System Security calls for collaborative protection

Casual challenges

Some time ago, the reason was that the computer with charges had a problem and the patient complained. It is reported that the root cause of computer problems is virus intrusion, resulting in application failure to open, and even the Windows system crash. Although the hospital's network manager arrived at the site for recovery at the first time, it took a long time to recover each computer, resulting in the stagnation of hospital operations.

In fact, the above phenomenon is only the tip of the iceberg, and many people have experienced similar experiences. The person in charge of an enterprise used to store the file data of daily office work in the portable mobile hard drive, but he did not think that the mobile hard drive was faulty. At that time, the mobile hard drive could not work, the person in charge of the company was in a hurry because two hours later, he had to attend a press conference to make a report. Now all the information is gone. Mobile hard drive reliability is low, and such accidents are common.

Of course, this is not the most terrible thing. With the development of mobile office, the use of laptops is quite common. The loss of users' laptops in taxi, train, plane and other places is common, and even Malicious theft and theft occur.

Once this happens, it will bring a devastating blow to users: not only will all business data and information be lost as much as possible, but it will also bring great troubles to business development.

Key to security

In fact, the above examples illustrate a problem: security is not just as simple as anti-virus and backup, but a well-planned system engineering. Previously, when talking about security, there was often a kind of emotion: when there is a virus, it is necessary to install anti-virus software; when there is an attack, it is necessary to install a firewall; if you want to back up the data, find the relevant backup software.

This lagging security concept is not only unable to meet the security requirements of users, but also makes users feel overwhelmed in the face of emergencies, and is often complicated in procurement and maintenance.

For enterprise users, in addition to a set of Gateway Protection Solutions (firewalls, IDS/IPS, and Web security gateways), security cannot be relaxed in terms of Intranet protection, especially the terminal security. The endpoint security mentioned here is a big category. In addition to anti-virus software, IT also needs to provide protection for data information in users' personal computers, and for the IT computing environment of users' personal computers (the entire desktop system) supports backup and disaster recovery.

Further, such comprehensive endpoint security should not only be the privilege of a single computer, but must provide comprehensive support on the Enterprise Server Side and implement Mobile Security roaming through the network.

Collaborative terminal Protection

As a matter of fact, there is only one thing we can feel. How can we provide security protection for the most common Windows platforms. According to the IDC Analysis Report, 60% of the important data of enterprises around the world is stored on employees' personal computers, and among these computers, Windows accounts for the largest share. In this regard, the foreign security industry is brewing a new concept of terminal collaborative protection, in order to achieve thorough security collaboration from the root cause.

It is understood that the core concept of collaborative terminal protection is to provide a hierarchical collaborative security protection concept on the Windows platform, including pre-Protection, in-process detection and removal, and post-event recovery.

Without any protection, the Windows system may have thousands of threats trying to attack the system. Once the defense line breaks through, the loss of enterprises will be 100%. Therefore, the first step of Windows collaborative protection is ex ante protection. At this level, a variety of technologies are used to prevent threats from entering the desktop system. This includes using anti-virus systems for active threat protection, controlling mobile peripherals (such as USB flash drives and mobile hard drives), and conducting in-depth detection and other technical means.

Next, once a malicious threat is discovered, the terminal security system needs to scan and kill the virus, worm, and spyware.

Of course, a clever defense system is not omnipotent. Once a malicious threat damages the system, it must provide support for post-event recovery-both data recovery, the system must be restored. In this way, even if your computer crashes and data is lost, it can be quickly restored.

In fact, the complete set of terminal collaborative protection concepts need to be structured on the server of the enterprise, so that the enterprise can use the network to carry out collaborative defense for terminal security. In addition, even if your computer is stolen or lost, you can use the information stored on the server to restore the user from a different machine.

It should be noted that the time for issuing security policies and system recovery from the server will be greatly shortened. Generally, the system and application can be completely restored within 30 minutes. In the past, the efficiency of manual recovery often occurred for half a day. From the cases introduced at the beginning of this article, quick recovery is indeed necessary.

Therefore, the current idea of collaborative terminal protection has already covered three things that users are concerned about: "terminal security, data protection, and System Recovery". I believe that, in the future, security solutions that conform to this idea will emerge one after another.