Enterprise data security self-inspection Checklist!
Come and check the form to see if your data is safe?
1. JD Cloud Security Checklist Recommendations
JD Cloud Security has an industry-leading security research team. After years of practice and experience accumulation, JD Cloud has developed a complete and detailed security configuration checklist for different business scenarios. The JD Cloud Security Checklist can be supplemented and adjusted according to the needs of users, and users can also customize based on the Checklist.
1. Network Device Security Checklist
Network device security configuration checks include but are not limited to the following:
OS security account and password management authentication and authorization policy network and service access control policy communication protocol, routing protocol log audit policy encryption management device other security configuration...
2. Host operating system Checklist
Host OS security configuration checks include but are not limited to the following:
System vulnerability patch management Account and password management Authentication, authorization policy Network and service, process and startup file system permissions
3. Database Checklist
Database security configuration checks include but are not limited to the following:
Vulnerability Patch Management Account and Password Management Authentication, Authorization Policy Access Control Communication Protocol Log Audit Function Other Security Configurations...
4. Middleware and Network Service Checklist
Middleware and common network service security configuration checks include but are not limited to the following:
Vulnerability Patch Management Account and Password Management Authentication, Authorization Policy Communication Protocol Log Audit Function Other Security Configurations...
"rm -rf /*"
On the server of Unix/linux system, although the code to delete the library is only a short line, if it is used improperly, the consequences will be at the level of "instant destruction".
2. Data security threat factors
According to a survey by the University of Texas: "Only 6% of companies will survive data loss, 43% will shut down completely, and 51% will disappear within two years.
1. Data security issues
Usually, data security risks come from the enterprise intranet. The purpose of illegally occupying network resources, system resources and data resources is to use the weaknesses of business systems or assets on the cloud to conduct malicious intrusion and penetration, and then increase permissions to illegally obtain data resources. Implement behaviors such as data theft, data tampering, data download, dragging, and deletion.
Common factors that easily lead to data security risks are:
2. Operation and maintenance security issues
With the development of informatization, the IT systems of enterprises and institutions continue to develop, the network scale is expanding rapidly, and the number of devices has surged. The construction focus has gradually shifted from network platform construction to the operation and maintenance stage characterized by deepening applications and improving benefits. IT system operation and maintenance And security management is gradually moving towards integration. The safe operation of information systems is directly related to the benefits of enterprises. Building a robust IT operation and maintenance security management system is crucial to the development of enterprise informatization, and it puts forward higher requirements for the security of operation and maintenance.
3. Data Security Management Practice
According to authoritative agency survey statistics, 57% of companies believe that databases are the most vulnerable assets to insider attacks. Database security refers to protecting the database from data leakage, alteration or corruption caused by illegal use. Whether the security protection measures are effective is the main technical indicator of the database system. We can regard data security as a wooden barrel. Whether the entire protection system is solid or not depends on the shortcomings.
Looking back on many major security incidents in recent years, it is found that almost all such incidents are related to data security—whether it is data leakage or ransomware that deletes and destroys data. Monitoring, defense and governance are carried out from multiple aspects at different stages. Enterprises not only need to control external threats, but also prevent internal malicious employees, malicious behaviors, and data damage caused by various mistakes, and quickly stop them. damage, traceability and accurate investigation and evidence collection. Due to the advent of the digital economy era, the business of enterprises is gradually driven by data, so the security protection of enterprise data will become an important cornerstone for the survival and development of enterprises.
Next, we will summarize the data security management practices at different stages of the data life cycle based on JD Cloud's experience in data security management:
1. Establish a closed-loop security management for the full life cycle of data
At present, Internet business innovation has brought new risks, such as data deprivation processing and the issue of authority after data is uploaded to the cloud. Therefore, the protection of data should not only be static protection, but should focus on the protection of mobile data. JD Cloud has put forward a defense-in-depth strategy based on its many years of experience.
Early Security Insights
For pre-warning, it is necessary to discover threats and sort out data. From the source of hidden dangers and the weaknesses of the database itself, first find the potential attack threats of the database. In addition, it is necessary to classify different data differently. Through different specifications, big data protection guidelines, and the sensitivity and value of the enterprise's own business, the data is classified into different labels, so as to classify different types and importance of data. data, carry out different protection measures. In this way, JD Cloud can help users to protect and warn data in advance more effectively and at a lower cost.
Data security is preventable and controllable
For external attacks, the cloud monitors and protects related access behaviors through the characteristics of SQL or noSQL injection, and uses virtual patches to protect the entire database. At the same time, the "attack" from the inside was emphasized. Since humans are the final performers of operations and users of the system, a large number of problems occur on the operator side—whether it is a misoperation or an intentional attack. Therefore, JD Cloud adopts the measures of database operation audit and permission approval to make the internal data controllable.
Build safety soft armor
In the operation and maintenance management scenario, JD Cloud provides the whole-process audit and control measures from "login to exit" through the operation and maintenance audit management platform. The operation is intercepted in real time to fundamentally prevent the occurrence of the aforementioned major data security incidents.
Therefore, even if the data of JD Cloud is leaked, the attacker cannot obtain the real information, that is, it cannot be understood, taken away, or used. Since companies are likely to analyze data or use it in development and testing environments, it is necessary to desensitize data in third-party transmission and use. JD Cloud performs random/partial replacement and mask processing on these data to ensure that the data will not be leaked when it leaves the database for other processing, and encrypts the data in the database with the national secret algorithm.
If an enterprise does receive a security attack, it is imperative to respond quickly after the incident and analyze it afterwards. JD Cloud provides audit, traceability and analysis services for the operation of the entire database, which can ensure that the source of events can be identified, identified and located risks, and bugs and faults in the business system can be identified through detailed database behavior logs afterwards.
2. Typical scenario practice: how to build a database security moat
In recent years, more and more enterprises have abandoned the original self-built databases and chose to purchase cloud databases as the company's data storage tool. What is a cloud database? Cloud database refers to a fully managed database that is optimized or deployed to the public cloud, which can achieve the advantages of pay-as-you-go, on-demand expansion, high service availability, and high data reliability. These advantages just solve the pain points of traditional self-built databases: low resource utilization, service levels relying on professional DBA personnel, high operation and maintenance costs, and hardware procurement.
The beginning of 2020 has brought a lot of impact to almost all industries in the world. But there is one industry exception: Affected by the epidemic, the turnover of entertainment products such as games has repeatedly hit new highs. A large number of players pouring into the game will cause the server to become congested. Relying on the perfect backup mechanism of ApsaraDB for MongoDB and the ability to create instances based on backups, the requirements for data migration in partitioned application scenarios such as games can be quickly realized in rolling server and combined server. ; In view of the high cost of traditional database operation and maintenance, JD Cloud provides cloud hosts and MySQL cloud database products necessary for LAMP websites, which is convenient for enterprise users to deploy websites on JD Cloud, and at the same time, monitoring backup, security protection and other auxiliary The operation and maintenance capabilities and the natural active-standby high-availability architecture allow users to focus on website development without worrying about cloud database operation and maintenance.
At present, JD Cloud is the only manufacturer in the market that provides users with cross-regional backup and synchronization functions for free, helping customers build remote database disaster recovery centers. When a database in a certain region cannot provide services due to force majeure factors such as natural disasters, the cross-regional synchronization backup service can quickly build a new cloud database service in a remote location to meet the needs of users for remote disaster recovery. In addition, the MFA (multi-factor authentication) function of the JD cloud platform can be used for secondary verification in the form of verification code before the user performs important operations such as deleting an instance, and the operation can only be performed after confirming that it is correct; the built-in operation audit function of the cloud database User behavior can be audited to help trace security incidents and quickly identify the root cause of problems.
At the same time, JD Cloud provides DTS (Data Transformation Service) for free to help users migrate data to the cloud quickly and efficiently. At present, it is supported to migrate the user's source database to JD Cloud Database RDS and MongoDB. At the same time, during the data migration process, the source database can provide external energy services normally. Data verification further ensures that the data is completely transferred to the cloud.
3. Typical scenario practice: operation and maintenance security audit management and traceability
An excellent operation and maintenance management platform should not only capture dangerous operation and maintenance instructions in a timely manner, but also provide users with an easy-to-use management method, which can not only improve operation and maintenance efficiency, but also reduce misoperations caused by greater operation and maintenance management pressure. , so that the energy of safety management personnel and operation and maintenance personnel can be effectively released, and production and operation costs can be further reduced.
Browser Compatible
Provide web access capability based on B/S architecture, only need a browser to access the target device, support current mainstream browsers, including: Chrome, FireFox, Edge, Safari, IE11.
Client Compatible
It can seamlessly adapt to third-party client tools, including: client tool software of RDP, SSH, SFTP, HTTP/HTTPS and other protocols, such as SecurCRT, putty, Xshell, Mstsc, Winscp, Xsftp, etc., without changing the operation and maintenance personnel operating habits.
Cross-platform compatible
JD Cloud-Operation and Maintenance Audit Management Platform has cross-platform operation and maintenance behavior management and control capabilities, covering a variety of mainstream host operating systems, network devices and operation and maintenance protocols, including but not limited to:
Protocol type - SSH, RDP, SFTP, HTTP, HTTPS, etc.;
Operating system type - RedHat Linux, Windows, etc.
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。