How can I use audit?

Intranet security is very important, but it is often underestimated and controversial, that is, behavior audit.

With the improvement of enterprise security awareness, the role of audit is gradually known to everyone, and they will also use audit for accountability afterwards. But does the audit function only work here? "Does behavior auditing infringe on personal privacy "? How can we make good use of audit? There are still many doubts that need to be resolved urgently.

  Auditing: a barometer of information securityAudit is designed for security. It allows enterprises to visualize internal operations, so that enterprises can detect new security threats and vulnerabilities at any time, and constantly adjust protection policies, to cope with the threats posed by emerging technologies and achieve maximum security. Tan Junfeng, Information Manager of Sany Heavy Industry Research Institute, attaches great importance to management, which is related to Sany's internal core data department. Starting from the principles of the enterprise audit system, they formulated the principles of "grasping the overall situation, taking precedence, distinguishing primary and secondary, putting responsibilities in place, and taking into account the overall situation". In addition, when establishing a Human Resource Management System, starting from publicizing certain policies or systems of the company, employees will be informed of the confidentiality requirements of information, and they will often conduct information security awareness training for employees of the company. In general, as long as the rules and regulations are well established and the concept of Intranet audit is instilled into the employees of the enterprise, the enterprise can use the Intranet security system for management, this will greatly improve the enterprise's Intranet security level. Yi Feng, Information Director of Qingdao CIMC refrigerator Manufacturing Co., Ltd., believes that Intranet security systems without behavior audit are not perfect, and behavior audit can effectively detect threats to Intranet security, network administrators can clear threats through the system to ensure network security compliance. "Privacy" is not absoluteWill behavior auditing infringe the privacy of employees? This issue was once a hot topic in the industry. With the gradual deepening of Chinese people's understanding of the concept of "privacy", this issue has become clear. In this sense, employees do not have "privacy", and the so-called "privacy" means to use enterprise resources to do their own things. Let's first look at what privacy means. The basic meaning of privacy is: the private affairs of individuals who do not want to disclose or do not want to disclose. The Intranet of an enterprise is set up to meet the business development needs of the enterprise. The behaviors made on the Intranet of the enterprise are organizational transactions. Although the definition of "privacy" is clear, "behavior audit" is still controversial in actual operations. Because people are not machines after all, it is impossible to not deal with personal affairs in the workplace or during work hours. Therefore, employees' behaviors on the Intranet always contain private content. Zhu xiaozhe, manager of the Information Department of Wuhan fangu Electronic Technology Co., Ltd., believes that the first step of "behavior audit" is behavior collection, unless high-risk behaviors are identified and retained, otherwise, privacy will be violated. If an enterprise lists long list of illegal operators regardless of the actual situation, it will cause personal danger. The employee's violation is not worth the candle. I agree with manager Zhu's point of view that audit is of course very important. To do a good job of audit, we must be well versed in its "path ". To perform a proper audit, you must grasp the degree of behavior information collection and control the scope and permissions of the audit, so that you can avoid some audit risks to a large extent. Audit is just a tool. The IT management department should clarify that it is only a means for enterprises to implement security, rather than auditing for audit. It is useful on the one hand, but how to use it is good on the other hand. Let's take a look at what industry experts and customers think about it. Huang Liang, director of Hangzhou Steam Turbine Co., Ltd.: audit is an essential part of security. However, the audit personnel must have formal authorization from the company, and their responsibilities must be clearly defined and certain behavioral norms must be imposed. Dr. Li Yang, an information security expert, also believes that deploying Behavior Monitoring and behavior auditing products is an important step in enterprise compliance. However, behavior auditing does not necessarily infringe on personal privacy, or not completely infringing on personal privacy. As long as auditors are strictly restricted from accessing the original data, they can better respect personal privacy. Zhang baichuan, webmaster of the ranger security network, pointed out that there is also an international debate on auditing and privacy. When many enterprises deploy audit monitoring products, whether it is host audit monitoring or network audit monitoring, there is no explanation with employees, which is unreasonable. Before deploying a product, the enterprise shall publish relevant announcements for explanation .; Most enterprises have poor control over auditor permissions. Auditors often can view the privacy of people on the Internet, which in fact poses great legal risks to enterprises. According to the opinions of the above experts and industry-renowned users, I believe that audit should be well performed in several aspects: First, we need to clarify the scope of auditFrom the security point of view, the more comprehensive the better, but from the rationality point of view, should not be audited, should not touch; Second, the auditor's permissions are limited.. Who has the audit permission, under what circumstances the audit, and what processes are required must have written regulations, and it is necessary to re-audit the audit behavior; Third, we need to make rational use of the audit information.It is good at making highly visualized reports based on your own needs, reflecting key issues and providing guidance for decision-making. In addition to proper auditing behaviors, it is also very important for enterprises to fulfill their notification obligations. As said by security expert Zhang baichuan, internal personnel should be informed before deployment. From the perspective of implementation, it is best to fulfill the obligation of notification while forming an institutional mechanism. Managers should also clarify the public attributes of IT assets, that is, the IT equipment provided by the organization for employees. Theoretically, IT is only necessary for employees to complete their work, therefore, any data stored and used on their computers should belong to the public organization, write similar clauses into the system, and sign and train employees when they are hired, all help to provide reference in case of legal disputes. Through behavior audit, you can discover abnormal behaviors and potential dangerous behaviors of employees, so as to prevent unexpected problems. In addition, when a leak occurs, the audit system can help enterprises quickly find the leak and timely recover the loss. However, audit and behavior monitoring systems must be used with caution. These systems have high permissions and affect employees' feelings and work enthusiasm. Abuse of these systems may cause serious consequences. Enterprises must strictly control the monitoring permissions and clearly define the duties of administrators to ensure that the system is not abused.

 

This article is from the "Huang kai" blog, please be sure to keep this source http://techk.blog.51cto.com/3177718/691209