Shulou(Shulou.com)06/01 Report--

This article mainly introduces the network security of how to prevent data leakage, has a certain reference value, interested friends can refer to, I hope you can learn a lot after reading this article, let the editor take you to know about it.

1. Brief introduction to DLP

Data leakage protection (DLP,Data Leakage (Loss) Prevention) refers to the protection of data, which is different from the previous form of data management, full encryption or fully authorized access to data. Data disclosure protection requires different management schemes according to different data types. In addition to different management of data with different structures, different content and different importance data should also be treated differently.

(1) Core competence

The core competence of DLP lies in content recognition. Its specific ability to identify keywords, regular expressions, document fingerprints, exact data sources (database fingerprints), support vector machines and so on, and each ability can derive a variety of composite capabilities.

DLP also has protection capabilities, including network protection and terminal protection. Among them, the network protection is mainly audit and control, and the terminal protection needs the control ability, encryption authority and control authority of the host.

(2) Technical basis

The physical deployment location of DLP, usually before the connection to the database, is used to ensure the legitimate retrieval of database data. "Network DLP" products are resident in DMZ, while other products are resident in enterprise LAN or data centers. With the exception of the Terminal DLP product, all other products are server-based.

In order to prevent data loss, the confidential data must be accurately detected no matter where the data changes occur. In order to avoid false positives and false positives, DLP uses three basic detection techniques (regular expression detection, keyword and keyword pair detection, document attribute detection) and three advanced detection techniques (accurate data comparison, fingerprint document comparison, vector classification comparison) to ensure the accuracy of its detection. Through four kinds of encryption technology (device filter driver technology, file-level intelligent dynamic encryption and decryption technology, network-level intelligent dynamic encryption and decryption technology, disk-level intelligent dynamic encryption and decryption technology) to achieve database encryption and prevent data leakage and loss.

2. DLP scheme

It is generally believed that the implementation of DLP should go through the following six steps.

1) classify the data, determine the category of "sensitive data", and identify the data content that needs to be protected.

2) determine the hardware storage location of the data, and make clear the storage location of confidential data and general data, whether it is stored by the server or the client.

3) clearly grasp the software location of the data, and reasonably customize the authority management mechanism on the machine where the data is stored, so that irrelevant programs do not have the authority to access and modify important data.

4) prevent the occurrence of artificial data leakage, strengthen the management of personnel, and set up the authority mechanism between people, so that the confidential data is not easy to be contacted by people.

5) monitor the flow of data and use identity authentication to ensure the legitimacy and authenticity of the data transmission object.

6) ensure the security of the data transmission channel, adopt the correct encryption method, and prevent the implementation of attacks such as man-in-the-middle eavesdropping.

Facing different needs and environments, DLP has a variety of different implementation schemes, some for strong control of equipment, using logical isolation means to build security isolation containers, and others for strong document control, providing content source-level defense in depth. The classification, classification, encryption, authorization and management of data documents, as well as behavior audit, audit of data operations using accurate keywords, behavior monitoring of new construction, modification, transmission, storage and deletion of documents, as well as intelligent control, DLP solution products that can be identified, discovered, managed, and provide common control capabilities.

In order to prevent losses caused by intentional and unintentional data leakage caused by internal and external personnel, most databases use data encryption to ensure data security and prevent leakage, which is the most effective solution at present. Data disclosure protection (DLP) solution with data encryption as the core has become the mainstream solution and has been recognized by many users.

Thank you for reading this article carefully. I hope the article "how to prevent data leakage" shared by the editor will be helpful to everyone. At the same time, I also hope that you will support and pay attention to the industry information channel. More related knowledge is waiting for you to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.