CN109409131A - A kind of customer information anti-disclosure system and method - Google Patents

A kind of customer information anti-disclosure system and method Download PDF

Info

Publication number
CN109409131A
CN109409131A CN201811296048.6A CN201811296048A CN109409131A CN 109409131 A CN109409131 A CN 109409131A CN 201811296048 A CN201811296048 A CN 201811296048A CN 109409131 A CN109409131 A CN 109409131A
Authority
CN
China
Prior art keywords
module
data
network
center management
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811296048.6A
Other languages
Chinese (zh)
Inventor
王勇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Yue Di Thick Chuang Technology Development Co Ltd
Dongguan South China Design and Innovation Institute
Original Assignee
Guangdong Yue Di Thick Chuang Technology Development Co Ltd
Dongguan South China Design and Innovation Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong Yue Di Thick Chuang Technology Development Co Ltd, Dongguan South China Design and Innovation Institute filed Critical Guangdong Yue Di Thick Chuang Technology Development Co Ltd
Priority to CN201811296048.6A priority Critical patent/CN109409131A/en
Publication of CN109409131A publication Critical patent/CN109409131A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Landscapes

  • Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Medical Informatics (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention discloses a kind of customer information anti-disclosure system and method; by the totally 7 big module joint deployment of center management module, network discovery module, Net defence module, endpoint discovery module, endpoint prevention module, network monitoring module, network protection module, implemented by the management application of center management module.The customer information anti-disclosure system supports various protocols, support widest data repository, terminal soverlay technique is varied, support similarity mode, information from all modules can be combined on a page of user interface, client mouthful can configure arrangement according to needing freely to carry out grade, easy to use.

Description

A kind of customer information anti-disclosure system and method
Technical field
The present invention relates to anti-field technology of divulging a secret, a kind of customer information anti-disclosure system and method are referred in particular to.
Background technique
For enterprise, when facing from various network security threats such as external virus, wooden horse, network attacks, come From internal leaking data be perhaps one with greater need for paying attention to the problem of.No matter which kind of scale enterprise is in, and all there are data and lets out Close risk, and these risks will allow enterprise to face the threat that safety, intellectual property, property, privacy and regulation defer to aspect. In these leaking data situations, be all in most cases that employee inadvertently leaks out, but there are also some, be by Employee is intentionally for it.One mobile office personnel using the not laptop of security protection, may be either intentionally or unintentionally Company Confidential information is leaked by wireless network.At the same time, largely the equipment of USB connection is supported to continue to bring out, but also enterprise The confidential information of industry, which is likely to just to be put into USB flash disk or mobile hard disk etc., easily to be taken away.When leakage of data occurs, in safety Expert is busy with restoring sensitive data and repairing and divulges a secret during loophole, and time, fund and the reputation of enterprise all can be by serious It threatens.Enterprise security expert is always in one not in the war of terminal: when original loophole of divulging a secret just has been controlled, new Leakage of data situation but along with other numerous equipment use and frequently occur.
Summary of the invention
In view of this, in view of the deficiencies of the prior art, the present invention aims to provide a kind of customer informations to prevent Disclosure system and method are suitble to dispose in entire enterprise, realize firm confidential data protection.
To achieve the above object, the present invention is using following technical solution:
A kind of customer information anti-disclosure system, the net being connected including center management module, respectively with center management module Network discovery module, Net defence module, endpoint discovery module, endpoint take precautions against module, network monitoring module, network protection module, Each module joint deployment, is implemented by the management application of center management module;
The center management module is the centre management application of other modules, the data safety plan for automatic implementation enterprise Slightly, in center management module, loss of data strategy is created, and to detect and protect sensitive data automatically, executes accident workflow And corrective action, generate access and the system administration for reporting and configuring based role;The general strategy of center management module and It reports to unify the external member of each module;Individual data, which loses strategy, can be deployed in all modules, and unification is included in report Information from all modules can be combined on a page of user interface by instrument board;
The network monitoring module is mounted on network exit, is responsible for monitoring network data;The agreement being related to includes electronics Mail smtp protocol, web http protocol, instant message IM agreement, file transmit File Transfer Protocol and pass through all of any port Other TCP sessions;
The network protection module is mounted on network exit, be responsible for monitor and intercept/modify network data, the association being related to View includes Email smtp protocol, web http protocol and security web HTTP/HTTPS agreement and file transmission FTP association View;
The endpoint prevention module is mounted on the notebook and desktop computer of employee, and responsible monitoring downloads to internal hard drive drive Data on dynamic device, while monitoring and intercepting the data for copying to USB device, iPod and CD/DVD;
The endpoint discovery module is mounted on the notebook and desktop computer of employee, is responsible in scanning internal hard disk drive Private data, so as to take steps to store, protect or relocate these data;
The usual position of network discovery module in data center, be responsible for discovery file server, database, cooperation platform, The sensitive data revealed or stopped on web site, desktop computer, notebook and other data repositories;
In data center, it can relocate automatically, replicate or be isolated the guarantor revealed for the usual position of Net defence module Ciphertext data.
A kind of customer information divulgence prevention method, based on customer information anti-disclosure system described in claim 1, according to the following steps It carries out
1) it first establishes confidential information sample database: automatically defining enterprise by way of establishing confidential information sample database Confidential information;
2) formulate monitoring and prevention policies: center management module provides a kind of central user interface, and user can be therefrom fast Speed easily constructs the loss of data strategy that can be applied in other modules;Every kind of strategy is all detected rule and rule of response Combination;When violating one or more detected rules, accident will be generated;In addition, the data configuration file by fingerprint recognition In specific tactful external definition, this allows to quote the content through fingerprint recognition in multiple strategies;
3) deployment monitoring prevention policies, detect sensitive data: creating or have updated precise information in center management module After matching or index file matching fingerprint and strategy, they are pushed to all other system server there appropriate immediately, Include but are not limited to the server of endpoint prevention module and Net defence module;They will be left in the physics of these servers In depositing, quickly to be handled;Then, execute the server of detection will scan content that incoming message or file, extraction crack, To this data application hashing algorithm, then the detected rule for including in this hash data and the RAM of the server is compared; Finally, all system server products execute detection in all detection techniques in an identical manner;If recognizing sensitivity Data and generate accident, system server will execute automatically it is certain automated to respond to, including interception/modification data are sent or multiple System/repositioning file.
The present invention has obvious advantages and beneficial effects compared with the existing technology, specifically, by above-mentioned technical proposal It is found that center management module, network discovery module, Net defence module, endpoint discovery module, endpoint are taken precautions against module, network The totally 7 big module joint deployment of monitoring module, network protection module, is implemented by the management application of center management module.It should Customer information anti-disclosure system supports various protocols, supports widest data repository, and terminal soverlay technique is varied, branch Similarity mode is supportted, the information from all modules can be combined on a page of user interface, client mouthful can be according to Arrangement is configured according to needing freely to carry out grade, it is easy to use.
In order to explain the structural features and functions of the invention more clearly, come with reference to the accompanying drawing with specific embodiment to this hair It is bright to be described in detail.
Detailed description of the invention
Fig. 1 is the system structure diagram of embodiments of the present invention.
Description of drawing identification:
1, center management module 2, network discovery module
3, Net defence module 4, endpoint discovery module
5, endpoint takes precautions against module 6, network monitoring module
7, network protection module.
Specific embodiment
It please refers to shown in Fig. 1, is that a kind of customer information is anti-that show the specific structure of the preferred embodiments of the invention Disclosure system, the network discovery module 2 being connected including center management module 1, respectively with center management module 1, Net defence Module 3, endpoint discovery module 4, endpoint take precautions against module 5, network monitoring module 6, network protection module 7, and each module joint is disposed, Implemented by the management application of center management module 1.
Wherein, the center management module 1 is the centre management application of other modules, the data for automatic implementation enterprise Security strategy, in center management module 1, loss of data strategy is created, and to detect and protect sensitive data automatically, executes accident Workflow and corrective action generate access and the system administration for reporting and configuring based role;Center management module 1 is with general Strategy unifies the external member of each module with report;Individual data, which loses strategy, can be deployed in all modules, include in report Information from all modules can be combined on a page of user interface by unified instrument board.
The network monitoring module 6 is mounted on network exit, is responsible for monitoring network data.Its agreement being related to includes electricity Sub- mail smtp protocol, web http protocol, instant message IM agreement, file transmission File Transfer Protocol and the institute by any port There are other TCP sessions.
When work, network monitoring module 6 passively checks network flow and is directed to all network protocol and content type, Confidential information detects it before leaving network, enables the enterprise to limit and quantized data risk of missing.For example, network is supervised It can detecte depending on module 6 and send product plan and its work to rival using IM or the employee of public web mail provider Secrecy sample.It can also identify the operation flow of interruption, the process cause by social security number it is not encrypted be sent to it is reliable Affiliate.The basic operation of network monitoring module 6 is very simple.It is located at network exit, analysis network information packet Whether copy, detection data violate strategy.
Network monitoring module 6 can also monitor that the use and type of encryption, including detection unauthorized use are encrypted and tested Whether card has abided by encryption policy.
Network monitoring module 6 is usually configured by client, checks the most possible flow for losing private data.In typical data In center, have a large amount of low threats flows (such as UDP or secure vpn flow) and with high threat flow (such as SMTP, HTTP, FRP and IM) snarly Inbound traffic.In standard deployment, network monitoring module 6 is configured as filtering out low threat flow, with Ensure that cpu cycle will not be spent to handle low-risk data.Can in order to avoid analysis data include: the flow of encryption, Streaming Media Or the automatic management business of low-risk (such as IM is continuously connected with).
The network protection module 7 is mounted on network exit, be responsible for monitor and intercept/modify network data.It is related to Agreement include Email smtp protocol, web http protocol and security web HTTP/HTTPS agreement and file transmission File Transfer Protocol.
The network protection module 7 actively prevents secret number by redirecting, being isolated or intercepting the transmission comprising private data According to loss.HTTP covering includes communication, as web mail sends (such as Gmail or Hotmail), website POST, blog or internet Forum's record.Just as described in " detection and accuracy " section, network protection module 7 checks data, to determine that data are No violation loss of data strategy.Transmit 7 data interception of network protection module, realization has network protection module 7 to Email Condition encryption.
Customer information anti-disclosure system assigns data safety team and protects on endpoint (especially notebook and desktop computer) Private data required insight and control safely, it includes two products: first is endpoint prevention module 5, second It is endpoint discovery mould.
The endpoint prevention module 5 is mounted on the notebook and desktop computer of employee, and responsible monitoring downloads to internal hard drive Data on driver, while monitoring and intercepting the data for copying to USB device, iPod and CD/DVD.It can also be in screen Upper display pop-up notification informs that end user violates the situation of strategy.
The endpoint discovery module 4 is mounted on the notebook and desktop computer of employee, is responsible for scanning internal hard disk drive On private data, so as to take steps to store, protect or relocate these data.Even if working as endpoint subsidiary company net When network disconnects, which still supports the operation of the two products, therefore can provide the guarantor of lasting " whenever and wherever possible " Shield.
The usual position of the network discovery module 2 in data center, be responsible for discovery file server, database, cooperation platform, The sensitive data revealed or stopped on web site, desktop computer, notebook and other data repositories.
Network discovery module 2 can substantially scan any data repository, comprising:
(1) file server: Windows, Linux, Unix, Novell, Solaris and NAS file etc..
(2) database: Oracle, Microsoft SQL Server and IBM DB2 etc..
(3) cooperation platform: Lotus Notes, Microsoft Exchange, SharePoint, Documentum and LiveLink etc..
(4) Web site: public web site, Intranet, extranet, dimension visitor and application based on web etc..
(5) formula machine and notebook.
Network discovery module 2 is using the code library as all other module, and working method is also similar.Such as in " inspection Described in survey and accuracy " section, network discovery module 2 checks the data situation tactful with the presence or absence of violation.However, network monitoring Module 6 is to leave the data flow copy scan data of network by resting on network egress and analyzing, and network discovery module 2 is then Be by network connection data library, then read file and it includes other data be scanned.With all other module class Seemingly, if the discovery of network discovery module 2 violates the sensitive data of loss of data strategy pre-established, can activate it is applicable from Dynamic response rule, and accident notice is sent to center management module 1, to carry out retrieval of events and report.
For the usual position of the Net defence module 3 in data center, it can relocate automatically, replicate or be isolated the guarantor revealed Ciphertext data.
Net defence module 3 can replicate or relocate automatically the private data of (isolation) leakage.When scanning is supported When the file server of CIFS agreement, it is with network discovery module 2 without scan agent function work in concert.Duplication is again fixed Position hibernation file automated to respond to rule can based on multiple standards of accident, including violated loss of data strategy, accident Severity levels and accident matching count.For example, can be configured to Net defence module 3, in this way when it has found that it is likely that meeting When bringing the sensitive document with "high" severity levels (policy definition provided according to front) accident, this file may be from It deletes and is repositioned onto the file-sharing of safer (may encrypt) in destination server.It isolated location completely can be with Configuration, and be arranged in center management module 1.Isolated location keeps the bibliographic structure of a reflection source position, with streamlining management. When relocating document, original is deleted, and Net defence module 3 can choose leaves one on the home position of this document Retrtieval file illustrates the reason of this document is isolated and isolated location.The content of the tab file can configure, and help In understanding of the protection and employee for ensuring operation flow to safety policy.The file copy function of Net defence module 3 is for electricity Son discovery is collected and action of performance reservation is also very useful.
Based on customer information anti-disclosure system described in claim 1, the present invention proposes a kind of customer information divulgence prevention method, It carries out according to the following steps
Step 1) first establishes confidential information sample database: enterprise is automatically defined by way of establishing confidential information sample database The confidential information of industry.
Confidential information and detection can be defined in different ways for different types of data: either there is structure The data for changing format, as client or employee database record;Or unstructured data, such as Microsoft Word or PowerPoint document or CAD draw.Confidential information confirms through business or system manager first, then by central tube The fingerprint recognition that reason module 1 is automated, fingerprint identification process include the access of center management module 1 and extraction text sum number According to, it is standardized and irreversible hash is used to protect its safety;Center management module 1 be configurable to it is periodically automatic more Newly, guarantee that secret sample database is newest always.
Step 2) formulates monitoring and prevention policies: center management module 1 provides a kind of central user interface, and user can be from In quickly and easily construct the loss of data strategy that can apply in other modules;Every kind of strategy is all detected rule and response The combination of rule;When violating one or more detected rules, accident will be generated;In addition, the data configuration by fingerprint recognition In specific tactful external definition, this allows to quote the content through fingerprint recognition in multiple strategies file.
More specifically, when monitoring and prevention policies are formulated, center management module 1 supports Boolean logic to construct complexity Detected rule allows user to combine a plurality of rule and condition using AND, OR and NOT logical operator, can also be in single plan Different detection techniques is combined in slightly;Specific data and sender/recipient " white list " will be considered in exception;These The final result accuracy of highly configurable detected rule and exception rules is very high, and reports by mistake minimum.Each of strategy Detected rule is all designated a severity level, and the total severity of accident is determined by the highest severity levels caused. User can also define message components, such as text, title or attachment, any detected rule can occur for these components.
Step 3) deployment monitoring prevention policies, detect sensitive data: creating or have updated in center management module 1 and is accurate Data Matching or index file matching fingerprint and strategy after, they be pushed to immediately all other system server appropriate that In, include but are not limited to the server of endpoint prevention module 5 and Net defence module 3;They will be left in these servers In physical memory, quickly to be handled;
Then, content that incoming message or file, extraction crack will be scanned, to this data application by executing the server of detection Then the detected rule for including in this hash data and the RAM of the server is compared by hashing algorithm;
Finally, all system server products execute detection in all detection techniques in an identical manner, it is each to service The difference of device product is that the access of anti-disclosure system product by the mode of the data of scanning:
(1) it 6 server of network monitoring module: scans from network span port or the received data copy of current divider;
(2) network protection module 7 arrives Email server: scanning from the received Email of MTA;
(3) network protection module 7 arrives Web server: scanning from the received HTTP/S of different web agent program and ftp flow amount;
(4) endpoint takes precautions against 5/ endpoint discovery module of module, 4 server: scanning from the received duplicate of the document of endpoint proxy;
(5) 2/ Net defence module of network discovery module, 3 server: the file sum number that scanning is read from data repository According to.
The obvious exception of detection process is exactly only to have when endpoint proxy can execute local detection and in the strategy Detected rule based on DCM is pushed to them;In this scene, network monitoring module 6 does not execute detection, and will only be sent to Its accident is transmitted to center management module 1 from endpoint proxy.
If recognizing sensitive data and generating accident, system server will execute automatically it is certain automated to respond to, including Interception/modification data are sent or duplication/repositioning file.If agency is carrying out local detection, USB/ can be enabled What CD/DVD was intercepted automated tos respond to rule;Under any circumstance, when detecting certain accident, related accidents information can all be sent out immediately Center management module 1 is given, herein, the details of accident will be stored in 1 database of center management module, and can be swashed Work is other to automated to respond to rule, includes but are not limited to email notification.
The above described is only a preferred embodiment of the present invention, be not intended to limit the scope of the present invention, Therefore any subtle modifications, equivalent variations and modifications to the above embodiments according to the technical essence of the invention, still Belong in the range of technical solution of the present invention.

Claims (9)

1. a kind of customer information anti-disclosure system, it is characterised in that: including center management module, respectively with center management module phase The network discovery module of connection, Net defence module, endpoint discovery module, endpoint prevention module, network monitoring module, network are protected Module is protected, each module joint deployment is implemented by the management application of center management module;
The center management module is the centre management application of other modules, for the Data Security of automatic implementation enterprise, In center management module, loss of data strategy is created, and to detect and protect sensitive data automatically, is executed accident workflow and is entangled Positive measure generates access and the system administration for reporting and configuring based role;Center management module general strategy and report To unify the external member of each module;Individual data, which loses strategy, can be deployed in all modules, include unified instrument in report Information from all modules can be combined on a page of user interface by plate;
The network monitoring module is mounted on network exit, is responsible for monitoring network data;
The network protection module is mounted on network exit, be responsible for monitor and intercept/modify network data;
The endpoint prevention module is mounted on the notebook and desktop computer of employee, and responsible monitoring downloads to internal hard disk drive On data, while monitoring and intercepting and copying to the data of USB device, iPod and CD/DVD;
The endpoint discovery module is mounted on the notebook and desktop computer of employee, the guarantor being responsible in scanning internal hard disk drive Ciphertext data, so as to take steps to store, protect or relocate these data;
It is responsible for discovery file server, database, cooperation platform, the station web in data center in the usual position of network discovery module The sensitive data revealed or stopped on point, desktop computer, notebook and other data repositories;
In data center, it can relocate automatically, replicate or be isolated the secret number revealed for the usual position of Net defence module According to.
2. a kind of customer information divulgence prevention method, based on customer information anti-disclosure system described in claim 1, it is characterised in that:
1) it first establishes confidential information sample database: automatically defining the secret of enterprise by way of establishing confidential information sample database Information;
2) formulate monitoring and prevention policies: center management module provides a kind of central user interface, and user can be therefrom quickly square Just the loss of data strategy that can be applied in other modules is constructed;Every kind of strategy is all the group of detected rule and rule of response It closes;When violating one or more detected rules, accident will be generated;In addition, the data configuration file by fingerprint recognition is in spy Fixed tactful external definition, this allows to quote the content through fingerprint recognition in multiple strategies;
3) deployment monitoring prevention policies, detect sensitive data: creating or have updated precise information matching in center management module Or after index file matching fingerprint and strategy, they are pushed to all other system server there appropriate immediately, including But it is not limited only to the server of endpoint prevention module and Net defence module;They will be left in the physical memory of these servers In, quickly to be handled;Then, content that incoming message or file, extraction crack, right will be scanned by executing the server of detection Then the detected rule for including in this hash data and the RAM of the server is compared by this data application hashing algorithm;Most Afterwards, all system server products execute detection in all detection techniques in an identical manner, if recognizing sensitive number According to and generate accident, system server will execute automatically it is certain automated to respond to, including interception/modification data are sent or multiple System/repositioning file.
3. according to a kind of customer information divulgence prevention method shown in claim 2, it is characterised in that: in step 1), confidential information is first First confirm through business or system manager, the fingerprint recognition then automated by center management module, fingerprint recognition mistake Journey includes center management module access and extracts text and data, is standardized to it and use irreversible its peace of hash protection Entirely;Center management module is configurable to periodically automatically update, and guarantees that secret sample database is newest always.
4. according to a kind of customer information divulgence prevention method shown in claim 2, it is characterised in that: in step 2), monitoring and protection When policy development, center management module supports Boolean logic to construct complicated detected rule, allow user using AND, OR and NOT logical operator combines a plurality of rule and condition, can also combine different detection techniques in single strategy;In exception In will consider specific data and sender/recipient " white list ";These highly configurable detected rules and abnormal rule Final result accuracy then is very high, and reports by mistake minimum.
5. according to a kind of customer information divulgence prevention method shown in claim 4, it is characterised in that: each detected rule in strategy It is all designated a severity level, the total severity of accident is determined by the highest severity levels caused.
6. according to a kind of customer information divulgence prevention method shown in claim 5, it is characterised in that: user can also define message groups Part any detected rule can occur for these components such as text, title or attachment.
7. according to a kind of customer information divulgence prevention method shown in claim 2, it is characterised in that: in step 3), if agency is just Local detection is being executed, then can enable USB/CD/DVD interception automated tos respond to rule;Under any circumstance, when detecting something Therefore when, related accidents information can all be immediately sent to center management module, and herein, the details of accident will be stored in center In management module database, and can activate it is other automated to respond to rule, include but are not limited to email notification.
8. according to a kind of customer information divulgence prevention method shown in claim 2, it is characterised in that: in step 3), each server is produced The difference of product is that the access of anti-disclosure system product by the mode of the data of scanning:
Network monitoring module server: it scans from network span port or the received data copy of current divider;
Network protection module is to Email server: scanning from the received Email of MTA;
Network protection module is to Web server: scanning from the received HTTP/S of different web agent program and ftp flow amount;
Endpoint takes precautions against module/endpoint discovery module server: scanning from the received duplicate of the document of endpoint proxy;
Network discovery module/Net defence module server: the file and data that scanning is read from data repository.
9. according to a kind of customer information divulgence prevention method shown in claim 2, it is characterised in that: in step 3), detection process Obvious exception is exactly only to have the detected rule based on DCM to push away when endpoint proxy can execute local detection and in the strategy Give them;In this scene, network monitoring module does not execute detection, and only passes the accident for being sent to it from endpoint proxy It is delivered to center management module.
CN201811296048.6A 2018-11-01 2018-11-01 A kind of customer information anti-disclosure system and method Pending CN109409131A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811296048.6A CN109409131A (en) 2018-11-01 2018-11-01 A kind of customer information anti-disclosure system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811296048.6A CN109409131A (en) 2018-11-01 2018-11-01 A kind of customer information anti-disclosure system and method

Publications (1)

Publication Number Publication Date
CN109409131A true CN109409131A (en) 2019-03-01

Family

ID=65471225

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811296048.6A Pending CN109409131A (en) 2018-11-01 2018-11-01 A kind of customer information anti-disclosure system and method

Country Status (1)

Country Link
CN (1) CN109409131A (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104641377A (en) * 2012-10-19 2015-05-20 迈克菲股份有限公司 Data loss prevention for mobile computing devices
US20170300702A1 (en) * 2016-04-18 2017-10-19 Quest Software, Inc. Preserving data protection and enabling secure content awareness in query services

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104641377A (en) * 2012-10-19 2015-05-20 迈克菲股份有限公司 Data loss prevention for mobile computing devices
US20170300702A1 (en) * 2016-04-18 2017-10-19 Quest Software, Inc. Preserving data protection and enabling secure content awareness in query services

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
153****9595: "赛门铁克DLP数据防泄密方案2010", 《HTTPS://MAX.BOOK118.COM/HTML/2017/0421/101461778.SHTM》 *

Similar Documents

Publication Publication Date Title
US11647039B2 (en) User and entity behavioral analysis with network topology enhancement
CN107577939B (en) Data leakage prevention method based on keyword technology
JP6476339B2 (en) System and method for monitoring, controlling, and encrypting per-document information on corporate information stored on a cloud computing service (CCS)
Kent et al. Guide to Computer Security Log Management:.
JP6863969B2 (en) Detecting security incidents with unreliable security events
US9344457B2 (en) Automated feedback for proposed security rules
US9654510B1 (en) Match signature recognition for detecting false positive incidents and improving post-incident remediation
US20140172495A1 (en) System and method for automated brand protection
KR101548138B1 (en) System and Method for Tracing Signature Security Information
Hu et al. Method for cyberincidents network-centric monitoring in critical information infrastructure
CN111274276A (en) Operation auditing method and device, electronic equipment and computer-readable storage medium
US11829347B2 (en) Cloud-based data loss prevention
US20210374121A1 (en) Data Loss Prevention via Indexed Document Matching
JP2002189643A (en) Method and device for scanning communication traffic
US20230037489A1 (en) Data Loss Prevention via dual mode Indexed Document Matching
Kent et al. Sp 800-92. guide to computer security log management
CN109409131A (en) A kind of customer information anti-disclosure system and method
Stallings Data loss prevention as a privacy-enhancing technology
Securosis Understanding and selecting a data loss prevention solution
Shivakumara et al. Review Paper on Dynamic Mechanisms of Data Leakage Detection and Prevention
Hedemalm An empirical comparison of the market-leading IDS's
US20240037158A1 (en) Method to classify compliance protocols for saas apps based on web page content
US20230208876A1 (en) Url rewriting
US20240134990A1 (en) Monitoring and remediation of cybersecurity risk based on calculation of cyber-risk domain scores
Mejri et al. Cloud Security Issues and Log-based Proactive Strategy

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190301

RJ01 Rejection of invention patent application after publication