Information Leakage Prevention: how to identify the right side (1)

Currently, there are numerous information leakage prevention solutions, and many products with the anti-leakage function are publicized. However, enterprises are often dazzled and at a loss in the face of many solutions. What kind of system is a good system? What solutions can help enterprises improve their information security protection? What standards should be used to determine the advantages and disadvantages of different solutions? In this regard, well-known industry experts, enterprise representatives, and manufacturer experts will discuss with you the "Information Leakage Prevention solution, how can we find the best solution? "

In ancient China, medical practitioners paid special attention to ensuring the health of the human body. The Information Leakage Prevention solution aims at the security of enterprise information. Selecting a leak prevention solution is like finding a proper "Prescription" for a doctor to take the right remedy. Based on this, when selecting the anti-leakage standard, you cannot escape the "Hope, smell, question, cut" method.

Hope:

When selecting a solution to prevent information leakage, you must first examine the product to prevent false positives. Although there are many anti-leakage products, there are a lot of mixed products. Huang Kai, product director of Yixin technology, also believes that many information leakage prevention products are under the banner of information leakage prevention. In essence, they are simple audit products. When selecting a product, you must identify whether the concept disclosed in product promotion meets your own needs. You must understand the market conditions and distinguish the advantages of various products, do not rush into medicine.

Wen:

The market is the touchstone that best reflects the usefulness of products. When building anti-leakage protection, you should observe whether the product brand is formal enough in the market and whether the service provider has enough success stories, especially similar to your own application environment, cases of enterprises in the same industry ). In addition, you may also need to pay attention to the after-sales service capabilities of experienced and responsible manufacturers, will immediately solve the customer's needs, or assume corresponding responsibilities ). Zhu xiaozhe, manager of Wuhan fangu Electronic Information Department, stressed that during the selection of encryption schemes, the qualification of encryption software, suppliers and dealers should be strictly checked, and the right person should be selected for the product, in order to ensure the smooth implementation of the project.

Q:

When selecting anti-leakage products, you need to put forward your own specific requirements based on their own characteristics. For example, Tan Junfeng, Information Manager of Sany Heavy Industry, should propose a solution to the service provider when selecting a anti-leakage solution: whether it is compatible with existing application systems and network protocols, whether it can be applied on mainstream system platforms, whether various performance indicators test SLA standards, and whether it provides standard interfaces; whether the product has qualified certification, service, market and typical success cases. The requirements of an enterprise are constantly changing. You must understand the R & D strength and service capabilities of the vendor and ask whether the vendor can respond to the customer's needs in a timely and fast manner.

Switch:

Many products may be written in promotional materials, but the actual test of product functions is not even half done. If the test is not performed in a real environment, is invisible. Enterprises need to develop some typical test cases based on their own needs, and try to imagine as many extreme situations as possible, so as to ensure that the product can meet their own needs.

In this regard, Zhang baichuan, webmaster of the ranger security network, recommends that enterprises perform high-intensity tests on computers that are frequently used before purchasing anti-leakage products. It also depends on its support for Windows XP 64bit, Vista, and Windows 7 64bit. At present, many products do not support 64-bit operating systems, which easily creates a "maqino line of defense" for Enterprise Security ". For example, if an enterprise has Linux and other operating systems, it needs to be tested before providing information leakage prevention. However, most data leakage prevention manufacturers currently do not support Linux.

To sum up, we can view the overall situation through "hope", "smell" and know the section, and "Ask" to identify the advantages and disadvantages, and test the requirements by "cut, when selecting a leak prevention solution, enterprises can be "easy to understand ". Of course, this is only the first step in the selection of information leakage prevention products. enterprises also need to select the products and solutions that best suit their own needs. Then, how can we further select the best and most suitable solution?