| Information security threats are becoming increasingly prominent to enterprise, due to improved network connectivity, increased number of application systems, as well as continuous development of core technologies and products with intellectual property rights that require adequate level of protection.It is very important, therefore, to ensure safety of confidential information and data within enterprise so as to maintain competitiveness of enterprises. In addition to security control, operational procedures and management of information security, it is evident that technical means such as information leakage prevention system is an effective approach to control and manage safety of company document, data and confidential information, and prevent leakage of information through various channels.It is known that unwanted information disclosure is one of most serious and damaging problems for enterprises and society, and prevention of information leakage has become a common challenge to enterprises. In this paper, we first analyze root courses of information leakage, followed by establishing objectives of information leakage prevention system; we then build a reliable information leakage prevention system using techniques and product to minimize risk of information leakage.In modern information systems, most information and data are saved on terminal side, such as desktop PC, workstations or mobile devices. This makes terminals a hotbed for high rate of information leakage incidence, also a focal target for preventing information leakage as well as curbing economic and intangible losses for enterprises.To solve this problem effectively, we consider from two aspects:first, it necessary to construct terminals based on mandatory policies and network access control system, and to ensure that terminals allowed to access to enterprise network must comply with enterprise information security standards; we studied802.1x access control and authentication technology as well as its application to enterprise terminal security management, and provided design and realization for an access control and authentication system and related modules based on802.1x protocol, with a focus on enterprise applications.Second, to significantly reduce risks of disclosure during transmission, all core information must be encrypted. We investigated technologies for stable encryption at terminals, proposed a concept of dynamic transparent encryption for documents, and provided means of realization for required modules.This paper researched two key technologies for preventing information leakage, and integrated the two technologies into a complete solution for anti-leakage of information for terminals. The solution provides a comprehensive means for enhancing enterprise information security. |
PDF Full Text Request