JP2005250803A - Business support device and business support program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To support a new proposal to a customer in business based on a maintenance contract of a computer or the like. <P>SOLUTION: This business support device has: a periodical inspection means 22 receiving a result of a periodical inspection of a customer computer and a result of security diagnosis conducted in the customer computer in time of the periodical inspection, and storing them into a maintenance history 13; a security decision means 23 reading the maintenance history 13, reading a level threshold value stored with a threshold value in each security level of the computer, comparing the result of the security diagnosis with the threshold value in each security level, calculating the security level of the customer computer, and storing it into security decision data 15; and a security decision provision means 24 reading the security decision data 15, and exhibiting the newly performed business to the customer computer on the basis of the security decision data 15. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

  The present invention relates to a business support apparatus and a business support method for supporting a new proposal to a customer in a business based on a maintenance contract of a computer or the like.

  Conventionally, when a product such as a product or a system is received from a customer, the company delivers the ordered product, and undertakes maintenance of the delivered product, and regularly checks the operation of the product and replenishes consumables. Make a contract with the customer. This maintenance contract is a great opportunity for a company to guarantee the normal operation of a product, while offering new products to be sold or provided to customers.

  The above-described method is also applied to a vehicle such as a car at the time of failure or inspection. For example, receiving a service request content requested by a customer, automatically distributing the service request content to a service provider who may satisfy the service request content, and not only satisfy the service request content but also provide further services There is a service mediation system that receives reply data including additional service data that can be received from a service provider (for example, Patent Document 1). Further, there is a service providing system that performs vehicle fault diagnosis and component life calculation, estimates related consumables, and proposes to customers (for example, Patent Document 2).

  In these systems described in Patent Document 1 and Patent Document 2 described above, a customer desires by selecting a service provider and answer data desired by the customer from a plurality of answer data transmitted from the service provider. In addition to responding to service requests, new services can be provided.

On the other hand, not only maintenance contracts relating to the vehicles described above, but also maintenance contracts for servers, web servers, etc. of core systems installed in companies are generally performed. In the maintenance contracts for these servers, operation checks such as CPUs and cooling fans and hard disk cleanup are performed.
JP 2002-140546 A JP 2003-346010 A

  However, in the conventional server maintenance contract, the maintenance of the equipment and parts has been performed, but the maintenance contract regarding the vulnerability of the system has not been often performed.

  Specifically, there is a security hole that software vendors do not expect in general-purpose software such as the operation system and browser installed in the server. May cause theft of confidential information and server malfunction. In addition, there is a DDoS attack that causes a server to overflow a communication path and stop a function by sending a large amount of packets to the server by setting an attack execution program on the server through a security hole. In addition, a program called a worm or virus may enter the server via mail or a removable disk and cause harm to the server. There is a need for a server that can counter these security holes, worms, and viruses that are discovered every day.

  Therefore, an object of the present invention is to provide a business support apparatus and a business support program that support a new proposal to a customer in a business based on a maintenance contract of a computer or the like.

  In order to solve the above-described problem, the business support apparatus according to the first aspect of the present invention receives a result of a periodic check of a customer computer and a result of a security diagnosis performed on the customer computer at the time of the periodic check. Periodic inspection means that is stored in the storage device as a history, a maintenance history is read from the storage device, and a level threshold in which a threshold for each security level of the computer is stored is read from the storage device, and a security diagnosis result and a threshold for each security level To determine the security level of the customer computer, store the security determination data in the storage device as security determination data, read the security determination data from the storage device, and based on the security determination data to the customer computer Presents new work to be performed That includes a security determination providing means.

  According to the present invention, security diagnosis is performed during periodic computer inspections, customer system vulnerabilities are pointed out, and new security-related product sales and security system introductions are proposed to customers. Can do.

  The level threshold value preferably includes a threshold value for each organizational security level set for each organization size of the organization to which the customer computer belongs, and a recommended security level recommended for each organization size is set. Further, the level threshold includes a threshold for each of a plurality of system security levels set for each system type of the customer computer, and a recommended security level recommended for each system type is preferably set.

  According to this, the recommended security level originally required can be grasped based on the organization of the customer system or the classification for each system.

  Further, it is preferable that the security judgment means further compares the security level of the customer computer with the recommended security level, and notifies the terminal of the person in charge when the security level of the customer computer does not satisfy the recommended security level.

  According to this, since customers who have not reached the recommended security level are extracted, it is possible to narrow the target for selling new security products. Here, the person in charge is a security maintenance person who performs maintenance of the customer's system or performs security diagnosis, or a sales person who sells new security-related products to the customer.

  Further, when new security information is received, the security judgment providing means estimates the threat given to the customer computer in consideration of the new security information and calculates the estimated security level. When the recommended security level is not satisfied, it is preferable to notify the terminal of the person in charge.

  According to this, based on security information such as new security holes and viruses, the customer systems that cause harm are extracted, so that it is possible to link to sales without missing opportunities.

  The business support program according to the second feature of the present invention is a step of receiving a result of a periodic check of a customer computer and a result of a security diagnosis performed in the customer computer at the time of the periodic check and storing them in a storage device as a maintenance history. And reading out the maintenance history from the storage device, reading out the level threshold stored in the threshold for each security level of the computer from the storage device, comparing the result of the security diagnosis with the threshold for each security level, and Calculating a level and storing the security determination data in a storage device; and reading the security determination data from the storage device and presenting a new work to be performed to a customer computer based on the security determination data. Run on the computer That.

  The level threshold value preferably includes a threshold value for each organizational security level set for each organization size of the organization to which the customer computer belongs, and a recommended security level recommended for each organization size is set.

  Further, the level threshold includes a threshold for each of a plurality of system security levels set for each system type of the customer computer, and a recommended security level recommended for each system type is preferably set.

  The step of storing the security judgment data in the storage device further includes comparing the security level of the customer computer with the recommended security level, and if the security level of the customer computer does not satisfy the recommended security level, It is preferable to notify.

  Further, in the step of presenting a new work to be performed, when new security information is received, the estimated security level is calculated by estimating the threat given to the customer computer in consideration of the new security information. When the estimated security level does not satisfy the recommended security level, it is preferable to notify the terminal of the person in charge.

  Therefore, according to the present invention, it is possible to provide a business support apparatus and a business support program that support a new proposal to a customer in a business based on a maintenance contract of a computer or the like.

  Next, embodiments of the present invention will be described with reference to the drawings. In the following description of the drawings, the same or similar parts are denoted by the same or similar reference numerals.

(Best Embodiment)
As shown in FIG. 1, the business support system according to the preferred embodiment of the present invention includes a maintenance staff terminal 2 installed at each service base and used for maintenance of a customer's computer, a security hole, a worm, a virus, and the like. Based on the maintenance history acquired from the maintenance staff terminal 2 using the information from the tool vendor server 4 that provides information on vulnerabilities in the system, the sales terminal 3 that presents a new proposal to the customer, and the information from the tool vendor server 4 The business support apparatus 1 that performs security determination and presents the information to the sales terminal 3 is provided.

(Business support device)
The business support apparatus 1 is realized, for example, by installing a software program such as a business support program in a general computer and executing the software program in the central processing control apparatus.

  As shown in FIG. 2, the business support apparatus 1 according to the preferred embodiment of the present invention includes a central processing control device 101, a ROM (Read Only Memory) 102, a RAM (Random Access Memory) 103, and an input / output interface 109. Are connected via a bus 110. An input device 104, a display device 105, a communication control device 106, a storage device 107, and a removable disk 108 are connected to the input / output interface 109.

  The central processing control apparatus 101 reads out and executes a boot program for starting up the business support apparatus 1 from the ROM 102 based on an input signal from the input apparatus 104, and further reads out an operating system stored in the storage apparatus 107. Further, the central processing control device 101 controls various devices based on input signals from the input device 104, the communication control device 106, etc., and reads programs and data stored in the RAM 103, the storage device 107, etc. into the RAM 103. A processing device that loads and implements a series of processes to be described later, such as data calculation or processing, based on a program command read from the RAM 103.

  The input device 104 includes input devices such as a keyboard and a mouse through which an operator inputs various operations. The input device 104 generates an input signal based on the operation of the operator, and inputs via the input / output interface 109 and the bus 110. It is transmitted to the central processing control apparatus 101. The display device 105 is a CRT (Cathode Ray Tube) display, a liquid crystal display, or the like. The display device 105 receives an output signal to be displayed on the display device 105 from the central processing control device 101 via the bus 110 and the input / output interface 109. It is a device that displays the processing result of the control device 101 and the like. The communication control device 106 is a device such as a LAN card or a modem, and is a device that connects the business support device 1 to a communication network such as the Internet or a LAN. Data transmitted / received to / from the communication network via the communication control device 106 is transmitted / received to / from the central processing control device 101 via the input / output interface and bus 110 as an input signal or an output signal.

  The storage device 107 is a magnetic disk device, and stores programs and data executed by the central processing control device 101. The removable disk 108 is an optical disk or a flexible disk, and signals read / written by the disk drive are transmitted / received to / from the central processing control apparatus 101 via the input / output interface 109 and the bus 110.

  The storage device 107 of the business support device 1 according to the preferred embodiment of the present invention stores a business support program, a diagnostic tool 11, a periodic inspection schedule 12, a maintenance history 13, a level threshold 14, and security data 15 Information such as sales approach pattern 16 and customer information is stored. Further, when the business support program is read and executed by the central processing control device 101 of the business support device 1, the download unit 21, the periodic inspection unit 22, the security judgment unit 23, and the security judgment provision unit 24 are added to the business support device 1. Implemented.

  As the customer information 17, information that has been maintenance-contracted via its own company or sales company is stored in the storage device 107. The customer information 17 is stored in association with a customer name, a customer organization type, and a system type of a computer installed in the customer using a customer code as a key. Here, the customer's organization type is set according to the security level required for each customer organization. For example, it is set according to the type of organization of the customer, such as national defense relations, government office relations, organization large, medium organization, small organization, and Soho. The computer system type is a system importance set according to a role required for a computer such as a core system, a financial system, a mail server, and a file server.

  The download means 21 notifies the maintenance staff terminal 2 of the upgrade based on the upgrade information of the system vulnerability diagnosis tool that is constantly updated from the tool vendor server 4, and stores it based on the input operation from the maintenance staff terminal 2. This is a means for reading the latest diagnostic tool 11 from the apparatus 107 and providing it to the maintenance staff terminal. In response to the version upgrade notification provided from the tool vendor server 4, the business support apparatus 1 downloads the latest diagnostic tool and patch information for each operation system from the tool vendor server 4 and publishes them on the company intranet. 2 is preferably notified by email. Further, at this time, information necessary for security diagnosis acquired from the tool vendor server 4 or the like may be presented to the maintenance staff terminal 2 via the Web.

  The periodic inspection means 22 is a means for receiving the result of the periodic inspection of the customer computer and the result of the security diagnosis performed at the customer computer at the periodic inspection and storing it in the storage device 107 as the maintenance history 13. At this time, it is preferable to read out from the storage device 107 the periodic inspection schedule 12 associated with the next inspection schedule for each customer code and the necessity of security diagnosis, extract customers to be inspected, and present them to the maintenance staff terminal 2. At this time, consumables that are likely to be insufficient on the customer's computer or parts that need to be replaced may be estimated in advance and presented to the maintenance staff terminal 2 as maintenance candidates. Furthermore, it is preferable to perform the security diagnosis only for the customers for whom the security diagnosis is “necessary”.

  Here, the maintenance history 13 is stored in the storage device 107 in association with the inspection date and the maintenance result of the periodic inspection for each customer code, and the security history using the diagnostic tool stored in the diagnostic tool 11 is stored. The diagnosis result is stored. Since the diagnosis result stored here is an index indicating the vulnerability of the customer, the maintenance history 13 is stored as a hexacode. Therefore, even if the diagnosis result leaks to the outside, the customer information is protected. Is done. Here, it is stored as a hexacode, but may be encrypted by other encryption methods.

  This diagnosis result is information including the total score, the level, the number of warning messages, the number of caution messages, and the like calculated based on the diagnosis result table as shown in FIG. In this diagnosis result table, the overall score is calculated by checking each item such as vulnerability and possible threat using a diagnosis tool. The simple security diagnosis result table shown in FIG. 3 may be submitted to the customer as an additional service when a periodic inspection is performed. The total score calculated in the present embodiment will be described in the case where the security level is higher as the score is closer to 0, and the security level is lower as the score is higher. For example, in the operation system, when there is patch information that is not supported by the customer's computer, the total score is calculated according to the risk level of the patch information that is not supported. In addition, it is calculated as a total score in accordance with how to install a virus check program and how to update a virus pattern file.

  The security judgment means 23 reads the maintenance history 13 from the storage device 107, reads the level threshold 14 in which the threshold for each security level of the computer is stored, from the storage device 107, and obtains the result of the security diagnosis and the threshold for each security level. In comparison, the security level of the customer computer is calculated and stored in the storage device 107 as the security judgment data 15. The level threshold 14 includes level thresholds 14a and 14b shown in FIGS.

  The level threshold value 14a as shown in FIG. 4 is the level threshold value 14 related to the organizational security level. The level threshold 14a includes thresholds for a plurality of organizational security levels set for each organizational scale of the organization to which the customer computer belongs, and a recommended security level is set for each organizational scale. In the level threshold 14a, an organization-specific security level such as high / medium / small risk is provided for each organization, and an upper limit value and a lower limit value of diagnosis results belonging to the security level are stored. For example, for a certain customer's computer, the organization type stored in the customer information 17 is “inside organization” and the diagnosis result by the diagnostic tool is 1200. In this case, the security determination means 23 determines that the security level for each organization of the customer's computer is “medium risk”, and stores it in the storage device 107 as data of the security level item for each organization in the security determination data 15. To do. Further, for example, it is preferable to set a recommended security level for “low risk”, a warning security level for “medium risk”, and a warning security level for “high risk”.

  On the other hand, the level threshold 14b as shown in FIG. 5 is the level threshold 14 related to the security level for each system. The level threshold 14b includes thresholds for a plurality of system security levels set for each system type of the customer computer, and a recommended security level recommended for each system type is set. In the level threshold 14b, a system-specific security level in which a system type and a vulnerability level are associated with each other is provided, and a diagnosis result threshold of a diagnosis result belonging to the security level is stored. For example, it is assumed that the system type stored in the customer information 17 is “large” and the diagnosis result by the diagnostic tool is 600 for a certain customer's computer. In this case, the security determination unit 23 calculates that the vulnerability level is “II”, determines that the security level for each system is “(1) -II”, and determines the security level item for each system in the security determination data 15. Is stored in the storage device 107. Here, a recommended security level item indicating a recommended vulnerability level for each system type is also provided. The recommended security level is a security level classified by system for which the recommended security level is checked. That is, for example, when the system type is “Large”, the recommended security level is set only when the vulnerability level is “I”.

  Further, the security judgment means 23 compares the security level of the customer computer with the recommended security level. If the security level of the customer computer does not satisfy the recommended security level, the security judgment means 23 performs maintenance of the customer system or performs security diagnosis. It is preferable to notify the terminal of a person in charge such as a security maintenance person who performs or a sales person who sells a new security related product to a customer. For example, if the vulnerability is significant and the recommended security level cannot be met, a notification is sent to the terminal of the maintenance staff who is good at strengthening the vulnerability, and if the recommended security level cannot be met because it is difficult to deal with new threats, To the terminals of maintenance personnel who are good at dealing with various threats and terminals of sales personnel who sell security-related products that can respond to new threats.

  The security determination data 15 output by the security determination means 23 has a data structure as shown in FIG. 6, for example. In the security determination data 15, the customer code, customer name, system type, and organization type read from the customer information 17 are associated with the chart number that identifies the simple security diagnosis table shown in FIG. 3. Further, the security judgment data 15 is associated with the diagnosis result of the security diagnosis by the diagnostic tool, the implementation date of the security diagnosis, the number of warning messages and the number of caution messages in the security diagnosis. Further, the security judgment data 15 is associated with the organizational security level and the system security level calculated by the security judgment means 23 from the organization type, system type, and diagnosis result.

  The security judgment data 15 can extract customers who meet the conditions when conditions are input in response to requests from the maintenance staff terminal 2 or the sales terminal 3. For example, based on information such as customer code, customer name, diagnosis result, operation system, and implementation date, the maintenance staff terminal 2 and the sales terminal 3 can be searched at any time.

With reference to FIG. 7, the security determination process by the security determination means 23 is demonstrated.
First, in step S101, the maintenance history 13 is read from the storage device 107, and a customer code is acquired. When the customer code is acquired, in step S102, the customer information 17 is read from the storage device 107, the organization type and the system type associated with the acquired customer code are extracted, and the maintenance history 13 is further read and the diagnosis result is obtained. To get.

  Next, in step S103, the organizational security model threshold value 14a is read from the storage device 107, and the organizational security level of the customer's computer is calculated from the organization type and the diagnosis result read in step S102. On the other hand, in step S104, the system security model threshold 14b is read from the storage device 107, and the security level for each system of the customer's computer is calculated from the system type and the diagnosis result read in step S102.

  Next, based on the processing performed in steps S102 to S104, the security determination data 15 is generated and stored in the storage device 107 in step S105.

  Further, in step S106, it is determined whether the estimated security level is satisfied for the organizational security level and the system security level calculated in step S103 and step S104. If there is a problem system, the problem system is determined in step S106. Extract. Specifically, in the security level by organization, a computer system that is “high risk” or “medium risk” is extracted, or the calculated security level by system is checked to “estimated security level”. Extract the missing computer system. For the problem system extracted in step S106, the mail address of the person in charge who can deal with the problem occurring in each computer system is read and sent. Have a sales representative or sales technician informed of a problem send them directly to the customer to propose a new security-related product, or provide a new security-related information to the customer through a sales company or system integrator. Make product proposals. The customer determines whether or not the proposed new security related information can be introduced, and when the customer introduces the new security related information, a new security related product is provided to the customer.

  On the other hand, if there is no problem system in step S106, the security determination process is terminated.

As described above, when the security determination data 15 is generated, the security determination providing unit 24 presents the security determination data to the business terminal 3.
The security determination providing unit 24 is a unit that reads the security determination data 15 from the storage device 107 and presents a new work to be performed to the customer computer based on the security determination data 15. The security judgment providing unit 24 provides the security judgment data 15 generated based on the maintenance history 13 and the customer information 17 to the sales staff and the sales technical staff. The security determination data 15 may be provided regularly or based on a request from a sales staff or a sales technical staff. The following four methods can be considered for the sales approach.

(A) Security level model by organization (b) Security level model by system (c) Sales approach model by selecting recommended products (d) Sales approach model by selecting target customers Proposing new security-related products to customers through these sales approaches New security-related products are sold by receiving inquiries and orders from customers. These sales approaches are described in detail below.

(A) Organizational Security Level Model The organization-specific security level model is a method of showing a gap between an average security level required for each organization, such as the size of a company, and a customer computer based on a diagnosis result. For example, in the organizational security level model, a graph as shown in FIG. 8 is displayed.

  In FIG. 8, areas of high / medium / small risk levels are provided based on the level threshold 14a indicating the security level for each organization. The customer security level is mapped to the graph shown in FIG. 8 based on the customer organization type and the customer diagnosis result. In the example shown in FIG. 8, if the customer's organization type is “Large” and the diagnosis result is 2400, it is mapped to the position of the point P1. It can be seen that the area to which the point P1 is mapped is an area associated with “high risk”. For example, in order for the customer to set the level to “medium risk”, the diagnosis result needs to be lowered to 1050, and in order to make “low risk”, the diagnosis result must be lowered to 600. By presenting the organization-specific security level model as shown in FIG. 8 to the customer, the organization-specific security level model provides the customer with the difference between the security level required according to the customer's scale and the company-specific security level. It can be easily recognized.

(B) Security level model for each system The security level model for each system is a method for indicating a gap between a recommended security level for each system importance and a customer system based on a diagnosis result. For example, in the security level model for each system, a graph as shown in FIG. 9 is displayed.

  In FIG. 9, areas for each system security level are provided based on the level threshold 14b. Based on the system type indicated by the system importance of the customer and the diagnosis result of the customer, the security level of the customer is mapped in the table shown in FIG. Further, based on the recommended system level stored in the level threshold 14b, the area that satisfies the recommended system level is colored. In the example illustrated in FIG. 9, if the system importance of the customer is “medium” and the diagnosis result is 1700, the system is mapped to the position of the point P4 that is the area “(2) -IV”. For example, when the customer tries to satisfy the recommended security level, the diagnosis result must be reduced to 999, which is the lower limit value of the area “(2) -II”. By presenting the system-specific security level model as shown in FIG. 9 to the customer, the system-specific security level model can be obtained in accordance with the system type such as the system importance of the customer, The customer can easily recognize the difference.

(C) Sales approach model based on recommended product selection The sales approach model based on recommended product selection is based on the difference between the recommended security level for each system type, such as system importance, and the security level for each system based on the customer diagnosis results. The sales approach pattern 16 shown in FIG. 1 is read from the storage device 107 and the selected recommended product is presented to the customer. The sales approach pattern 16 stores an approach pattern indicating recommended products and the like with the current level indicating the customer's current security level by system and the target level indicating the system-specific security level targeted by the customer as keys. ing.

  For example, as shown in FIG. 10B, since the pattern of the current level “(2) -IV” and the target level “(2) -II” is pattern 1, The sales approach of "detailed security diagnosis-> patch application service" is related. In the case of this pattern 1, the sales staff or sales technical staff proposes to the customer to provide the patch application service based on the execution result after performing the detailed security diagnosis.

  Similarly, since the pattern of the current level “(2) -II” and the target level “(2) -I” becomes the pattern 2, the “detailed security diagnosis → patch application service” in the pattern 2 of the sales approach pattern 16 The sales approach of “→ automatic patching service” is related. In the case of this pattern 2, sales representatives and sales technicians carry out a detailed diagnosis, then perform patch application services based on the results of the execution, and automatically patch the system. Proposing to the customer to provide the service

  In addition, since the pattern of the current level “(1) -V” and the target level “(1) -I” is pattern 3, “sales consulting service → ISMS construction support → security” in pattern 3 of the sales approach pattern 16 The sales approach of “solution products” is related. In the case of this pattern 3, the sales staff and sales technical staff will consult with the current system, build an ISMS (Information Security Management System) on the system, and further provide security solution products. Propose to.

  In the system-specific security level model, the customer is made aware of the current situation, and further recommended levels are presented, so that the target security level is determined by the customer, and the sales approach pattern 16 in the sales approach model based on recommended product selection. By reading out and extracting the approach pattern from the current level and the target level, the sales staff and the sales technical staff can easily acquire the sales approach.

(D) Sales approach model based on target customer selection In the sales approach model based on target customer selection, when new security information is received, the threat given to the customer computer is estimated by considering the new security information. If the security level is calculated and the estimated security level does not meet the recommended security level, the security maintenance personnel who maintain the customer's system and perform security diagnosis, and the sales personnel who sell new security-related products to the customer Notify the terminal. For example, when new security information is received from the tool vendor server 4 or software vendor, such as when a new patch is provided or a new worm or virus is found, the customer who approaches is based on the risk level of the security information. , Send an email to the sales staff and sales technical staff, and instruct the extracted customers to propose new security-related products. Further, new security information may be provided on the Web or the like.

An example of sales approach model processing based on target customer selection will be described with reference to FIG.
First, when new security information is input, in step S201, based on the information stored in the security determination data 15, a virtual diagnosis is performed to estimate the result of diagnosis by the diagnostic tool, and the newly discovered security The risk given to the customer's system is calculated from the information. In step S202, the risk level of the security information is determined, and processing corresponding to the risk level is performed.

  If the newly discovered risk is “high”, the security judgment data 15 and the level threshold value 14 are read from the storage device 107 in step S203, and the organizational security level and the system security level are set to the recommended security level. Extract customers who do not meet.

  If the newly discovered risk is “medium”, in step S204, the security judgment data 15 is read from the storage device 107 to extract the customers whose system type is “large” or “medium”, and in step S205 Further, the level threshold 14 is read from the storage device 107, and the customers whose organizational security level and system security level do not satisfy the recommended security level are extracted.

  If the newly discovered risk level is “small”, the security judgment data 15 is read from the storage device 107 in step S206 to extract the customer whose system type is “large”. In step S207, the level threshold is further increased. 14 is read from the storage device 107, and a customer whose organizational security level and system security level do not satisfy the recommended security level is extracted.

  The security judgment providing means 24 visualizes and presents to the customer the current security level of the customer system and the security level required according to the customer's organization type and the customer system's system type by the method described above. Thus, new products can be proposed to the customer.

(Other devices)
Next, the maintenance staff terminal 2 will be described with reference to FIG. The maintenance staff terminal 2 includes a periodic inspection unit 201, a removable disk 202, and a diagnostic result upload unit 203. Here, the removable disk 202 is preferably a storage device having portability such as a CD-R, MO, flexible disk, or a memory having a USB interface. The removable disk 202 may be a storage device that is read and executed on the customer's computer. When the diagnostic tool provided from the tool vendor server 4 is downloaded by the download unit 21 of the business support apparatus 1 and written to the removable disk 202, the removable disk 202 is a writable storage such as a CD-R or a flexible disk. An apparatus is preferred.

  The periodic inspection unit 201 downloads the latest diagnostic tool incorporating the latest patch information and the like through the download unit 21 of the business support apparatus 1 to perform security diagnosis in conjunction with the periodic inspection, and removes the removable disk. 202 is a means for storing data in 202. Further, the periodic inspection unit 201 receives the next inspection schedule and the necessity of security diagnosis from the periodic inspection unit 22 of the business support apparatus 1, and determines the customer and date for performing the periodic inspection.

  The removable disk 202 is executed in the customer system to extract application of operating system patches, operation of anti-virus programs, operation of account passwords, etc., and a simple security diagnosis result table as shown in FIG. To create. This simple security diagnosis result table is provided to the customer because it is used as a judgment material for the customer to consider future security measures.

  The diagnostic result upload unit 203 is a unit that uploads the diagnostic result executed on the removable disk 202 to the business support apparatus 1. The diagnostic result uploaded here is preferably stored once on a flexible disk or the like on the customer system, read out from the flexible disk at the maintenance staff terminal 2, and uploaded to the business support apparatus 1. At this time, it is preferable that the diagnosis result is encrypted data such as hex display for each item. As a result, in the unlikely event that the flexible disk is lost, there is a low possibility that information related to the customer's system vulnerability will be leaked to the outside.

  As described above, the maintenance staff terminal 2 can diagnose the security vulnerability in the system by downloading the diagnostic tool to the removable disk 202 and starting the removable disk 202 in the customer system. In addition, it is not necessary to install by booting from the removable disk 202, and the influence on the customer system due to execution of the diagnostic tool can be reduced.

  The business terminal 3 includes a security determination acquisition unit 301. The security determination acquisition unit 301 is a unit that acquires customer information extracted by the processing of the security determination unit 23 and the security determination providing unit 24 of the business support apparatus 1. Although not shown, the customer information extracted by the processing of the security determination means 23 and the security determination providing means 24 may be acquired by a sales engineer in accordance with the product or service proposed to the customer.

  The tool vendor server 4 obtains the latest security patch information, virus information, etc. from the Internet, etc., incorporates it in the diagnostic tool, and notifies the business support apparatus 1 by e-mail or the like. When receiving the mail, the business support apparatus 1 downloads the latest diagnostic tool 11 from the tool vendor server 4, notifies the maintenance staff terminal 2 by email or the like, and downloads the diagnostic tool 11 to the maintenance staff terminal 2.

  As described above, the business support device 1 according to the best embodiment of the present invention regards the periodic inspection based on the maintenance contract as a business opportunity to contact the customer, and effectively uses the opportunity to create a new business. Unearth and improve customer satisfaction. Thus, by performing security diagnosis in conjunction with periodic inspections, it is possible to increase the contract rate of maintenance contracts and sell new security products.

  Further, the business support apparatus 1 according to the best mode of the present invention analyzes the security diagnosis result, and notifies the sales representative and sales technical representative of the result of the troubled customer system, Propose security-related products to system integrators. By this. By discovering new businesses such as detailed security diagnosis and security patch introduction and increasing the added value of maintenance contracts, it is possible to increase the contract rate of maintenance contracts and sell new security products.

  In addition, a security diagnosis result table that provides an overview of vulnerabilities and the like of the target system is provided as a service provision that can be easily added at the time of periodic inspection at a low cost in the security diagnosis that is performed along with the periodic inspection.

  Further, although the business support apparatus according to the best embodiment of the present invention has been described as being mounted on a single computer hardware, it may be mounted on a plurality of computer hardware. For example, the customer information 17 may be managed by the customer management server, and the periodic inspection schedule 12 may be managed by the periodic inspection server. As described above, the implementation of the business support apparatus according to the best mode of the present invention may be implemented by being divided into a plurality of computer hardware in consideration of functions, possible processing capacity, and the like.

(Other embodiments)
As described above, the present invention has been described according to the best mode for carrying out the invention. However, it should not be understood that the description and drawings constituting a part of this disclosure limit the present invention. From this disclosure, various alternative embodiments, examples, and operational techniques will be apparent to those skilled in the art.

  It goes without saying that the present invention includes various embodiments not described herein. Therefore, the technical scope of the present invention is defined only by the invention specifying matters according to the scope of claims reasonable from the above description.

1 is a system configuration diagram of a business support system and a functional block diagram of a business support device according to a preferred embodiment of the present invention. It is a block diagram of the work assistance apparatus which concerns on the best embodiment of this invention. It is an example of the simple security diagnostic result table | surface shown to a customer in the security diagnosis which concerns on the best embodiment of this invention. 5 is an example of a data structure and data indicating a threshold value related to an organization-specific security level in the level threshold value according to the preferred embodiment of the present invention. 5 is an example of a data structure and data indicating a threshold value related to a security level for each system in the level threshold value according to the best mode of the present invention. It is the figure which showed an example of the data structure of the security determination data based on the best embodiment of this invention. It is the flowchart which showed an example of the process of the security determination means based on the best embodiment of this invention. It is a figure explaining the security level model according to organization of the security judgment provision means which concerns on the best embodiment of this invention. It is a figure explaining the security level model according to system of the security judgment provision means which concerns on the best embodiment of this invention. It is a figure explaining the sales approach model by the recommended goods selection of the security determination provision means which concerns on the best embodiment of this invention. It is the flowchart which showed an example of the process of the sales approach model by the object customer selection of the security determination provision means which concerns on the best embodiment of this invention.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 ... Business support apparatus 2 ... Maintenance staff terminal 3 ... Sales terminal 4 ... Tool vendor server 11 ... Diagnostic tool 12 ... Regular inspection schedule 13 ... Maintenance history 14 ... Level threshold 15 ... Security judgment data 16 ... Sales approach pattern 17 ... Customer information DESCRIPTION OF SYMBOLS 21 ... Download means 22 ... Periodic inspection means 23 ... Security judgment means 24 ... Security judgment provision means 107 ... Storage device 201 ... Periodic inspection means 202 ... Removable disk 203 ... Diagnosis result upload means 301 ... Security judgment acquisition means 101 ... Central processing control Device 102 ... ROM
103 ... RAM
104 ... Input device 105 ... Display device 106 ... Communication control device 107 ... Storage device 108 ... Removable disk 109 ... Input / output interface 110 ... Bus

Claims (10)

Periodic inspection means for receiving a result of periodic inspection of the customer computer and a result of security diagnosis performed in the customer computer at the time of the periodic inspection, and storing it in a storage device as a maintenance history;
The maintenance history is read from the storage device, and a level threshold value in which a threshold value for each security level of the computer is stored is read from the storage device, and the result of the security diagnosis is compared with the threshold value for each security level. Security determination means for calculating the security level of the customer computer and storing it in the storage device as security determination data;
A business support apparatus comprising: security determination providing means for reading the security determination data from the storage device and presenting a new operation to be performed to the customer computer based on the security determination data.   The level threshold includes the threshold for each of a plurality of organization security levels set for each organization size of the organization to which the customer computer belongs, and a recommended security level recommended for each organization size is set. The business support apparatus according to claim 1, wherein   The level threshold includes the threshold for each of a plurality of system security levels set for each system type of the customer computer, and a recommended security level recommended for each system type is set. Item 2. The business support device according to Item 1.   The security determination means further compares the security level of the customer computer with the recommended security level, and notifies the terminal of the person in charge when the security level of the customer computer does not satisfy the recommended security level. The business support apparatus according to claim 2 or 3, wherein   When the new security information is received, the security judgment providing means further estimates a threat given to the customer computer in consideration of the new security information, calculates an estimated security level, and 4. The business support apparatus according to claim 2, wherein when the level does not satisfy the recommended security level, a notification is made to a terminal of a person in charge. Receiving a result of a regular check of the customer computer and a result of a security diagnosis performed in the customer computer at the time of the periodic check, and storing the result in a storage device as a maintenance history;
The maintenance history is read from the storage device, and a level threshold value in which a threshold value for each security level of the computer is stored is read from the storage device, and the result of the security diagnosis is compared with the threshold value for each security level. Calculating the security level of the customer computer and storing it as security judgment data in the storage device;
A business support program that causes the computer to execute the step of reading the security judgment data from the storage device and presenting a new work to be performed to the customer computer based on the security judgment data.   The level threshold includes the threshold for each of a plurality of organization security levels set for each organization size of the organization to which the customer computer belongs, and a recommended security level recommended for each organization size is set. The business support program according to claim 6, wherein the program is a business support program.   The level threshold includes the threshold for each of a plurality of system security levels set for each system type of the customer computer, and a recommended security level recommended for each system type is set. Item 7. The business support program according to item 6.   The step of storing in the storage device as the security judgment data further compares the security level of the customer computer with the recommended security level, and if the security level of the customer computer does not satisfy the recommended security level, The business support program according to claim 7 or 8, wherein notification is made to a person's terminal. In the step of presenting the newly implemented work, when new security information is received, a security level is estimated by estimating a threat given to the customer computer in consideration of the new security information. The business support program according to claim 7 or 8, wherein when the estimated security level does not satisfy the recommended security level, a notification is made to a terminal of a person in charge.

Images