hosting service is not a new thing, it is available in all walks of life, including server hosting and hosting. Cloud services are actually three different levels of services: IaaS, PaaS, and SaaS, namely infrastructure hosting services, platform hosting services, and software hosting services. What we want to share and communicate today is a higher level of hosting services, secure hosting services, also known as MSS, which belongs to SaaS security services.
——Li Xinyou Chief Engineer of the National Information Center and President of the "Information Security Research" magazine
htmlOn June 8, the " Digital Government Security Hosting Service Technology Forum" co-organized by the National Information Center "Information Security Research" magazine and Shenxinfu Technology Co., Ltd. (hereinafter referred to as " Shenxinfu ") ended successfully. Many well-known experts in the field of digital government network security, including the National Information Center, the Information Security Level Protection and Assessment Center of the Ministry of Public Security, and other well-known experts in the field of digital government network security conducted in-depth discussions from multiple angles of "trends, compliance, guidance, plans, and practice", bringing a "feast" about network security on digital government.
Trend Insight: The next trend in government network security - security hosting services
At present, cloud-based and service-based security protection models have been adopted by more and more digital governments. Li Xinyou, chief engineer of the National Information Center and president of the Information Security Research magazine, said in his speech that although security hosting services have shown many advantages, such as low investment and full capacity, uninterrupted confrontation, liberating operation and maintenance pressure, and improving work results, security hosting service providers still need to continuously improve their service capabilities, optimize security mechanisms, and improve service experience to cope with the escalating attack situation.
In addition, for government departments and public institutions that plan to adopt secure hosting services and are adopting secure hosting services, he also put forward important suggestions such as paying attention to service quality commitment, paying attention to secure operations, and paying attention to data security.
Picture Notes: Li Xinyou, Chief Engineer of the National Information Center and President of the Information Security Research Magazine
, Vice President of Shenxin Service Technology Co., Ltd., Hu Bin, conducted an in-depth analysis of the domestic and international trends and market trends of secure custody services. Hu Bin said that the government network security hosting service released by Shenxinfu this time is based on the first security operation center built on the government network in China. It can break through the limitations of traditional security protection and provide government users with professional, continuous and effective network security guarantee services through the all-weather and "human-machine intelligence" service model. In the future, Deepin Service will continue to upgrade its own security hosting and offensive and defensive capabilities, helping the majority of government users to reduce the pressure on security construction and protect the construction of digital government network security.
Picture Note: Hu Bin Vice President of Shenxin Service Technology Co., Ltd.
Authoritative interpretation:
Under the new situation, the compliance work and security guarantee work ideas of e-government
From the macro trend of the entire network security development, the "war" of the network information war has spread to the basis of national key information. As an important part of key information infrastructure , e-government supports the national economic operation and people's livelihood services, and requires greater attention to network security work.
After the network security level protection system entered the 2.0 era, the "Regulations on the Protection of Critical Information Infrastructure" provides strong legal guarantees for my country to carry out the security protection of critical information infrastructure in depth. However, with the continuous innovation of technology, the security challenges faced by e-government are not static. Bi Manning, former deputy director/researcher of the Information Security Level Protection and Assessment Center of the Ministry of Public Security, pointed out: "Compliance is a means. Although compliance is not necessarily safe, non-compliance is bound to be unsafe. On the basis of doing a good job in compliance, e-government should be passive as an initiative, make full use of social forces, and use the new security service model to assist in achieving security goals.”
Picture Note: Kymaning Former Deputy Director/Researcher of the Information Security Level Protection Assessment Center of the Ministry of Public Security
From the specific progress of implementation, the national external network security monitoring platform has formed a monitoring capability covering the entire network boundary, but local external networks still have the problem of uneven security protection capabilities and monitoring capabilities. The practice of purchasing security products and solving system failures alone can no longer effectively detect, defend and deal with viruses, resulting in rapid horizontal spread after being invaded. In recent years, attackers have passed weak It is common for local attacks on other localities or government departments to be launched.
Liu Bei, director of the Government External Network Security Monitoring Department of the Ministry of Information and Network Security of the National Information Center, pointed out that in combination with the general trend of security service and cloudization, a new security service model with three advantages: low-cost, lightweight deployment, and on-demand provision - secure hosting services can meet the broader security needs of local government affairs.
Picture Note: Liu Bei Director of the Security Monitoring Department of the Government Affairs External Network of the Ministry of Information and Network Security of the National Information Center
Therefore, the National Information Center has joined hands with professional security manufacturers to build a security operation center on the government network, providing security operation services and security hosting services to government departments at different levels across the country. Taking the government network security hosting service platform released by Shenxinshuo as an example, the security operation center based on the platform provides services with unified standards and processes, uniformly conducts service supervision and evaluation, effectively guarantees data security and service availability, and provides government organizations with better quality, more comprehensive and professional network security guarantee services.
The first release is:
Cloud-based hosting government security services: opening economy, convenience, and Effective construction model
Under the premise of achieving the same security construction goals and protection effects, the government network security hosting service pioneered the integration of new elements such as cloudization, hosting and service, which is undoubtedly a more economical and convenient new choice for the majority of government users.
Relying on the security hosting service platform deployed by the national government network, Deepin Conscientious Service established a cloud security operation team dedicated to serving government users to monitor, analyze, analyze, judge and emergency for government users for 7*24 hours of threat/events. At the same time, the local security service team will promptly cooperate with the cloud to conduct on-site handling and work reports, and ensure government network security with the emerging model of "cloud-to-ground collaboration".
Picture Note: Li Huanbo General Manager of Secret Service
In addition to daily operations, Secret Service has created multiple targeted solutions for core security scenarios, such as special ransomware operations, normalized security operation guarantees, and important period guarantees. These solutions can be flexibly expanded to help government users obtain corresponding security operation capabilities as needed and achieve more accurate security protection.
By serving thousands of users, Secret Service has polished out better service capabilities, industry-oriented threat detection capabilities, and faster emergency response capabilities. It is based on excellent service capabilities guarantee and customer-oriented service original intention that Secret Service dares to make commitments to the service effect of every government user, so that government users can truly worry, feel at ease, and feel at ease.
Practice Sharing :
Huizhou Digital Government and Shanxi Digital Government "One Cloud" security construction Exploration
Huizhou Municipal Government Service Data Management Bureau Third-level researcher Wang Xinke said in his practice sharing that in the process of steadily implementing Huizhou City e-government, they discovered many network security risks that need to be solved urgently, such as weak threat monitoring capabilities, scattered information system deployment, and low employee security awareness and management level.
Therefore, Huizhou Digital Government has carried out a series of implementation actions, such as establishing a complete security work responsibility mechanism, promoting the migration of government information systems to the cloud, cleaning up zombie systems and websites, organizing network security offensive and defense drills, etc., which quickly filled the "shortcomings" of network security construction.
In the subsequent long-term operation, Huizhou Digital Government Affairs chose to cooperate with Shenxinshui to jointly operate government security. Wang Xinke said: "Through cloud hosting and local collaborative operation methods, the experts of Shenxinsuo cloud provide rich threat intelligence and 7*24-hour risk control. Local security personnel cooperate to carry out daily disposal and defensive strategy adjustments, filling the shortcomings in our city's network information security defense and greatly improving security capabilities."
Picture Note: Wang Xinke Under the guidance of "one cloud in the province", Huizhou Municipal Government Service Data Management Bureau,
, under the guidance of "one cloud in the province", Shanxi Cloud Times Technology Co., Ltd. adheres to the joint prevention and control security concept of "civil defense, material defense, and technical defense". Relying on various capabilities such as multi-angle, active defense, and passive defense, it covers multiple levels of digital government "cloud, digital, network, and application", and builds a solid Shanxi government network security wall:
. Management level
Through joint efforts with supervisors and regulatory departments, it does a good job in security management of "standards and compliance, clear boundaries, and clear rights and responsibilities" to ensure the smooth, efficient and safe operation of digital government infrastructure and information systems.
. Operation level
local operation center is combined with the central government network operation center, and through the service-oriented and cloud-based government network security hosting model, it realizes pre-monitoring and early warning of security incidents, in-process handling and defense, and post-verification auditing, and the security closed-loop operation capability that combines active security and passive security.
3. Technical level
builds a security data middle platform and a unified network security management platform. Achieve the coverage of the entire process of collection, aggregation, analysis, governance of multi-source heterogeneous data, as well as monitoring and early warning, risk assessment, emergency response, and automatic protection, and finally establish a "bottom-up, comprehensive coverage" security protection technology system.
Picture Note: Liu Liheng Shanxi Cloud Times Government Cloud Technology Co., Ltd. Security Operation Expert
Conclusion: Today, the national "14th Five-Year Plan" strategic plan puts forward more professional, more sustainable and comprehensive requirements for the network security protection of digital governments. In order to help the majority of government users consolidate the government network security defense line, Shenxinshui will continue to upgrade the capabilities of the security operation center under the guidance of relevant departments, reduce the security pressure of the majority of government users, and contribute to the protection of digital government network security.
Source: China Youth Network
