How to meet the requirements of source code confidentiality and source code security management

Common ways to disclose confidential electronic documents

In recent years , The popularization and development of computer and Internet applications in China , Has penetrated into every corner of society , The government , economic , military , social , Culture and people's life are increasingly dependent on computers and networks . E-government , Paperless office 、MIS、ERP、OA And other systems are also widely used in enterprises and institutions .

But in this development trend , The hidden danger of network information security is becoming more and more prominent , Information leaks occur from time to time . as everyone knows , Electronic documents are easy to copy , Easy to email , Compact disc ,U disc , Network storage and other ways to spread . Confidential documents of enterprises and institutions , R & D source code , Drawings and other core technical confidential information , It's easy to be transferred to the outside through the active disclosure of internal employees , Even in the hands of competitors , Cause great economic and reputation losses to the unit .

Common ways of divulging secrets include ：

- Internal personnel pass confidential electronic documents through U Disk and other mobile storage devices are copied out of the computer ;

- Internal staff will bring their own laptop to connect to the company's Network , Copy confidential electronic documents away ;

- Insiders send confidential electronic documents via e-mail via the Internet 、QQ、MSN Wait to send it out ;

- Internal personnel print confidential electronic documents 、 Take it out of the company after copying ;

- Insiders take confidential electronic documents out of the company by burning CDs or screenshots ;

- Insiders take computers or computer hard disks containing confidential electronic documents out of the company ;

- The computer containing confidential electronic documents was lost , Maintenance and other reasons fall into the hands of external personnel .

- External computers are connected to the company's Network , Access the company's confidential resources, steal confidential electronic documents and disclose secrets

- Internal personnel will pass Internet Network storage , Preservation .

.... ....

The status quo of leak prevention

To address these risks , Many units take to remove the optical drive floppy drive , Seal off USB Interface , Restrict access to the Internet ; Or install some monitoring software , Monitor the daily work of employees , To make him dare not act recklessly ; Or install various network information security protection products , Such as firewalls , Intrusion detection , Anti virus products to prevent hacker attacks and virus attacks . But people soon found , Restrict Internet access 、 closed USB Interface 、 Remove the optical drive floppy drive 、 On the one hand, the practice of installing monitoring software seriously affects the convenience of work , And it is easy to cause employees' resistance , It may even bring legal problems ; On the other hand, intentional internal disclosure cannot be completely eliminated , At the same time, there is a suspicion of giving up eating because of choking .

A large number of facts have also proved that these methods are not very effective , The main disadvantages are ：

- Affect employees' working mood and even cause legal disputes ;

- Increase enterprise operating costs , Reduce work efficiency ;

- Can't prevent software developers from divulging secrets ;

- All the energy is spent on the post disclosure tracing ;

Shenxinda SDC Confidential data security system

The technology is developed by the international leading shenxinda company SDC（Secret Data Cage） Confidential data security system , Adopt the world's most advanced third-generation transparent encryption technology --- Kernel level deep three-dimensional sandbox encryption technology , Is designed to solve the source code , Drawing , A set of anti disclosure system designed for the disclosure of confidential data such as documents .

Today's enterprises have their own LAN , Generally, the main core confidential data is stored on the server , Some are stored on employees' computers .SDC Our secret design concept is ：

When employees work , Virtual an isolated encrypted sandbox on the employee's computer , The sandbox will actively authenticate and connect with the server , Then form a server - Client sandbox Such a confidential workspace , Employees work in sandboxes , thus ：

-- Confidential data on the server will not be stored during use , Or encryption upon landing .

-- All development results on the employee's computer can only be stored on the server , Or in the local encrypted sandbox .

-- The sand table is isolated from the outside world , So it won't leak .

SDC Encrypted sandbox , It's a container , Everything can be loaded ; Encryption itself doesn't care what an individual is , So it has nothing to do with the process , It has nothing to do with the file format , It has nothing to do with the file size , Won't destroy the file . Unlike other encryption software , Modify the contents of the file itself .

​

edit

Add picture comments , No more than 140 word （ Optional ）

SDC Sandbox diagram

When the client contacts confidential resources , Automatically start an encrypted sandbox , A sandbox is a container , Classified software , Throw the file into a sandbox container for encryption . And this container is transparent , Users don't feel its existence .

SDC Adopt the most advanced kernel level in-depth encryption technology （ Disk filter drive , File filter driver , Network filter driver, etc ） For development and design , Full consideration has been given to scalability , Ease of use . The system itself integrates network verification , File encryption , Print control , Program control , Internet control , Server data protection, etc , It can effectively prevent foreign PC, Mobile storage , Disc burning , Screenshots and other leaks occur . Its main feature is ：

- Fully transparent encryption , It does not affect employees' work efficiency and habits ;

- Can protect all file formats , Include all document formats , All source code formats , Drawing format ;

- Safe and stable , Do not destroy files ;

- Only confidential data ( Source code , Drawing ) Instead of monitoring the Internet without divulging secrets , Respect for employee privacy .

- Audit of outgoing documents , encryption , Anti disclosure treatment ;

- Outgoing email application , Audit business flow .

Use shenxinda SDC Sandbox data security system , It can effectively protect the security of enterprise confidential data .

​

Edit switch to center

Add picture comments , No more than 140 word （ Optional ）

SDC Schematic diagram of confidential data anti disclosure system

Suitable industries include ：

- Software 、 Communications 、 game 、 manufacture 、 Electric power 、 Finance and other enterprises and institutions with R & D and design departments ;

- Have their own R & D department , Enterprises with certain technological advantages ;

- PDM/ERP/ Document management /OA And other application system developers ;

- All enterprises and institutions that need to keep their confidential information confidential .

SDC System architecture

Shenxinda SDC The confidential data confidentiality system is divided into management end , Confidential end , Outgoing audit server , Four parts of the client . The management end is the control center of the whole system , There is only one... In the system ; The confidential end is the server that stores confidential data , Multiple confidential servers are allowed in a system ; The outgoing audit server is used to audit outgoing documents ; The client is installed in the employee PC Implementation procedure of the anti disclosure policy on . According to need , The management end , Confidential end , The outgoing audit server can be installed on the same computer .

​

edit

Add picture comments , No more than 140 word （ Optional ）

SDC Structure diagram of anti disclosure system

The management end ：

For the confidential end of the system , Policy management at the client , Organizational management ; Client log collection ;

Enterprise encryption key management ; Client uninstall management ; Confidential server , Outgoing audit server authentication management ;

Confidential end ：

A server that holds confidential data , Strictly audit the visiting users , Encryption Authentication . It can be a file sharing server ,ERP,PDM The server , Document management system . Or is it VSS,CVS,SVN File version management server . Non client cannot access confidential side .

Outgoing audit server ：

Outgoing mail , Review the documents , Confidential documents can be automatically encrypted . Record of outgoing results .

client ：

Transparent encryption and decryption , True format independent encryption . Trusted network authentication , Confidential resource certification .

Print control , No printing , Specify a printer to print , Print content log return .

Offline control ; Document outgoing, etc