Industrial security experts talk about how to build security protection capability for government big data platform?

Implement the 14th five year plan “ Accelerate digital development Building Digital China ” An important chapter of , Governments at all levels are also accelerating the digital transformation of government services .“ Digital government ” Is the construction of “ Digital China ” Organic components of , It is an important engine to promote the high-quality development of social economy , therefore , Force “ Digital infrastructure ” It has also become a key measure that has attracted much attention .

meanwhile , The construction of data security capability is becoming more and more important .《 Data security law 》、《 Personal information protection law 》 The two laws have been implemented successively , It marks that data security and data utilization have been formally incorporated into the national governance system . Improvement of laws and regulations , What changes have been brought to the digital transformation of government affairs ？ When laying out the government big data platform , How should data security capabilities be planned ？

In this issue 「 Industrial safety experts 」 Join hands with information observation network , Invite to Cuizhuo, head of Tencent data security production line , Focus on the government big data platform with us , Talk about the thinking and practice of data security .

Q1： The improvement of laws and regulations has great impact on the existing data security capability 、 product 、 What new challenges does technology present ? How security vendors respond ?

Cuizhuo ：《 Data security law 》 and 《 Personal information protection law 》 In the fall to the ground , For the whole market and safety manufacturers , Play a great positive role . Before the implementation of the two laws , Regulators 、 Regulated units and service providers with safety capability , When solving data security problems , Mainly depends on 《 Network security law 》 Or other terms related to data security , Work as a policy guide . relatively , The construction of security capability is discrete , Distributed in all links or nodes of network security solutions . The implementation of the two methods gives us new guidance , It can solve the problem of data security more systematically , Be planned 、 Implemented 、 There's a check , And feed back the optimization of data security capacity building , More closed-loop solution to the problem of data security .

For the current industry , The biggest challenge is how to decentralize 、 Discrete security capabilities are organically integrated , Form a data security protection network , Defense in depth to solve data security problems .

Q2： What industries are affected by the implementation of laws and regulations / Types of institutions have a significant impact ？

Cuizhuo ： The main reason is that the data volume is large 、 The data is complex 、 High density 、 High value industries , The greater the risk of data leakage 、 The more harmful the data leakage is to the industry , The more significant the impact . Look at it from another Angle , stay 《 Data security law 》 Some industries have been named at the time of release ： Industry 、 health 、 health 、 Finance 、 Technology and other sectors , And the government and the government sector . Data from these industries , The situation of distribution and circulation is more complicated , The impact will be more significant .

Q3： What are the new security issues facing users in the government sector “ Land Rover ”？ How to build safety protection capability ？

Cuizhuo ： The application and circulation of data in the financial and government industries are ahead of other industries , Many local governments have built government big data platforms , Store the data of each department in a unified way 、 analysis 、 Handle 、 application . After the data flows , Greater value space , New risks will also arise .

Government sector data security “ Land Rover ”, There are two main categories ：

• First of all , Dynamic flow of data . It used to be discrete 、 It is statically stored in various commissions, offices and bureaus , Now it is stored in a centralized way and called continuously , Data activity will increase , Circulation will also intensify . The data security problem in this data flow scenario is the first challenge we face ;
• second , The data volume of the government big data platform 、 Format 、 Data item , Including the changing activity , The construction of data security capability should also change with the data form , Make corresponding adjustments to the safety capability . How fast 、 Respond positively to data changes , Adjust the safety capability , Is the second challenge we face .

Q4： For users in the government sector , What is Tencent's plan for data security ？

Cuizhuo ： Tencent security is planning data security solutions and capabilities , The central idea is layering 、 decoupling . The entire data security solution is divided into three layers ：

• The first layer is data security services , Safety consultation 、 Data security governance 、 How to operate the service , Help the government big data Bureau sort out data assets , Define data security management objectives and risk tolerance , Help with data security planning from all dimensions .
• The second layer is the data security center , Play a connecting role . For the landing tools needed to undertake data security services , Through the system 、 technology , Help customers sort out data assets ; The next step is to provide a standard for our atomized data security capabilities , Provide a unified management platform . In this way, the data security capability can be centrally arranged and controlled , Data security policies can also be formulated and distributed uniformly , Finally, the operation of various data security capabilities , Summarize the protection and relevant logs , Macroscopically discover the overall risk of data security , And dispose accordingly .
• The third layer is data security capability , That is to say, as mentioned above “ decoupling ”, Atomize all data capabilities 、 Standardization . It can be deployed independently , Play a corresponding role , It can also be woven into a network by the data security center , Based on unified interface standards , Integrate the entire solution , Provide defense in depth .

Q5： What advantages does Tencent security have in escorting the security of the government big data platform ？

Cuizhuo ： Provide security capabilities for the government big data platform , This is the responsibility of Tencent security . Tencent is the contractor of the government big data platform , It is also a professional security manufacturer , Have the ability of both sides , therefore , When developing the government big data platform , It has injected security elements and genes into the big data platform , After the government big data platform is completed, it has a large number of data security capabilities . Besides , Tencent security can also be deployed after implementation , Combined with special scene requirements , Supplement or elastically expand the security capability .

Q6： Focus on government security business , What data security protection plans does Tencent security have ？

Cuizhuo ： The first is to consolidate Tencent's layered and decoupled data security solution . On this basis, there are three directions of resource investment and exploration ：

• First of all , Tencent security has always emphasized , Data flow will produce value , Data security in dynamic flow scenarios must be protected , therefore , We will exchange data 、 The sharing link continuously invests resources ;
• second , It's also the direction we're exploring , The ability to secure data , adopt SaaS Service oriented approach , Cover the hybrid cloud scene , Unified data security management ;
• Third , At present, the industry or manufacturers mainly invest resources and energy in data processors , We want to rely on two methods , It also provides security services for data owners , So that they can quickly understand and implement their rights .