Rising: Do not ignore information security Ctrip events for Internet enterprises sounded the alarm

May 28, the country has been called the largest Internet Information security incident this year: Ctrip in addition to the home page suddenly all paralyzed, open the homepage and click on any link to display "Service unavailable", and Baidu search on the official Ctrip page also shows 404 errors. Later, Ctrip's official response, said that because some of Ctrip's servers were unknown attacks, causing the official website and the app temporarily unable to use the normal. However, according to industry insiders, this incident is caused by physical deletion of the database.

The news immediately shocked the country, in the microblog, the circle of friends get crazy forwarding. When we see this news, bloggers have a lot of questions, it is well known that Ctrip is the giant of the domestic travel website, its website should be safe and stable, and why the emergence of such appalling things? In this respect, the domestic Internet Information security leader Rising pointed out: an enterprise successive occurrence of such information security incidents, Is that the domestic Internet enterprises are extremely indifferent to the performance of information security management.

Rising security experts said that the loss of enterprise data, information disclosure or failure to provide normal service, etc., there are several possibilities: hacker attacks, power outages, hardware loss, physical deletion. The ultimate problem of these phenomena is that enterprises fail to prevent the security of the network information, and are extremely indifferent to the problem of information security. This is not only the performance of ignorance, but also shows the lack of corporate management capacity.

In the case of the Ctrip, the net is that the database was physically deleted, and the Ctrip station took longer to recover, so the possibility of database physical deletion was very high. As a result, Ctrip's technicians and management have been grossly negligent in the management of cyber security, committing significant errors. To Ctrip, an ultra-large-scale industry giants, from last year to this year, a succession of network security issues, is to experience the "best" example of light security, which is completely the management of negligence, the enterprise information Security management does not act, the enterprise staff and the majority of users irresponsible. Unfortunately, Ctrip is not the only Internet company that ignores information security, which is a common problem for all of these companies in the country.

Rising security experts said that the enterprise information security construction process, the most important thing is management, the proportion of 70%. And how to carry out management, the first should be based on the network environment of different enterprises, internal conditions, specific needs to establish a complete set of information security system. Under this system, we should set up personnel management system, equipment management system, network admittance system, service equipment grade, application security level, and so on, when there is such a system, at the same time continue to find the problem to solve the problem, can the network information security in the corresponding stage to maintain a high level of security.

To the Ctrip event as a ring, the majority of enterprises should pay attention to network information security issues, and for enterprises to customize a set of information security overall solution. In particular, the Internet enterprises, not only to establish a perfect network security system, regular detection, evaluation, simulation attack and defense, but also to strengthen the information security awareness of personnel within the enterprise, network security knowledge and emergency response training. Rising just launched the "Enterprise Information Security +" solution is the face of such information security problems of the excellent solution, the solution to cloud computing security, big Data security, mobile security, desktop security, border security, management security and audit Security 7 modules, with rising "Security +" service, Not only can help enterprises to create a complete set of hardware and software combination of information security management system, but also can provide security testing and evaluation, security early warning, emergency response, security training and other services, so that the enterprise completely out of the information security management cognition is not in place, the lack of experience and technical deficiencies caused by high risk, comprehensive protection of information security, Eliminate the recurrence of similar Ctrip events.

In the blogger's view, with the continuous development of the Internet, similar to the Ctrip paralysis of information security incidents are exploding, and Internet enterprises on the website Information Security assessment and response is imminent. Now, based on rising "safety +" information security testing services, rising has been for different sizes of Internet enterprises to customize a fast, standardized services. Therefore, Bo Master suggested that the majority of Internet enterprise managers should be as soon as possible for enterprises to customize a set of proprietary information security detection solutions, improve the user's security experience, the site security truly home.

Rising: Do not ignore information security Ctrip events for Internet enterprises sounded the alarm