Computer security in China

Abstract

Concerning the recent reports of increased Internet censorship, as of this time China has not taken any action other than to require Internet servers to register with the government and to sign promises to limit politically and sexually suggestive material. The strongest impressions that I have about the state of data and computer security in China are: The temporary regulation about international network connections is less stringent than the approach taken by Singapore where online discussions on race and religion are banned along with pornography and government criticism. Also, Singapore is moving to require that providers channel all Internet subscribers through ‘proxy servers’ that will control the availability of sites with undesirable content. They are far behind in understanding many of the principles and methods that are considered to be basic issues in the field of systems security. An example is that they seem to react to problems and do not appreciate the need for audits and reviews of current practices such as provided by risk assessments. This lack of a reasonable level of security awareness and practice will become very significant in the near future due to the speed at which they are growing on an overall basis, plus their increasing use of computer technology in many areas of government and commercial activity.