View information security from the dark screen of a detective

 

Recently, Han Bing, a private detective, was very red. He called it "the first probe in the south of the Yangtze River" and reported a dark screen in Xinmin Weekly: "the so-called" Sherlock Holmes "is just an information broker ." He said, "If public security, health, education, housing management, vehicle management, and other public departments, banking, communications, aviation, insurance, and other commercial service institutions do not have any internal 'mole ', private investigators are capable of getting the core information of citizens." This news is not surprising to all of us who are dealing with Intranet security every day. We are glad that more and more people have dared to reveal the dark curtain and allow relevant departments to pay attention to it, prevent it and stop it. "The disclosure of personal information of citizens is divided into three steps. The source is the above-mentioned departments. There are inevitably a few failures in state organs, enterprises, and institutions. These failures take advantage of their positions to facilitate access to or even take charge of personal information of citizens, it becomes the source of reselling personal information." In an interview with Han Bing, the "nets" who leak personal information of citizens are not only the interests of citizens, but also the reputation and economic interests of enterprises and institutions. If the circumstances are more serious, the credibility, public trust, and reputation of enterprises and institutions will drop to the bottom, resulting in some practical benefits. We can also imagine that "moles" illegally disclose the personal information of users in enterprises and institutions, which constitutes illegal acquisition of personal information of citizens, infringement of citizens' privacy and other such crimes, thus damaging the reputation of enterprises and institutions, however, if important business secrets and state information of enterprises and institutions are leaked by "moles", it may be related to the image of State organs and the survival of enterprises. According to a survey on the cost of default published by the Ponemon Research Institute, ignoring internal personnel is the primary cause of data damage, it accounts for 39% of US defaults. Zecurion's statistics show that more than 70% of the information security threats come from within the company. Top employees who have access to confidential information, middle and lower-level employees in the business department, and employees in the Information Department are high-risk groups. Han ice disclosed the leak of "moles" in banks, communications, aviation, insurance and other commercial service agencies. In fact, the general public saw the clues in the leak cases such as China Merchants Bank and Jiangsu bank. All these cases show the Security Management vulnerabilities of the above organizations, which makes the alarm of information security maintenance long-known. In this interest chain of Information reselling, "moles" in enterprises and institutions have become the source of frequent and massive information leakage, on the one hand, because they are driven by interests, on the other hand, there is no obstacle in the process of relying on information outflow. As we all know, there are many risk points for information leaks in enterprises and institutions, such as USB mobile devices, emails, instant messaging, and wireless networks, the "moles" familiar with the environment of the unit can easily obtain and disseminate confidential information by leaking risk points. The security management software IP-guard of Yixin technology is also a "Management Risk" software, it mainly uses the most powerful encryption technology, detailed audit tools, and comprehensive and strict control to comprehensively and systematically control enterprise risks and protect enterprise information security. As a powerful weapon to "manage risks", our IP-guard Encryption not only protects the most important confidential documents and data of enterprises, but also integrates audit and control, it is not afraid to let enterprises know what has happened, let the secrets not take away, or take away the secrets. We are about to go through "2012" soon. We sincerely hope that there will be fewer leaks of enterprises and enterprises in the future, and the security protection network of enterprises will be stronger, so that enterprises and common people will be able to live with greater peace of mind.