How to implement the server anti blackmail virus system is a problem we have to consider

  ​ Recently, many friends asked me , Private server , Cloud server , How to secure the servers of various business systems ？ Just recently I learned that MCK Host reinforcement solution , I'd like to share with you , Welcome to discuss with me .

The current situation

Whether small and medium-sized enterprises or large enterprises and institutions , All have their own intranet or public cloud servers . Some of these servers are specialized SVN、GIT Code server , There are document storage servers , There are application servers . Server is the core lifeline of the enterprise , All intellectual property rights and years of hard work are concentrated on the server . But the existing servers only take traditional security measures , Such as deploying anti-virus software 、 A firewall 、 Patching, etc , Even so , The server still faces various data security risks ：

- System poisoning , Data has been tampered with ( Blackmail virus )

- Trojan horse in server , Become a broiler and miner

- The personnel in and out of the machine room can copy the data

- Public cloud providers can peek at data

​

• Demand summary

1. There is no dedicated enterprise server IT Operations staff , The protection of the server system is weak or even unprotected . The personnel of operation and maintenance server are also some non professionals IT Operations staff , The system is often poisoned and paralyzed due to misoperation or unintentional operation , Bring huge losses to enterprises .

2. The server runs for a long time, resulting in excessive system load , slow , What is being treated as a mining machine is unknown . The situation must be handled on site by professionals , Increase O & M costs .

3. Because there is no professional protection , The system is extremely vulnerable to competitors 、 Delete after hacking 、 Tampering 、 Destroy data , Bring unpredictable losses and injuries .

4. The server operation and maintenance personnel copy all the data on the server without permission ; The data leaked after the computer hard disk was stolen .

• MCK Cloud private key data protection system （My Cloud Key）

MCK(My Cloud Key Cloud private key ) It is a server data protection system developed by shenxinda company , Through the MCK（ Last Meter Data Security） The security engine is embedded in the operating system , Redefine the functions of each module of the operating system , Build an independent identity authentication system , White lists define work scenarios and behaviors , Protect core data , Prevent trojan virus invasion , Prevent core data from being peeped 、 Be destroyed 、 Be tampered with 、 Stolen ！.

MCK The management end ： Can be installed on a separate server , It can also be installed with the publisher , Functions used to authorize the client , Collect client logs , And generate reports .

MCK client ： Installed on the business server or database server , Protect the security of business server and database , Prevent tampering with server files and database contents , Prevent hackers , Viral infection , The operation and maintenance personnel peep .

Solution

Shenxinda MCK The cloud private key has a system scenario whitelist protection mechanism . That is, the server lock redefines the operating system user authority module , Issue a unique identity signature for each program action , And develop a white list of operable programs , Prevent illegal programs and Trojan viruses from running .

effect ：

When enabled , No new program can run , Can't load new applications , The virus is no longer infected .

Trojan virus program has no chance to run , Any program that is infected cannot run .

​

​

Shenxinda MCK Build a script execution container in the cloud private key kernel , Fingerprint level identity signature for executable script , Only safe scripts are allowed to execute , Do not give any non designated program at the root 、 Trojan virus or mining machine running opportunity .

Shenxinda MCK The cloud private key performs driver level transparent encryption on the files of the business system , And read the file

Write for signature verification

effect ：

The business system operates normally 、 The stored data is encrypted , Non proliferation .

Any document that is read or written must be authenticated , Can prevent peeping .

All business data cannot be tampered with , Tamper proof 、 Anti blackmail virus .

​ Shenxinda MCK The cloud private key is encrypted in depth for the hard disk kernel , The operation and maintenance personnel have no secret key , Cannot open any protected data （ It does not affect normal operation and maintenance ）. Even if the hard disk is stolen , Data is still protected .

Support linux Protection of system platform .

MCK Control Center

Through the central host , Can monitor MCK The security status of the protected server , When the server is attacked , It can be found and controlled at the first time