Frequent information disclosure events make the enterprise and the industry more concerned about the risk of intranet security. This article is divided into four aspects to discuss intranet security, including intranet security technology selection, cloud computing era Intranet security challenges and so on.
1, the essence of intranet security
Information leaks in the last two years are not uncommon, such as the departure of HSBC employees caused by customer information leakage, a large shipyard in China, the design of illegal copies of data and other events. And, with the popularity of peer-to-peer applications, more and more enterprise network traffic is occupied, viruses, trojans and other constantly breeding, these make enterprises and the industry in the security of the risk of more attention. So, what exactly is intranet security?
In fact, "intranet security" has not been a clear definition, citing information security experts Fang Binxing, the definition of information security, including 5 levels: physical security, data security, operational security, content security and management security. Physical security refers to the protection of network and information system physical equipment; The operation safety refers to the network and the information system's operation process and the running State protection; Data security refers to the protection of information in the process of data collection, processing, storage, retrieval, transmission, exchange, display and diffusion, so as to guarantee the use of information in the data processing level. , not to be illegally impersonating, stealing, tampering, repudiation; Content security refers to the selective blocking of information flow in the network in order to ensure the controllable ability of information flow; management security refers to the security of information in the process of protection, in addition to the above technical support and management-related personnel, systems and principles of security measures.
The nature of the and combined with the current focus of the industry and related product design ideas, intranet security more emphasis on data security, operational security and management security, and its core is data security and management security, that is, how to use a variety of technology, means, tools and management methods to prevent the leakage of intranet data.
The realization of intranet security requires technology and management to complement each other, but whether it is "management first" or "technology first" has been debated. In fact, the problems of management and technology have been talked about for many years. Let's not talk about which should be first, I think both hands should be caught. Technology is guided by management, and management is based on technology. Seven-point management, three-point technology, from a number of security standards and it governance standards can be seen, such as Iso270001,coso,cobit, and so on, they mostly start with management, and then talk about some of the implementation of the technology.
2, intranet security technology selection
For example, intranet security concerns information leakage management includes monitoring, auditing, encryption and other technologies, the market has both to achieve a single function of the product, there are integrated solutions, then, to achieve information leakage management, is the enterprise to buy a number of single function products to build a system of independent, Or is it better to adopt the overall solution provided by the manufacturer? We need to look at the problem in Split. Some enterprises just start, not enough manpower and ability to do system integration, therefore, it tends to buy a whole set of solutions, and some enterprises are equipped with a lot of manpower, to the various products for detailed selection, procurement and deployment, their own form a set of solutions, the director of the family, which is also very common in the present. These two methods have advantages and disadvantages, according to the actual operation of the enterprise can be.
In addition, in the selection of equipment, the industry actually does not have a very uniform standard, I have based on experience to give the following factors to determine the practice in the selection of the reference: (1) Functional: The function of the leak-proof product needs to ensure that in the complex network environment and work environment, as well as complex conditions can be very good work. It mainly determines whether it includes data leakage prevention, Internet behavior management, data use and application behavior audit, etc. (2) Stability: The product can operate stably in large data environment and even extreme environment, there is no single point of failure. And, need to ensure that its processing capacity (throughput) can cope with the pressure of enterprise network traffic, not to cause a large flow of some or even all of the functional failure; (3) Compatibility: products should be able to integrate well and easily into the current enterprise security system, rather than independent of the security system. For a simple example, many intranet security products are now deployed as agents (proxies) in the client, and are linked to the security servers deployed on the server, and these agents should not conflict and incompatibility with other software products on the user's computer. To avoid issues such as the inability of the business to perform because of the deployment of security products; (4) Auditable: Ability to provide powerful report generation (generation) functionality and to be presented to administrators and auditors in a user-friendly GUI (graphical user interface) to facilitate audit, lookup, and retrieval, Because the data generated by intranet security is massive, the report will bring great convenience to the management work.
3, intranet security technology involved in privacy considerations
Intranet security Behavior audit can find a lot of intranet security "inside Ghost", but domestic for "behavior audit whether infringement of personal privacy" has been debated. From an enterprise point of view, the deployment of behavioral monitoring and behavior audit products is understandable, this is an important step in corporate compliance. such as Mail archive and auditor, this is a very necessary work. From a technical point of view, behavioral audit does not necessarily violate personal privacy, or not completely violate personal privacy. It is only necessary to provide some key audit terms, by means of software, and by strictly restricting the auditor's exposure to raw data, it is better to respect personal privacy. Moreover, the enterprise audit is also a knowledge, currently has a lot of certification, such as CISA, it is very good proof of the importance of audit.
4. The challenge to intranet security brought by cloud computing era
With the rapid development of technology, cloud computing, mobile applications, social network has become the daily application of many employees, these devices and technology applications, to the intranet security has brought tremendous impact. When selecting and implementing intranet security technology and products, new requirements need to be put forward according to new conditions to meet the challenge of changing application demands.
In this environment, the intranet security product supplier, in addition to providing equipment, should also provide some consulting services for enterprises. In fact, security products suppliers should shun a trend, that is, from the device provider (equipment provider) gradually transition to the solution provider (solution Provider), no one can say that their products all-encompassing, can meet the needs of all users. The user is now more concerned about the solution, followed by the implementation of the product. No plan, what to talk about products. Enterprise users should also pay more attention to the product supplier's solution when choosing products.
This article is from the "excellent once in a while" blog, please be sure to keep this source http://patterson.blog.51cto.com/1060257/721163