5 month 12 Day and night, Blackmail virus "WannaCry" Infections broke out globally, The virus has spread to hundreds of countries and regions around the world, And cause more than 7. 5 10000 computer virus attacks . The blackmail software is particularly destructive to the host system of the enterprise LAN or intranet, according to 360 data display, Last Friday only, Saturday and two days, In China 29000 Multiple people infected with the blackmail virus IP, The virus incident affected educational and scientific research institutions, commercial centre, Medical units, etc, The situation is very serious. According to Wu Hanqing, chief security researcher of Alibaba Cloud, "The virus that this worm spreads is 2. 0 edition, And before that 1. 0 edition. " Will it appear again after that 3. 0 edition, 4. 0 edition. . . Extortion virus can only be prevented, Poisoned files cannot be recovered
WannaCry Extortion virus and CIH virus, Panda burning incense, Glacier Trojan, Worm_Vobfus Worms and other viruses are not of the same level, WannaCry Extortion virus can only prevent, There is only theoretical possibility to crack, At present, the world still has no solution, Once the enterprise is poisoned, Core data asset files are not recoverable, It will be a devastating disaster for poisoned enterprises, Enterprises that have not been poisoned must be prevented as soon as possible WannaCry Blackmail virus.
Query through Baidu Index "Virus killing" , "Backup software" , "Data backup" Some key words that represent users' requirements for file backup and virus detection, 5 month 13 After, The retrieval volume of three categories of words on Baidu is on the rise, And on 5 month 15 day (Monday and the second wave of virus) It shows obvious growth, Judging from the spread of the virus, Users' concern and demand for file backup and virus detection will continue to rise, It reflects that before the virus appeared, users didn't pay attention to file backup or even know how to do it, So that the virus panicked because of the loss of important digital assets.
Enterprise file security is threatened, WannaCry Ransom virus is not the first case
WannaCry The outbreak of blackmail virus, It is another alarm for the security protection of Chinese enterprise documents. While enterprises are scrambling to prevent viruses, Does the enterprise remember that in the past few years, there are many other kinds of security incidents that seriously threaten the security of enterprise documents? Real cases that are lost or cannot be repaired due to inadequate file protection are readily available.
- The file cannot be repaired due to virus infection
2015 year 5 month, Bitcoin virus CTB-Locker Horizontal, Mainly propagated through email attachments, Due to the high amount of extortion, This kind of trojan horse is accurate, aim "the rich" , Through large enterprise mailbox, Publicity through the official website of senior restaurants, Middle Trojans, Although you can use anti-virus software to kill the Trojan, But there is no way to restore encrypted files. In just a few days, thousands of computers in China have been recruited, There are many well-known enterprises in China, It is conservatively estimated that the economic loss may reach tens of millions of yuan. Virus infection causes irreparable enterprise files, which not only causes huge economic losses to enterprises, It also increases the resistance to building the core digital asset brain of the enterprise, Force enterprises to slow down.
- The employee's computer hard disk is damaged, and the company's core data is permanently lost
this year 4 Beginning of month, Mr. Wang's computer hard disk in Chongqing is damaged, His computer has to store many valuable working materials and data, For safety, I chose a brand of SSD, Because it boasts very high security, Unexpectedly 2 This hard disk has repeatedly failed for more than years, It's broken three times, All data is lost this time, Including work data such as forms and a survey report written for a university project, Total data value 3 ten thousand~5 10000 yuan. " Hard disk is damaged and not only data is lost, And the credibility of the enterprise in the partners, Follow up cooperation is also bound to be affected.
- A large amount of confidential information is disclosed due to employee turnover
recently, Jia, a former employee of Laoganma Company, is suspected of violating trade secrets, The event of criminal detention has been stirred up. 2003 Year to 2015 year 4 month, Mr. Jia has been a technician in the quality department of Laoganma Company, Engineer level, Master the proprietary technology of Laoganma Company, Core confidential information such as production process. 2015 year 11 month, Jia worked in another local food processing enterprise under the cover of a pseudonym, Work related to quality and technology management. In this case of suspected disclosure of trade secrets, Investigators searched and seized Jia's portable hard disk and electronic evidence materials, And found a large number of internal materials involving the trade secrets of Laoganma Company in its desktop computer. Take confidential information away at will after leaving, Jia's Commercial Disclosure Case, For Laoganma Company, Counterfeit products bring economic losses, Reputation loss is more important.
Whether it's viral infection, Whether the employee's computer hard disk is damaged or the old godmother leaves the company. The employee easily takes away the company's core data assets through the mobile hard disk, Will make people reflect, There are not many enterprises in China that have no unified control over documents, Latent files are missing, Will crises such as the leakage of trade secrets break out centrally?
perhaps, WannaCry This outbreak of blackmail virus is an enlightening lesson in enterprise file security protection, Let the biggest potential safety hazard in this enterprise return to our sight again.
80%Core assets are risky, It's terrible to lose it again
In the past few years, We talk about enterprise big data, More about structured data of enterprises, That is, the production data of the enterprise in the database, transaction data , Sales data, etc, These data stores are relatively centralized, It is easier to extract the analysis value that is helpful to the business through different data applications. At present, enterprises generally do not have a larger scale, More valuable data generates enough attention, These data are based on various documents, picture, video, Unstructured data represented by audio files. Such data is currently in a state of extreme dispersion, And they often carry the core knowledge of enterprise business value/Business Information, Loss of these data, The information security of the enterprise will be provided if the information is disclosed or the sharing cannot be accessed, Knowledge inheritance and business efficiency bring great impact. American Osterman Research Company (Osterman Research) stay 2016 In a white paper report in, For North America 187 Bits from IT/HR In depth investigation of personnel in the field, Analyze the impact of employee turnover on enterprise information security, See the table below for details:
With the development of Internet cloud computing, The amount of unstructured data is increasing. according to the statistics, Currently, the content of unstructured data accounts for 80%, And will be 2020 By 44 The rapid growth rate of times.
The digital age is coming, Unstructured data is the work output of most departments of the enterprise, Knowledge Brain of Enterprises, Conductor of business value of enterprises, Its security has not been highly valued by enterprises and institutions, No unified backup and storage of unstructured data, Not to mention management and collaboration that generates more value. WannaCry The outbreak of blackmail virus is just one of the factors that cause the security risk of enterprise files, Enterprises need to systematically protect files from now on, Because the most important data may be lost once again and never be found.
Protect enterprise information security, Experts recommend doing this
FangcloudJust "Enterprise information security management" Contact the problem DNV GL Greater China BCM (Business Continuity Management) Ms. Song Lin, Product Manager (notes: DNV GL It is a leader in the field of information security and cloud security certification in China, For China, including Tencent, Netease and other enterprises provide services) . Miss Song Lin thinks that, "The occurrence of most enterprise security incidents and the existence of security risks, 30%Could be technical, But it is more likely to be caused by poor management, Understand and attach importance to the role of information security management in enterprise operation, Implement technical means and management measures, Especially important for achieving enterprise information security goals" .
Enterprise protection of various information assets and enterprise IT High availability of the platform, Is an important goal of information security, In the construction of enterprise information security management, Ms. Song Lin put forward many practical suggestions, The following two aspects are summarized:
Identify important information assets
There are many forms of information assets, paper, Various media, The server, PC machine, Photos and even mobile email. Information assets are summarized as five points:
- Software;
- Hardware: Including servers and related infrastructure such as networks;
- Structured data information existing in various application systems;
- Documents used daily by employees, Unstructured data information such as pictures;
- All personnel inside and outside the enterprise who may have access to sensitive information.
Information asset risk treatment
Information asset processing strategy can reduce risk according to, Risk avoidance, Four steps of risk transfer and risk acceptance.
- Reduce risk -- Implement effective control of technology and management against high risks found in risk assessment, Reduce the risk to an acceptable level, Reduce the possibility of threats and remedy technical management loopholes. Timely and effective testing and patching, When employees enter, leave and transfer, The authority should be adjusted in time, Complete all change processes, etc, It is also recommended that the relevant departments of the enterprise conduct regular spot checks;
- Risk avoidance -- The organization can choose to abandon some businesses or assets that may cause risks. Backup important information in multiple places, For example, product development, Financial and other important data can be backed up to the cloud, have access toEnterprise network diskReal time backup of important data for similar products, Avoid because WannaCry Extortion the virus and cause devastating losses;
- Transfer risk -- Transfer all or part of the risk to other responsible parties, For example, commercial insurance;
- Accept risk: All preventive measures have been controlled, In case of safety accident, Need to be remedied in a timely manner, Minimize losses.
FangcloudHow to Ensure Enterprise Information Security?
Data security is the first prerequisite for enterprises to choose cloud storage services, A secure file management and collaboration platform ensures users' absolute ownership of their digital assets, Confidentiality of data storage and transmission links, access control , Data backup, Different angles such as platform protection, Implement comprehensive security protection for enterprise users' digital assets stored on the platform.
When enterprise users review the security of the file management platform, Data privacy can be protected from, Data storage scheme, File Access Control, Platform operation and maintenance capability, Security certification, Extended security, etc 6 Compare in large dimensions. The following is an example of one hundred million square meters, Specify the security measures for each dimension.
Tight data privacy protection
- Full link encryption of transmission and storage: File upload and download HTTPS As transport protocol, The file itself is transferred twice AES CTR 256 Algorithm flow block encryption, Ensure that the documents finally saved on the Yifang cloud platform are ciphertext, In addition, it is prohibited to steal files during transmission and storage;
- "Separation of powers" Background permission control of: Three files for encryption key The platform and the user are respectively responsible for the custody of the separation of three powers, Strictly prevent internal data leakage;
- Data isolation between enterprises: Yifang Cloud provides independent sandbox protection for data of different enterprises, Ensure that data between enterprises is impenetrable;
- Flexible data migration channel: Yifang Cloud guarantees users' absolute ownership of data, Provide web download, Client synchronization and other methods, Allows users to migrate data freely.
Risk proof data storage scheme
- Keep full file history version: All historical versions edited and modified by users are saved completely by Yifang Cloud, When the virus broke out, Users can easily restore infected encrypted files to earlier historical versions;
- Multiple backups: Yifang Cloud has encrypted and saved up to four copies of user data, And the data is distributed on different storage platforms, Eliminate user data loss caused by the platform;
- Disaster tolerance and mitigation: Yifang Cloud has a powerful remote disaster recovery backup function, Fast data switching between different storage platforms without affecting users' file usage, Rapid disaster recovery of user data in emergency.
Comprehensive file access control
- Three folder properties: personal/Collaboration within the enterprise/Collaboration folder outside the enterprise, Clearly distinguish the sharing boundary of different content;
- Seven level collaboration permission: Subdivide to View, preview, upload, Downloads, share, delete, Manage different permissions such as collaborators, Flexible configuration to meet the complex security sharing needs of enterprises;
- Nine categories of operation logs: Over nine categories 60 Kinds of logs, Covers almost any user operation on the platform, It is convenient for enterprise administrators to query and audit at any time;
- Content security sharing: Support encryption/Personnel access rights/Multiple security settings such as access duration, Ensure that the content shared externally can be controlled throughout the circulation process.
Excellent platform operation and maintenance capability
- Attack protection: Yifang Cloud Platform has the ability to resist various network attacks and intrusions, such as Ddos attack, Network eavesdropping, etc, It also has the function of cleaning and filtering abnormal access traffic, At the same time, cooperate with Alibaba Cloud Yundun to secure the bottom layer of the platform;
- Complete monitoring system: Slave load, Application Error Log, Background service operation, Service status of each functional module of the product, Data change trend, etc 7*24 Hourly real-time monitoring and early warning, Any exception is caught and handled at the first time, Ensure platform stability;
- High availability: All underlying functional modules adopt high availability load balancing design, Each module is 120%Negative pressure capacity of, If a server in any cluster module fails, it will be automatically removed from the cluster, After repair, it will be automatically added to the cluster, The whole process does not affect platform availability;
- Security vulnerability scanning of authoritative organizations: Yifang Cloud has invited many times Sobug Senior public testing platform conducts an all-round security examination on Yifang Cloud, Add another layer of security for enterprise data.
Safety certification of national standards
- The information security of the Ministry of Public Security is classified as Grade III: This certification is the highest level of information security certification of the Ministry of Public Security;
- ISO20000& ISO27001 Dual authentication: Yifang Cloud passed ISO20000 Information technology service management system, ISO27001 Double certification of information security management system;
- Trusted cloud service system certification: Yifang Cloud is the first data center alliance organization in China, China Academy of Information and Communication (Telecommunication Research Institute of the Ministry of Industry and Information Technology) One of the enterprise file cloud storage enterprises certified by the trusted cloud service tested and evaluated.
Extended safeguard mechanism
- Enterprise data security insurance: In addition to providing enterprise users with comprehensive data protection, Yifang Cloud and the largest foreign insurance company in China AIG Meiya Insurance Cooperation, Innovative launch of enterprise cloud service data security liability insurance. For enterprise users of Yifang Cloud Platform, If user data is lost or leaked due to platform reasons, Users will get the highest 100 USD 10000 compensation;
The Internet is not absolutely safe, digital age , Paying attention to enterprise data security is a never-ending thing. For enterprises, No solution can 100%To ensure the absolute security of enterprise files, It is essential to gradually establish the awareness and plan for the complete prevention of enterprise information, At this stage, It is the key for enterprises to do a good job of file backup through Yifang Cloud.