Enterprise information security solutions, company anti-leakage solutions

Sensitive corporate information and important corporate information may be leaked at any time in the boss's brain, in the company's computer, on the back of a printout, or even in a trash can. The result of leaking the secrets will cause the company to suffer economic losses, and it will lead to the company's collapse or even bankruptcy.

So what should companies be prepared for?

information security? "Isn't it just installing an anti-virus software on the computer, and then getting a password on the computer?" I

believe that 80 to 90% of people will answer this way.

When you look at this white paper, 2 more companies in the world have closed down due to information security issues, and 11 companies have suffered about 8 million direct economic losses due to information security issues. This article summarizes 30 fatal details through a survey of 100 managers to help you quickly become an information security expert in 5 minutes.

1. Printer - 10-second delay brings information loopholes Even laser printers have a delay of more than 10 seconds. If you don't stand by the printer in the 9th second, the first person to see the file may not be you. Most modern companies use public printers and put printers, copiers and other equipment in a relatively independent space. As a result, confidential documents between departments can start from the equipment room and spread to other departments. When there are no secrets between departments, there will be no secrets in the company.

2. The back of the printing paper - a big loss in exchange for good habits Saving paper is a good habit of many companies, and employees are often proud of using back printing paper. In fact, if you collect the "waste paper" of a company with this habit, you will find that the waste paper caused by printing and copying contains company secrets so comprehensive that even the executive vice president will feel ashamed, because the waste paper records the company's secrets More comprehensive than his work diary.

3. Computers change hands - real onboarding mentors for new employees We believe that all professional managers have had this experience: if they are new to a company, roaming on their predecessor's computer is the best way to learn about the new company . In a state similar to "snooping", what has happened in the company has a "panoramic view", from the company's previous customer records, reward and punishment system, and even if you are lucky enough to read your ex's resignation. If it is a computer in other departments, it is naturally another fun.

4. Sharing - Doing a good job of files and then informing the thieves that sharing in the local area network is the last channel to obtain the company's internal secrets. In order to prevent internal network leaks, some companies stipulate that everyone must cancel immediately after sharing. The more this is actually the case, the greater the risk of a business leaking secrets through sharing. Because when people do this, they will use the sharing method to disseminate information without hesitation. The way people are used to is to shout to the colleagues on the other side of the open office: "I put it in the sharing, you come Take it-", yes, someone will take it, but it's often not just the person you expect.

5. Index comparison - cleverness is mistaken among traditional production enterprises, and it is often necessary to speculate on the sales volume and production volume of competitors. Therefore, in order to hide their actual number, people have introduced an index in statistics to protect their confidential information by weighting the actual number. The only regret is that with the simple base period weighting that is usually adopted, if the real number is known by the other party in any month over a few years, all the real numbers will appear on the competitor's desk at a glance.

6. Training - From the time new employees enter the company, most companies will meet new employees candidly. From the first day of training, under the name of "faster integration into the team", new employees are exposed to all operating departments of the company except finance, from the company's strategy to the tactical approach being taken, from the company's core customers to key technologies. But in fact, more than one-fifth of employees will leave the company after three months of employment. At the same time, most of them haven't left the industry they are in now, and may be describing your company's grass and trees to your competitors.

7. Fax machine - you always get the fax sent to you after half an hour I found out that the last page of my fax paper was someone else's beginning, but I couldn't find the beginning of yours.

8. Public equipment - People often share U disks, mobile hard disks or laptops. If there is an opportunity to lend the USB flash drive to the company's new accountant, it is also possible to easily obtain this month's company profit and loss statement, important financial information and the company's future development direction and other important information documents when the other party returns it.

9. Illegal Intrusion - Bidding opportunity ruined between waved hands. A large domestic advertising company headquartered in Shanghai suffered an information leak in March 2008, which led to the ad creative being stolen by competitors the day before the bidding. Now, between the wave of hands, it may not be just an opportunity for cooperation that is ruined.

10. Product traces - relying on "traces" to understand your future, in the field of market research, it is a common method to analyze product traces to infer competitors' marketing effects and marketing strategies. Product transportation, warehousing, and discarded packaging can all appear in research reports purchased by competitors, because "trace analysis" has become a routine means of collecting business intelligence.

11. Compression software - the software ZIP and RAR that threaten the information security the most. Compression software can easily compress all kinds of large files and make them smaller, quickly store them in U disk peripherals, and easily bring all kinds of data out of the company.

12. CD burning - data is lost during the backup process. If you want to take away the company's information, the best way is to apply for CD-ROM backup, make the file into a specific format, give it to the network administrator for backup, and then claim that it cannot be opened normally and ask for a new backup. In most cases, leave it in the CD-ROM drive The "waste disks" in the store can be freely taken out of the company after get off work.

13. Mailbox - a transfer station for information theft. The use of email to transfer stolen company information accounts for more than 80% of all information theft. Many companies do not install floppy drives, optical drives, and USB interfaces, but there is no way to prevent employees from stealing information through e-mail. In contrast, the above methods become decorations.

14. Hidden partitions - a necessary method for long-term theft of company information. It is always a dangerous thing to collect information in the company for a long time and use it for sale or retention. My computer is always used by others, and what should I do if I find something in my computer that should not be there. Therefore, hiding in the hard disk partition becomes the best choice. Originally, there are three virtual partitions C, D, and E. You can hide E, and only you can access it. Of course, if you encounter an expert and sum up the total space of all disks, you will definitely be exposed.

15. Private computer - a common method for stealing a large amount of data. After all, the role of compression software is limited. If you bring your own laptop to the unit and connect it to the local area network, no matter how many files it is, you can easily take it away.

16. Meeting minutes - neglected company secretaries often take meeting minutes as ordinary, they do not know what a high-level meeting minutes mean to competitors, and people in the company often see meeting minutes thrown as waste paper Throw it away and let the company's latest strategic information appear anywhere in the enterprise.

17. Plans that have not been adopted - giving up is also an option. Planners know that adopted plans are company secrets, but often do not know that abandoned plans are also company secrets. Sometimes it is also talked about to customers or the media, and competitors can easily judge: if you did not do these, you must choose to do them!

18. Clients - your secrets are only the talk of your allies. You can often see client proposals from famous consulting companies on the Internet. These carefully crafted PPTs embody the sweat of the consulting company team and countless sleepless nights. Poor customers may just have some random talk in their hands.

19. Recruiting Activities - Is your company hiring a director? In the recruitment process, mature companies will not put the employer in an advertisement, because it is tantamount to telling your competitors: there has just been a manpower shock and there is a shortage of manpower.

20. Two minutes before the bidding - the final reserve price is always "released" at the end. If the reserve price of the bid is disclosed earlier, the greater the risk of leakage. Two minutes before the bidding starts, in the face of the participants who turn off their mobile phones , the reserve price can be announced!

21. Half an hour after dismissal - don't give him one last chance. If the fired employee got the news today, don't let him go back to his computer. Half an hour is just enough for him to pack up his supplies and say goodbye to his old colleagues. There is no such thing as a feast in the world. Half an hour is enough. For the innocence of the resigned employees, the information is more secure.

22. One week after joining the job - newcomers collect 5 times as much information in the first week as usual. It's only this week that he's always ready to leave, he's in a frenzy of copying and forwarding all the time, beware of your new hire, no matter how much you admire him.

23. Half a month after the cooperation - the usual way for competitors to steal intelligence is: impersonating customers. In the first half month of cooperation, your caution about information security can only show that the enterprise is rigorous in doing things, and can win the understanding and respect of most customers. Unless, he is your competitor.

24. 30 days after leaving the company - the danger comes from outside the company. Under normal circumstances, an employee who has served the company for more than half a year will maintain frequent contact with the company's existing employees within 30 days after leaving the company, and will keep track of the company's information and conditions. Show great enthusiasm. If you leave for a limited time, then the possibility of stealing company information through old colleagues within 30 days of leaving is more likely.

25. Clarify the principle of external proposals - if you can leave something, you will not give a printed manuscript, if you can give an electronic file, try to give a printed manuscript, and if you can use an e-book, you will not need a common format.

26. Confidentiality agreement - no matter how big or small the role is, it is still necessary to sign a clear confidentiality agreement with employees. There are no rules and regulations, and it is clear what is right, so that people can put an end to what is wrong. The more detailed the content of the non-disclosure agreement, the better. If the other party is honest, they will naturally agree to it.

27. Decomposition of Responsibilities - Clarify everyone's security responsibilities for relevant information. If all confidential documents are leaked, the responsible person can be found according to the regulations. The investigation is secondary, and mutual supervision and prevention are the ultimate goal of responsibility decomposition.

28. Set up information levels - classify the company's confidential documents into levels. For example, contracts, customer interactions, and shareholder information are listed as first-level, and the scope of confidential dissemination is determined, so that everyone can understand the boundaries of information dissemination, and avoid information security accidents caused by lack of understanding of information.

29. Store in different places - don't put eggs in the same basket. All backup data should be stored in different places as much as possible, so as to avoid the fatal blow to enterprise information due to major accidents (such as fire, flood, lightning strike, etc.).

30. Believing that your company is impeccable in terms of information security.