With the development of the Inter得不net, people's demand for online sh熱如opping and e-commerce is increasing, w匠麗hich urges the banking industry to vigo為分rously develop online business a又區nd provide financial services to 習麗the public through Internet channels 有街such as mobile payment and online會玩 banking. At the same time, how校動 to ensure the normal operatio畫區n of these infrastructure assets and t章睡he non disclosure of core data, It has好下 become a big problem in the bankin好木g industry to avoid unauthorized acc工白ess by internal personnel and intrusion歌城 and attack by external hackers.月民 A bank is a national joint-stock c可習ommercial bank approved by the CBRC. 司答With the implementation of cross 雜些regional development strategy, conti微下nuous expansion of business and con個場tinuous development and growth 雨笑of scale, once a business interrup身視tion accident occurs, even in a 黑呢very short time, it will cause制睡 great losses; The large amount of t時大ransaction data stored in the dat錯友abase not only involves economic 路員interests, but also contains pe友海rsonal privacy information. Once l門件eaked, it will cause irreparab低南le damage to the bank's reputati醫愛on. The risks and threats of i分火t information technology are increasi工畫ng day by day. How to ensure th睡的e stable and safe operation of the wh近通ole IT system has also become an ur件花gent challenge for decision-make師是rs and management.

Industry demand

In order to ensure the safety of東唱 the financial industry, the CBRC has a頻站lso strengthened the supervision of ba機行nks, issued various conditions and gui暗工dance documents to guide the informatio水靜n security construction and standar線冷dization of banks, so as to tak如謝e precautions and prevent data s現女ecurity incidents. It focuses on t內房he operation and maintenance operation場好al risk management, which requires 一行the unit to keep records of all operati國行ons in the background of the data cent話他er. The CBRC found many problems in t動能he risk assessment of the infor子海mation technology risk supervision and什為 inspection of the commercial 煙章bank, mainly as follows:

1. Account sharing and cross Man話子agement: since multiple mainte靜男nance personnel use one account for兵我 operation and maintenance at 和請the same time, in case of misoper懂快ation, the specific operator cannot be 麗你determined;

2. Authorization management: for hi土請gh authority accounts, there is no 花在good control method for authori話來ty. As long as the network is 麗多accessible and has a user name and pa技湖ssword, you can log in and operate the 你但background of the data center at any 美師time;

3. Operation behavior control: th農都e operation and maintenance personnel湖見 (maintenance agent) are opaque to the文森 background operation of the data ce輛農nter. The person in charge of the i民歌nformation center does not know他吃 who did what operation in the bac歌從kground at what time, and there is no 計行good monitoring method;

4. Data leakage: protocols such as RD劇吃P and FTP have disk mapping fun在放ction. If the transmission control of m數數aintenance protocol cannot be well cont筆畫rolled, the core confidential data has 事妹the risk of foreign exchange;

5. The source of database access 黃弟is complex, and it is difficult 數銀to determine the real visitors o一司f database operation;

6. The log record information of the d月冷atabase system is incomplete, an能購d the violation events cannot be fou個北nd in time and accurately;

7. The database operation process is co影說mpletely in the "dark box", so it is d看音ifficult to understand the detai裡放ls.