Work/life mixture
Information security risks cannot be prevented.
We can see that the most common violations in the above cases mainly include:
1. Take photos of confidential documents at work and forward them to colleagues/friends/WeChat group through WeChat;
2. Take photos of confidential documents, identify the words in the photos with WeChat, and save them on your mobile phone or computer to facilitate subsequent office work;
3. Download confidential documents in violation of regulations and forward them to WeChat group * * * to share with colleagues.
This involves four types of unsafe factors, each of which is very easy to cause sensitive information disclosure:
1, unsafe office environment (such as social environment such as WeChat);
2. Unsafe office equipment (such as your own computer and your own mobile phone);
3. Lack of personnel authority control mechanism (for example, anyone can download and forward files);
4. Lack of behavior control mechanism (for example, files can be easily photographed, screened, copied and downloaded, etc.). ).
As netizens commented, the problem of information confidentiality is a problem of 100- 1=0, and a mistake may lead to all zeroes.
Instant messaging tools such as WeChat and QQ have their own life and social attributes. Once sensitive working documents are mixed in, it will be difficult to prevent information security risks.
This reminds us again:
Government affairs and enterprise organizations that require information confidentiality need to further enhance their awareness of confidentiality, build an independent collaborative office platform, avoid using social tools such as WeChat to publish, transmit and process working documents, and strictly guarantee the security of confidential documents.
Five steps to build a safe and efficient collaborative office platform
As a wholly-owned subsidiary of 360 Group, 36 billion Fangyun absorbed 360 Group's advanced security technology and rich experience in government and enterprise user service, and deeply integrated it into collaborative office products;
Construct an omni-directional (local file+cloud file+outgoing file) content-level file security control system for government agencies, banks, universities, enterprises and other customers, and a whole process (pre-prevention+in-process control+post-prevention) file security protection system;
Omni-directional, full-link, and no dead angle ensure the full life-cycle file data security during the collaborative work of users.
So, how can users achieve safe and efficient collaborative work with the help of 36 billion square clouds?
(1) Building a collaborative office platform
The 36 billion cubic meters cloud provides users with an unstructured data center, and all kinds of office documents can be safely stored in the cloud disk.
Colleagues can easily realize file sharing and online collaborative work (such as online editing, file comment and file sharing by multiple people at the same time), without transmitting and processing office documents through social software such as WeChat and QQ.
(2) Fine personnel authority control
36 billion cubic meters of cloud has an eight-level authority control system, and enterprises and institutions can set different authorities for each staff member. For example, confidential documents are only allowed to be accessed and operated by people with permission, and those without permission cannot access confidential documents.
(3) Cloud file security control
Anti-virus and anti-deletion to prevent data loss.
If people inside the enterprise accidentally (or intentionally) upload infected files to the enterprise database, it will lead to the spread of virus files.
If the file is accidentally deleted or modified by employees, the previous version of the file cannot be retrieved, which will cause the loss of data assets.
In order to guard against these risks, 36 billion cubic meters of cloud has three lines of defense: prevention in advance, control in the process and tracing back afterwards, to prevent virus infection in enterprise databases and prevent data loss.
Behavior control, put an end to insider disclosure.
36 billion cubic meters of cloud sets up a security protection mechanism for files stored in the cloud disk by enterprises.
For example, confidential files can be previewed and edited by employees online, with personal watermarks. Sensitive operations such as employee's location moving, copying, downloading and sharing will automatically trigger approval, and related operations can only be carried out after approval by superiors.
In this way, the insiders of the enterprise will not have any chance to disclose the important information stored in the cloud disk by copying/screenshot/downloading/sending.
Sensitive content will be automatically detected and quarantined.
Some sensitive documents that cannot be uploaded to the database will bring compliance and audit risks to enterprises and institutions if they appear in them.
Enterprises and institutions can set up sensitive thesaurus in the cloud disk and automatically scan files when uploading them to the cloud disk. Users can also identify the contents of the entire cloud disk, lock, isolate and delete sensitive files after finding them, and ensure the non-proliferation of sensitive information.
(4) Local file security control
Automatic encryption of file login
In order to prevent employees from downloading important documents of enterprises to their own computers, taking them away by copying them to a U disk or uploading them to a personal network disk.
The 36 billion cubic cloud enterprise cloud disk can automatically encrypt important files once they land.
Even if on-the-job employees have the right to download confidential files to the office computer equipped by the company, they can only open the files through the designated client and edit them locally, otherwise they will be in ciphertext state and cannot be viewed and operated.
The files opened by employees with their own computers after leaving their jobs are also in ciphertext state, so they cannot be viewed and operated.
Terminal behavior control+file content protection
When an employee opens a file that has been synchronized to the local computer, the employee's personal watermark will still be attached to the screen, which plays a deterrent role in taking pictures and other behaviors, and facilitates the traceability of later behaviors; You can also set the document to prohibit screen capture and printing, only allow copying in this document, and prohibit copying the contents in document A to document B, etc.
This can prevent insiders from leaking local documents and selling core secrets of enterprises for personal gain.
(5) the whole process of operation log supervision
On the 36 billion square cloud, every employee has an operation log, which is convenient for regular audit and backtracking at any time. If any illegal operation is found, it can be stopped and dealt with immediately.