisana yini nenqubomgomo esiyibhalile, kubuyisela kabusha amahhovisi ngezinhlelo zokulawula ukufinyelela lapho kudingeka, kanye nezinye izinto ezimbalwa ezincane. .
Ithimba elilungisa yonke into edingekayo ukuze kunikezwe izitifiketi lalinabantu ababili. Sihlele ukuthi bazobamba iqhaza ekusetshenzisweni ngokuhambisana nezibopho zabo eziyinhloko, futhi lokhu kuzothatha ngamunye wabo amahora angu-1,5-2 ngosuku.
Ngamafuphi, singasho ukuthi umbono wethu ngendawo ezayo yomsebenzi wawunethemba elikhulu.
Iqiniso
Eqinisweni, yonke into yayihlukile ngokwemvelo: izifanekiso zenqubomgomo ezinikezwe umeluleki zabonakala zingasebenzi enkampanini yethu; Cishe bekungekho ulwazi olucacile ku-inthanethi mayelana nokuthi kwenziwani futhi kanjani. Njengoba ungacabanga, icebo "lokubhala inqubomgomo eyodwa ngezinsuku ezi-3" lehlulekile ngokudabukisayo. Ngakho-ke sayeka ukuhlangabezana nezikhathi ezimisiwe cishe kusukela ekuqaleni kwephrojekthi, futhi isimo sethu sengqondo saqala ukwehla kancane kancane.
Ubungcweti beqembu babuncane ngokwenhlekelele - kangangokuthi kwakungenele ngisho nokubuza imibuzo efanele kumxhumanisi (okuthi, ngendlela, ongabonisanga umzamo omkhulu). Izinto zaqala ukuhamba kancane kancane, kusukela ezinyangeni ze-3 ngemuva kokuqala kokuqaliswa (okungukuthi, ngesikhathi lapho konke kufanele ngabe sekumi ngomumo), omunye wabahlanganyeli ababili ababalulekile ushiye iqembu. Wathathelwa indawo inhloko entsha yesevisi ye-IT, okwakudingeka aqedele ngokushesha inqubo yokuqaliswa futhi anikeze uhlelo lokuphatha ukuphepha kolwazi nakho konke okudingekayo kakhulu ngokombono wezobuchwepheshe. Umsebenzi wawubukeka unzima... Labo ababephethe baqala ukudangala.
Ngaphezu kwalokho, uhlangothi lwezobuchwepheshe lwendaba lubuye lube "nama-nuances". Sibhekene nomsebenzi wokwenza isoftware ibe yesimanjemanje ezindaweni zokusebenza nakumaseva. Ngenkathi sisetha uhlelo lokuqoqa imicimbi (amalogi), kuvele ukuthi besingenazo izinsiza zehadiwe ezanele zokusebenza okuvamile kwesistimu. Futhi isofthiwe yokusekelayo nayo yayidinga ukuthuthukiswa kwesimanje.
I-Spoiler: Ngenxa yalokho, i-ISMS yaqala ukusebenza ngeqhawe ezinyangeni eziyisi-6. Futhi akekho noyedwa owafa!
Yini eshintshe kakhulu?
Yiqiniso, ngesikhathi sokuqaliswa kwezinga, inani elikhulu lezinguquko ezincane zenzeke ezinkambisweni zenkampani. Sikugqamise izinguquko ezibaluleke kakhulu kuwe:
- Ukwenziwa ngokusemthethweni kwenqubo yokuhlola ubungozi
Ngaphambilini, inkampani yayingenayo inqubo esemthethweni yokuhlola ubungozi - bekwenziwa ngokuphasa njengengxenye yokuhlela kwamasu. Omunye wemisebenzi ebaluleke kakhulu exazululiwe njengengxenye yesitifiketi kwaba ukuqaliswa kweNqubomgomo Yokuhlola Ubungozi yenkampani, echaza zonke izigaba zale nqubo kanye nabantu ababhekele isigaba ngasinye.
- Lawula imidiya yesitoreji esikhiphekayo
Enye yezingozi ezinkulu zebhizinisi kwakuwukusetshenziswa kwamadrayivu e-USB angabhaliwe: empeleni, noma yimuphi umsebenzi angabhala noma yiluphi ulwazi olutholakala kuye ku-flash drive futhi, okungcono kakhulu, alahlekelwe yilo. Njengengxenye yesitifiketi, ikhono lokudawuniloda noma yiluphi ulwazi kuma-flash drive lakhutshazwa kuzo zonke izindawo zokusebenza zabasebenzi - ulwazi lokurekhoda lwenzeka kuphela ngesicelo somnyango we-IT.
- Super User Control
Enye yezinkinga ezinkulu kwaba ukuthi bonke abasebenzi bomnyango we-IT babenamalungelo aphelele kuzo zonke izinhlelo zenkampani - babekwazi ukufinyelela lonke ulwazi. Ngesikhathi esifanayo, akekho owayebalawula ngempela.
Senze isistimu Yokuvimbela Ukulahleka Kwedatha (i-DLP) - uhlelo lokuqapha izenzo zezisebenzi ezihlaziya, ezivimbayo nezexwayiso mayelana nemisebenzi eyingozi nengakhiqizi. Manje izexwayiso mayelana nezenzo zabasebenzi bomnyango we-IT zithunyelwa ekhelini le-imeyili loMqondisi Wokusebenza wenkampani.
- Indlela yokuhlela ingqalasizinda yolwazi
Ukuqinisekisa kwakudinga izinguquko zomhlaba nezindlela. Yebo, bekufanele sithuthukise inani lemishini yeseva ngenxa yomthwalo owengeziwe. Ikakhulukazi, sinikezele iseva ehlukile yezinhlelo zokuqoqa imicimbi. Iseva ibifakwe amadrayivu e-SSD amakhulu nasheshayo. Silahle isofthiwe eyisipele futhi sakhetha amasistimu okugcina anakho konke ukusebenza okudingekayo ngaphandle kwebhokisi. Senze izinyathelo ezinkulu ezimbalwa eziya emcabangweni "wengqalasizinda njengekhodi", okusivumele ukuthi songe isikhala sediski esiningi ngokususa isipele senani lamaseva. Ngesikhathi esifushane kakhulu (isonto eli-1), yonke isoftware kuzindawo zokusebenza yathuthukiswa yaba nguWin10. Enye yezinkinga ezaxazululwa ukwenziwa kwesimanje yikhono lokunika amandla ukubethela (enguqulweni ye-Pro).
- Lawula amadokhumenti ephepha
Inkampani yayinezingozi ezinkulu ezihlobene nokusetshenziswa kwemibhalo yephepha: ingase ilahleke, ishiywe endaweni engafanele, noma ichithwe ngokungafanele. Ukunciphisa lobu bungozi, siphawule wonke amadokhumenti angamaphepha ngokwezinga lokugcinwa kuyimfihlo futhi sakha inqubo yokucekela phansi izinhlobo ezahlukene zamadokhumenti. Manje, lapho isisebenzi sivula ifolda noma sithatha idokhumenti, sazi kahle ukuthi lolu lwazi luwela kusiphi isigaba nokuthi singalusingatha kanjani.
- Ukuqasha isikhungo sedatha eyisipele
Ngaphambilini, yonke imininingwane yenkampani ibigcinwa kumaseva atholakala esikhungweni sedatha esivikelekile senkampani yangaphandle. Nokho, bezingekho izinqubo eziphuthumayo ezikhona kulesi sikhungo sedatha. Isixazululo kwaba ukuqasha isikhungo sedatha yefu futhi wenze ikhophi yasenqolobaneni yolwazi olubaluleke kakhulu lapho. Njengamanje, ulwazi lwenkampani lugcinwa ezindaweni ezimbili zedatha ezikude, okunciphisa ingozi yokulahlekelwa kwayo.
- Ukuhlola ukuqhubeka kwebhizinisi
Inkampani yethu ibe ne-Business Continuity Policy (BCP) iminyaka eminingana, echaza lokho abasebenzi okufanele bakwenze ezimeni ezihlukahlukene ezingezinhle (ukulahlekelwa ukufinyelela ehhovisi, ubhubhane, ukunqamuka kukagesi, njll.). Nokho, asikaze senze ukuhlola okuqhubekayo - okungukuthi, asikaze silinganise ukuthi kuzothatha isikhathi esingakanani ukubuyisela ibhizinisi esimweni ngasinye kulezi. Ukulungiselela ukuhlolwa kwezitifiketi, asigcinanga nje ngokwenza lokhu, kodwa futhi sakha uhlelo lokuhlola ukuqhubeka kwebhizinisi lonyaka ozayo. Kuyaphawuleka ukuthi ngemva konyaka, lapho sibhekene nesidingo sokushintshela ngokuphelele emsebenzini oqhelile, sawuqeda lo msebenzi ngezinsuku ezintathu.
Kubalulekile ukuqaphela, ukuthi zonke izinkampani ezilungiselela isitifiketi zinemibandela yokuqala ehlukene - ngakho-ke, esimweni sakho, kungase kudingeke izinguquko ezihluke ngokuphelele.
Ukusabela kwezisebenzi ezinguqukweni
Okuxakayo - lapha besilindele okubi kakhulu - akubanga kubi kangako. Ngeke kushiwo ukuthi ozakwabo bathole izindaba zesitifiketi ngesasasa elikhulu, kodwa okulandelayo kwakucacile:
- Bonke abasebenzi ababalulekile baqonda ukubaluleka nokungagwemeki kwalo mcimbi;
- Bonke abanye abasebenzi babheke kubasebenzi ababalulekile.
Yebo, imininingwane yemboni yethu isisize kakhulu - ukukhishwa kwemisebenzi ye-accounting. Iningi labasebenzi bethu libhekana kahle nezinguquko eziqhubekayo emithethweni yaseRussia. Ngakho-ke, ukwethulwa kwemithetho emisha embalwa okufanele igcinwe bekungeyona into engavamile kubo.
Silungiselele ukuqeqeshwa nokuhlolwa okusha kwe-ISO 27001 kubo bonke abasebenzi bethu. Wonke umuntu walalela wasusa amanothi anamathelayo anamagama ayimfihlo kubaqaphi bakhe futhi wasusa amadeski agcwele imibhalo. Akukho ukunganeliseki okukhulu okuphawuliwe - ngokujwayelekile, saba nenhlanhla enkulu ngabasebenzi bethu.
Ngakho-ke, sidlule esigabeni esibuhlungu kakhulu - "ukucindezeleka" - okuhambisana nezinguquko ezinqubweni zethu zebhizinisi. Kwakunzima futhi kunzima, kodwa umphumela ekugcineni wadlula konke esasikulindele.
Funda izinto zangaphambilini ochungechungeni:
Izigaba ezi-5 zokungagwemeki kwesitifiketi se-ISO/IEC 27001. Ukucindezeleka.
Izigaba ezi-5 zokungagwemeki kwesitifiketi se-ISO/IEC 27001. Ukutholwa.
Source: www.habr.com