成人小说亚洲一区二区三区,亚洲国产精品一区二区三区,国产精品成人精品久久久,久久综合一区二区三区,精品无码av一区二区,国产一级a毛一级a看免费视频,欧洲uv免费在线区一二区,亚洲国产欧美中日韩成人综合视频,国产熟女一区二区三区五月婷小说,亚洲一区波多野结衣在线

立即打開
禍起蕭墻:來自合作伙伴的安全風(fēng)險(xiǎn)

禍起蕭墻:來自合作伙伴的安全風(fēng)險(xiǎn)

Venky Ganesan 2013-12-06
企業(yè)的發(fā)展離不開合作伙伴和供應(yīng)商,但合作伙伴和供應(yīng)商的過錯(cuò)也有可能繞過重重關(guān)卡,進(jìn)入企業(yè)的業(yè)務(wù)鏈條,給企業(yè)的利益和聲譽(yù)造成嚴(yán)重的沖擊。因此,各大公司必須密切關(guān)注來自合作伙伴和供應(yīng)商的安全風(fēng)險(xiǎn)。

????我最喜歡的一期《魔鬼經(jīng)濟(jì)學(xué)電臺(tái)》播客講的是一家高端有機(jī)連鎖餐廳Le Pain Quotidien。說的是一位顧客在它曼哈頓分店里就餐時(shí)在沙拉里發(fā)現(xiàn)了一只死田鼠。按照《魔鬼經(jīng)濟(jì)學(xué)電臺(tái)》的慣例,這個(gè)令人作嘔的故事引發(fā)了一場(chǎng)有趣的經(jīng)濟(jì)學(xué)討論:從“錨定”在影響定價(jià)行為中所起的作用,到把小企業(yè)發(fā)展成一家全國(guó)或全球性企業(yè)所面臨的挑戰(zhàn)。

????就Le Pain Quotidien而言,這起事件對(duì)它而言是一堂很好的風(fēng)險(xiǎn)管理教訓(xùn)。公司從開設(shè)在比利時(shí)的第一家門店起步,迅速發(fā)展成一家在16個(gè)國(guó)家擁有150家門店的全球性連鎖企業(yè)。碰巧的是,對(duì)餐廳管理層而言,死蟲子和死老鼠從有機(jī)農(nóng)場(chǎng)來到顧客餐盤是一個(gè)不幸、但可接受的風(fēng)險(xiǎn)。

????對(duì)我來說,這個(gè)故事對(duì)21世紀(jì)企業(yè)而言是很重要的一個(gè)教訓(xùn)。也就是說:供應(yīng)商和商業(yè)合作伙伴(即使是小企業(yè))的行為可能對(duì)公司的聲譽(yù)和盈利有著超乎尋常的影響力。

????如今,各行業(yè)各大公司每天都面臨著客戶遭遇(虛擬版)“沙拉中出現(xiàn)老鼠”的境況。這只“老鼠”可能是客戶數(shù)據(jù)丟失或被竊、黑客攻擊、DDoS(分布式拒絕服務(wù))攻擊及其他網(wǎng)絡(luò)弊病。跟Le Pain Quotidien一樣,風(fēng)險(xiǎn)源頭通常存在于風(fēng)暴中心的外部。類似的風(fēng)險(xiǎn)存在于企業(yè)網(wǎng)絡(luò)、數(shù)據(jù)與商業(yè)合作伙伴、供應(yīng)商和SaaS(軟件即服務(wù))應(yīng)用提供商的網(wǎng)絡(luò)和數(shù)據(jù)的復(fù)雜整合當(dāng)中。

????舉個(gè)例子:今年3月份,美國(guó)銀行(Bank of America)證實(shí),第三方安全公司TEKsystems受到黑客攻擊,導(dǎo)致這家銀行的內(nèi)部郵件遭到泄漏,遭泄內(nèi)部郵件記錄了它監(jiān)控包括Anonymous機(jī)構(gòu)在內(nèi)的黑客團(tuán)體的情況(在此之前,2011年也發(fā)生過相似案例,當(dāng)時(shí)Anonymous攻擊過美國(guó)銀行另一家承包商——網(wǎng)絡(luò)取證公司HB Gary)。

????然后,今年8月份,位于澳大利亞的一家域名注冊(cè)商【公司客戶包括《紐約時(shí)報(bào)》(the New York Times)和Twitter等公司】,訪問公司網(wǎng)站的用戶被跳轉(zhuǎn)到黑客團(tuán)體——敘利亞電子軍團(tuán)(Syrian Electronic Army)的宣傳網(wǎng)頁。

????這些事件表明,我們生活在一個(gè)數(shù)據(jù)已呈“液態(tài)”(沒有更好的詞匯來形容)的商業(yè)環(huán)境之中。這種“液態(tài)”數(shù)據(jù)會(huì)在公司防火墻的范圍之內(nèi)流動(dòng)。但它也會(huì)以難以預(yù)料、或者說難以控制的方式滲透、越過這道邊界。

????通過裝在兜里的移動(dòng)設(shè)備,我們可以訪問企業(yè)資源。但是,移動(dòng)設(shè)備也可能被落在出租車后座上。利用VPN(虛擬專用網(wǎng)絡(luò)),承包商可從風(fēng)險(xiǎn)較高的家庭網(wǎng)絡(luò)來訪問企業(yè)關(guān)鍵的后臺(tái)系統(tǒng)。企業(yè)云應(yīng)用,比如Salesforce.com和Workday,把公司管理的IT資產(chǎn)中的敏感信息抽取到基于云計(jì)算的服務(wù)器中,我們無法控制。

????假如說10年或15年前網(wǎng)絡(luò)是“封閉社區(qū)”——訪問網(wǎng)絡(luò)受到嚴(yán)格控制的話,那么可以認(rèn)為,如今的網(wǎng)絡(luò)就好比郊區(qū)購物中心,有許多入口、出口,供形形色色的個(gè)人消費(fèi)者出入。

????如今,企業(yè)有許多高級(jí)的檢測(cè)和監(jiān)控工具可以選擇。然而,大多數(shù)企業(yè)完全就不了解正常的網(wǎng)絡(luò)行為該是怎樣的,而且也沒有掌握一種簡(jiǎn)單的方法來衡量基礎(chǔ)架構(gòu)合作伙伴、供應(yīng)商及商業(yè)合作伙伴的安全性與完善性。

????One of my favorite episodes of Freakonomics Radio concerns a diner at the Manhattan branch of high-end, organic restaurant chain, Le Pain Quotidien, who finds a deceased field mouse in her salad. As often happens on Freakonomics, this revolting tale begets an interesting discussion of economics: From the function of 'anchoring' in influencing pricing behavior to the challenge of scaling small businesses to a national or global scale.

????In the case of Le Pain Quotidien, the incident was a lesson in risk management for the company, which had grown quickly from its first store in Belgium to a global chain with 150 locations in 16 countries. As it happens, dead bugs and rodents finding their way from the organic farm to a customer's plate was an unfortunate, but acceptable risk for the restaurant's management.

????For me, the story nicely illustrates an important lesson of 21st century business. Namely: The actions of your suppliers and business partners (even small ones) can have an outsized influence on your company's reputation and the bottom line.

????Today, companies operating in many industries face the prospect of customers having a (virtual) "mouse in the salad" moment every day. The mouse comes in the form of customer data loss or theft, hacking, DDoS attacks and other online ills. As with Le Pain Quotidien, the source of the risk often resides outside the organization that is most affected. It can be found in the complex integration of enterprise networks and data with those of business partners, suppliers and SaaS application providers.

????One example: In March of this year, Bank of America (BAC) confirmed that a hack of third-party security firm TEKsystems was the source of a leak of internal e-mails that documented the company's monitoring of hacktivist groups, including Anonymous. (This after a similar 2011 Anonymous attack on another BoA contractor, cyber-forensics firm HB Gary.)

????Then, in August, an Australia-based domain name registrar used by the New York Times and Twitter (TWTR), among others, had visitors to those web properties redirected to propaganda pages for the Syrian Electronic Army, a hacktivist group.

????These incidents suggest that we inhabit a business environment in which data has become 'liquid' – for lack of a better term. It flows within the boundaries marked by your corporate firewall. But it also permeates that boundary in ways that are difficult to predict or control.

????Mobile devices put access to enterprise resources in our pocket and, therefore, into the back seat of a taxicab. Contractors use VPNs to access critical, backend systems from dodgy home networks. Enterprise cloud applications, like Salesforce.com (CRM) and Workday (WDAY), siphon sensitive information from company- managed IT assets to cloud-based servers that we do not control.

????If networks 10 or 15 years ago were "gated communities" in which access was strictly controlled, you can think of today's networks like suburban shopping malls, with many points of entrance and egress for individuals of all stripes.

????Today, enterprises can choose from a long list of sophisticated detection and monitoring tools. Still, most do not have any idea what normal network behavior looks like, nor do they have a way to easily measure the security and integrity of their infrastructure partners, suppliers and business partners.

掃描二維碼下載財(cái)富APP
国产人碰人摸人爱免费视频| 丰满奶水少妇XXXX| 成A人片亚洲日本久久| 99久久久无码国产精品免费了| 久久久久久亚洲精品中文字幕| 91自慰喷水流白浆免费观看| 国产FREEXXXX性播放麻豆| 最新亚洲卡一卡二卡三新区| 国产偷v国产偷v亚洲高清| 国产成人啪精品视频免费网站| 久久人人妻人人做人人爽| 黄色无码视频在线观看| 人人爽天天碰狠狠添 | 国产日韩久久久免费影院| 99精品欧美一区蜜桃在线| 免费午夜伦费影视在线观看| 日本欧美大码aⅴ在线播放| 太粗要好深好爽要到了| 久久精品国产69国产精品亚洲| 久久夜噜噜噜亚洲AV蜜臀| 亚洲中文字幕无码一区二区三区| 中文字幕乱偷在线观看| 秋霞电影午夜无码免费视频| 成人精品视频一区二区在线| 有码+日韩+在线观看| 动漫精品一区二区三区在线观看 | 强奷乱码中文字幕熟女一| 精品免费久久久久久成人影院| 国产熟妇人妻ⅩXXXX麻豆| 色老久久精品偷偷蜜臀| 美女脱光衣亚洲国产精品不卡高清在线| 人人妻人人澡人人爽欧美二区| 亚洲av午夜福利精品一区| 国产乱色精品成人免费| 欧美熟妇另类久久久久久多毛| 亚洲av无码片在线播放| 亚洲日韩成人久久Av免费高清| 中文字幕欧美精品一区二区| 人妻少妇精品久久久久久| 欧美国产在线观看综合| 无码专区久久综合久综合字幕|