With frequent data leakage and deletion events, how should enterprises build a security defense line?

Recently, a data deletion security incident occurred in China , Bai mouyin, the former employee of a hospital Unwilling to be ignored by leaders , In addition, former colleagues often ask him to help solve network problems , So and so white came into being “ Make a network fault and let a hospital find a solution again ” Ideas , So through VPN Remote operation 、 Reset router 、 Tamper with administrator password 、 Delete virtual machine files and a series of operations , Finally, it leads to the paralysis of network information system . Look around the world , The data reveal that 、 The database deletion accident is not accidental ：

• 2015 year , The American family “ It has thousands of employees and many offices around the world ” Multinational enterprises , Fired a person in charge Prevent former employees from damaging the enterprise network IT people . It's his turn to leave , You may have guessed , you 're right , He deleted the Library ...... When handling resignation , The employee did not return the relevant equipment issued by the company normally , Instead, he took it home directly , And carried out a series of database deletion behaviors , It not only causes the data loss of some customers and users , What is more painful is that before the employee deletes the file , The customer and user data that has not been included in the latest backup copy will eventually be forever ！ For a long time ！ lose ！ loss ！
• The same thing , Come back at home 「 One hundred times 」： For example, a former employee of an enterprise admitted his act of deleting the database , After he left , Used personal account to deploy code , Delete 456 Sets for delivering video conferencing 、 Video messaging 、 Virtual machines served by file sharing and other collaboration tools . similarly , The employee's behavior led to heavy financial losses , And he himself will also face legal sanctions .

This is enough to sound the alarm for all enterprises —— Anything to the network 、 data 、 Business system security protection has a fluke mentality , Or not pay attention to 、 Indifferent governance , Will make enterprises put themselves in danger in the face of sudden emergencies , Cause direct or indirect economic losses , Those who are more serious may suffer from extinction . In the era of industrial Internet , No enterprise can not use the network at all 、 System 、 data . But employees can delete the database 、 Resigned employees can also access the company's Network , This means that Enterprise security deployment and authority management There are very serious problems .

At the root , Enterprise information security is often related to internal and external technologies 、 Process and people are closely related , Among the three, there is 「 people 」 The most obvious variable .

• From the internal point of view ——

Risk one ： Technical level ,IT Technicians are not satisfied with the improper selection , It will cause intermittent system downtime 、 Unrecoverable without backup data ;

Risk two ： Process level , High single permission implies deliberate destruction 、 Risk of misoperation , For example, privileged users are given too many access rights ;

Risk three ： Personnel level , Service crash or core database deletion caused by human operation , Including employee data theft 、 Employee bribery and selling information 、 Retaliatory operation of operation and maintenance personnel .

• From the perspective of external environment ——

Risk four ： Hackers for show off or other purposes , Will use specific vulnerabilities to steal information ;

Risk five ： Attacks from malicious people , Including phishing fraud 、 Data theft ransom 、 Spear phishing .

All these above , All man-made disasters , Intentionally or unintentionally , Will eventually lead to network security accidents .

In the final analysis, security is “ people + Method + Tools ” As a result of the combined effect of , The three work together , They are not only mutual constraints , Can also produce 1+1+1＞3 Safety protection bonus effect . The former staff of the hospital retaliated , To a large extent, it confirms Business information system should pay attention to the ability of security protection 、 Optimize permission management methods 、 Strengthen the legal awareness of relevant personnel .

So how to build security quickly 、 Stable 、 Cost effective business IT Ability ？

Put the company's business on the cloud , It is an effective way to protect enterprise information security 、 An effective way to reduce costs and increase efficiency . It is the general trend for enterprises to go to the cloud . But some enterprises still hold “ Master the information on yourself ” The concept of , Refuse to go to the cloud or just go to the cloud for some businesses . actually , Self owned network and system architecture is a double-edged sword , It also hides great risks ： stay “ No clouds ” Under the state of , It is easier for operation and maintenance personnel to have the opportunity to perform similar “rm -rf /*” and “fdisk” Type of extreme operation ; On the other hand , Because there is no relatively perfect automatic backup and recovery mechanism , Data recovery 、 The technical difficulty of system maintenance is also greatly increased .

With the deepening of cloud infrastructure construction , Cloud is already a solution to the security problems in the digital age “ Optimal solution ”. For example, JD public cloud security operation center can provide systematic security assurance for the whole process —— Prevention covering the whole life cycle 、 testing 、 Responsive and visible security system , It can provide coverage for the safe operation of businesses on the cloud “ In advance 、 In the matter 、 After the event ” Process guarantee , make “ perception - defense - Respond to ” Integrated security operation system , Make business security management simpler 、 More effective 、 More valuable .

JD cloud host security is managed through unified assets 、 System risk detection 、 Trojan horse killing 、 Hacker intrusion detection , For your cloud host 、 Local server 、 The container builds a unified protection system with mixed clouds , And meet the requirements of insurance compliance , Provide automatic data backup and recovery of specified files at any time , Prevent blackmail encryption .

JD cloud unified security hosting service builds a unified security management platform 、 Security expert services and security custody operation services , To ensure user network security “ Continuous effectiveness ” Target , Be dedicated to “ The digital intelligence security operation steward of the enterprise ”, Help enterprises cope with the process of digital transformation , Security operation challenges under complex infrastructure . Implementation of the host 、 The Internet 、 Intelligent analysis of application and data multi-dimensional security risk events , Efficient operation and disposal by combining automatic response and disposal technology of safety arrangement with safety experts , Provide users with all-weather security services .

Finally, from the perspective of humanities , Enterprises need to nip in the bud , We also need to stand “ The programmer ” Thinking from the perspective of . The structure of related personnel in the system process is complex , Yes “ Rule of man ” It's more demanding —— From senior management to employees 、 From system operators to security operation and maintenance personnel 、 From inside the enterprise to service providers , Only let safety awareness permeate everyone , Strengthening people's safety ability and safety awareness is the internal driving force .