A certain commercial bank is a bank that has been established for many years and has established a sound network security and data security system. At present, data security devices such as networks, emails, and terminals have been deployed on the office network to manage key links such as the creation, circulation, and storage of sensitive data. However, there are still some vulnerabilities in email protection. Most employees use email in business transactions, which contains a large amount of sensitive information, such as personal information, bills, submission materials, etc. Once these data are leaked or lost, it will cause significant losses to the bank's reputation and economic benefits. The current defense measures only focus on controlling outgoing emails, and employees cannot send emails containing sensitive information through their email while working in the industry.
Sky Guard recommends using Enhanced Security Gateway (ASWG) to meet the needs of banks. ASWG can perform deep attribute analysis on email synchronization data. Once sensitive attributes are found in the received email, synchronous email reception is immediately prohibited, and real-time violations alerts are issued to employees. When employees work in the office, they still use the original email POP3 service, and when employees leave the office, they receive emails through the ASWG proxy service. In addition, the platform's data discovery function can be utilized to regularly conduct post inspection on external emails, achieving monitoring of the entire process of email channel data interaction.
Skyguard uses ASWG as a separate reverse proxy for the POP3 channel. During testing or after implementation, employees have no perception and have no impact on other services in the current network. Finally, regular scanning through the platform can be performed to achieve closed-loop management of email channels.
Bank users were very supportive of this plan and exceeded their expectations during the testing period. Because ASWG can not only detect sensitive attributes of emails, but also help risk control and internal audit departments showcase IT value data and fill in monitoring gaps. At the same time, it can also detect the presence of viruses, trojans, malicious connections, etc. in emails to prevent harmful data from invading the system. The implementation of this plan is simple and will not affect business, making it particularly suitable for small and medium-sized banks.
In addition to the above functions, an enhanced web security gateway can also achieve:
1) Supports bidirectional web threat detection functionality
2) Integrate globally leading data leakage prevention DLP module
3) Flexible support for multiple deployment methods, unified management of web security policies and data security policies
ASWG combines web security and data security strategies for monitoring, intercepting, alerting, time limiting, internet authentication, and broadband management of web access requests to users. It will also send users' network access logs, data leakage events, and evidence to the Unified Attribute Security Management System (UCSS). At the same time, ASWG can also provide security protection for external applications of enterprises through reverse proxy, including detecting upload and download attributes, as well as API interfaces for proxy publishing applications.
Article Resource:https://mp.weixin.qq.com/s/HWym1p_Zkzz7u86maKx6dw
Comments