I m going to do an assignment on Information Security Hardening for Enterprises 15

The first stage: install anti-virus software on the host that stores important information, provide access rights to the important host, for example, only authorized people can log in and enter, and regularly conduct anti-virus and vulnerability scanning on the important host. In terms of the security use of the company's terminal computer, a terminal security management system can be purchased to centrally manage the security of the terminal computer.

Formulate information security management, conduct security training for employees on a regular basis, and include the "Host Security Management System" for important hosts, the "Host Security Management System" for network equipment, and the "Information Security Management System" on the Internet.

The second stage: for the design department and the finance department, take a look at the security software on the Internet, choose the suitable one, and you can also divide two VLANs to the two departments on the firewall or aggregation layer switch, and use ACL to ensure secure access. For Web sites, SSL encrypted transmission protocols can be set on the web server.

For NAT, the egress firewall can be set up, and how to configure the online check, a bunch.

Stage 3: Install intrusion detection software on your network? Simply install an intrusion detection system or an intrusion prevention system, hardware, you can also install a UTM device, and install an IDS module.

Host intrusion detection system and software firewall, since it is an assignment, it is estimated that there is a relevant introduction in the textbook. For wireless LANs, set an encrypted wireless access password on the wireless router, which is more complex. If conditions permit, add a domain server and pass the domain authentication to access the Internet, which can also ensure that irrelevant outsiders use the wireless bandwidth of the enterprise indiscriminately.

The fourth stage: backup, can be implemented by RAID 5, and the specific solution level is limited. If you want to write, there are quite a few on the Internet.

You can use file encryption software, and we recommend Haiyu security anti-leakage software system.

Haiyu data anti-leakage software is a security and anti-leakage software used to protect the internal documents of the enterprise from leakage and standardize the computer operation behavior of employees. Achieve proactive defense in advance; The whole process is encrypted; Post-event audit and analysis, information security at the source, real-time monitoring of intranet and extranet, and three-dimensional integrated management of multi-functional module combination.

Answer security equipment and measures: First, it is necessary to set up efficient and secure firewall equipment, and filter the two-way traffic through the border through the access policy and blocking policy on the network side, so as to prevent unknown hackers from accessing the information system. Second, it is necessary to deploy advanced IPS active anti-attack equipment, and detect the application layer of bidirectional traffic by configuring common network attack matching packets, which can effectively reduce the risk of attacks such as viruses, worms, and Trojans.

Third, it is necessary to equip mainstream traffic control equipment to protect the normal use of border egress bandwidth by checking abnormal traffic. Fourth, it is necessary to deploy a border device audit system and a log analysis system, regularly collect the operation logs and operation logs of network equipment and security equipment, and issue log reports.

After the enterprise information office, most of the data exists in the form of electronic documents, and the protection of the data and information security of the enterprise is to a large extent to protect the data security of the important documents of the enterprise.

Electronic documents are the foundation of enterprise office, and they are also the focus of various information security protection methods. The life cycle of documents in the internal circulation of enterprises includes eight major links: creation, access, modification, deletion, renaming, moving, copying, and recovery, and documents have the characteristics of convenient transmission and easy copying, which are the most important carriers of data information leakage. Haiyu security document operation and control is to effectively manage the whole life cycle of documents, and record every link such as the creation, dissemination, modification, and deletion of documents in the enterprise, so as to achieve refined control of document security.

There are two typical application scenarios for the control of enterprise document leakage prevention and security.

1.When the enterprise has some important documents, no user is allowed to modify or delete them, so the permissions of some employees should be controlled, so that they only have the right to access and read the documents, and cannot modify or delete the documents.

2.In the process of information office, a small number of documents may delete important documents due to misoperation. Document operation control can restrict the user's permission to use the document, and at the same time, it can automatically back up the document before it is copied and deleted, preventing users from accidentally deleting it.

Provide a full range of document data encryption, document information data leakage prevention system services, document data leakage prevention workflow is as follows:

First of all, it is necessary to make an information leakage prevention line from the document data information aggregation port.

1.Encrypt the data of enterprise data and information transmission.

2.Unauthorized documents are all garbled to prevent peer copying.

3.Set the prohibition of copying data and all operation records to keep a log.

4.Multiple backup document files are generated on the server in real time, so that they can be retrieved at any time in case of misoperation.

5.You can limit the number of times you can open and use the outgoing document file, and you can set the automatic destruction of the document if the expired content is garbled documents.

6.Remove the authorization network, and the document files become garbled to prevent the leakage of document confidentiality.

First of all, business leaders should be aware of data and information security, and inform all employees to ensure information security. Secondly, enterprises need to introduce a security management system to assist managers in managing the enterprise and protecting data and information security. Ping32, ip-guard, green shield and other software are all used for enterprise security management software, these are very good, by the enterprise needs to try these management software.

However, MLPS is a systematic project, and most enterprises will face problems such as time and management costs, complex implementation, and difficult operation and maintenance management in the process of classified protection construction. This is mainly due to the high procurement cost of a large number of security hardware equipment, the construction of computer rooms and the high environmental requirements. In this solution, it is necessary to consider the usage scenarios, security compliance architecture, classification requirements for classified protection, and available products for classified protection.

In the current momentum of enterprises migrating to the cloud, enterprises can completely combine the trend of replacing their own devices and migrating data to the cloud, and update the security equipment at the same time. When an enterprise changes the virtual machine, cloud storage is equipped with cloud firewall, SSL certificate, DDoS Premium, etc. to complete the requirements of classified protection and improve the security level.

It is recommended to have a security data leakage prevention system under Haiyu.

Haiyu security anti-leakage system can help enterprises build a complete anti-leakage system, through detailed and meticulous operation audit, comprehensive and strict operation authorization, and safe and reliable transparent encryption triple protection full copy protection of enterprise information assets, so that enterprises can achieve"Pre-event defense-in-process control-post-event audit"The complete information leakage prevention process.

Important corporate files can only be used in an environment where Haiyu security is deployed to prevent leakage, and if it is out of the security environment, it is necessary to apply for outgoing and offline encryption of employees and other encryption permissions to ensure that important data is always protected.

The operation of important documents is audited in detail, the operation authority of the documents can be assigned according to the department and position, and any potential leakage channels will be monitored in detail.

By building this macro-level information, big data can give businesses an understanding of how their products are operating at an unprecedented level of economic understanding. That is, by combining and analyzing massive amounts of data in new ways, we can achieve new business insights.

Securing Big Data: Infrastructure Readiness.

First, for security tools that leverage big data systems to analyze activity within the enterprise, enterprise security teams must understand traditional security remediation tools and the infrastructure differences between them. In today's enterprise security office, it's not hard to find a variety of security tools that report on different types of security data that security analysts trying to find problems will be interested in, logging tools, security monitoring tools, perimeter security appliances, application access control devices, configuration systems, business risk analysis programs, GRC products, etc., which collect a lot of information that enterprise security teams must break down and normalize to determine security risks.

While these legacy tools provide a view of the data for their specific type of control, the output of these systems is often not uniform, or the data is broken down into aggregate data and fed into one or more SIEM tools to visually display scheduled events of interest to the security team. Once a trend or potential incident has been identified, a team of security professionals must sift through the vast output data to uncover any unauthorized or malicious activity. This "loosely integrated" approach is often feasible for security management, but it's slow, it's easy to miss well-camouflaged malicious events, and it takes a lot of historical data to collect, analyze, and summarize before a serious security incident can be discovered.

In contrast, the creation of a big data security environment needs to rely on the tools mentioned earlier to input a single logical big data security information warehouse for security information. The advantage of this kind of warehouse is that it makes data part of a larger security ecosystem with powerful analytics and trending tools to identify threats, which need to be identified by examining multiple data sets, unlike traditional approaches ---where security teams sift through a virtual magnifying glass to sift through loosely coupled data sets.

The following are several measures to ensure the security of enterprise information listed by Wuxi Henglong Technology security experts:

2. Give priority to the purchase and use of domestic application systems with core technologies. The efficient operation of modern enterprises is inseparable from the support of enterprise application systems such as OA, BPM, CRM, ERP, etc. In these areas, domestic technologies and products are relatively mature, and services are fast and effective.

In view of the particularity of China's national conditions, the adaptability of domestic application systems is stronger, but foreign products are not adaptable.

3. Purchase and use encryption software according to the actual situation. Although enterprises have adopted anti-virus software, firewalls, intrusion detection, identity authentication, file encryption and other means, they still cannot prevent electronic information from leaking out of the enterprise through email, file transfer, malicious ** and other means. Wuxi Henglong Technology's document encryption software can be used for Microsoft Office series (word, excel, Powerpoint, PDF, others), two-dimensional design software:

AutoCAD, others), 3D engineering design software (SOLIDWORKS, Solid Edge, Pro E, UG, CATIA, etc.) to ensure the security of enterprise information.

Information security products, Venus Green Shield information security management platform has a complete information security product line. Starting from four points: network security, terminal security, data security, and document security management.

The encryption technology uses the driver layer encryption technology, and three keys are used to participate in the operation at the same time. Its triple key includes:

1.Master key: Encrypted files cannot be exchanged between different organizations.

2.Enterprise Key: The user sets it up themselves, so there is no need to worry about the backdoor of the provider as mentioned upstairs.

3.File key: The key is different for each file.

Terminal security is mainly to achieve some norms of employees' network behavior, such as restricting **, QQ chat and other ......Including operation records, etc., there is a basis for subsequent checking.

It also includes printing security, USB flash drive security, file outgoing security, cloud storage, etc.

The best thing is to deploy and develop it yourself, and generally use it on the intranet, otherwise there is a high probability of not stealing it, and you can adopt it.