遠程數據庫鏈接安全性

By Cameron Albert-Deitch

卡梅倫·阿爾伯特·迪奇

Social Security numbers. Bank account information. Customer passwords. Every business needs to protect its most valuable data, and most offices have a common last-resort option: If you close and lock the doors, nobody’s going to access your system from the inside by, say, sticking a malicious USB drive into a computer.

社會安全號碼。 銀行帳戶信息。 客戶密碼。 每個企業都需要保護其最有價值的數據，并且大多數辦公室都有一個通用的最后處理選項：如果您關閉并鎖上了門，則沒人會通過將惡意USB驅動器插入計算機來從內部訪問您的系統。 。

With remote workers, keeping your company’s data secure is a lot trickier. “When everyone’s in an office, it’s easy to turn someone’s computer off,” says Jerry Bennett, founder and CEO of Melbourne, Florida-based consulting firm Privateer IT. “But in a remote workforce, you’re dealing with things like HIPAA laws and cybersecurity laws. And you’re dealing with people’s real lives.”

使用遠程工作者，確保公司數據的安全性變得非常棘手。 “當每個人都在辦公室時，關閉某人的計算機很容易，”佛羅里達州墨爾本咨詢公司Privateer IT的創始人兼首席執行官杰里·貝內特(Jerry Bennett)說。 “但是在遠程員工隊伍中，您正在處理諸如HIPAA法律和網絡安全法律之類的問題。 您正在處理人們的現實生活。”

Bennett’s six-year-old startup, which ranked №295 on this year’s Inc. 5000 list of fastest-growing companies in America, has 20 employees. All but one of them work remotely. That presents a challenge for a company that gets paid to advise on cybersecurity issues — and with clients like the U.S. Department of Veterans Affairs and the Defense Intelligence Agency, maintaining data security is especially crucial.

貝內特(Bennett)成立6年，在20位員工中排名第295位，該公司在本年度美國成長最快的公司5000強中排名第295位。 除了其中一個以外，其他所有人都在遠程工作 。 對于一家獲得薪酬以就網絡安全問題提供建議的公司而言，這是一個挑戰，而對于像美國退伍軍人事務部和美國國防情報局這樣的客戶，維護數據安全尤為關鍵。

Those concerns aren’t restricted to startups working with federal agencies. Mark Loveless, a senior security researcher at San Francisco-based GitLab, says data security is always a work in progress — especially for GitLab, a company that creates tools for software developers and has one of the world’s largest all-remote workforces. The nine-year-old company attained a $2.75 billion valuation in September, and currently employs more than 1,100 employees across 65 countries, meaning 65 different sets of cybersecurity laws and compliance regulations.

這些擔憂不僅限于與聯邦機構合作的初創公司。 總部位于舊金山的GitLab的高級安全研究員Mark Loveless說，數據安全性一直在發展之中-特別是對于GitLab來說，GitLab是一家為軟件開發人員創建工具的公司，擁有全球最大的全遠程員工隊伍之一。 這家擁有9年歷史的公司在9月獲得了27.5億美元的估值 ，目前在65個國家/地區擁有1,100多名員工，這意味著65套不同的網絡安全法律和法規合規性。

Despite the ever-changing nature of remote data security, Bennett and Loveless agree that these two best practices can make a huge difference for any startup.

盡管遠程數據安全性不斷變化，但Bennett和Loveless認為，這兩種最佳實踐可以對任何初創企業產生巨大的影響。

1.軟件冗余 (1. Software redundancies)

Bennett and Loveless agree: No one tool will ever be a perfect solution. Bennett says Privateer typically has three to five security tools running on each employee’s laptop, which feature capabilities like remote access, remote wiping or bricking, and secure channels for communication. His favorite, he notes, is fairly common: Microsoft 365 Enterprise, which has multi-factor authentication and the ability to restrict specific users’ access to individual files.

Bennett和Loveless同意：沒有一種工具會是完美的解決方案。 Bennett說，Privateer通常在每位員工的筆記本電腦上運行三到五個安全工具，這些工具具有遠程訪問，遠程擦除或砌塊等功能以及安全的通信通道。 他指出，他的最愛很普遍：Microsoft 365 Enterprise，它具有多因素身份驗證，并且能夠限制特定用戶對單個文件的訪問。

Instead of worrying about security on 1,100 different employee devices, GitLab devotes its attention to properly restricting access to each individual piece of company data — all of which is stored in the cloud. Loveless’s preferred program to enable this: Okta, an identity and access management tool. He refers to the strategy as “fail-close,” enabling multiple layers of protection without burdening users.

GitLab不必擔心1100種不同員工設備上的安全性，而是將注意力集中在適當地限制對每個公司數據的訪問上，所有這些數據都存儲在云中。 Loveless首選的實現此目的的程序：Okta，一種身份和訪問管理工具。 他稱該策略為“失敗關閉”，可在不增加用戶負擔的情況下實現多層保護。

Access to each piece of data requires specific access credentials, which Okta automates so employees don’t have to constantly reenter passwords. The company also monitors other data access metrics — so, for example, an administrator can be immediately notified if a sensitive piece of data is accessed from an unfamiliar location. Loveless also says that when GitLab last upgraded its security protocols, it kept the old protocols — a more tightly restricted system, with access based on both user credentials and IP address locations — as a “break-the-glass” option to keep the business up and running during emergencies.

訪問每條數據都需要特定的訪問憑據，Okta會自動執行這些訪問憑據，因此員工不必不斷重新輸入密碼。 該公司還監視其他數據訪問指標-例如，如果從不熟悉的位置訪問了敏感數據，則可以立即通知管理員。 Loveless還說，當GitLab上次升級其安全協議時，它保留了舊協議(一個受到更嚴格限制的系統，可以同時基于用戶憑據和IP地址位置進行訪問)作為保持企業業務的“輕巧”選擇。在緊急情況下啟動并運行。

2.員工培訓 (2. Employee training)

The human element can undermine even the world’s strongest security systems. Bennett says he’s constantly training his employees, including a monthly all-hands conference call dedicated specifically to maintaining data security. His company policy: If anything ever smells fishy, for any reason, contact him and wait for a response before proceeding.

人為因素甚至可以破壞世界上最強大的安全系統。 Bennett說，他正在不斷地培訓他的員工，包括每月一次專門用于維護數據安全性的全體電話會議。 他的公司政策：如果出于任何原因聞到任何腥味，請與他聯系并等待響應，然后再繼續。

Not all CEOs are security experts, so Bennett recommends hiring one. “You don’t need to hire someone full-time to do it,” he says. “Find someone you have vetted, that you trust, that you can pick up the phone and call. And they’re the smart person that goes and solves the problem.”

并非所有CEO都是安全專家，因此Bennett建議雇用一名。 他說：“您不需要雇用專職人員就可以做到這一點。” “找到您所審查，信任的人，您可以接聽電話并打電話。 他們是能夠解決問題的聰明人。”

GitLab loads most of its data security training into its onboarding process, which is heavily documented in the company’s sprawling (and publicly available) employee handbook. The goal is for new workers to internalize best practices at their own pace, and each potential change to those protocols is measured by a simple litmus test: Will the increased security be worth the additional hassle to employees?

manbetx客戶端打不開將大部分數據安全培訓加載到其入職過程中，該文件在公司龐大(且可公開獲得)的員工手冊中有大量記錄。 目標是讓新員工按照自己的節奏內部化最佳實踐，并且通過簡單的石蕊測試來衡量對這些協議的每次潛在更改：增強的安全性是否值得員工額外的麻煩？

The company also works to educate employees on new protocols by holding regular company-wide meetings, which Loveless says are “thoroughly documented” for anyone who misses. “As an all-remote company, we try to really be accommodating of users and team members,” he says. “We try not to make it a dictatorship — you must do this, you must do that. We try to give them choices.”

該公司還通過定期舉行公司范圍內的會議來對員工進行新規程的教育，洛夫萊斯說，對所有錯過的人都“進行了充分的記錄”。 他說：“作為一家遠程公司，我們試圖真正容納用戶和團隊成員。” “我們試圖不使其成為獨裁國家，您必須做到這一點，您必須做到這一點。 我們試圖給他們選擇。”

翻譯自: https://medium.com/inc./remote-work-has-a-hidden-challenge-data-security-heres-how-experts-overcome-it-7fa9f2e3d04c

遠程數據庫鏈接安全性

總結

以上是生活随笔為你收集整理的远程数据库链接安全性_远程工作面临着隐藏的挑战数据安全性是专家如何克服的挑战的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。