Internal network security issues

Frequent information leaks make enterprises and the industry pay more attention to Intranet security risks. This article describes Intranet security in four aspects, including the technical selection of Intranet security and the new challenges of Intranet security in the cloud computing era.
Link: http://www.searchsecurity.com.cn/showcontent_55277.htm

1. Nature of Intranet Security

The past one or two years have seen frequent cases of information leakage, such as leakage of customer data caused by the departure of HSBC employees and illegal copying of design data from a large Chinese shipyard. In addition, with the popularization of P2P applications, more and more enterprises are occupying network traffic, and viruses and Trojans are constantly breeding. These all make enterprises and the industry pay more attention to Intranet security risks. So what is Intranet security?

In fact, there has never been a clear definition of "Intranet security", citing the definition of Academician Fang Binxing, an information security expert. There are five levels of information security: physical security, data security, Operation Security, content security, and management security. Physical security refers to the protection of network and information system physical equipment; Operation Security refers to the protection of the network and information system operation process and operation status; data security refers to the protection of information in the process of data collection, processing, storage, retrieval, transmission, exchange, display, and dissemination, so that information can be used in accordance with authorization at the data processing level, content Security refers to the selective blocking of information flow in the network to ensure the controllable ability of information flow; management Security refers to the security measures for management-related personnel, systems and principles in addition to the above technical support in the information security assurance process.

In essence, and in combination with the focus of the current industry and related product design ideas, Intranet Security focuses more on data security, Operation Security, and management security, its core is data security and management security, that is, how to prevent intranet data leakage through various technologies, methods, tools, and management methods.

Technology and management are required to implement Intranet security. However, there is always a debate about whether to choose "Management first" or "technology first. In fact, management and technology issues have been discussed for many years. We don't want to talk about which one should take the lead for the moment. I think both hands should be captured. Technology is guided by management and managed based on technology. Seven-Point management and three-point technology can be seen from many security standards and IT governance standards, such as ISO270001, COSO, and COBIT. Most of them start with management, then we will talk about some implementation technologies.

2. Technology Selection for Intranet Security

For example, Intranet security focuses on information leakage prevention management, including monitoring, auditing, encryption, and other technologies. There are both products that implement a single function and integrated solutions on the market, to implement information leakage prevention management, is it better for enterprises to build their own systems by purchasing Multiple Single-function products, or adopt the overall solution provided by the manufacturer? We need to look at this issue in two ways. Some enterprises have just started out and do not have enough manpower and capabilities for system integration. Therefore, they tend to purchase a complete set of solutions. Some enterprises have a lot of manpower, in order to carefully select, purchase, and deploy various products, and form a set of solutions to collect the strengths of various products, which is also very common at present. The two methods have their own advantages and disadvantages. You can perform the operations based on the actual situation of the enterprise.

In addition, the industry does not have a very uniform standard for device selection. Based on my experience, I will provide the following judgment factors for your reference in practical Selection: 1) functionality: the function of anti-leakage products must be able to work well in complex network environments, work environments, and complex conditions. It mainly determines whether it includes functions such as data leakage prevention, online behavior management, data usage and application behavior audit; 2) stability: the product can run stably in a big data environment or even an extreme environment without spof. In addition, it is necessary to ensure its processing capability throughput) to cope with the pressure on the enterprise's network traffic, so as not to cause some or even all functions to fail in a large-traffic environment; 3) compatibility: products should be well and easily integrated into the current enterprise security system, rather than independent from the security system. For example, many Intranet security products are deployed on the client as the Agent. These products interact with the security server deployed on the server, these agents should not conflict or be incompatible with other software products on the user's computer, so as to avoid business failures due to the deployment of security products; 4) auditability: provides powerful report generation (generation) functions, and displays the reports to administrators and auditors in a user-friendly GUI, because the data generated by Intranet security is massive, the report will greatly facilitate management.

3. Privacy considerations for Intranet security technologies

Intranet security behavior auditing can find a lot of Intranet security "moles", but there is always a debate in China regarding whether "behavior auditing infringes on personal privacy. From the perspective of enterprises, deployment Behavior Monitoring and behavior audit products are understandable, which is an important step for enterprise compliance. For example, archive and auditor of a mail are all necessary tasks. From the technical point of view, behavioral auditing does not necessarily infringe on the privacy of individuals, or does not completely infringe on the privacy of individuals. We only need to provide some key audit words. By using software and strictly limiting the auditor's access to raw data, we can better respect personal privacy. In addition, enterprise audit is also a subject of knowledge. There are many certifications, such as CISA, which prove the importance of audit.

4. Challenges to Intranet security in the cloud computing Era

With the rapid development of technology, cloud computing, mobile applications, and social networks have become the daily applications of many employees. The application of these devices and technologies has a huge impact on the Intranet security. When selecting and implementing Intranet security technologies and products, we need to propose new requirements based on new situations to meet the challenges of changing application requirements.

In this environment, in addition to providing equipment, Intranet security product providers should also provide some consulting services for enterprises. As a matter of fact, security product suppliers should follow the trend, that is, gradually transition from device provider to solution provider). No vendor can say that its own products are all-embracing, it can meet all user needs. Currently, users are more concerned with the solution, followed by the implemented product. There is no solution. Let's talk about products. When selecting products, enterprise users should pay more attention to the suitability and efficiency of product supplier solutions.

 

This article from the "excellence begins with the foot" blog, please be sure to keep this source http://patterson.blog.51cto.com/1060257/721163