Data Protection Solution

HOME >> Data Protection Solution

Data Protection Solution

█ Problem requirements

● Data security risks

The core data is stored in the terminal computer in clear text and difficult to manage

There are more legal or illegal output routes in the core data transmission process and they cannot be effectively supervised

Core data is exposed to external diffusion risk after leaving the company's internal environment

The core data output paper documents through the printer, resulting in the leakage of core data

Core data storage devices and media risks due to improper use, management, and disposal

● Risk of active leakage of personnel

Copying internal corporate documents privately and externally (USB/network/IM/recording)

Unauthorized access to unauthorized data breaches

Misuse of other people’s accounts and devices to illegally access data breaches

Working with others to achieve the transfer of sensitive data across security domains

Sensitive data media conversion through printers, fax machines, etc.

The malicious spread and spread of sensitive data

Non-secure access to and access to core application business systems in the enterprise

Other non-compliance with the management system leads to data leaks, etc.

● Passive leak risk

Loss of data or loss of mobile laptops, USB storage devices, or theft

The leakage caused by the maintenance or discard of mobile notebooks, USB storage devices, hard disks, etc.

Infringement caused by misuse or misdirected mail or network

Consciousness of confidentiality is weak. Secrets caused by improper storage of sensitive data, such as casual sharing, etc.

Sensitive data leakage caused by viruses and Trojan horses

Disclose secretly the machine and storage media that store important data to others.

● Third-party leakage risk

Partners and Outsourcers access the internal network and illegally obtain sensitive data

Application maintenance, developers accessing the backend of the system and database illegally obtaining sensitive data leaks

Poor disclosure of sensitive data or malicious proliferation of confidential data sent to customers, partners, and other close-knit individuals

Copies of copies of contracts, drawings, scientific research, academic reports, etc.

Unauthorized theft of leaks when application systems, mail servers, and data centers are externally hosted

█ Solution

In response to the above-mentioned problems, Xuri Information, in conjunction with the actual situation of enterprise data protection and information management, proposes a comprehensive solution for data protection and information management based on Data Protection Guard (“DPG”).

The goal of the Data Protection Guard is to create a safe and sealed corporate office environment for the user (a safe and sealed environment under the protection of the DPG system, referred to as the “DPG environment”) to ensure information, data, etc. The entire life cycle (including creation, browsing, editing, archiving, distribution, destruction, etc.) is under the protection of the DPG system, all electronic information and data under the DPG environment (hereinafter referred to as "electronic files" or " The files ") can all be operated normally. If they are "illegal" brought out of the DPG environment (including, but not limited to, e-mail, WeChat, QQ, and other tools to send out and use mobile storage devices for copying, cutting, etc.), the electronic files are Not available, thus ensuring the security of electronic documents at the source. Ensure that company's important data is used safely under management control and is not illegally accessed; data files cannot be opened after the terminal is illegally acquired, and the entire life cycle management of electronic documents is implemented, thereby protecting the company's confidential data files.

The operating effect is as follows:

● Electronic documents that hold corporate secrets are always protected throughout the life cycle.

● Protected electronic files are only available on computers within the DPG environment and are not available on other computers.

● In the DPG environment, the services supported by each functional module can directly monitor the files in the background and auxiliary application programs (such as Office, various 2D and 3D software, etc.) without removing the protection, and copy the files to the DPG environment. In addition, without the help of the DPG service, applications cannot process files.

● DPG can fully monitor and handle the operations such as Save As, Print, Copy and Paste, Screen Capture, and E-mail in the application.

● The DPG system provides sub-sector policies, which can set different encryption policies between different departments and effectively control the interaction of documents between departments within the company.

● The DPG system provides complete control over the process of document delivery. When internal documents are sent out, internal approval processes with different security levels can be used to control the lifecycle and operation authority of the outgoing documents.

● The DPG system log administrator can view, summarize, and audit operation logs and discover system security risks in a timely manner.

█ Expected results

● Sensitive information does not take away

The system provides peripheral management functions. By controlling the use of terminal peripherals, non-authorized end users cannot copy or transmit sensitive information to the outside of the enterprise or the organization.

● Sensitive information does not understand

The system transparently adds and decrypts sensitive information so that unauthorized users cannot use sensitive information even if it is taken away.

● Strong audit of file operations

The system provides file management functions to prevent sensitive files or sensitive information from being stolen or spread by criminals by enhancing the operation of auditing sensitive documents.

● Operational behavior can be recorded

In terms of operations, the system provides remote terminal viewing capabilities so that administrators can view the running applications, desktop conditions, memory, and hard disk usage in real time. If a user's hardware configuration does not meet the needs of the project or job, data tracking and logging can be used as evidence of resource optimization. In terms of management, the system provides process management functions to monitor the system process at any time for abnormalities, thus ensuring the stability of the terminal and preventing virus attacks.

● Terminal assets can be measured

Administrators can make statistics on the hardware and software assets of the terminal, and can track their changes, and reduce the management costs of the corresponding manpower of the enterprise.

● Data distribution can be automatic

Administrators can distribute documents, software, or patches to terminals and choose to store, install, or execute based on their nature

● Information interaction can be immediate

Information exchanges between administrators and end users for publication and feedback of announcements within companies or organizations


Copyright(C)2018, Zero Information Technology (Shanghai) Co., Ltd. All Rights Reserved. Supported by Toocle Copyright Notice 备案字号:沪ICP备18008633号