On May 31, the Anhui Equal Insurance 2.0 Education Information Security Exchange Seminar was successfully held on the bank of Hefei Swan Lake. As a provider of overall solutions in the field of data center security and intelligence, Palladium and its core partner Hefei Zhisheng Xinchuang Information Technology Co., Ltd. were invited to participate in this conference and talked about information security with experts from the information centers of universities in Anhui.

With the theme of "Active Defense Creates Information Security" and the concept of "open communication and free discussion", this seminar set up a platform for skill sharing and experience exchange for information security practitioners in the education industry from all over Anhui Province. As a professional data center security and intelligent solution provider, Palladium’s technical director, Mr. Wang, conducted in-depth discussions with the guests on the construction mode, overall architecture and technical solutions of the education industry and other insurance 2.0. The on-site atmosphere was enthusiastic and exchanges were continuous. The guests participating in the conference all expressed that they have gained a lot and are full of dry goods, and they have a deeper understanding of the construction of the industry and other insurance 2.0.

▲Wang Feng, Technical Director of Palladium

      Mr. Wang first analyzed the problems faced by university information centers in information security management. With the rapid development of informatization, a large number of hidden dangers have also erupted. At present, there are information islands in many businesses in universities and there is no unified platform for information management; the operation of many important systems lacks effective security protection measures and auditing mechanisms; the life cycle of information system accounts lacks management, and the phenomenon of weak passwords is more serious; at the same time, the security 2.0 The audit requirements put forward in the article also need to be improved and strengthened.

        In this regard, Mr. Wang comprehensively interpreted the requirements of Equal Protection 2.0. He emphasized: Graded Protection 2.0 is the overall idea of "one center, triple protection" as the network security technology design. One of the centers is the security management center, and triple protection is security. Computing environment, secure area boundary, secure communication network.

      The security management center requires centralized management and control in three aspects: system management, security management, and audit management, from passive protection to active protection, from static protection to dynamic protection, from single point protection to overall protection, and from extensive protection to Precise protection.

      Triple protection requires companies to implement security protection measures such as identity authentication, access control, intrusion prevention, data integrity, confidentiality, and personal information protection through security equipment and technical means to achieve all-round security protection of the platform.

      Because the information system of colleges and universities is restricted by the special openness of the Internet, malicious software, hackers, viruses, etc. are very easy to invade the campus intranet, posing a serious threat to the information security of the campus. President Wang gave countermeasures for the information environment of colleges and universities.

"3-4-5-6" model▽

Three synchronizations: synchronous planning, synchronous construction, and synchronous execution.

Four determination: who, when, where, and what.

Five steps: waiting for protection and filing, self-examination and self-correction, reasonable protection, safety supervision, iterative optimization

Six precautions: network anti-virus, system anti-attack, service interruption, page tamper-proof, data leakage, and information anti-interruption.

      Mr. Wang said: University’s informatization learning environment, such as teaching aid platforms, scientific research collaboration platforms, learning support platforms, course production tools, digital learning resources, etc., is an important link in the deep integration of informatization and education. The security is self-evident, etc. The "3-4-5-6" model of Guarantee 2.0 can provide targeted information protection for different platforms; resolve various internal and external threats that may exist for various information business systems, portals, and data centers in colleges and universities .

      Combining the relevant regulations of Dengbao 2.0 and taking "active defense to create information security" as the idea, President Wang shared the best practice of Palladium's overall solution-in the era of Dengbao 2.0, the security protection of information systems has changed from traditional passive defense. Change to the concept of active defense and dynamic defense. Palladium's database firewall, next-generation bastion machine, IAM and other products will provide more secure services for the university information environment.

       As a professional information security manufacturer, Palladium possesses the full-process service capability of grade protection in the education industry, especially Palladium Hanwu Security Laboratory, which has a number of security experts with CISP, CISSP and other security testers. It has been able to assist users in completing the whole process of grade protection construction from grading, filing, construction rectification to assisting in completing grade evaluation, greatly reducing the difficulty of users' protection construction.

      At this university informatization security conference, Palladium security experts and university leaders have in-depth analysis of the current security problems in informatization construction and put forward solutions to the case. With the introduction of the Waiting for Guarantee 2.0, the information security construction of colleges and universities under the new form will move to a new level.

     Today, nearly a hundred users in the education industry across the country are using Palladium data center security and intelligent solutions, and the solutions and services have been trusted and praised by users. In the future, Palladium will also adhere to the development concept of "focus, specialization, and professionalism", keep up with the development trend of information, help the implementation of Equal Guarantee 2.0, and continue to escort the construction of information security in universities.