Information Leakage Prevention, we can do more

In the ninth article of the "Ten Years of Intranet security debate" series, experts from various parties have discussed the new challenge of Information Leakage Prevention from different perspectives and faced with increasingly diverse security threats, relying on the strength of the enterprise itself, it is increasingly difficult to complete the arduous task of Information Leakage Prevention. Enterprises need powerful allies to jointly fight security threats. In addition to providing products, Intranet security product providers can also provide consultation or outsourcing services for Intranet security? Can I transform to a security service provider? Whether or not enterprises need services other than security products. In the last article of the "Ten-year debate on Intranet Security" series, let's discuss the problems of Intranet security extension services.

Zhu xiaozhe, manager of the Information Department of Wuhan fangu Electronic Technology Co., Ltd.

Intranet security is an emerging industry. For most enterprises, there is no clear concept, when you really need it, you cannot immediately find the right people who can control the project within the enterprise and target the product. From this perspective, security consulting and services are very important. However, unlike IT service outsourcing, outsourcing of Intranet security maintenance cannot replace the enterprise's own security management, which is difficult to completely separate.

For manufacturers, providing consulting and outsourcing services requires strong technical strength and implementation teams, while providing only products is less risky, as a result, there are not many security vendors in China that provide security consultation and outsourcing services. How to provide security services and how to choose security services is a matter of time for enterprises to mature.

Yu Feng, Information Director of Qingdao CIMC refrigerator Manufacturing Co., Ltd.

Enterprises need security planning, security evaluation, and comprehensive security management consulting. Simple product-based consulting is not enough.

Huang Liang, director of Hangzhou Steam Turbine Co., Ltd:

Because the Enterprise Information Department is not specialized in Intranet security after all, it may ignore some threats or potential threats and still have some vulnerabilities in the Intranet security system, this requires a professional Intranet security company to carry out a comprehensive risk assessment, which can be conducted on a regular and regular basis. Some training programs can also be conducted. Some network security trainings in the society are not targeted, and the timeliness is worse, intranet security product suppliers can use their resources, implementation cases, and new risks to conduct targeted professional training to improve the risk response capability of enterprise informatization personnel.

Tan Junfeng, Information Manager of Sany Research Institute

1. Complete the pre-sales, in-sales, and after-sales services wholeheartedly;

2. provide customers with comprehensive, comprehensive and appropriate solutions;

3. Enterprises should conduct on-site business demand research, grasp industry market trends, and reserve all aspects for future development.

You Xia Security Network webmaster Zhang baichuan:

The vendor shall provide some security services for the enterprise. For example, security awareness training for employees, security technical training for enterprise administrators, security consulting, overall security solution design, and emergency services.

Dr. Li Yang, information security expert:

Vendors are required to provide some consulting services for enterprises. As a matter of fact, security product suppliers should follow the trend of gradually transitioning from device provider to solution provider. No vendor can say that its products are all-encompassing and can satisfy all user needs. Currently, users are more concerned with the solution, followed by the implemented product. There is no solution. Let's talk about products. The era of simply selling products has passed, and product suppliers should be aware of this. When selecting products, enterprise users should pay more attention to the suitability and efficiency of product supplier solutions.

Huang Kai, product director of Yixin technology:

As the first company to enter the Intranet security industry and serve customers in the industry for 10 years, Yixin technology has accumulated rich experience and can provide some feasible suggestions when encountering new customers. For example, Intranet security vendors can develop more service services, which may include:

1. Overall assessment of Intranet security status;

2. Intranet security training;

3. Consultation and formulation of the overall Intranet Security Solution

Manufacturing Informatization expert Dr. Huang Pei:

It is not enough for Intranet security product suppliers to provide products to customers, but the sales relationship is not good for both parties, and a real partnership should be formed. Suppliers have valuable implementation experience and can help enterprises plan security systems suitable for their own needs. Problems Encountered by enterprises in applications and feedback to suppliers can help them better improve their products. Therefore, it is necessary to maintain a long-term partnership. From the perspective of specific services, suppliers can provide enterprises with consulting, risk assessment, training, technical support and other services.

Summary:

From the experts' points of view, enterprises are less sensitive to technologies and threats, and security vendors need to provide them with consulting, evaluation, training, technical support, and other services; manufacturers are extremely sensitive to the development and changes of technology and security threats, and learn about the latest changes. In addition, they have accumulated a lot of practical experience in their years of operation and are capable of providing enterprises with relevant extension services. The problem to be solved now may be how the manufacturer abandons the mentality of quick success and quick success, regards the customer as a real partner, and provides services to the enterprise in a down-to-earth manner.

It has been nearly a month since January 1, September 16. During this period, we have discussed ten questions about Intranet security. We reviewed the development history of Intranet security over the past ten years, and also discussed the "Ten-Year controversy", "Current puzzles", and "Future Directions" of Intranet security, although many aspects are not deep enough, we also hope that the "Ten-year debate on Intranet Security" series will inspire readers, help enterprises build Intranet security, and reduce the occurrence of leaks, help enterprises build information security to a higher level.