Shulou(Shulou.com)05/31 Report--

To solve this problem, this article introduces the corresponding analysis and solutions in detail, hoping to help more partners who want to solve this problem to find a more simple and feasible way.

Yesterday, I was surprised to hear that CSDN's database was leaked and the information of nearly 6 million users was leaked. I used to have an account on CSDN, so I quickly changed my password, and then I checked the project I was in charge of, and everything was all right. However, this problem, which broke out at the end of the year, has sounded an important alarm for us that data security must not be ignored. I would like to talk about my understanding and thinking about data security.

What you should pay attention to personally:

First, the habit of setting passwords. Many people are used to setting the same password for their mailbox, Weibo, blog, forum, online payment, shopping and other accounts. If this is the case, the password of an account will be disclosed and all passwords will be exposed. Therefore, it is recommended that you pay attention to the different password settings and set the complexity of the password according to the importance of the account, and keep it through the corresponding password management software.

Second, change the password regularly, which can effectively avoid affecting your account due to the leakage of the website database.

Third, set the bound mobile phone number, when the password changes, you can receive a prompt message or when the password is lost, it is convenient to retrieve the password.

Fourth, personal mailbox or online disk, do not store important work materials and personal financial information, so as not to endanger the security of enterprise information and cause the loss of personal property after the disclosure of the password.

Avoid using mailbox associations and account associations. This setting facilitates the switching of mailboxes, but one mailbox is leaked, and the information and information of other associated mailboxes are naturally leaked.

What operation and maintenance personnel should pay attention to:

First, passwords such as servers and network devices must conform to the corresponding complexity.

Second, when connecting remotely, you should set up a normal account to log in before you can switch to the root or administrator level to operate.

Third, strictly control the hierarchical authority of the account, and set up the audit and so on.

Fourth, need to extract or store data from the database, when connecting to the database, pay attention to close the database connection in time after completing the corresponding operation.

Fifth, defend the database deeply. The more measures are taken to protect the database, the more difficult it will be for people to obtain and use the information in the database. For example: encrypted storage of sensitive critical information, avoiding the use of default ports, IP restrictions on database connections, audit trail control, and so on. It is definitely a low-level mistake to store CSDN account passwords in clear text.

Sixth, back up and store the important and critical data regularly and timely, and encrypt the compressed package of the backup.

What business managers should pay attention to:

Improve the safety system and strengthen the implementation of the safety system.

Second, strengthen the safety education and management of personnel to avoid leakage caused by human factors or lax prevention and control.

Third, increase investment in security and support the construction of enterprise information security.

Fourth, any information published by the website shall be subject to strict content censorship, and as soon as the password information of such accounts is found and uploaded, they will immediately report to the case and obtain evidence to trace the source.

The answers to the questions about how to prevent the disclosure of secrets are shared here. I hope the above content can be of some help to you. If you still have a lot of doubts to be solved, you can follow the industry information channel for more related knowledge.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.