Old Huang health care records (2): how enterprises can "Save Money" in the face of new technologies"

Old Huang clinic 2)

In the previous blog, Lao Huang analyzed the first type of problems mentioned by netizens in the outpatient service-various management measures, but the information leakage prevention work was "too difficult to prevent, according to Lao Huang's own experience, he also proposed strategies. In this blog post, Lao Huang will share with you the second category of problems in the outpatient service: how to deal with the security threats posed by new technologies such as mobile devices, especially laptops and tablets. The following are some of the questions selected from this category: Problem playback)14th floor: network security is crucial for both the enterprise and the Internet, but security products for software and hardware are emerging in the market. We do not know how to choose. Now the company uses Microsoft products. The company's system prohibits employees from bringing their laptops to the company. All USB interfaces are forbidden, however, some colleagues bring their laptops to the company's internal network to access Shared resources. Is there any security product that allows employees to access the company's networks without any access to resources? 19 th floor: information security is very important to an enterprise. With the rapid development of cloud computing, the company has to be sure of the value it has created. However, many problems have emerged at the same time, for example, Sony also apologized for information leakage. Could you tell me how to balance cloud computing and information security and how to solve it? 10th floor: Our company has strict network control. We only allow the company's internal network to be wired LAN) and do not allow access to external websites. However, it is inevitable that some employees use wireless Internet access devices such as 3G wireless network cards to access the Internet, which makes monitoring of our employees extremely difficult, is there a feasible way to control all employee USB ports )? Floor 12: I am a network administrator of a company. The company uses a wireless network. Recently, I found that my unknown PC had logged on to the company's Intranet, and I felt very panic! I have adopted the IP/MAC binding policy, which basically has some effect, but I still have a lingering fear! Many files in the company are shared. Once a stranger enters the company, the consequences are unimaginable! There are also companies with independent email servers, but there is no effective way to curb internal email sending confidential information within the company. Currently, the use of blocking keywords has little effect. Ask experts, what should I do? Company security is better than God! On the 60th floor: I have always had a question about data security and confidentiality. It is not a traditional method of preventing Data leaks, but also involves the most popular cloud computing problems. Cloud computing emphasizes that enterprises, especially small enterprises or start-up enterprises, can rent Goole or Amazon servers and storage on a pay-as-you-go basis, while enterprise data is managed by the cloud. In this process, the trust in the cloud is inevitable, and it is necessary to consider whether to leak confidential data on the cloud. I don't know what Mr. Huang thinks about this? According to the problems of netizens, the current threats to be addressed are summarized in two aspects: 1. Mobile devices; 2. Cloud computing. Mobile devices "should be sparse and should not be blocked"The mobile devices we are talking about here are not only limited to USB flash drives and mobile hard drives, but also the increasingly popular tablet computers and smart phones. Nowadays, mobile devices have been widely used in the United States and other developed countries. Although such applications are in their infancy in China, many market research data shows that, demand for smartphones and tablets is growing rapidly, and more users rely on them to handle personal and commercial transactions. The potential threats of mobile device applications to enterprise information security cannot be ignored. There are two solutions to the potential information leakage threats of mobile devices, as mentioned in some previous blog posts by Lao Huang: one is congestion ", in addition, it is "sparse ". Blocking is a strict measure. Looking at the increasingly close development trend of mobile devices and enterprise business, blind blocking is not a long way to go, and the response to better meet customer needs is 'loan '. That is, to maximize the security of devices that can be used internally. According to the current technological development and market demand, Lao Huang believes that cross-operating system clients are a general trend. By installing a client on a terminal device, you can restrict operations and record behavior logs for auditing to detect exceptions in time to maximize information security. Many netizens mentioned the problem of access from PCs with UNKNOWN identities to the intranet of enterprises. The access from PCs with UNKNOWN identities to the Intranet not only occupies company resources, but also threatens the security of internal information. To solve this problem, you can deploy an access control system to restrict access to external computers. Currently, there are two types of access control systems, one of which includes hardware devices. This type of product is easy to implement and basically can be implemented without modifying the company's intranet. The other is based on vswitches. The implementation of such products is a little complicated and may affect the current network environment, but it usually supports many features. Which of the following methods can be selected based on the enterprise's network size and specific needs. Information Leakage Prevention requires an overall and comprehensive management. To protect internal information security, you must not only focus on the current problems, but also review internal problems of the enterprise for unified planning and management, avoid omissions to the maximum extent. Be cautious when dealing with "Cloud"The popularity of cloud computing shows that everyone is very optimistic and looking forward to its advantages. It expands the application of Enterprise Services, makes enterprise service applications more elastic, and reduces enterprise costs and improves efficiency. For domestic enterprise users, the most recent and easy to implement is to build private clouds within the enterprise based on the Intranet. However, while the cloud provides more convenient and easy-to-operate resources for enterprises, it also means that enterprises will face more ways to expose sensitive data. It is precisely because of this issue that everyone is holding a wait-and-see attitude towards "Cloud. For enterprises, for business stability and data security considerations, important sensitive data and applications will not be directly put on the public cloud. However, the convenience brought by cloud computing also encourages qualified enterprises to use these technologies to build their own private clouds. Private clouds allow a wider range of data circulation, therefore, information leakage prevention focuses on private cloud security. For example, many enterprises have CRM Customer Relationship systems. Cloud computing allows employees to access CRM, regardless of their company, business trip, or even at home. To prevent the leakage of CRM data, you can prohibit the copying of sensitive data in CRM and other measures. The old saying goes: security is not absolute. Security Management balances security, costs, and efficiency. If important information is involved in cloud applications, I think it is necessary to be careful that they can be applied only with sufficient security assurance. You are welcome to discuss with me about information leakage prevention construction or the content of the above topics, such as flowers or bricks.

This article is from the "Huang kai" blog, please be sure to keep this source http://techk.blog.51cto.com/3177718/791535