Talking about the Big Data Security Ecology | Palladium deeply participates in the 9th Internet Security Conference-Hangzhou pldsec Network Technology Co

At the scene, the Palladium security team introduced the full range of management security, database security and log big data analysis products to the participants, and conducted in-depth exchanges with security industry media.

CSO Summit Forum

On the morning of the 29th, IISC 2021 held the Digital Transformation and Security Digital Strategy Summit. As one of the nine summits, it was co-hosted by Anzai New Media and ISC Internet Security Conference Yu. The summit brought together industry leaders and corporate founders to discuss and share hot topics such as security digitization and corporate digital transformation, as well as interpretation of laws and regulations and practical case sharing.

Palladium Chief Security Officer Wang Feng was invited to attend the summit and took the stage to share the best practice experience of digital management of corporate privileged accounts for the guests.

"Privileged access management is one of the most critical security controls"

First of all, he pointed out that the rapid development of digital transformation, if companies want to handle the position relationship between digital security and digital security, it is indispensable for the access control of the company's key assets. As the top of Gartner's top ten security projects, PAM tools can help organizations provide secure and privileged access to critical assets, and meet compliance requirements by managing and monitoring privileged accounts and access.

He pointed out that in the process of enterprise digital transformation, security and risk management leaders must use PAM tools in long-term strategies to solve the two types of privileged accounts commonly used by operation and maintenance personnel in the management of enterprises-personnel privileged accounts and software privileged accounts Confusion facing.

"How to control database-level privileged account access?"

When talking about the problems facing PAM platform construction, he particularly emphasized the control of database-level privileged account access: in case of illegal use of privileged accounts and malicious violations, timely behavior blocking, authority management, and operation and maintenance data dynamics Desensitization is the key to solving the above problems.

Then, he put forward the following functional requirements for PAM operation and maintenance tools from the perspective of offensive and defensive combat:

1. Privileged account channel control

2. Privileged account risk prevention

3. Database privileged identity governance

4. Full agreement operation and maintenance and password change

5. Applicable to all platforms and all browsers

6. Safe stealth operation and maintenance

Finally, he combined with the industry practical experience of Palladium privileged identity access security management system, and shared the privileged account management solutions in different application scenarios for everyone, which was warmly supported by the participants.

Safety and governance of new infrastructure

The in-depth participation of Palladium at ISC 2021 can be described as a full bloom: one side is a full-blown exchange meeting and summit forum, on the other hand, Palladium product manager Cheng Songyuan also takes the guests on the "ISC talk" stage. Here comes the sharing of the theme "Safety and Governance of New Infrastructure Facilities".

He centered on the theme concept of "new tactics and new framework", focusing on facility account security and core data security, and shared Palladium's management ideas and governance models for new infrastructure facility accounts and data.

What is new infrastructure? He preached at the meeting: New infrastructure refers to an infrastructure system that is guided by new development concepts and takes data as the core to provide services such as digital transformation, intelligent upgrading, and integration innovation.

In response to the problems of new infrastructure account management, he proposed the management ideas of IPDRP, including identification, defense, detection, response and recovery. Palladium's privileged identity access security management system PAM-PLUS combines IPDRP management ideas with the "zero trust" security model, automated security operation and maintenance, and database identity management related features, which can well solve the unified security of privileged accounts in the data center infrastructure. Governance, centralized risk detection, transmission channel control, in-depth access control, and database operation and maintenance privileged identity governance problems.

In addition, he also conducted a comprehensive analysis of the threats to the core data security of the new infrastructure. Faced with increasingly stringent legal and regulatory requirements, enterprises urgently need to perform fine-grained control and management of database-level accounts. The Palladium database security operation and maintenance treasure DIM includes personnel security authentication, application access control, database compliance login, operation and maintenance authority management, Work order process system, operation and maintenance operation auditing, etc. comprehensively support database operation and maintenance security management and database leakage prevention, meeting the requirements of database operation and maintenance security internal control and various laws and regulations, and finally solving the security management and account number of database operation and maintenance side Risk control, transmission channel control, in-depth access control, and database operation and maintenance authority management problems.

Finally, he showed everyone the data security governance framework, and proposed that enterprises should manage and control the data security of new infrastructure facilities from the legal compliance side, the security protection side, and the internal management side.

So far, the ISC 2021 China Internet Security Conference has come to a successful conclusion. As the largest and most professional annual security conference in the field of information security in the Asia-Pacific region. ISC 2021 not only gives us a platform for communication and interaction with customers in the industry, but also an opportunity to discuss and share the most cutting-edge security technology research results and practices with industry cybersecurity experts.

In the future, Palladium will always be committed to the research and development of cutting-edge information security defense technology, continuously improve its own products and solutions, empower major enterprises to strengthen data security and information security, contribute innovation to the construction of digital China, and create a secure network world Provide stronger support.

July 27-29, 2021, the Ninth Internet Security Conference (hereinafter referred to as " ISC 2021”) was grandly held at the Beijing National Convention Center.