Industry application | understand the bank's sensitive data security protection ideas from practice

As a data intensive industry , In the process of carrying out financial business , Not only master a lot of personal financial information , Also collected faces 、 Personal sensitive information such as identity information . With the advancement of digital transformation and “ Post epidemic Era ” Upgrade of online service capability , The financial business is further migrated online , Personal assets and information security risks are becoming more and more difficult to prevent . Due to the particularity of the industry , Countries and industries have successively introduced 《 Network security law 》、《 Data security law 》《 Personal information protection law 》、《 Technical specifications for personal financial information protection 》 And a series of regulations and industry standards to strengthen the protection of personal information security .

How to collect personal sensitive information 、 Use 、 transmission , Not only determines whether the bank's business can be carried out smoothly , It also affects the security of personal information and personal privacy .11 month 1 The date of ,《 Personal information protection law 》 It's officially implemented . How do banking financial institutions respond to and implement national and industrial data security compliance requirements ？ How to effectively prevent the disclosure of sensitive information , Ensure the security of customer data ？

Similar pain points —— Security protection of sensitive data

Local banks A

I can IT There are a lot of business and customer sensitive data in the environment , It has not been effectively sorted out and managed ; Personnel in sensitive positions can collect customer information resources , Failure to fully control the acquisition of sensitive data 、 Storage 、 Use 、 Transfer 、 Processing and other links , There is a risk of being illegally spread and used , When something goes wrong , Will cause irreparable losses .

Local banks B

Our business scale is large , There are many workers involved in the operation , There is a huge amount of financial sensitive data in the process of business development . With the application of data 、 Data analysis 、 Data mining and other data application scenarios have been gradually improved , The senior management of the industry attaches great importance to the data security in this process , Establish effective data security desensitization specification and supervision mechanism .

thus it can be seen , The protection of sensitive data is a common difficulty for banking financial institutions , But the internal structure of each bank 、 Organization distribution 、 And business composition , According to the characteristics of different banks , We provide them with solutions that deeply combine the needs and characteristics of the bank

Different practices —— Tailored solutions

Practice plan A

combination A Current situation of information system construction of the bank , Through to A Construction of bank terminal data leakage prevention project , Realization A The bank is involved in the data supervision of sensitive data in the whole life cycle of sensitive data on sensitive terminals , Monitor and actively defend the terminal behavior , Ensure data security risks “ You know 、 controllable 、 visual 、 Auditable ”, And leakage protection of sensitive data .

This solution helps A OK, that's it ：

• Compliance regulatory requirements are implemented

Starting from the data security compliance requirements , Using corresponding technical means , Realize the information security of customers and banking technology / Business data security , Help the implementation of compliance and regulatory requirements .

• The terminal data is safe and controllable

The combination of content identification and behavior control , Conduct in-depth analysis of the user's terminal operation behavior , such as ： Chat 、 E-mail 、 Outgoing documents 、 Information published on the Internet, etc ; Accurately identify and classify a large number of documents in the line , Based on advanced content recognition technology , Take more targeted protection measures for high-value data .

Practice plan B

combination B Current situation of bank system architecture , Shiping information puts forward the construction scheme of data desensitization system with financial characteristics , When all business system data is used in non production environment , Data extraction for sensitive data 、 Data desensitization 、 Data loading and a series of data flow operations , On the premise of not landing sensitive data , High simulation processing of sensitive data , Ensure that sensitive data of production system is safe in non production environment 、 Use effectively .

This solution helps B OK, that's it ：

• Strengthen the ability of data security management , Meet compliance requirements

Start with data security and management and tracking , Start with data generation , Follow up the whole process , Scan data regularly , Clean up the data regularly after completion , Strengthen data security supervision , Ensure data security to the greatest extent , Form a data lifecycle management specification .

• Intelligent desensitization , Increase of efficiency

Using content recognition technology with independent intellectual property rights , Provide regular expression based data content 、 Automatic analysis of field names based on field names , Detect sensitive information fields in the system , It lays a good foundation for users to customize intelligent discovery rules suitable for their own needs .

Support two-to-two correspondence desensitization between database and file , That is, library to Library 、 Library to file 、 File to library and file to file desensitization mode , Meet the actual business scenario needs of users .

The same value —— All roads lead to Rome Just for safety

  Meet the compliance requirements of data audit and supervision

Help users achieve sensitive data security compliance , At the same time, meet the requirements of industry audit and regulatory authorities .

  Establish a sensitive data security management mechanism

From the perspective of overall risk control , Find sensitive data in time , Reasonably control the use and transmission of data within the scope of compliance , Avoiding security risks .

  Build data security protection system

Gradually improve the level of data security protection while avoiding the waste of resources , Reduce the cost and difficulty of data protection .