摘要
针对各种敏感数据被破坏和泄漏途径大大增加的问题,围绕可能产生信息泄漏的主体"人"和对象"数据"进行重点防御,建立了以文档主体、围绕文档在产生、传输、存储、销毁4种生命状态下的信息防泄漏技术管理体系;建立了以保密行为协议签订、计算机行为规范、运维行为审计等为核心的信息防泄漏行为管理体系;建立了涵盖信息保密、内外网邮箱等的信息防泄漏制度保障体系。通过3个体系的建立,为防止企业出现信息泄密事件提供了坚强的技术支撑和保障。
Considering that various sensitive data are destroyed and leakage is greatly increasing,this paper focuses on the defense for " human" and " data" subjects vulnerable for "information leakage".The information leakage prevention technology management system is established surrounding the documents′generation,transmission,storage and destroy,whose focuses include confidentiality protocol signing,computer behavior regulation and operation and maintenance behavior auditing.It has established a security system of information leakage protection such as information security,and internal and external webmail.The establishment of the three systems can provide strong technical support and guarantee for preventing information leak in enterprises.
出处
《电力与能源》
2017年第3期358-363,共6页
Power & Energy
关键词
敏感数据
信息泄漏
管理体系
sensitive data
information leakage
management system
