Energy industry is an important national basic industry, with the energy industry information system utility level continues to improve, the seriousness of data security is also increasingly prominent:
1、The information network system has the characteristics of complexity, openness, dynamics and so on, these characteristics make it has a high degree of vulnerability, illegal tampering with important data, information leakage and other security incidents occur from time to time, both from the outside of the malicious invasion, as well as from the internal abuse of authority;
2、Real-time database in the production process faces the risks of communication protocol vulnerability, application software vulnerability, hacker attack, operator misuse, and malicious operation;
3、IT information systems are faced with internal personnel, third-party operation and maintenance personnel, database system DBA, program developers of new modules, the risk of leakage of sensitive data caused by excessive privileges, there is an urgent need to establish a complete set of data security protection system for all-round data security protection.
Starting from the concern for data confidentiality, integrity and availability, and combining the system framework of data security capability maturity model, as well as the business characteristics and data security requirements of the data in the production control domain and information management domain of energy enterprises, a data security adaptive protection system is constructed in a "data-centric" manner:
1. Comprehensive sorting and classification of data assets to form a negative list of data, and data within the negative list should be protected in the process of sharing, exchanging, and using;
2、Constructing a data security comprehensive governance platform (DSP) as the core, and realizing unified control, joint prevention and control, and situational assessment and prediction by linking up with three major capabilities: data combing and assessment capabilities, data behavior monitoring and auditing capabilities (database auditing, API security auditing), and data security protection capabilities (database firewalls, data desensitization, data watermarking, and application desensitization);
3、Regularly conduct data security risk assessment of energy enterprises from the dimensions of management, technology, personnel, etc., provide rectification suggestions, timely reinforcement, and continuous protection of enterprise data security.
1、Control and control of legitimate privilege abuse, internal personnel, third-party operators, DBAs, developers and many other people with excessive privileges, resulting in the risk of centralized leakage of sensitive data;
2、Security protection of data within the group and in the process of interaction with the outside;
3、Data security risk assessment to find out the hidden danger of data security in the enterprise;
4、Establishing a data security protection system covering the production control domain and information management domain.
The use of big data, AI analysis and other technologies, can deeply identify all kinds of hidden risks.
Open architecture, each capability unit can be deeply integrated with the existing business processes of energy enterprises, without the need for business process transformation.
Each capability unit adapts to the current energy enterprises to use the data center, containers and other new technology environment architecture.
A wide range of database support types can meet the monitoring and protection needs of industrial control databases in the production control domain of energy enterprises, as well as the monitoring and protection needs of big data platform components in the information management domain.
Qianhai Building,Shenzhen,China
Tel:400-622-8990
Email:support@ankki.com
