Cloud Security of enterprise network in cloud era

The US has been monitoring Huawei for 5 years.

Chinese telecoms maker Huawei has become the U.S. National Security Agency (NSA) monitor, according to a recent leaked document from the US surveillance scandal. It is disclosed that since 2009 the NSA began to invade Huawei headquarters of the server, with the approval of the U.S. president can launch a cyber attack.

Huawei is the target of the U.S. National Security Agency's code-named "Sniper Giants" project, according to the New York Times's latest leaked NSA confidential documents. Using the loopholes in Huawei's technology, the NSA can monitor it by invading Huawei's devices. In addition, the NSA can launch offensive activities with the permission of the president. According to Huawei's previously disclosed information, its routers and switch products connect 1/3 of the world's population.

According to the New York Times, the NSA's intelligence activities in China are not limited to Huawei. Last year, the NSA invaded two of China's large mobile communications networks to track strategically important Chinese military units, according to a April 2013 Snowden document.

Concerns about information security have continued to heat up in the country since the exposure of the U.S. PRISM program to Chinese companies last year.

In this year's national two sessions, information security has become the focus of people's attention. During the two sessions, the National People's Congress deputy chairman of the Financial Committee xiaoling, Hubei CPPCC Vice President Lu Zhongmei, Wave Group chairman Sun Pi, China Mobile Guangdong Company general manager Zhong Tianhua and other National People's Congress, have made suggestions or motions on information security issues.

In the Internet age, enterprise information security is facing unprecedented challenges.

System vulnerabilities threaten financial security

Customer funds frequently stolen brush, information system failure, business system stagnation ... Everbright Bank (601818, shares) in recent years, has always encountered the consumer and investors "peat peat" double blame.

August 30, 2010, Everbright Bank of the core business system failures, resulting in a slow national network transactions, counter business, internet banking, telephone banking, electronic payments and other business are seriously affected. The system completely interrupted 12 minutes 34 seconds, the external normal service affected time of 5 hours, resulting in the system did not successfully account and repeat more than 50,000 pens. The CBRC specifically briefed the State Council on this matter.

2011, Everbright Bank in Beijing, Nanjing and Shanghai and other branches of the Internet Bank customer funds stolen incidents. In view of the great loophole of Everbright Bank information System, the CBRC commissioned the authoritative National Information security Assessment Agency to test the bank's online banking and website system, and found that there are three major loopholes in the bank's internal information leakage risk, phishing site attack risk, information security protection measures are not strict, and ordered its immediate rectification.

But after two years of calm, 2013, as Everbright Bank Brothers Unit Everbright Securities (601788, shares bar) "Oolong refers to the incident" suddenly broke out, will just relax the tone of China Everbright Group again pushed on the cusp.

On the cause of this incident, Everbright Securities said that, after initial verification, the cause of this incident is mainly the use of strategic investment in the arbitrage strategy system has arisen. Eventually, the SFC identified the incident within 88 minutes as insider trading, in addition to giving a fine of 523 million yuan, as well as the penalty of "lifelong securities market ban" of 4 relevant decision-makers such as Yang Jianbo, Everbright Securities proprietary business (excluding solid receipts) was shouted stop, ordered to be rectified without limitation.

Last year, led by the People's Bank of China, the establishment of the Internet financial development and supervision of the research group, the group is composed of the PBC, the Banking Regulatory Commission, the SFC, the CIRC, the Ministry of Public Security, the Law office. The Internet financial regulatory guidance, drafted by the central bank, has already completed two rounds of consultation, if the next procedure goes well, or is expected to be introduced in the first half, according to the Journal of Caijing (blog, Weibo). This means that Internet finance is beginning to be incorporated into China's financial system and regulatory framework.

Information security faces double challenges

According to the official website of China Industry and Commerce administration, as of the end of February this year, there are 15.4616 million enterprises (including branch offices) in the whole country. In the accelerated development of the information age, once the enterprise suffers from sensitive information leakage, the important data is destroyed, the business system is illegally controlled and other crises, it must be a disaster, light enterprise economic interests are severely damaged, the heavy threat of social and national security.

From January 2013 to November, the National Internet Emergency Center (CNCERT) sampling monitoring found that about 24,000 Trojan or zombie network control servers in the country control more than 9.33 million hosts. "These controlled hosts are remotely manipulated by hackers, on the one hand, the information stored on the user's computer is stolen, on the other hand, it may become a springboard for hackers to launch attacks against others, while a large number of controlled hosts controlled by hackers may also constitute botnets, and become tools and platforms for hackers to launch large-scale network attacks. "Lijia, deputy director of China National Internet Emergency Center, said.

The "2012 China Internet Security Report", released by the Internet Security Center, said that because the vast majority of domestic enterprises, especially small and medium-sized enterprises in information security investment is limited, the use of free personal version of security software to replace the enterprise version of security software is very common. According to a survey conducted by the 360 Security Center in 2012, domestic enterprises generally use free Personal Edition security software to replace the enterprise version of security software. In the surveyed enterprises, large and medium-sized state-owned enterprises to use the enterprise version of security software is high, to 78%; With an enterprise version of security software is less than 5%, about 94% of small and medium-sized enterprises only for employees to install personal version of security software, and about 1% of enterprises do not use any security software.

When the enterprise's security protection is not standard, itself has already buried the security hidden danger. In the era of cloud computing and large data, the popularity of mobile devices makes enterprises face new challenges in the information security response.

Smart phones, tablets and other mobile terminals flexible, convenient, efficient and so on, attracting more and more people to use BYOD (Bring Your Own Device, refers to mobile phones or flat-panel mobile intelligent Terminal Equipment) to office. But if companies do not have strong, effective policies, procedures, and security awareness training in the use of BYOD, the company and its corporate sensitive data are likely to be at risk, such as the loss of mobile devices, theft, and even the more likely danger of being hacked.

The number of mobile internet users reached 838 million by January 2014, according to data published by the Ministry of Public Information.

Hequan, academician of Chinese Academy of Engineering and director of China Internet Association, believes that the security of mobile Internet is even more serious than desktop Internet. "Because the mobile Internet operating system is now pluralistic, for our country, our operating system is still unable to achieve autonomous control." For smartphones, there are more than 3,000 viruses, One-third is a trojan, the application software now has more than 50,000 kinds of mobile terminal equipment diversity than the desktop terminals much more difficult to manage. "Hequan said.

National Computer virus Emergency Treatment Center executive deputy Director Chen Jianmin that the mobile security can not be taken lightly. The 2012 has seen the use of mobile phone operating system zombie programs, the use of micro-letters, micro-bo fishing and fraud growth, phishing fraud technology continues to introduce new, anti-phishing technology automation, intelligence level. The security problem of mobile terminals is still the focus and difficulty in security field.

Cloud computing brings information security challenges

There is no doubt that cloud computing and the big Data era have come.

On the one hand, cloud computing provides a storage and computing platform for massive and diverse data, while data mining and artificial intelligence find knowledge, rules and trends from large data to provide information for decision making. However, cloud computing and large data are also challenging the information security of enterprises under cloud computing, while expanding the level of information openness.

At the last June China Cloud Computing Conference, research fellow Feng Deng pointed out that the development of cloud computing and application of the IT industry is undergoing profound changes, but it to improve the efficiency of IT resources at the same time, the information security brings multiple levels of impact and challenges: Cloud computing Service computing model, Dynamic virtualization Management and Multi-layer service model have caused new data security problem, the dynamic of cloud service contract and the feature of multi-party participation, which brings new impact to the responsibility cognizance and the existing information security standard system; When cloud computing's powerful computing and storage capabilities are exploited illegally, Will have a huge impact on the existing security management system.

Zhang Qi, a professor of computer science at Wuhan University, thinks that cloud computing is also an information system, and there are common security problems in information systems. "Because cloud computing is a new kind of information system, there are some new security problems in cloud computing, which means that cloud computing has its own special security problems, including the sharing of equipment resources, the non self of data storage and processing." "Zhang Qi said.

Li, a longtime expert in information security, told reporters that companies are now paying more and more attention to information security, and that his company's investment in information security has accounted for one-third of the net investment. "To deal with the challenges of information security, from the Internet, server side, application and so on, can be used to separate intranet and Extranet methods." ”

Industry experts believe that the management of the system is more important than the technical protection.

Aloysius Cheang, managing director of the Cloud Security Alliance Asia Pacific, says cloud computing is "seven-point management, three-point technology" and management is important for cloud computing.

"The key is to rely on institutional management to fill loopholes." The system design is good, also depend on ' the person who executes ' can realize the information security. "Li said.

Sangyanjuan, deputy general manager of Chiyu Data Technology Services Limited, said in an interview with the rule of law weekend reporters that strengthening the management of network information security is the key to enforcing the norms and efforts. "Strengthen safety management, safety awareness training and attack and defense drills, through improving staff management in operation, is the key to network information security." "Sangyanjuan said.