Shulou(Shulou.com)06/01 Report--

Troy Hunt, an Australian computer security expert, recently revealed that there are as many as 711 million e-mail accounts around the world. A Dutch e-mail robot, Onliner Spambot, used spam messages containing bank programs to steal account numbers and passwords on a horrific scale. This may be the largest email information leak ever caused by a spam program.

With the continuous development of information construction, the Internet has gone deep into every corner of people's daily life, but the subsequent data security problems have become increasingly prominent.

According to statistics, a total of 1800 data leaks occurred in China in 2016, resulting in the leakage of 1.4 billion records, while the Internet Society of China estimated that in 2016, due to spam messages, fraudulent information, data leakage and other reasons, the economic loss of China's 688 million Internet users is as high as 91.5 billion yuan.

We can't help but ask, how did these data leak? How to deal with diverse data security? Where is the road of data security protection? For these questions, quick information with more protection experience in the field of data security may be able to answer for you.

Where is the way to prevent data leakage?

From the perspective of most data leakage events, external factors such as *, * * viruses, phishing sites, lack of a complete set of effective security protection system, internal staff disclosure and internal management are the main causes of data leakage. As the storage medium of the core data, the database has become the hardest-hit area of data leakage. in the era when the core data master the lifeline of the enterprise, the data security protection of the database has become an indispensable link in the whole security system.

For data security, the traditional firewall based on port for application identification and access control, and IPS/IDS products based on feature matching technology have been unable to meet the needs of database security. Flash Information (Secsmart) database firewall system is a kind of data security active defense product which arises at the historic moment.

The flash information database firewall is deployed between the application server and the database. Users must access or manage the database through the system. The active defense technology adopted by the database firewall can actively real-time monitor, identify, alarm and block external data that bypasses the boundaries of the enterprise network (FireWall, IDS/IPS, etc.), and data theft, destruction and corruption from internal high-authority users (DBA, developers, third-party outsourced service providers). From the technical level of database SQL statement refinement control An active security defense measure is provided, and the security access control rules independent of the database are combined to help users deal with data security threats from internal and external sources.

working principle

Main function

For database-based access security, the main features provided by the Flash Information Database Firewall include:

Function module

Functional Overview

Database firewall

Filter requests for access to the database, continuously ensure access compliance, continuously monitor and analyze all requests to the database server, and identify real-time * and dangerous operations against the system and sensitive data. Achieve real-time production supervision, alarm, and intelligent audit.

Database status monitoring

Provide monitoring functions for Oracle, MS SQLServer and MySQL, monitor the operation status of the database in real time, give early warning when the state is abnormal, prevent business paralysis, and ensure the availability of the business system.

Database risk scanning

That is, database vulnerability detection: including password detection, risk scanning, SQL injection detection, comprehensive scanning of database and host operating system loopholes and alarm, analysis of database and host operating system configuration risk and put forward a rectification plan.

Product advantage

1) Comprehensive security protection

Provide access control, * protection, status detection and other functions

2) Fine-grained permission control

The corresponding blacklist and whitelist rules can be made through multi-keyword conditions.

3) Intelligent security baseline

We can only learn to model the database access behavior, evaluate the access risk, and reduce the burden of operation and maintenance of managers.

4) guarantee of system reliability

The key components of the product are designed with redundancy to ensure that the system can quickly switch to the normal state when various unknown emergencies occur.

Application scenario

Online transparent deployment:

Through online transparent deployment in front of the database, access control to the database; and has software and hardware Bypass functions to ensure the high availability of the network.

Application value

Bright spot induction

Protect data security, start from your own small things!

Like this email account information disclosure incident, if we can always be vigilant in our daily life and work and take effective protective measures to prevent it, we can also reduce the risk of data disclosure and the harm caused by data disclosure.

1) enhance your awareness of prevention and avoid taking advantage of the opportunity.

L do not connect strange WIFI, some WIFI can easily lead to personal payment information stolen; do not easily disclose their own address, personal sensitive information; do not easily install and run unknown websites, especially unreliable FTP sites download software and unknown sources of software.

2) beware of spam and do not click at random

Be careful with spam, don't subscribe to unhealthy e-magazines and spam products, and don't open strangers'e-mails and messages, especially attachments, links, pictures, etc., which are likely to contain viruses and malicious programs.

3) install antivirus software to prevent and control spam

As a precaution, to avoid email hackers, mobile phones and computers can install anti-virus software to filter malicious programs and prevent viruses from invading.

4) Don't be afraid of trouble, set each password separately

Some platform services need to enter e-mail accounts for registration, but most people often set their e-mail passwords with the same passwords as other platforms to make it easier to remember, so once the e-mail account password is stolen, other services will suffer. In particular, accounts involving money should use separate passwords.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.