The construction of enterprise information security evaluation system is an important and difficult point in the study of enterprise information security. In order to understand the security level of enterprise information system in various industries, scales and regions at a macro level, based on the theory of boundaries, the concept of comprehensive strength of boundaries is put forward, and the security evaluation model of enterprise information system is established. Firstly, according to the protection stage of enterprise information system, a three-layer boundary shell protection system is constructed, that is, outer boundary shell to prevent information damage, intermediate boundary shell to resist internal and external attacks, system renewal and maintenance of inner boundary shell. Secondly, the weights of each evaluation index are determined by using principal component analysis and comprehensive strength of boundary shell. Finally, a multi-dimensional enterprise information system security evaluation model is constructed by using the fuzzy comprehensive evaluation method. The results show that when the enterprise attributes are tertiary industry, large-scale and East China, the comprehensive strength of information security system boundary shell is the strongest, and the protection strength of each layer system boundary shell is the strongest when compared with the same level, that is, the comprehensive strength of enterprise information system boundary shell is the strongest, and the protection ability of each layer boundary shell is also more prominent. The results of the example are in line with the actual situation, which shows the validity of the model.