Intranet confidentiality is a major event for enterprises. network administrators can reach a consensus with the enterprise's top management and adopt appropriate measures to keep the network confidential for leaks of personnel and mobile devices.
Personnel Leak Prevention
Leaks by computer operators are currently the most serious victims of leaks. They may cause leaks in the following ways:
1. Ignorance. For example, if you do not know that the computer's floppy disk contains information that can be extracted and restored, You can exchange the floppy disk that has stored the confidential information, causing leaks;
2. Lack of confidentiality awareness and leakage of information in violation of rules and regulations. For example, after a computer failure, it will not be repaired according to the prescribed procedures, or it will be processed on a computer that cannot process the confidential information; some may even cross-use the computer;
3. Intentional leaks. This is a small number of people who leak data for personal interests or other purposes and should be disciplined or legally pursued.
Enterprises can clearly restrict and control employees' intentional or unintentional leaks through clear rules and regulations and confidentiality agreements, so as to achieve source control.
Mobile device Leakage Prevention
USB mobile storage devices are advantageous in convenience of carrying and storage, which greatly facilitates the information life of modern people. This also brings potential threats to some enterprises. The staff connected Mobile memory with confidential information, source code files, design drawings, and other important information to a computer connected to the Internet, which was stolen by spyware without knowing it, it brings huge losses to enterprises. Now there is a highly concealed trojan virus that can not only infect computers, but also infect storage disks. Once your USB flash drive is used on a computer infected with this program, it will be infected with this virus. If this USB flash drive is used on an office computer, the computer information will be automatically and secretly copied to the disk. The next time you insert the disk into a computer that is connected to the Internet, the information on the disk is automatically sent to the specified location on the Internet. The entire process is completed in secret and automatic mode, which is hard for users to detect.
Enterprises can control mobile device access, data copying, and other actions, or fine-grained behavior auditing to control information leakage of mobile devices.
BYOD Leakage Prevention
BYOD (Bring Your Own Device) is a hot topic and focus of enterprises. Devices such as tablets, laptops, and tablets can access the enterprise network without authorization and identity authentication. On the one hand, they may easily steal company secrets and data through wireless networks; on the other hand, viruses and trojans on these devices may also be infected to the enterprise network, resulting in greater losses.
Therefore, enterprises need to use the NAC (Network Access Control) mechanism to Control the security of BYOD, and use a strict identity authentication and authorization mechanism to Control the wireless Access of BYOD, they also perform fine-grained tracking and auditing of their behaviors and actions to avoid information leakage.
According to the above main leak channels, the network administrator can reach a consensus with the enterprise's top management and adopt appropriate measures for network confidentiality, for example, the use of physical network isolation or GAP to isolate the private network and the Internet, training and presentation for operators, emphasizing the confidentiality technology, analysis of the security issues with the use of USB, and the development of relevant rules issue constraints. All in all, for enterprise network management, Intranet confidentiality is a major event, and we hope everyone will pay attention to it and do a good job of confidentiality.