Why personal information security is difficult to secure

more sensitive to the data of the classmate is not difficult to find, the industry insiders inside job the number is 3 times higher than the hacker , of course, we do not rule out the hacker hiding technology may be higher, but it can be confirmed thatthe " inside Ghost " has become one of the main ways of information leakage at this stage. the Security of personal information is difficult to protect if the "inside Ghost" is not removed.

as the saying goes, Ming gun easy to hide, dark " thief " difficult to prevent, outside God good hiding, inside ghost difficult to prevent. It should be clear that they have seen the infernal Affairs or played the Three Kingdoms, and they are always thinking and communicating with other people in a non-internal spirit, to a critical moment, to give a deadly blow.

The same is true of network security, a black industry chain is the invisible engulfing this era, personal information leakage has been buried in life a time bomb, and " inside Ghost " has let this bomb start countdown.

Why is the " inner ghost " so rampant? On the one hand, because of the weakness of intranet, we find that in addition to the unified security protection system such as firewall,IDS, anti-virus, database audit, password and so on, there is no special technical intelligence protection measures to protect the core resources effectively. On the other hand , even if an enterprise will establish an internal security policy based on the business requirements and assign the person with the responsibility in the form of authority, this does not effectively prevent the abnormal behavior of the internal user with legitimate privileges, that is, the abnormal behavior of the legitimate user.

Therefore, based on the behavior analysis of internal users, it is possible to find out whether internal personnel's operation is a threat to the system security, and is an important technical means to solve the internal threat warning, detecting and ensuring the security of the system.

Based on the internal user's behavior analysis is different from the feature-based analysis, although the latter is a kind of vertical pole see shadow of the means, for the traditional security risk is very effective, but lack of timeliness, and need a strong corresponding team. The analysis based on user behavior is a more complicated way to find anomalies by means of data statistic, but the disadvantage is uncertainty of accuracy, the more perfect data collected, the higher the accuracy.

How do you find and capture this " inner ghost " accurately? You need to know the destination of his visit, the port used, what protocol and what port,IP, and other content, fortunately, many network security equipment factory commercial standard data interchange method is a good solution to this problem.

in NetFlow Standard For example, because Flow of an IP packet defines at least several key elements: source IP address, destination IP address, source port number, destination port number, The type of the third layer protocol, etc.,NetFlow can use several attributes of analyzing IP packets to quickly distinguish the various types of traffic traffic in the network.

The Big Data security platform's collector will be able to log and NetFlow are collected in a unified and correlated analysis.

many years ago, there is always a " however persuasive outsmart " between attack and defense , because we found that the attackers are always in the dark, the defenders in the Ming, evolved to today, is no longer the light and dark, the field of information security began to play " Infernal Affairs , and the Big Data security analysis platform can not only expose the hacker's attack to the operation and maintenance personnel's eyes, but also must let the inside ghost every action in the platform without hiding.

for more information on network security, please visit Security Center .

Why personal information security is difficult to secure