当前位置:网站首页>How to share the source code anti disclosure scheme
How to share the source code anti disclosure scheme
2022-07-04 06:50:00 【CNSINDA_ HK】
Recently, the company has done server security , Start to understand products in the market , I studied this piece for a short time , I have a little experience to share with you .
1. The application software R & D industry covers a wide range Application software is designed to meet the needs of users in different fields 、 Software provided according to the application requirements of different problems , It mainly includes : Office software , Based on the Internet B/S,C/S Software , Multimedia software , Computer aided design , Computer games , Analysis software , statistical software , Collaboration software , Business Software , Accounting software ,ERP,CRM,PDM etc. . The R & D source code of these software systems , Are the life pillar of the enterprise . 2. Confidentiality status of application software R & D industry In the current environment , R & D personnel are highly mobile , This requires enterprises to establish a set of mechanisms , For the enterprise's own knowledge base and project source code , Safety control of technical documents, etc , We should not only control the active disclosure of secrets by on-the-job personnel , What's more, it is necessary to prevent departing personnel from taking away the company's core information , Avoid losses to enterprises due to leakage of secrets . But the reality is , These R & D personnel in the R & D process , Basically, they back up a copy of source code and technical documents by themselves , Even back up a copy at home . These source codes and technical drawings , It is very easy to leak secrets . Common ways to leak secrets :
Ø Confidential electronic documents through U Disk and other mobile storage devices are copied from the computer
Ø Internal staff will bring their own laptop to connect to the company's Network , Copy confidential electronic documents away
Ø E-mail confidential electronic documents via the Internet 、QQ、MSN Wait to send
Ø Insiders preview confidential electronic documents , Burn the preview file to disc 、 Screen capture brings out the company
Ø Internal personnel print confidential electronic documents 、 Take it out of the company after copying
Ø adopt internet Network storage , Preservation
Ø Insiders take computers or computer hard disks containing confidential electronic documents out of the company
Ø The computer containing confidential electronic documents was lost , Maintenance and other reasons fall into the hands of external personnel
Many companies also realize the importance of information security , Some measures have also been taken , Common methods, such as closing USB Interface , No access to the Internet, etc , Behavior monitoring, etc , But it didn't work , The negative impact is also relatively large :
Ø The Internet is a huge knowledge base , Give up not to use , It belongs to putting the cart before the horse
Ø Over monitoring , Affect employees' working mood and even cause legal disputes ;
Ø Increase enterprise operating costs , Reduce work efficiency
Ø Software developers know more about computers , It's still possible to leak
Ø& There is no cure for internal leaks , At the same time, there is a suspicion of giving up eating because of choking
Ø If you use a notebook for business trip, you must take the source code data to the site for debugging , Out of control
Obvious , The traditional information security management system can no longer meet the security requirements , Therefore, according to the characteristics of industrial control R & D institutions , It is necessary to establish a new and complete intranet information security management system , Minimize the risk of enterprise information security .
3. Development and debugging environment of application software industry
The development environment of application software is also relatively complex , Servers are generally Windows and Linux Coexist , staff PC With Windows Mainly , A few Linux, Some use virtual machines . Debugging methods include local , Ethernet Remote Debugging .
development language :Java/C/C++/C#/.NET/PHP/Delphi etc. ;
development tool :Visual Studio2005/2008/2010,Eclipus,Delphi And various special IDE;
cartographic :AutoCAD/SolidWoks/3DMax/Pro.e/photoshop
version management :SVN,VSS,GIT
compile :gcc,java,cl( The embedded )
4. Anti disclosure requirements of the application software industry
1) Able to adapt to complex development environment
Due to the complex development environment , For process , The way of controlling one by one obviously doesn't work . You cannot upgrade because of the development tool version , It makes it impossible to keep secret .
2) Developers in the enterprise , Without affecting the development and debugging efficiency , Cannot move storage , The Internet , mail , Screen shots and other disclosure methods . Any confidential documents must go through a strict approval process , And have traceable log records .
3) The best source code document is plaintext on the server , It's ciphertext on the employee development machine , Reduce dependence on encryption software , Prevent safety accidents .
4) It has strong anti cracking ability , The technical level of R & D personnel is relatively high , Software vulnerabilities cannot be easily found . You cannot package the source code by adding resource files .
Demand analysis :
1、 Need confidential source code 、Office、CAD、Pro/E And other edited documents or drawings , Prevent leakage of drawing files . Encrypted files can only be used inside the company , Leaving the company's computer becomes garbled .
2、 Laptop take out management , Employees can only operate encrypted files on their laptops when they go out . And there is a specified time !
3、 It's best to automatically back up files to the server !
4、 The mobile storage device cannot be used
5、 When documents need to be sent out, they need to apply . It can only be distributed after approval !
6、 Limited Internet applications , Can't upload to the network !
7、 convenient , If you don't want a file, you need the boss to decrypt one . too troublesome !
Implementation plan :
Edit switch to center
Add picture comments , No more than 140 word ( Optional )
Employees install shenxinda SDC Anti disclosure software client , Install... On the computers of senior executives and company servers SDC The management side and secret side of the sandbox . Install the file outgoing management end on the server !
Managers set policies on the management side :
1、 Set that the client cannot open the design and development software in normal mode !
2、 Printing permission can only be fixed on one printer , And record who printed
3、 Document operation record , Generate logs ; 4、 In encrypted sandbox mode , The mobile device is read-only !
5、 Encrypted disks cannot be accessed in normal mode
6、 Offline time control , If you leave, you can't be in sandbox mode ; 7、 Set file share permissions , Different people have different permissions to access different resources
8、 Policy distribution configuration ; 9、 Transfer files from the client through the server , Ensure that the data is encrypted without landing or landing .
10、 Set that employees must enter sandbox mode within a certain period of time .
Secret end settings : 1、 Different people access different confidential documents
Employee client :
1、 Realize the automatic encryption of the client ;
2、 Communication management with server .
3、 Documents to be sent out , Export to other unencrypted disks through the export tool ! However, the exported file cannot be used in normal mode .
File outgoing server : Set up the process , Establish a department , All outgoing documents need to be approved before they can be distributed , Who applies , Whose approval is on record ! Responsibility goes to individuals !
Implementation Effect : Automatically 、 Compulsorily 、 Transparently encrypt the files that the manager wants to encrypt . Ensure that important electronic documents of your company are not stolen . It will not change the operating habits of employees , All encryption actions are silently completed by the system behind the scenes . The use of encrypted documents is unimpeded for employees to communicate within the company , There is no way for employees to copy documents to other places . Even if the exported file , Can't open ! Summary of the plan : Completely and proactively prevent your peers from 、 competitors 、 Job hopping employees put important information inside the company 、 Drawing 、 file 、 R & D results 、 R & D materials 、 Technical documents 、 Project book ﹑ offer ﹑ Customer information 、 Financial data and other relevant important confidential information and documents . In improving the work efficiency of your employees 、 While not affecting the employee's mood , Completely and actively prevent internal employees from divulging important confidential information inside the enterprise . Solve your company's problems in information security .
Edit switch to center
Add picture comments , No more than 140 word ( Optional )
Two . Solution - use SDC Sandbox anti leakage system to prevent leakage
SDC Sandbox anti leakage scheme adopts the world's leading third-generation transparent encryption technology — Kernel depth sandbox encryption , Based on the bottom layer of the operating system , The concept of absorbing cloud , Encrypt and control the environment , Software independent , file type , file size , High reliability anti leakage solution . It is a set of high scalability , Customizable solutions . The system itself integrates network verification 、 File encryption 、 Print control 、 Program control 、 Internet control 、 Non certified PC Network access restrictions 、 Anti removable storage 、 Disc burning 、 Anti disclosure functions such as anti screenshot , Truly accomplish :
Ø Fully transparent encryption , It does not affect employees' work efficiency and habits
Ø Can protect all file formats , Include all document formats , All source code formats , Drawing format
Ø Do not control documents , Safe and stable , Do not destroy files
Ø The data on the server is encrypted without landing or landing
Ø Audit of outgoing documents , encryption , Anti disclosure treatment
Ø Outgoing email application , Audit business flow
Ø There is no need to be right PC Any control of the machine can be carried out to prevent leakage
Ø Take any documents from the classified environment , All need to go through the approval process .
When employees work , An encrypted sandbox will be started locally , Sandbox will connect with server authentication , Form a classified , Encrypted workspace , Employees work in sandboxes :
-- The data on the server is encrypted without landing or landing .
-- All development results must be stored on the server , Or in the local encrypted sand table .
-- The sand table is isolated from the outside world , So it won't leak .
-- According to the policy, employees can be set to enter sandbox mode immediately after starting up .
-- Don't start sandbox PC Are quarantined , Employees who cannot access the server and enter the sandbox PC.
-- Directly logging in to the server cannot copy the data of the application system from the server .
Encrypted sandbox , It's a container , Everything can be loaded ; Is the encryption of the environment , Don't care what an individual is ; So it has nothing to do with the process , It has nothing to do with the file format , It has nothing to do with the file size , Won't destroy the file . Unlike other encryption software , Modify the contents of the file itself . Therefore, it does not affect software compilation and debugging , Does not affect version management , Version comparison .
Edit switch to center
Add picture comments , No more than 140 word ( Optional )
key word : Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption , Source code encryption , Source code anti disclosure , Source code leakage prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , The source code is confidential , Data leakage prevention , Source code security management , Enterprise data security management , Terminal data leakage prevention , Server data leakage prevention , Anti leakage of operation and maintenance data , Document encryption , Encryption of drawings , Environment encryption . Source code encryption , Operation and maintenance data security , Server data leakage prevention , How to choose encryption software , Enterprise source code encryption , Enterprise code protection , Enterprise source code leak proof , Database leak prevention , Source code encryption software , Data leakage prevention solution , Enterprise data security management , Serial port control , Burn control , Source code protection , Server security , Source code encryption system , Research and development data security
key word : Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption , Source code encryption , Source code anti disclosure , Source code leakage prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , The source code is confidential , Data leakage prevention , Source code security management , Enterprise data security management , Terminal data leakage prevention , Server data leakage prevention , Anti leakage of operation and maintenance data , Document encryption , Encryption of drawings , Environment encryption . Source code encryption , Operation and maintenance data security , Server data leakage prevention , How to choose encryption software , Enterprise source code encryption , Enterprise code protection , Enterprise source code leak proof , Database leak prevention , Source code encryption software , Data leakage prevention solution , Enterprise data security management , Serial port control , Burn control , Source code protection , Server security , Source code encryption system , Research and development data security
key word : Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption , Source code encryption , Source code anti disclosure , Source code leakage prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , The source code is confidential , Data leakage prevention , Source code security management , Enterprise data security management , Terminal data leakage prevention , Server data leakage prevention , Anti leakage of operation and maintenance data , Document encryption , Encryption of drawings , Environment encryption . Source code encryption , Operation and maintenance data security , Server data leakage prevention , How to choose encryption software , Enterprise source code encryption , Enterprise code protection , Enterprise source code leak proof , Database leak prevention , Source code encryption software , Data leakage prevention solution , Enterprise data security management , Serial port control , Burn control , Source code protection , Server security , Source code encryption system , Research and development data security
key word : Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption , Source code encryption , Source code anti disclosure , Source code leakage prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , The source code is confidential , Data leakage prevention , Source code security management , Enterprise data security management , Terminal data leakage prevention , Server data leakage prevention , Anti leakage of operation and maintenance data , Document encryption , Encryption of drawings , Environment encryption . Source code encryption , Operation and maintenance data security , Server data leakage prevention , How to choose encryption software , Enterprise source code encryption , Enterprise code protection , Enterprise source code leak proof , Database leak prevention , Source code encryption software , Data leakage prevention solution , Enterprise data security management , Serial port control , Burn control , Source code protection , Server security , Source code encryption system , Research and development data security
key word : Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption 、 Source code encryption , Source code encryption , Source code anti disclosure , Source code leakage prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leak prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , Source code leakage prevention , The source code is confidential , Data leakage prevention , Source code security management , Enterprise data security management , Terminal data leakage prevention , Server data leakage prevention , Anti leakage of operation and maintenance data , Document encryption , Encryption of drawings , Environment encryption . Source code encryption , Operation and maintenance data security , Server data leakage prevention , How to choose encryption software , Enterprise source code encryption , Enterprise code protection , Enterprise source code leak proof , Database leak prevention , Source code encryption software , Data leakage prevention solution , Enterprise data security management , Serial port control , Burn control , Source code protection , Server security , Source code encryption system , Research and development data security
边栏推荐
- Software keywords and process information intercepted by Golden Shield video player
- Code rant: from hard coding to configurable, rule engine, low code DSL complexity clock
- How does the recv of TCP socket receive messages of specified length?
- C语言中的排序,实现从小到大的数字排序法
- leetcode825. 适龄的朋友
- Mobile adaptation: vw/vh
- Option (024) - do all objects have prototypes?
- 高薪程序员&面试题精讲系列119之Redis如何实现分布式锁?
- tars源码分析之9
- 移动适配:vw/vh
猜你喜欢
响应式——媒体查询
uniapp 自定义环境变量
27-31. Dependency transitivity, principle
what the fuck! If you can't grab it, write it yourself. Use code to realize a Bing Dwen Dwen. It's so beautiful ~!
Arcpy uses the updatelayer function to change the symbol system of the layer
uniapp 自定義環境變量
Selenium ide plug-in download, installation and use tutorial
Overview of convolutional neural network structure optimization
Matlab remainder
颈椎、脚气
随机推荐
在已經知道錶格列勾選一個顯示一列
Lottery system test report
运算符<< >>傻瓜式测试用例
[number theory] fast power (Euler power)
the input device is not a TTY. If you are using mintty, try prefixing the command with ‘winpty‘
【GF(q)+LDPC】基于二值图GF(q)域的规则LDPC编译码设计与matlab仿真
C语言中的排序,实现从小到大的数字排序法
Arcpy uses the updatelayer function to change the symbol system of the layer
[GF (q) + LDPC] regular LDPC coding and decoding design and MATLAB simulation based on the GF (q) field of binary graph
移动适配:vw/vh
Highly paid programmers & interview questions: how does redis of series 119 realize distributed locks?
2022 where to find enterprise e-mail and which is the security of enterprise e-mail system?
Selenium ide plug-in download, installation and use tutorial
MySQL 45 lecture learning notes (XIII) delete half of the table data, and the table file size remains the same
图的底部问题
11. Dimitt's law
Summary of leetcode BFS question brushing
The solution of win11 taskbar right click without Task Manager - add win11 taskbar right click function
Tar source code analysis 4
云Redis 有什么用? 云redis怎么用?