Measure the test taker's knowledge about internal security threats.

We often see media reports that employees steal the core technical information of their respective departments before leaving the company. Why are former employees at high risk of information leakage incidents? What strategies should the IT department of an enterprise have to deal with these lurks? From the key process points of similar events, we can have some gains.

The systematic classified confidentiality policy and audit mechanism can reduce the probability that the leader will succeed.

In the past, an employee had stolen trade secrets. before leaving the company, the client used its legal permission to print the information and store the photos in a private laptop; A few years ago, the client copied a large number of technical documents to a private mobile hard disk ......, All the persons involved in these incidents use legal IT permissions to steal illegal information, which indicates that authorization for legal user segmentation and systematic audit are necessary. At present, IT systems of large and small enterprises generally store important information in internal public servers for user access. At the same time, they provide protection on servers and network outlets to prevent external intrusion. However, a simple internal/external access authorization control can only prevent external users from breaking through the network boundary and stealing information from the internal network. Is the legal user legally using the information, it is more like a black box ".

In practical applications, seemingly common operations such as printing and copying may also be fatal Information Leakage channels. In the current case, for the department where "moles" are located, these behaviors should have been strictly restricted. Important information should be strictly protected, involving information about core competencies, and should be supplemented by strict access control, approval and authorization, and Other permission control mechanisms. In addition, the comprehensive audit of information usage is also a necessary link, which helps to promptly detect violations of IT policies and detect and take actions before information leakage and spread.

Public/private security policies can greatly reduce security risks

Another aspect worth reflecting on is the application of private devices in internal IT systems. The Parties mentioned above may use a private digital camera to take materials into a personal computer, or use a personal mobile hard drive to transfer data. These vulnerabilities expose the vulnerabilities that enterprise IT policies do not cover private applications. The Application of private devices is intended to improve the work efficiency of individuals. For example, the U disk is a convenient transmission carrier, and the private laptop is conducive to mobile office, through social networks, it can enhance the communication between enterprises and external entities. However, all these applications should have a premise that private applications should be under the overall IT security policy management of enterprises. The use of any new device or application should be assessed in advance and strictly monitored during execution. Boundary between public IT systems and private applications, and popularization of devices such as smartphones, Weibo and social networks are particularly important today.

The combination of technology and management is an inevitable choice for information security policies

At present, many enterprises use video surveillance and other technical means to assist in security policies, and have prior regulations on the security review process before core employees leave their posts, these methods can detect behaviors that cannot be monitored by network-based IT audits. In many cases, some enterprises have adopted video surveillance and resignation review regulations for core departments.

In fact, security itself should be a comprehensive concept. In addition to network security and data security in the general sense, it is usually attributed to administrative security technologies such as video surveillance and access control, it is also an important part of enterprise security. At present, many mature organizations have set up the position of Chief Security Officer to guide enterprise security management. At the strategic height, we should formulate holistic strategies to comprehensively mobilize the resources of enterprises and combine security and management to further improve the information security level of enterprises.

This article is from the "Huang kai" blog, please be sure to keep this source http://techk.blog.51cto.com/3177718/583983