Information Leakage Prevention = full encryption? (1)

Information Leakage Prevention refers to a policy that uses certain technical means to prevent an enterprise from exporting data or information assets in the form of violating Security Policies and Regulations. Currently, information leakage prevention in China takes document encryption technology as the core, and works with security audit mechanisms, strict control mechanisms, and internal document operation control mechanisms to effectively prevent usage, transmission, and storage in any status) internal information and information assets leakage. However, many enterprises only focus on document encryption to prevent information leakage.

Literally, information leakage prevention prevents information leakage. The life cycle of information includes creation, use, storage, transmission, and extinction. The life cycle of information involves information creation, terminals, ports, mobile storage media, and networks, the two cycles involve various aspects of an enterprise, such as business flow, IT, management, and personnel. The simple document encryption technology obviously cannot ensure that information is not leaked, which is why the enterprise application boom has shifted from "transparent encryption" to "Information Leakage Protection DLP. Zhang baichuan, webmaster of the ranger security network, reminded some enterprises that they only rely on encryption to ensure data security. "encryption algorithms are not unbreakable. Once an algorithm is cracked, enterprises will be exposed to dangerous environments without any competition. Encryption is implemented, and multiple technologies are required to work together to prevent leakage. "Zhou qingxiang, CIO of Zhengzhou sanquan Food Co., Ltd., also holds a cautious opinion on encryption technology:" 'encryption' means both safe and dead-end. After encryption, even if the data is leaked, the Enterprise will not be nervous because it cannot see the original text. Otherwise, if the encryption technology is faulty and the encryption algorithm is cracked, the Enterprise will be very sad. Do not blindly trust encryption technology, so you must be careful about 'how to encrypt? ''What is the scope? . "

Of course, the technology cannot be perfect, but it cannot be used because of possible risks. Document encryption cannot replace information leakage prevention, but it is also the core of Information Leakage Prevention and the key to enterprise applications. In terms of usage, some enterprises deploy document encryption globally and expect to use the "password-less" tactic to ensure data security. Some enterprises only deploy document encryption products in R & D, design, and other core departments. However, if the document encryption product is deployed only in the core Department, the border security cannot be guaranteed when interacting with other departments. Dr. Li Yang, an information security expert, encouraged the security enterprise's core departments and other non-core departments to deploy security equipment whenever possible and focus on management, to ensure data security. "Security is a system. "He said. Yu Feng, Information Director of Qingdao CIMC refrigerator Manufacturing Co., Ltd., believes that all encryption is unnecessary because not all documents of a company need to be encrypted.

Enterprises that have implemented encryption should be aware that although encryption looks "Transparent", the efficiency of some systems will be greatly affected. If you blindly encrypt documents that do not require encryption, the system operation efficiency will be more challenging. Security and efficiency cannot have both sides. Managers need to strike a balance between security and efficiency. "Encryption affects the original business processes of an organization to a certain extent. Not all organizations are suitable for deploying encryption products, and even encryption is only applicable to specific departments with high confidentiality. "As an industry expert, Huang Kai, product director of Yixin technology, proposed a solution. "The encryption system is generally supplemented by the corresponding external sending and approval mechanism, which requires corresponding rules and procedures, as well as corresponding approval personnel and Permission Regulations. If the organization is large, everyone has to approve it, and there is no dedicated department, it will become a serious disaster. For some organizations with less strict requirements, complete auditing and certain restrictions on common networks, peripherals, and emails are enough to achieve the effect. "

Tan Junfeng, Information Manager of Sany Heavy Industry Research Institute, balances both security and efficiency ". His philosophy is to start from a global perspective. "A design department is only a link or point of an enterprise, but it is difficult to prevent security boundaries by reinforcing a department, most of the time, the design department can flow out through other departments. "It seems that the key to balancing the two is to understand the" core Department ". Dr. Huang Pei, an informatization expert in the manufacturing industry, pointed out that the "core Department" in the security system is different from the "core Department" in the enterprise's organizational structure. The security system architecture should not be considered according to the enterprise's organizational structure, it should be considered from the perspective of core information transfer. "In the general organizational structure of an enterprise, the core department is in the design, finance, sales, and other departments. In the security system, all departments that can access the core information should be the core Department. "

Different companies have different business processes and different core information, so different transfer departments are involved. The encryption range is different. In addition, with the business changes of enterprises and the construction of information technology, the core data flow of enterprises will also change. Because of this, the overall encryption and partial encryption are not inferior in many cases. Return to the word "information" in "Information Leakage Prevention". "information" refers to meaningful data. Therefore, determining whether the information is the core information should be the key point of encryption. Even in "core departments", not 100% of the work is sensitive information. Zhu xiaozhe, manager of the Information Department of Wuhan fangu Electronic Technology Co., Ltd., said that, in general, even the core Department, 80% of the work is still non-sensitive information, in daily business, such as business trip application forms and office supplies application forms must be reviewed and decrypted, which has a great impact on work efficiency.

Although the encryption scope of each enterprise cannot be unified, the content determination is also different, but the same is true, the security audit after encryption is very important. "Enterprises should carry out regular checks to evaluate the security efficiency. Do not think that encryption is safe. "Huang Liang, director of Hangzhou Steam Turbine Co., Ltd. stressed that" even the information leakage prevention system cannot be guaranteed. "Security-always relative. Information Director of Qingdao CIMC refrigerator Manufacturing Co., Ltd. Yu fengming's source of the problem: "because these systems are used by people. "