强制加密是防止内部泄密的最有效办法
<DIV><P style="LINE-HEIGHT: 17.25pt; TEXT-INDENT: 24pt; MARGIN: 0cm 0cm 0pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-pagination: widow-orphan" class=MsoNormal><B><SPAN style="FONT-FAMILY: 宋体; COLOR: #2b2b2b; FONT-SIZE: 12pt; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'; mso-font-kerning: 0pt">强制加密是防止内部泄密的最有效办法</SPAN></B><SPAN style="COLOR: #2b2b2b; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt" lang=EN-US></SPAN></P>
<P style="LINE-HEIGHT: 17.25pt; TEXT-INDENT: 24pt; MARGIN: 0cm 0cm 0pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-pagination: widow-orphan" class=MsoNormal><SPAN style="FONT-FAMILY: 宋体; COLOR: #2b2b2b; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt">重要文件受到公司安全策略的保护。例如软件公司的源代码程序文件,工程设计公司的图纸文件,制造企业的配方,军工企业涉及的军事秘密等,对于企业来说这些文件都非常重要,直接关系到企业的经济利益和国家机密,不希望流失到企业外部、竞争对手或敌对势力手里。但是,怎样才能使这些文件不被流失昵</SPAN><SPAN style="COLOR: #2b2b2b; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt" lang=EN-US><FONT face="Times New Roman">?</FONT><a href="http://www.njaxd.cn/" target="_blank"><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'" lang=EN-US><SPAN lang=EN-US>加密</SPAN></SPAN></A></SPAN><SPAN style="FONT-FAMILY: 宋体; COLOR: #2b2b2b; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt">和访问控制是通常的解决办法。</SPAN><SPAN style="COLOR: #2b2b2b; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt" lang=EN-US></SPAN></P>
<P style="LINE-HEIGHT: 17.25pt; TEXT-INDENT: 24pt; MARGIN: 0cm 0cm 0pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-pagination: widow-orphan" class=MsoNormal><SPAN style="COLOR: #2b2b2b; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt" lang=EN-US><FONT face="Times New Roman"> </FONT></SPAN><SPAN style="FONT-FAMILY: 宋体; COLOR: #2b2b2b; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt">访问控制是让一部分人有访问权限,而另一部分人没有。但在</SPAN><SPAN style="COLOR: #2b2b2b; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt" lang=EN-US><FONT face="Times New Roman">"</FONT></SPAN><SPAN style="FONT-FAMILY: 宋体; COLOR: #2b2b2b; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt">强制加密</SPAN><SPAN style="COLOR: #2b2b2b; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt" lang=EN-US><FONT face="Times New Roman">"</FONT></SPAN><SPAN style="FONT-FAMILY: 宋体; COLOR: #2b2b2b; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt">环境,访问控制的手段是无济于事的,因为有访问权限的人,可以将文件带出。本文将不讨论文件访问权限问题,在以下的篇幅中将焦点集中在文件加密技术的讨论上。加密有两种办法,一种是依靠企业内部员工的保密意识,员工在具体工作中主动保护这些信息,在电子信息系统中将这些重要信息和文件主动加密,第二种办法是采取一种强制的手段</SPAN><SPAN style="COLOR: #2b2b2b; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt" lang=EN-US><FONT face="Times New Roman">(</FONT></SPAN><SPAN style="FONT-FAMILY: 宋体; COLOR: #2b2b2b; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt">也叫被动加解密,文件是否需要加密,具体的文件操作者是没有选择权的、是被动的</SPAN><SPAN style="COLOR: #2b2b2b; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt" lang=EN-US><FONT face="Times New Roman">) ?</FONT></SPAN><SPAN style="FONT-FAMILY: 宋体; COLOR: #2b2b2b; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt">对那些重要的文件实行强制加密。</SPAN><SPAN style="COLOR: #2b2b2b; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt" lang=EN-US></SPAN></P>
<P style="LINE-HEIGHT: 17.25pt; TEXT-INDENT: 24pt; MARGIN: 0cm 0cm 0pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-pagination: widow-orphan" class=MsoNormal><SPAN style="FONT-FAMILY: 宋体; COLOR: #2b2b2b; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt">内部员工是敏感信息和文件操作的主体,大量事实说明他们是造成泄密的主要根源。第一种办法是基于对员工的完全信任基础之上,显然,这种方法存在较大弊端,不能防范内部员工作案和疏忽。使用这种方法,文件是否加密取决于文件操作者个人的判断和责任心,内部人员恶意地将机密信息带出将无法得到控制。强制加密措施能从根本上解决以上问题。所谓</SPAN><SPAN style="COLOR: #2b2b2b; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt" lang=EN-US><FONT face="Times New Roman">"</FONT></SPAN><SPAN style="FONT-FAMILY: 宋体; COLOR: #2b2b2b; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt">强制</SPAN><SPAN style="COLOR: #2b2b2b; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt" lang=EN-US><FONT face="Times New Roman">"</FONT></SPAN><SPAN style="FONT-FAMILY: 宋体; COLOR: #2b2b2b; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt">,应该有两个基本特征:一方面,只要企业认为是需要保密的信息,一律都要加密,加密与否不取决于文件操作者个人的主观判断。另一方面,经过加密的文件只有在单位内部环境中才可以打开并利用,离开单位内部的环境,经过加密的文件是打不开的。这样一来,文件操作者</SPAN><SPAN style="COLOR: #2b2b2b; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt" lang=EN-US><FONT face="Times New Roman">(</FONT></SPAN><SPAN style="FONT-FAMILY: 宋体; COLOR: #2b2b2b; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt">甚至文件作者</SPAN><SPAN style="COLOR: #2b2b2b; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt" lang=EN-US><FONT face="Times New Roman">)</FONT></SPAN><SPAN style="FONT-FAMILY: 宋体; COLOR: #2b2b2b; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt">有意泄露机密的行为能够得到有效遏制,因为他拿走的文件是经过</SPAN><SPAN style="COLOR: #2b2b2b; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt" lang=EN-US><FONT face="Times New Roman">(</FONT></SPAN><SPAN style="FONT-FAMILY: 宋体; COLOR: #2b2b2b; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt">强制</SPAN><SPAN style="COLOR: #2b2b2b; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt" lang=EN-US><FONT face="Times New Roman">)</FONT></SPAN><SPAN style="FONT-FAMILY: 宋体; COLOR: #2b2b2b; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt">加密的,离开了内部的安全环境,文件无法被解密打开。</SPAN><SPAN style="COLOR: #2b2b2b; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt" lang=EN-US><a href="http://www.njaxd.cn/" target="_blank"><SPAN style="FONT-FAMILY: 宋体; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'" lang=EN-US><SPAN lang=EN-US>文档加密</SPAN></SPAN></A></SPAN></P>
<P style="LINE-HEIGHT: 17.25pt; TEXT-INDENT: 24pt; MARGIN: 0cm 0cm 0pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-pagination: widow-orphan" class=MsoNormal><SPAN style="FONT-FAMILY: 宋体; COLOR: #2b2b2b; mso-ascii-font-family: 'Times New Roman'; mso-hansi-font-family: 'Times New Roman'; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt">综上所述,只有强制加解密措施才能有效防止内部和外部窃取机密的行为,从根本上解决泄密的问题。</SPAN><SPAN style="COLOR: #2b2b2b; mso-font-kerning: 0pt; mso-bidi-font-size: 10.5pt" lang=EN-US></SPAN></P>
<P style="MARGIN: 0cm 0cm 0pt" class=MsoNormal><SPAN lang=EN-US><FONT face="Times New Roman"> </FONT></SPAN></P></DIV>
页:
[1]