Where group retail 3C business requires related third party personnel on site for handling official affairs, site personnel office requirements and regulations and requirements for information security by the group security shall be met simultaneously.
3C business party and group security department put forward several requirements for office security: 1. Only specified function modules in the business system can be accessed, it is not allowed to view, download or forward other office Intranet information; 2. The data in the accessed business system can only be used or transferred in the specified environment and cannot be taken out of the office environment; 3. The data owned by the third party personnel can be uploaded or replicated to the office environment, but the office environment data cannot be downloaded or copied to the computer of the third party personnel for retention; 4. Business system operations of third party personnel shall be logged, and such logs can be accessible to the security department for supervision and review; 5. The information function shall be added so that on-site people can send information to their corresponding internal management personnel of the group through this function and the internal management personnel of the group can view historical sending information.
JD WorkSpaces Solutions of JD Cloud:1. JD WorkSpaces Cloud Solutions:JD WorkSpaces of JD Cloud establishes a security channel between the client and JD WorkSpaces server resource based on the industry leading remote interface transmission technology to display Windows JD WorkSpaces to various terminals, and achieve server and user control of various dimensions and different granularities through the JD WorkSpaces control and management services of JD WorkSpaces.2. Security Management System of Enterprise Internal Business:The security management system is a reverse proxy cluster built on Cloud to enable complete isolation from staff end to data end; and permissions that can be used by external personnel shall be subject to whitelist processing to ensure security and integrity of data in the Date Center.3. Customized Development Function:User Information Management Module: Store relevant user information through a database and maintain relevant information through programming;Internal system login verification: Verify the account logged into the system through reverse proxy services for relational mapping;Whitelist IAM: Achieve the requirements of fine control of permission of on-site personnel, carry out whitelist control on the function meeting the office requirements in the business system, and shield the function or data that have information security problems or shall not be viewed.Log Statistics Module: Record statistics for user’s operations and access logs and display in visualization.Information Module: Email can be sent to the corresponding internal management personnel of the group through the function, and the internal management personnel of the group can process relevant follow-up business process after receipt of email.
The following benefits can be achieved through using JD WorkSpaces Solutions of JD Cloud: 1. Compliance of office security: External personnel can only directly access the internal business system with permissions through restriction on Cloud of JD WorkSpaces; data security can be protected through Virtual JD WorkSpaces to restrict direction of data so that data will not leave the Date Center; 2. Control and management of account system: Make account mapping through JD WorkSpaces, and allow virtual accounts of external personnel to be mapped to the real accounts of existing employees for office business without disclosing any real accounts; reduce the complexity of account management, improve the efficiency of subscription, and reduce the learning time of users; 3. Filter of access contents: Ensure that part of the information that cannot be seen by external personnel is desensitization filtered on Cloud to guarantee confidentiality of information. For example, shield the business modules in ERP that outsourcing personnel do not need to access; prevent sensitive data from being downloaded, etc.