Shulou(Shulou.com)06/01 Report--

Inevitability of Centralized Management of Information Security

Information security is an important branch of IT field. It is not a simple stack of IT technology, but an interdisciplinary science integrating informatics, cryptography, management, psychology, sociology and other disciplines. Therefore, people's understanding of information security also develops along a more complex track:

1 From simple to complex

For general organizations or enterprises, the intersection with information security technology always inevitably starts with anti-virus/antivirus, firewall, *** detection (so-called information security "old three") and other basic systems or equipment, so far, in many people's concepts, information security is computer virus, firewall, *** detection!

However, with the continuous development of information technology, various organizations and enterprises have continuously deepened the use of information systems. In order to cope with various security situations under complex conditions (such as ***

n In order to monitor **** control of ***, various ** detection or *** defense equipment is deployed;

n In order to control the illegal access of internal employees, network terminal management and network access systems have been deployed;

n In order to control illegal leakage of data or modification of important data, anti-leakage system, database audit system, log audit system, etc. are deployed.

2 From partial to total

In order to cope with the increasingly complex forms of information security, all kinds of organizations and enterprises have gradually changed from initial and simple border security control to comprehensive information security control, which is manifested in:

n Focus not only on internal and external border security, but also on internal security between different security zones;

n Pay attention not only to network security, but also to system (including application system) security;

n Pay attention not only to the security of IT technology, but also to the security of data and content.

3 From passive defense to active discovery

All kinds of organizations or enterprises are always in a passive defense state at the beginning of implementing information security. If a virus is found in the network, an anti-virus system will be implemented; if a network storm is found, traffic anomaly detection and *** detection equipment will be passively deployed; if key data is found to be illegally read or downloaded/modified, a log audit system or database audit system will be implemented; and so on. It is always impossible to prevent or defend in advance. However, with the gradual deepening of information security work, the decision-making level of organizations or enterprises began to realize the importance of active discovery, so they began to deploy vulnerability inspection, code inspection and other systems or tools to try to reverse the situation that is always passive in the field of information security.

In addition, each industry field gradually synchronizes the planning, implementation and operation and maintenance of information security and IT information system to realize the so-called "three synchronizations," which requires strong foresight and foresight of information security work.

To sum up, with the development of information security, the demand for centralized and comprehensive security management is becoming more and more prominent. This is also often mentioned in the industry in recent years. Information security is actually "three points of technology and seven points of management." These demands are concentrated in:

With the continuous upgrading of nIT technology, more and more security devices or systems are deployed in enterprises. These various and decentralized security products bring huge management problems.

n Different types of equipment or systems produce a large number of events, people need to have an information security management system to analyze, filter or correlate;

n All kinds of organizations or enterprises have a large number of security compliance requirements for information security, such as hierarchical protection, Sarbanes Act, etc. Existing security products cannot meet such requirements, so there must be a management system to carry out;

n Organizations and enterprises at all levels urgently need to establish a unified and comprehensive safety management system to meet the urgent requirements of external or internal. To address the need in information security management for:

l Support for management and implementation of various security policies

l Management of safety organization structure

l Dispatching, training and assessment of safety personnel

l Flow of various safety management processes

l Safety event monitoring and emergency response, summary and reporting

Full lifecycle management of security systems and objects

l Control of various safety devices

Therefore, establishing a complete and unified Security Operations Center has become an inevitable requirement for all kinds of organizations and enterprises.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.