Shulou(Shulou.com)06/01 Report--

Qixi Festival Declaration

Some people say:

The average person encounters about 29.2 million people in his lifetime.

And the chance of two people falling in love is only 0.000049%.

And I...

Don't ask to be 0.000049% of your life.

I just wish I could be one of the 29.2 million people I met with you in the vast crowd.

therefore,

There will be no celebration or commemoration of love between us.

What we have is to accompany each other every moment when we need it.

The most beautiful thing is not the day when the bug is released.

It was the midnight that solved the security crisis with you.

With this article

May we all spend every day in peace and happiness!

7 / 11MB 2016MB-start

For technical people, with the rapid development of cloud computing, big data and other technologies, enterprises face all kinds of security threats from the Internet, even leading to the disclosure of user information. The safety problem has almost added to the anxiety of the people of the new era.

The security information is as big as the country, the society, every family and everyone around us. In order to meet the global trend of dealing with cyber security threats, China issued the Cyber Security Law of the people's Republic of China on November 7, 2016 (hereinafter referred to as "Cyber Security Law"), which came into effect on June 1, 2017.

The definition of "network operator" in the Network Security Law applies to almost all Chinese enterprises that own or manage networks.

Article 21 of the Cyber Security Law, which is mentioned by everyone, says: "the state implements a hierarchical protection system for network security." It clearly points out the legal status of the hierarchical protection system.

Therefore, after the insurance system is promoted to the legal level, carrying out network security level protection has become a necessary compliance factor for enterprise network operation.

In order to cooperate with the implementation of the Network Security Law and adapt to the development of network security level protection under new technologies and applications such as cloud computing, mobile Internet, Internet of things, industrial control and big data, on May 13, 2019, the network security level protection system 2.0 (hereinafter referred to as equal protection 2.0) standard was officially issued and will be implemented on December 1st, 2019.

Be vigilant in the evening-- A new era of network security

The release of Isobao 2.0 indicates that China's network security level protection work has entered a new period, which pays attention to omni-directional active defense, dynamic defense, overall prevention and control and precise protection on the basis of 1.0, realizing full coverage of cloud computing, big data, Internet of things, mobile Internet and industrial control information systems, as well as all areas except personal and home self-built networks.

Change of equal insurance standard

Workflow of hierarchical protection

The work of network security grade protection includes five stages: grading, filing, construction and rectification, grade evaluation, supervision and inspection.

The first step: system grading

Draft the "Network Security level Protection rating report" (with a unified template): three-level or above system, grading conclusions need to be reviewed by experts.

Hierarchical description of graded protection:

Most of the equal insurance requirements of cloud systems are concentrated in secondary and tertiary systems:

Step 2: system filing

When the security protection level of the information system is above the second level, the network supervision department of the local public security organ shall go through the formalities for the record within 15 days after the security protection level is determined. When filing for the record, the filing form of Network Security Grade Protection and the grading report shall be submitted; for a system at or above the third level, it is also necessary to submit expert evaluation opinions, system topology and explanation, security management system, security construction plan, etc.

Step 3: construction, rectification and reform

According to the basic requirements of network security grade protection, the information system is built and rectified by self-owned or third-party security products and expert services, and the corresponding security management system is formulated at the same time.

Step 4: grade evaluation

After the completion of the rectification and reform of the information system, the operators and users shall select suitable evaluation institutions and regularly evaluate the security level of the information system in accordance with the technical standards such as the requirements for the evaluation of network security level protection.

Step 5: supervision and inspection

Public security organs and other regulatory departments will perform the corresponding duties of supervision, examination and inspection in the whole process.

Join quickly-- Jingdongyun and other insurance consulting services

As can be seen from the above, the construction cycle of grade protection is longer, involving more links, enterprise users need to face public security organs, evaluation centers and other institutions, need to spend a lot of time, energy and financial resources.

"one-stop service"

In order to facilitate JD.com cloud enterprise users to quickly meet insurance compliance requirements, Jingdongyun cooperates with authoritative consulting and evaluation institutions. JD.com Cloud provides "one-stop" and closed-loop equal insurance consulting services for cloud enterprise users. it covers all aspects of grade protection, such as grading, filing, gap analysis and evaluation, construction and rectification, evaluation, etc., and can provide users with professional solutions for protection compliance. Select JD.com Yun compliant products and services as needed to help users quickly complete safety rectification and reform, meet the technical compliance requirements of equal protection, and assist users to quickly complete equal maintenance rectification and construction work.

In the process of waiting for the insurance to be implemented, users only need to confirm the service, assist in providing the information needed for evaluation and start rectification, and the complicated processes of evaluation and rectification plan formulation, rectification verification and report issuance will be solved by Jingdongyun one-stop shop.

Help business users reduce communication costs, improve efficiency and save costs

In addition, JD.com Cloud itself has passed the three-level evaluation of equal insurance, and cloud enterprises can directly reuse the evaluation results of the cloud platform to help enterprise users save time and labor costs and focus more on their own business.

JD.com and other insurance consulting service process:

Advantages of Jingdongyun and other insurance consulting services:

1. Tailor-made

Dedicated consulting service experts, according to the current situation of users' security construction, provide tailor-made suggestions for rectification and gap analysis.

2. One-stop service

Jing Dongyun cooperates with authoritative consulting institutions and evaluation institutions to provide users with full-cycle compliance consulting services, as well as one-stop security solutions, including: security products, security services, etc., to assist users in safety rectification.

3. Convenient and easy to worry

You can quickly apply for consulting services. JD.com Cloud helps users connect with other insurance cooperation organizations, and provides consultation and guidance services throughout the process. Users do not need to invest extra energy, so it is convenient and easy to worry about.

4. Expert support

Jingdongyun's senior team of security experts provides users with professional and reliable security solutions to help users improve their compliance and meet the challenges of network security law.

Be willing to help others-you're welcome to take it!

520 | programmer's 10-minute hard core confession course! We are! It can make you laugh so much that the programmer's data can prevent "disaster" and come with "preparation".

Click "Jingdongyun" to learn more about insurance consulting services!

Welcome to click "Jingdong Yun" to learn more wonderful content.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.