Is it feasible to prevent data leakage in LAN, enterprise document encryption software and computer data leakage software


At present, enterprise information security has become an important aspect of enterprise network management. Many enterprises and institutions have adopted various data anti disclosure schemes in order to protect their confidential information. Among them, the use of various encryption software to protect computer documents and drawings has become a consensus, but also played a certain role in preventing the leakage of computer documents. But can encryption software completely ensure the security of computer files and prevent the leakage of trade secrets?
Since the existence of data anti disclosure market, there have been many disputes about document encryption software, some of which are good, some are bad. But after careful analysis, it is not difficult to find that: the evaluation of document encryption software is good, most of which are document and drawing data anti disclosure users. The evaluation of document encryption software is not good, most of them are users of source code anti disclosure, and users’ criticism mainly focuses on the phenomenon of card, slow, damaged data and so on when source code is encrypted.

For this phenomenon, industry insiders said that document encryption software was originally intended to protect document and drawing data. Later, driven by the strong market demand, it expanded to the field of source code anti disclosure. However, from the current user feedback, the use of document encryption software to protect the source code against leakage is not successful.

First of all, from a technical point of view, the core of the document encryption software is to transparently encrypt and decrypt the data itself according to the process and combine it with the user and authority to realize the data anti leakage; obviously, due to the numerous processes of the source code itself, the error rate of the document encryption software increases greatly and the efficiency decreases, and the card, slow and other phenomena appear. The defect of document encryption software, which is often called from the womb by people in the industry, seems to be unable to solve fundamentally.

Secondly, from a practical point of view, excluding the factors of non mainstream manufacturers’ imperfect products, the current trend is (for example, trend to USB port management software, download address: main application of document encryption software of Shenzhen Hong’an and other well-known manufacturers mainly focuses on document and drawing data anti leakage, and there are few successful cases of using document encryption software to protect source code against leakage in the industry. As shown in the figure below:

Figure: disable USB interface software and shield U interface software

In addition, according to statistics, most users have chosen to use DSA data security isolation scheme to prevent source code from leaking. The core of DSA data security isolation is to build a full cycle security area of source code storage, flow and use to prevent data leakage through multiple isolation of disk, storage, network and application. Without processing the data itself, it can fundamentally avoid card, slow, data damage and other phenomena when source code is encrypted.
In a word, in order to prevent the leakage of confidential documents, on the one hand, it is necessary to cooperate with the enterprise information security management system and sign a strict confidentiality agreement with the employees; on the other hand, it is also necessary to comprehensively use various computer file encryption software, drawing file software and DSA data security isolation scheme, so as to achieve the maximum effect of computer file protection.

Obviously, whether the document encryption software is feasible or not depends on the type of data it needs to protect. Document and drawing data are mainly protected against leakage by using document encryption software, while source code data is mainly protected against leakage by using DSA data security isolation scheme.