New Challenges of Information Leakage Prevention

In article 8 of the "Ten Years of Intranet security debate" series, experts from various parties have discussed the issue of "Information Leakage Prevention in leaks" from different perspectives, information Leakage Prevention is a long-term war. With the development of technology, protection technology is constantly improving and facing more security threats. This topic is: cloud computing, mobile applications, and social networks have become the daily applications of many employees. What are the impacts of these devices and technologies on Intranet security?

Huang Liang, director of Hangzhou Steam Turbine Co., Ltd:

The development of new IT technologies is indeed rapid. The impact of these new technologies on security should be analyzed and evaluated in a timely manner. To promote the informatization construction of enterprises, users must be allowed to use the information and actively adopt the information. If the information security is affected, the information security should be eliminated in a timely manner. For example, when a 3G network comes out, it is very convenient for employees to access the Internet through 3G network cards on their work computers. This will bypass the company's control and monitoring on Internet access, therefore, we need to promptly restrict the access.

Tan Junfeng, Information Manager of Sany Research Institute

The methods of information leakage have been diversified. From management, we must change our thinking, and make changes in business needs drive changes in information security management. We must further strengthen technical subdivisions, we must be proactive in information planning.

Yu Feng, Information Director of Qingdao CIMC refrigerator Manufacturing Co., Ltd.

The application of these devices and technologies poses greater challenges to the Intranet security. Our system needs to be more rigorous, and our management needs to be more compliant, at the same time, the rise of cloud computing also brings better opportunities for the development of Intranet.

Zhou qingxiang, CIO of Zhengzhou sanquan Food Co., Ltd.

With the emergence of these technologies, the security risks of system O & M are increased. Employees may inadvertently disclose trade secrets, and enterprises may need to use keyword review technology. applications unrelated to work increase, this results in a reduction in employee productivity and a waste of network resources, resulting in low system efficiency. Enterprises need to strictly manage the Internet access behavior of employees.

Dr. Li Yang, information security expert:

The emergence of applications, the regionalization of application scenarios, and the diversity of applications all pose more severe requirements for Intranet security technology, Implementation, and Management. When selecting and implementing Intranet security technologies and products, we need to propose new requirements based on new situations to meet the challenges of changing application requirements.

Huang Kai, product director of Yixin technology:

First of all, we must make it clear that new technologies are constantly emerging, so there is no permanent solution for security. IT managers will always face new security threats.

Up to now, the main security threats are manifested in several aspects.

First, cloud computing, although most people still cannot understand the exact meaning of cloud computing, Intranet security issues also exist. Can applications originally stored in the Intranet be protected after they are migrated to the cloud? Should I migrate my business to the cloud if I cannot ensure the security of the data migrated to the cloud? Currently, most of the existing Intranet security technologies focus on the host layer. Whether the technology can be applied to the cloud is not fixed yet. Whether enterprises lose control over security is a new challenge. It is certain that the Intranet security vendor will follow up.

The second is mobile devices. The mobile devices mentioned here are not only limited to USB flash drives and mobile hard drives, but also more and more popular tablets and smart phones. In the face of these different host platforms, it is very important to make intranet security products scalable. In addition, the countermeasures that enterprises should adopt for these IT devices also need to be clarified and standardized as soon as possible.

Third, social networks. The main problem here is the leakage of privacy. Taking Weibo as an example, by analyzing all Weibo posts of a person, we can restore the person's daily life. If it contains sensitive confidential information, it is likely to cause a certain degree of leaks. Pre-developed policies on social networks and management restrictions using internet behavior management or other devices are essential in today's popular social networks.

In short, new technologies will inevitably emerge. what it administrators need to do is to keep in mind the purpose of Intranet security-"security". This is the core and constant response.

Manufacturing Informatization expert Dr. Huang Pei:

The development of IT technology is fast and constantly changing. The challenges faced by Intranet security have never been stopped or stopped. Cloud computing, mobile applications, and social networks provide more communication methods and increase the risk of leaks. An employee's word on a social network may expose confidential information, and a smartphone may take away all the data, the emerging challenges of Intranet security are urgently needed by enterprises and security vendors.

Summary:

Cloud computing, mobile devices, and social networks are the trend of IT development. Now, they have gone deep into people's lives and work. rejecting them may temporarily avoid security problems, but it also makes it impossible for enterprises to obtain the new value brought by these new technologies. Therefore, enterprises should not waste food, but face up to risks. With the help of the Information Leakage Prevention System, they should seize the core of "security" and keep responding to the situation, while ensuring information security, we should make full use of new technologies to promote the development of enterprises.

Network-based applications are constantly developing and threats are increasingly diversified. In the face of such a situation, it is increasingly difficult to complete the arduous task of preventing information leakage by relying solely on the strength of the enterprise itself, enterprises need powerful allies to fight security threats together. At this time, in addition to providing products, Information Leakage Prevention product providers can do anything else? Please pay attention to the final chapter "Ten Years of Intranet security debate": Information Leakage Prevention. What else can we do?