CYBERSEC 2021 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree

May 4-6 at Taipei Nangang Exhibition Center, Hall 2

Cyber Insight

Build Up Multiple Defense Mechanism and Strengthen File Resistance

Since the U.S.-China trade war and the pandemic of COVID-19, the world’s conflicts have been increased are not only in economic or public health, but also in cyber technology. Last year, president Tsai vowed that cyber security is a part of national security, and invest significant human resources and money for development. It is obvious that the importance is upgraded to core national strategy level. 

Threats come from different aspects, such as exterior network attacks, phishing and ransomware, and interior conspiracy. In the past year, Taiwan suffers nearly 3 times more networking attacks than other Asian countries. The frequency is so high that the government and enterprises must keep alerted 24 hours non-stop, causing IT managers’ tremendous workload and pressure. Data leak events happen from time to time. The sold privacy data might be used for fraud crimes. People’s property are damaged and so the reputation of the responsibility party. The theft of intelligence property might even undermine the country’s power and influence. Cyber security has become the first priority and every organization is patching up vulnerabilities in order to lower down risks it could bring.

For every invasion, there must be a goal. It could be a pure exercise or a psychological warfare. But the worst case is some interior worker take the advantage of networking attack events and transfer massive sensitive data under the table. This kind of data leak is hard to detect because when an attack starts everyone is focus on finding out the source and stop it from spreading. The easiest way to kill virus is to format the system and restore to the origin. However, at the meantime, all logs and traces are cleaned and you have no clue to put the pieces together any more, and the vulnerability stays hidden so that it might come back the other timer. In a long term, the core competitiveness keeps losing and the leading position could be taken.

Talking about the defense side, the key task is Do Not let your opponent get what they want. If invasion is inevitable, whether it comes from the outside or insiders, plan B is essential to strive for more time and mitigate damage caused by data breach. So what preparation can we do? We would suggest building multiple safety net to catch every possible loss. The first layer is to collect logs and evidences as much as possible. So even the attacked PC is restored, the activities can still leave traces so that you can see how things happened. The second layer is risk foreseeing and real time alert. With the abnormal figures in reports you can sense the storm and so necessary measures can be taken in advanced. Along with alert setting, when things go wrong you can react in the first place. The third layer is file backup. It’s not limited to ordinary daily file backup. Furthermore, if deleted files can also be collected and retained, investigation will be faster. The forth layer is to encrypt important files, no matter personal privacy data, confidential documents and drawing. As a result, even they are transferred to other places, the content remains protected. A great deal of time and effort of mess cleanup can be saved. Adopting multiple safety measures as precaution give you some immunity when facing data theft or attacks.

Secward Technology’s newly- launched file protection software goPatrol is just designed to provide multiple safety measures. There are 6 function categories: file logs and output control, report and alert, software asset management and control, hardware asset list and external device management, file clone, and file encryption. These functions are not just put together and work independently, they are integrated horizontally for the purpose of data protection. Taking logs for example, every operation related to a file, including rename, share or printing, are collected to one log query table. Administrators can filter the records by a user name, operation type, or even the text of confidential technology or customer name. Then, click on the record details to look into the file content. You don’t need to switch among modules to analyze printing logs, IM logs, file logs and monitoring video to find out the whole picture. They are put together for the purpose of efficiency and evidence reliability.

The applications and services will grow explosively following the development of 5G, IoT, and AI in the foreseeable future. The trend no doubt will expose more and more vulnerabilities of whatever connect to the networks. The more you embrace new technologies, the more security control is required. goPatrol build up versatile protection to fulfill the requirement of safety, management, and inspection. When tsunami comes, only those who are well-prepared can get out without hurts.