Defending Cybersecurity Together for Digital Transformation
Security as the Cornerstone of an Interconnected World
As new technologies, most notably 5G, big data, AI and cloud computing, are booming, and emerging industries, such as telecommuting, online education, and live commerce, are springing up under the worldwide rampant pandemic, enterprises are advancing digital transformation at full throttle. In the context, 5G transforms how we work and live and cybersecurity has had a high profile in the international community.
In an era where all are interconnected, security forms the basis. Cybersecurity is not only a matter of state, society, city and infrastructure. It's also entwined with our everyday life. Facing current changes in technology and market environment, how shall SST help enterprises build strong digital security shields on the path of transformation?
Taking two-pronged measures to ensure in-house security1. Strengthen staff awareness of cybersecurity. Incomplete statistics show that the main culprit in cybersecurity incidents seems to be negligence or faults of insiders, careless password management and sharing, phishing, fraud and employee information leakage, to name a few.
Explaining and enforcing in great depth the Cybersecurity Law, Data Security Law, Personal Information Protection Law and other laws and regulations, SST intensifies staff education on observance of laws, regulations and corporate institutions, along with security issues. And as a provider of cybersecurity instruction services, data escrow and security operation & management services, SST uses its best endeavor to fortify the first line of security defense while cementing the foundation of digital security for customers.
2. Tighten endpoint prevention and control. In the wake of the rise of telecommuting, endpoint threats make enterprises more prone to data theft, thus resulting in forced termination of core business services and consequently major losses to companies. SST has been consistently delivering safer services to customers with assured endpoint security, taking such stringent measures as intranet zone management and control of PC permission.
Making allowance for both "software" and "hardware", SST fights against any and all external threats. It takes an exhaustive approach to respond to system loopholes and external attacks induced by Internet threats, from PC hardware to site defense inclusive.
Reinforcing "hardware" strength through three-level security protection in the machine room and SDWAN platform systemIt is expressly stipulated in the Cybersecurity Law that classified protection system of cybersecurity is imposed in China. According to the Information Security Technology-Evaluation Requirements for Classified Protection of Cybersecurity, three-level security protection evaluation incorporates diverse requirements for various security control points, such as security communication network, security boundary, and secure computing environment, which are categorized into requirements for security protection technology, requirements for security management and other facets. The certification of "three-level security protection" is indicative of hitting a higher standard in China with regard to capacity of information security management.
By establishing classified protection of information systems and improving protection of its own information systems connected to external ports, SST has now accomplished three-level protection in the machine room and SDWAN platform system and keeps optimizing relevant protective measures on an annual basis.
Machine room plays a vital part in storing infrastructure, especially servers. With fundamental capabilities of fireproofing, damp proofing, data backup and recovery, etc., SST machine room has been certified in three-level security protection evaluation with a service system in line with ANSI/TIA942 standard and other international standards.
Upgrade "software" power through two-level security protection in the official websiteIn defense against external attacks on web servers or webpages, SST has passed two-level security protection evaluation and deployed WAF (Web Application Firewall) cloud products in its official website system. Safeguarding enterprise users in browsing the site using methods including "active defense, human/machine recognition, data risk control, and situation awareness", it effectively curbs Challenge Collapsar (CC) attacks on the site and malicious attacks on webpages thereof. Leveraging the synergy of WAF cloud products, SST can help enterprise users prevent all manner of common threats, such as automated attack, bulk registration, credential stuffing, malicious login, loophole scanning, privacy leakage, and milking, with effectiveness.
In addition, SST site has been put under the umbrella of server host security management system. Whilst implementing threat detection, response and traceability, the system can better secure cloud hosts, local servers and webpages, in a bid to ensure normal operation of business applications.
"One with perseverance will go farther; one with sharp mind seek regular innovation". Looking ahead, SST will continue to assist enterprises in cloud-based application through faster digital transformation, using its own business strengths in line with management regulations and technical standards. It is looking forward to writing a new chapter of building a mighty China with stronger cybersecurity with concerted effort.