JP2007272799A - Sales promotion method and sales promotion server - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a sales promotion method and a sales promotion server by which an appropriate security product corresponding to a security tendency and security evaluation of a customer is promptly and easily offered to the customer. <P>SOLUTION: The sales promotion server which offers the security products to the customer has; a selection means for selecting security tendency information; an extraction means for extracting one or more security products corresponding to the security tendency information selected by the selection means based on security product database with which the security tendency information and the security products are associated and an offer means for offering the security product to the customer to the customer from among one or more security products extracted by the extraction means. <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

  The present invention relates to a sales promotion method and a sales promotion server, and more particularly to a sales promotion method and a sales promotion server for proposing a security product to a customer.

  In recent years, in a user environment such as an in-house LAN, incidents related to security such as unauthorized access from outside and falsification of Web contents have frequently occurred. In the above user environment, there are many cases where unauthorized access is actually made even if there is no damage. However, many general users do not know the status (evaluation) of the security measures of the user environment built by the company, and cannot know information on products to be introduced.

  Patent Document 1 discusses with the user in advance, determines the audit target, audit scope and audit method, and corrects consulting information (security audit result report) that abstracts security audit cases instead of raw data It is disclosed that users can share (customize) and store the accumulated knowledge database among users, and users can obtain information on the importance of problems and countermeasures by searching cases in the knowledge database. ing.

Patent Document 2 automatically collects log information and communication packets of each monitoring target device operating in the LAN, and color-codes information such as what system, program, and database (DB) are used. Visually express it with a design (an icon with a shape corresponding to the protocol being used), etc. In addition, flashing non-authoritative access events, and the name and face photo of the user using the monitored device Displaying is disclosed.
JP 2002-123494 A JP 2002-330177 A

  Incidents related to security continue to occur daily. Therefore, the user needs to continuously collect incidents related to security from news and the like, grasp the problem of the user environment, and quickly introduce an appropriate product for solving the problem.

  However, the contents disclosed in Patent Documents 1 and 2 did not continuously collect incidents related to security from news and the like. Therefore, in the contents disclosed in Patent Documents 1 and 2, an appropriate product for immediately grasping the problem of the user environment that changes based on the occurrence of a security-related incident and solving the problem There was a problem that could not be introduced quickly.

  In the security business, users who can continuously collect security-related incidents (security trends) from news, etc., grasp problems in the user environment, and propose appropriate products to users to solve those problems A sales promotion system linked to the environment was useful.

  The present invention has been made in view of the above points, and an object thereof is to provide a sales promotion method and a sales promotion server that can promptly and easily propose appropriate security products corresponding to security trends and customer security evaluations to customers. And

  In order to solve the above problems, the present invention is a sales promotion server that proposes a security product to a customer, wherein the selection means for selecting security trend information, the security trend information and the security product are associated with each other. Based on the security product database, extraction means for extracting one or more security products corresponding to the security trend information selected by the selection means, and one or more security products extracted by the extraction means Proposing means for proposing the security product corresponding to the security evaluation of the customer to the customer.

  The selection means is based on predetermined search information, security incident information collection means for collecting security incident information from news information, and a security incident database in which the security trend information and the security incident information are associated with each other. Security trend information selecting means for selecting the security trend information corresponding to the security incident information collected by the security incident information collecting means may be provided.

  The selecting means is based on a security trouble information collecting means for collecting security trouble information from predetermined log information, and a security trouble database in which the security trend information and the security trouble information are associated with each other. And security trend information selecting means for selecting the security trend information corresponding to the security trouble information collected by the method.

  The proposing means may propose the security product to the customer by e-mail.

  In order to solve the above problems, the present invention provides a sales promotion method for a sales promotion server that proposes a security product to a customer, the selection step for selecting security trend information, the security trend information, and the security product. Are extracted based on the security product database associated with the security trend information selected by the selection step, and one or more extracted by the extraction step. And a proposing step of proposing the security product corresponding to the security evaluation of the customer from the security product to the customer.

  In addition, what applied the component, expression, or arbitrary combination of the component of this invention to a method, an apparatus, a system, a computer program, a recording medium, a data structure, etc. is also effective as an aspect of this invention.

  As described above, according to the present invention, it is possible to provide a sales promotion method and a sales promotion server that can promptly and easily propose appropriate security products corresponding to security trends and customer security evaluations to customers.

  Next, the best mode for carrying out the present invention will be described based on the following embodiments with reference to the drawings.

  FIG. 1 is a system configuration diagram of an example of a sales promotion system according to the present invention. The sales promotion system 1 in FIG. 1 includes a security service provider environment 2, one or more news sites 3, an in-house built environment (user environment) 4 and an IDC (Internet data center) environment 5, for example, the Internet as an example of a network. 7 is connected.

  The security service provider environment 2 is configured to include a server device 11, a storage device 12, an external server 13, and a firewall 14. The firewall 14 is connected to a DMZ (demilitarized zone), a security service provider side LAN, and the Internet 7. A server device 11 and a storage device 12 are connected to the security service provider side LAN. An external server 13 is connected to the DMZ of the firewall 14.

  The server device 11 includes a security trend analysis selection unit 100, a security incident collection unit 101, a sales promotion mail automatic transmission unit 102, an advertisement automatic display unit 103, a banner advertisement color and shape setting unit 104, a security trouble. Collecting means 105 and customer security evaluation means 106. The details of each means constituting the server device 11 will be described later.

  The storage device 12 corresponds to a security keyword DB 110, a security incident DB 111, a security product DB 112, a customer product purchase (introduction) history DB 113, a customer security evaluation DB (corporate security ranking DB) 114, and a security evaluation rank. A basic graphic and color DB 115, an unauthorized access solution DB 116, and a security trouble DB 117 are included. Details of each DB constituting the storage device 12 will be described later. The external server 13 displays an advertisement for access from a client outside the security service provider environment 2.

  The news site 3 is a site that transmits security-related incidents and the like as news on the Internet 7.

  The in-house construction environment 4 is configured to include an outside server 15, a firewall 16, an in-house server 17, and a client 18. The firewall 16 is connected to the DMZ, the user side LAN, and the Internet 7. An external server 15 is connected to the DMZ of the firewall 16. An in-house server 17 and a client 18 are connected to the user side LAN.

  The IDC environment 5 is configured to include an external server 19, a firewall 20, and an internal server 21. The firewall 20 is connected to the DMZ, the user side LAN, and the Internet 7. An external server 19 is connected to the DMZ of the firewall 20. An internal server 21 is connected to the user side LAN. The IDC environment 5 is connected to the user environment 6 via a dedicated line. In the user environment 6, a client 22 is connected to a user side LAN.

  Next, the hardware configuration of the server device 11 will be described. FIG. 2 is a hardware configuration diagram of an example of the server apparatus. The server device 11 includes an input device 201, an output device 202, a drive device 203, an auxiliary storage device 204, a memory device 205, an arithmetic processing device 206, and an interface device 207 that are mutually connected by a bus B.

  The input device 201 includes a keyboard, a mouse, and the like, and is used for inputting various signals. The output device 202 includes a display device and is used to display various windows and data. The interface device 207 is configured with a LAN card or the like, and is used to connect to the security service provider side LAN.

  The sales promotion program according to the present invention is at least a part of various programs for controlling the server device 11. The sales promotion program is provided by distribution or download of the recording medium 208, for example.

  The recording medium 208 on which the sales promotion program is recorded is information such as a CD-ROM, a flexible disk, a magneto-optical disk, etc., a recording medium for recording information optically, electrically or magnetically, a ROM, a flash memory, etc. Various types of recording media, such as a semiconductor memory that electrically records data, can be used.

  When the recording medium 208 on which the sales promotion program is recorded is set in the drive device 203, the sales promotion program is installed from the recording medium 208 to the auxiliary storage device 204 via the drive device 203. On the other hand, the downloaded sales promotion program is installed in the auxiliary storage device 204 via the interface device 207.

  The server device 11 stores the installed sales promotion program and stores necessary files, data, and the like. The memory device 205 reads and stores the sales promotion program from the auxiliary storage device 204 at the time of activation. The arithmetic processing unit 206 realizes the server device 11 as a sales promotion server that performs various processes as described later according to the sales promotion program stored in the memory device 205.

  FIG. 3 is a main flowchart showing the processing procedure of the server apparatus according to the present invention. In step S1, the security trend analysis selection unit 100 of the server device 11 performs a security trend analysis selection process.

  When the security trend is viewed from the general public trend (news), the security trend analysis selection means 100 performs the security incident collection process at step S2, the automatic transmission process of the promotional mail at step S3, and the automatic advertisement at step S4. Perform display processing. Details of the security incident collection process in step S2, the automatic transmission process of the sales promotion mail in step S3, and the automatic advertisement display process in step S4 will be described later.

  On the other hand, when the security trend is viewed from the self-constructed environment / IDC environment, the security trend analysis selecting means 100 performs the security trouble collection process in step S5, the automatic transmission process of the promotional mail in step S6, and the advertisement in step S7. Perform automatic display processing. Details of the security / trouble collection process in step S5, the automatic transmission process of the sales promotion mail in step S6, and the automatic advertisement display process in step S7 will be described later.

  FIG. 4 is a flowchart showing the procedure of the security incident collection process. In step S11, the security incident collection unit 101 of the server apparatus 11 determines the date or period (for example, from April 1, 2005 to September 30, 2005) based on the operation of the input device 201 by the administrator of the security service provider. ) Is specified.

  Proceeding to step S12, the security incident collecting means 101 selects one or a plurality of news sites 3 or the like determined in advance using the keywords or keywords of the security keyword DB 110 as shown in FIG. Search and collect security incidents.

  FIG. 5 is a configuration diagram of an example of the security keyword DB. The security keyword DB 110 shown in FIG. 5 is configured to include keywords, corresponding categories, and corresponding solutions. Keywords are related to security. The corresponding category is a category corresponding to the keyword. The corresponding solution is a solution corresponding to the keyword.

  In step S13 of FIG. 4, the security incident collection unit 101 identifies the collected security incidents based on the keywords / corresponding categories / corresponding solutions in the security keyword DB 110 as shown in FIG. Is generated.

  FIG. 6 is a configuration diagram of an example of the security incident DB. The security incident DB 111 shown in FIG. 6 is configured to include cases, number of cases, corresponding categories, and corresponding solutions. The case is a case of security incident (such as title information). The corresponding category is a category corresponding to the case. The number of cases is the number of cases in the category. The corresponding solution is a solution corresponding to the case.

  FIG. 7 is a flowchart showing a procedure for automatic transmission processing of sales promotion mail. Proceeding to step S21, the automatic transmission means 102 of the sales promotion mail of the server device 11 changes from the corresponding category / corresponding solution of the security incident DB 111 (security trend information based on the security incident on the Internet 7) to a security incident with a large number of occurrences. Extract corresponding categories / corresponding solutions.

  For example, in the case of the security incident DB 111 of FIG. 6, the automatic transmission means 102 for the promotional mail is a category / solution corresponding to a security incident with a large number of incidents, 412 firewalls / countermeasures against unauthorized access, and 355 internal crimes. Extract countermeasures / information leakage countermeasures and antivirus / virus countermeasures with 297 cases.

  Proceeding to step S22, the automatic transmission means 102 of the sales promotion mail 102 evaluates the corresponding category / corresponding solution evaluation rank extracted in step S21 from the customer security evaluation DB (company security ranking DB) 114 as shown in FIG. Extract customers with B less than 80 (80 points).

  FIG. 8 is a configuration diagram of an example of a customer security evaluation DB (company security ranking DB). The customer security evaluation DB (company security ranking DB) 114 shown in FIG. 8 includes company names, solutions, solution evaluation ranks, categories, category evaluation ranks, purchased (introduced) products, and purchased (introduced) products. It is configured to include an evaluation rank. The evaluation rank included in the customer security evaluation DB (enterprise security ranking DB) 114 represents the security evaluation rank.

  The customer security evaluation DB (company security ranking DB) 114 is generated by a customer security evaluation process as shown in FIG. FIG. 9 is a flowchart showing the procedure of the customer security evaluation process.

  In step S31, the customer security evaluation means 106 of the server apparatus 11 stores the solution, category, corresponding product, evaluation rank of the security product DB 112 shown in FIG. 10 and the customer product purchase (introduction) history DB 113 shown in FIG. The company name and the purchased (introduced) product are matched to generate the customer security evaluation DB (company security ranking DB) 114 shown in FIG.

  FIG. 10 is a configuration diagram of an example of the security product DB. The security product DB 112 is configured to include a solution, a category, a corresponding product, an evaluation rank, a corresponding promotional mail text, and a corresponding banner advertisement.

  The solution is about security. The category is a category corresponding to the solution. The corresponding product is the product corresponding to the solution. The evaluation rank represents the evaluation rank of the security of the corresponding product. The security evaluation rank of the corresponding product is an evaluation rank based on the function / performance evaluation for each solution / category of the corresponding product.

  For example, in the case of the security product DB 112 in FIG. 10, the firewall manufactured by Company A has an evaluation rank B for unauthorized access countermeasures / firewalls and an evaluation rank A for virus countermeasures / virus filtering.

  The corresponding promotional mail text is, for example, an email text with a content such as “Please appoint a firewall product of Company A for your company's unauthorized access countermeasures. The corresponding banner advertisement is linked to a shopping site having a purchase form for the product.

  FIG. 11 is a configuration diagram of an example of a customer product purchase (introduction) history DB. The customer product purchase (introduction) history DB 113 is configured to include a company name, an address, a person in charge name, a telephone, an e-mail address, and a purchase (introduction) product. In the customer's product purchase (introduction) history DB 113, the customer's company name, address, person in charge, telephone, e-mail address, and purchase (introduction) product are set based on the customer's product purchase record.

  Returning to step S31 of FIG. 9, the customer security evaluation means 106 determines the solution, category, corresponding product, evaluation rank of the security product DB 112 shown in FIG. 10 and the company of the customer product purchase (introduction) history DB 113 shown in FIG. The name and the purchased (introduced) product are matched, the evaluation rank of the purchased (introduced) product is the category evaluation rank, and the average of the category evaluation rank is the solution evaluation rank.

  For example, if the evaluation rank of the purchased (introduced) product is A, the customer security evaluation means 106 sets the category evaluation rank to A. The evaluation rank values are A = 100 points, B = 80 points, C = 60 points, D = 40 points, E = 20 points, and F = 0 points. Category 1 = A (100 points), Category 2 = C (60 points), category 3 = (0 points), the customer security evaluation means 106 determines the evaluation rank of the solution 1 including categories 1 to 3 from (100 points + 60 points + 0 points) / 3 = 53 points. D.

  The customer security evaluation DB (enterprise security ranking DB) 114 shown in FIG. 8 uses an edit page 300 as shown in FIG. 12 to display the company name, solution, category, purchased (introduced) product, purchased (introduced) product. The evaluation rank is input. The solution evaluation rank and the category evaluation rank are automatically set as shown in the flowchart of FIG. FIG. 12 is an image diagram of an example of an edit page. The edit page 300 shown in FIG. 12 corresponds to the customer security evaluation DB (company security ranking DB) 114 of FIG.

  Returning to step S22 in FIG. 7, for example, in the case of the customer security evaluation DB (corporate security ranking DB) 114 in FIG. 8, the automatic transmission means 102 for the promotional mail is the firewall / unauthorized access countermeasure, internal crime extracted in step S21. As a customer whose evaluation rank for countermeasures / information leakage countermeasures, anti-virus / anti-virus measures is less than B (80 points), the company with internal crime countermeasure / information leakage countermeasure evaluation rank F, internal crime countermeasures / information leakage countermeasures, anti Extract ro companies with a virus / anti-virus evaluation rank F.

  In step S23, the automatic transmission means 102 of the sales promotion mail refers to the customer's product purchase (introduction) history DB 113, and the person in charge of the customer extracted in step S22 is shown in FIG. 13 for products whose evaluation rank is B or higher. Automatic sales promotion emails. FIG. 13 is an image diagram of an example of a sales promotion mail. The sales promotion mail of FIG. 13 is created based on the corresponding sales mail text of FIG.

  Such a promotional mail can make use of marketing methods such as cross selling and up selling. The cross selling method is a method of additionally selling (recommending) another (related) product or service to a customer based on the purchase (application) of a certain product or service. For example, the cross selling method is “tie-in” sales of a digital camera and a photographic image quality inkjet printer.

  The up-selling method is a method of recommending products that are one rank higher than the product desired by the customer or a product with a higher unit price when selling products or services, and selling with the consent of the customer. It is. For example, the up-selling method is the promotion of upgrades after the introduction of low-end software in the software business.

  FIG. 14 is a flowchart showing the procedure of the automatic advertisement display process. Proceeding to step S41, the automatic advertisement display means 103 of the server apparatus 11 responds to a security incident with a large number of occurrences from the corresponding category of the security incident DB 111 / corresponding solution (security trend information based on the security incident on the Internet 7). Category / corresponding solution.

  For example, in the case of the security incident DB 111 of FIG. 6, the automatic advertisement display means 103 is a category / solution corresponding to a security incident with a large number of occurrences, as described above, firewall / unauthorized access countermeasures, internal crime countermeasures / information leakage countermeasures and Extract virus / anti-virus.

  In step S42, the automatic advertisement display means 103 determines whether or not there is access to the home page (HP) of the security service provider. Here, a description will be given by taking, as an example, a specification for requesting an e-mail address of an accessor as an ID during basic authentication when accessing a home page.

  The advertisement automatic display means 103 repeats the process of step S42 until it is determined that there is access. If it is determined that there is an access, the automatic advertisement display means 103 proceeds to step S43, and searches the customer's product purchase (introduction) history DB 113 shown in FIG. 11 using the e-mail address of the accessor as key information. It can be determined whether or not the user (person in charge) of the security product.

  If the automatic advertisement display means 103 determines that it is not a user (person in charge) of the security product, the process returns to step S42. If it is determined that the user is a security product user (person in charge), the automatic advertisement display means 103 proceeds to step S44, refers to the customer's product purchase (introduction) history DB 113 in FIG. Specify the company name (customer).

  Proceeding to step S45, the advertisement automatic display means 103 extracts the corresponding category / correspondence extracted in step S41 from the customer security evaluation DB (company security ranking DB) 114 shown in FIG. 8 of the customer specified in step S44. It is determined whether there is a solution with an evaluation rank less than B (80 points) among the solutions to be performed.

  If there is no category / corresponding solution extracted in step S41 that has an evaluation rank less than B (80 points), the automatic advertisement display means 103 returns to the processing in step S41. On the other hand, if the corresponding category / corresponding solution extracted in step S41 has an evaluation rank of less than B (80 points), the automatic advertisement display means 103 proceeds to step S46.

  For example, in the case of Company A included in the customer security evaluation DB (company security ranking DB) 114 in FIG. 8, the automatic advertisement display means 103 is the firewall / unauthorized access countermeasure, internal crime countermeasure / information leakage extracted in step S41. Among the evaluation ranks of countermeasures and anti-virus / anti-virus measures, the internal crime countermeasures / information leakage countermeasures whose evaluation rank is F are extracted as those having a rating of less than B (80 points).

  In step S46, the advertisement automatic display means 103 extracts the banner advertisement of the product whose evaluation rank corresponding to the corresponding category / corresponding solution extracted in step S45 is B or more from the security product DB 112 of FIG.

  In step S47, the advertisement automatic display means 103 causes the banner advertisement color and shape setting means 104 to perform banner advertisement color and shape setting processing. In step S48, the advertisement automatic display means 103 automatically displays the banner advertisement having the color, shape, or size set in step S47. As with promotional emails, banner ads can make use of marketing techniques such as cross selling and up selling.

  The banner advertisement color and shape setting process in step S47 will be described with reference to the flowchart of FIG. FIG. 15 is a flowchart of an example of the process for setting the color and shape of the banner advertisement.

  Proceeding to step S51, the color and shape setting means 104 of the banner advertisement determines the corresponding category / corresponding solution extracted earlier, for example, firewall / unauthorized access countermeasure, internal crime countermeasure / information leakage countermeasure, anti-virus / anti-virus countermeasure. A colored basic figure as shown in FIG. 16 corresponding to the evaluation rank is selected.

  FIG. 16 is an image diagram of an example showing the color and shape of a banner advertisement. The image diagram of FIG. 16 represents six banner advertisements corresponding to the evaluation ranks A to F. The banner advertisement shown in FIG. 16 is represented by a stable shape having a wide base such as a rectangle if the evaluation rank is high, and an unstable shape having a narrow base such as a triangle if the evaluation rank is low. In the banner advertisement shown in FIG. 16, the rank of the evaluation rank is expressed not only by the shape but also by the color. The banner advertisement shown in FIG. 16 is an example, and any shape or color combination may be used as long as the evaluation rank can be expressed. Further, the evaluation rank may be expressed by either the shape or the color.

  In step S52, the banner advertisement color and shape setting unit 104 determines whether or not the product spans multiple categories / solutions. For example, the firewall manufactured by Company A supports not only firewall / unauthorized access measures but also anti-virus / anti-virus measures. The banner color and shape setting means 104 checks a product such as a firewall manufactured by Company A.

  If the product does not extend over a plurality of categories / solutions, the banner advertisement color and shape setting means 104 proceeds to step S53, where the colored basic graphic of FIG. 16 corresponding to the evaluation rank of the product is displayed. Change the color and shape of the banner ad. In addition to the color, the banner advertisement can also express “corresponding to security hole measures” with a polka dot pattern, for example.

  On the other hand, if the product spans a plurality of categories / solutions, the banner advertisement color and shape setting means 104 proceeds to step S54, and the colored color shown in FIG. 16 corresponding to the evaluation rank for each category / solution of the product. The basic shape changes the color and shape of the banner ad for the product. In addition to the color, the banner advertisement can also express “corresponding to security hole measures” with a polka dot pattern, for example.

  For example, in the case of FIG. 17, the firewall / unauthorized access countermeasure is a blue square, the internal crime countermeasure / information leakage countermeasure is a green trapezoid, and the anti-virus / virus countermeasure is a yellow triangle.

  In the case of FIG. 18, the security hole detection / unauthorized access countermeasure is a green square (with a polka dot pattern), the Internet abuse countermeasure / information leakage countermeasure is a green trapezoid, and the virus filtering / virus countermeasure is a blue square.

  Proceeding to step S55, the banner advertisement color and shape setting means 104 considers the display balance of the rectangle, trapezoid, and triangle, and determines the criteria of area and length as follows. For example, the ratio of the areas is square: trapezoid: triangle = 4: 3: 2. In addition, the ratio of lengths is such that the quadrangle is the base: height = 1: 1, the trapezoid is the upper base: the lower base: height = 1: 2: 2, and the triangle is the base: height = 1: 1.

  In step S56, the banner advertisement color and shape setting means 104 sets the evaluation rank values to A = 100 points, B = 80 points, C = 60 points, D = 40 points, E = 20 points, and F = 0. The average of the evaluation rank for each category / solution of the product is calculated as the overall evaluation rank, and the color and shape of the banner advertisement are obtained.

  For example, in the case of FIG. 17, since the evaluation ranks A (100 points), C (60 points), and E (20 points) are 60 points, the banner advertisement is a green trapezoid. In the case of FIG. 18, since the evaluation ranks B (80 points), C (60 points), and A (100 points) are 80 points, the banner advertisement is a green square.

  In step S57, the color and shape setting means 104 of the banner advertisement adjusts and adds the areas of the other graphics from the above-described area ratios based on the overall evaluation rank graphics when merging different graphics. .

  For other figure adjustments, if the figure of the overall evaluation rank is a square, the trapezoid is 4/3 times and the triangle is 4/2 times. When the figure of the overall evaluation rank is a trapezoid, the square is 3/4 times and the triangle is 3/2 times. When the figure of the overall evaluation rank is a triangle, the square is 2/4 times and the trapezoid is 2/3 times.

  For example, in the case of FIG. 17, the square adjustment is 16 (area) × 3/4 = 12, the triangle adjustment is 8 (area) × 3/2 = 12, and the area of the figure of the overall evaluation rank is 12 + 12 + 12 = 36. Become. In the case of FIG. 18, the adjustment of the trapezoid is 3 (area) × 4/3 = 4, and the area of the figure of the comprehensive evaluation rank is 4 + 4 + 4 = 12.

  Proceeding to step S58, the color and shape setting means 104 of the banner advertisement determines the length (size) of the graphic of the overall evaluation rank from the ratio of the area of the graphic of the comprehensive evaluation rank determined in step S57 and the length described above. Ask for.

  For example, in the case of FIG. 17, the area of the trapezoid which is the figure of the overall evaluation rank is 36, and the ratio of the trapezoid length is upper base: lower base: height = 1: 2: 2, so the upper base = 3. 46, lower base = 6.93, height = 6.93. In the case of FIG. 18, the area of the quadrangle that is the figure of the overall evaluation rank is 12 and the ratio of the lengths of the quadrangle is base: height = 1: 1, so that base = 3.46, height = 3. 46.

  The color and shape setting means 104 of the banner advertisement is a colored figure obtained by merging the colored figures corresponding to the evaluation rank for each category / solution of the product, and can change the color and shape of the banner advertisement of the product. That is, the banner advertisement color and shape setting means 104 can merge the evaluation ranks of a plurality of categories / solutions and express them by the shape (length and area) and color as the overall evaluation rank.

  FIG. 19 is a schematic diagram of an example showing processing when a security trend is seen from the company-built environment. The security service provider (monitoring center) accesses the log of the firewall 16 of the self-constructed environment (user environment) 4 and collects security troubles, and then automatically transmits a promotional mail and automatically displays advertisements.

  FIG. 20 is a schematic diagram of an example showing processing when a security trend is seen from the IDC environment. The security service provider (monitoring center) accesses the log of the firewall 20 of the IDC 5 and collects security troubles, and then automatically transmits a promotional mail and automatically displays advertisements.

  FIG. 21 is a flowchart showing the security trouble collection process. The flowchart in FIG. 21 represents an example of collecting security troubles from a firewall.

  In step S61, the security trouble collecting unit 105 of the server device 11 determines the date or period (for example, from April 1, 2005 to September 30, 2005) based on the operation of the input device 201 by the administrator of the security service provider. Day).

  In step S62, the security / trouble collecting means 105 opens the log file of the firewall 16 of the company construction environment 4 or the firewall 20 of the IDC environment 5.

  In step S63, the security / trouble collecting means 105 refers to one log from the opened log file. In step S64, the security / trouble collecting means 105 determines whether there is a log to be referred to next. If there is still a log to be referred to next, the security trouble collecting means 105 proceeds to step S65, and determines whether or not unauthorized access (port scan, DoS attack, etc.) has occurred on the target date or period.

  If unauthorized access has occurred on the target date or period, the security / trouble collecting means 105 proceeds to step S66, stores it in the auxiliary storage device 204 or the memory device 205, and returns to step S63. If no unauthorized access has occurred on the target date or period, the security / trouble collecting means 105 returns from step S65 to step S63.

  If there is no log to be referred to next, the security / trouble collecting means 105 proceeds to step S67 and closes the log file opened in step S62. Proceeding to step S68, the security trouble collecting means 105 starts from the unauthorized access stored in step S66 based on the unauthorized access / corresponding category / corresponding solution correspondence in the unauthorized access solution DB 116 as shown in FIG. A security trouble DB 117 as shown in FIG. 23 is generated.

  FIG. 22 is a configuration diagram of an example of an unauthorized access solution DB. The unauthorized access solution DB 116 of FIG. 22 is configured to include unauthorized access types, corresponding categories, and corresponding solutions. The type of unauthorized access represents the type of unauthorized access such as DoS or port scan. The corresponding category represents a category corresponding to the type of unauthorized access. The corresponding solution represents the solution corresponding to the type of unauthorized access.

  FIG. 23 is a block diagram showing an example of a security / trouble DB. The security trouble DB 117 of FIG. 23 is configured to include cases of unauthorized access, number of cases, corresponding categories, and corresponding solutions. The case of unauthorized access represents a case of unauthorized access such as DoS or port scan.

  The corresponding category represents a category corresponding to an unauthorized access case. The number of cases represents the number of cases of unauthorized access in the corresponding category. Corresponding solutions represent solutions that deal with cases of unauthorized access.

  FIG. 24 is a flowchart showing a procedure for automatic transmission processing of sales promotion mail. In step S71, the automatic transmission means 102 of the sales promotion mail of the server device 11 is generated from the corresponding category of the security trouble DB 117 / the corresponding solution (security trend information based on the security incident on the Internet 7). Extract categories / solutions corresponding to troubles.

  Proceeding to step S72, the automatic transmission means 102 of the sales promotion mail 102 evaluates the corresponding category / corresponding solution evaluation rank extracted in step S71 from the customer security evaluation DB (company security ranking DB) 114 as shown in FIG. Extract customers with B less than 80 (80 points).

  Proceeding to step S73, the automatic transmission means 102 of the sales promotion mail refers to the customer's product purchase (introduction) history DB 113, and the person in charge of the customer extracted in step S72 is shown in FIG. Automatic sales promotion emails. Such a promotional mail can make use of the above-described marketing methods such as cross selling and up selling.

  FIG. 25 is a flowchart showing a procedure for automatic advertisement display processing. In step S81, the automatic advertisement display means 103 of the server apparatus 11 causes a security trouble with a large number of occurrences from the corresponding category / corresponding solution (security trend information based on the security incident on the Internet 7) of the security trouble DB 117. Extract categories / solutions corresponding to.

  For example, in the case of the security trouble DB 117 of FIG. 23, the automatic advertisement display means 103 extracts intrusion detection tracking / unauthorized access countermeasures as a category / solution corresponding to a large number of occurrences of security troubles.

  In step S82, the automatic advertisement display means 103 determines whether or not there is access to the home page (HP) of the security service provider. Here, a description will be given by taking, as an example, a specification for requesting an e-mail address of an accessor as an ID during basic authentication when accessing a home page.

  The advertisement automatic display means 103 repeats the process of step S82 until it is determined that there is access. If it is determined that there is an access, the automatic advertisement display means 103 proceeds to step S83, and searches the customer's product purchase (introduction) history DB 113 shown in FIG. 11 by using the e-mail address of the accessor as key information. It can be determined whether or not the user (person in charge) of the security product.

  If the automatic advertisement display means 103 determines that it is not a user (person in charge) of the security product, the process returns to step S82. If it is determined that the user is a security product user (person in charge), the automatic advertisement display means 103 proceeds to step S84, refers to the customer's product purchase (introduction) history DB 113 in FIG. Specify the company name (customer).

  Proceeding to step S85, the automatic advertisement display means 103 extracts the corresponding category / correspondence extracted in step S81 from the customer security evaluation DB (company security ranking DB) 114 shown in FIG. 8 of the customer specified in step S84. It is determined whether there is a solution with an evaluation rank less than B (80 points) among the solutions to be performed.

  If there is no category / corresponding solution extracted in step S81 that has an evaluation rank less than B (80 points), the automatic advertisement display means 103 returns to the processing in step S81. On the other hand, if there is an evaluation rank less than B (80 points) among the corresponding categories / corresponding solutions extracted in step S81, the advertisement automatic display means 103 proceeds to step S86.

  For example, in the case of Company A included in the customer security evaluation DB (company security ranking DB) 114 of FIG. 8, the automatic advertisement display means 103 has the evaluation rank B for the intrusion detection tracking / unauthorized access countermeasure extracted in step S81. Extract as less than (80 points).

  In step S86, the advertisement automatic display means 103 extracts the banner advertisement of the product whose evaluation rank corresponding to the corresponding category / corresponding solution extracted in step S85 is B or more from the security product DB 112 of FIG.

  In step S87, the advertisement automatic display unit 103 causes the banner advertisement color and shape setting process to be performed by the banner advertisement color and shape setting process described above. In step S88, the advertisement automatic display means 103 automatically displays the banner advertisement having the color, shape, or size set in step S87. As with sales promotion emails, banner ads can utilize the marketing methods such as cross selling and up selling described above.

  As described above, in the sales promotion system according to the present invention, there are many incidents related to security on the Internet such as unauthorized access from outside and falsification of Web contents. Therefore, it is possible to extract necessary information from external information and propose an appropriate product to the customer.

  First, in the sales promotion system according to the present invention, security trends are observed from the general public trends (news) (collecting security incidents), and an appropriate security product corresponding to the customer's security evaluation is proposed (promotional mail). Can be delivered automatically.

  In the sales promotion system according to the present invention, the security keyword DB, security incident DB, security product DB, customer security evaluation DB (corporate security ranking DB), unauthorized access solution DB, security trouble DB By managing the items of each DB (table) in a unified manner using solutions, categories, products, and evaluation ranks, security trends in general public trends (news) and security in in-house built / IDC environments It is possible to immediately extract countermeasures (security products) from the trend and automatically distribute proposals (sales promotion mail) of appropriate security products corresponding to the customer's security evaluation.

  In the sales promotion system according to the present invention, a banner advertisement of an appropriate security product can be automatically displayed on the website instead of the sales promotion mail. Further, the sales promotion system according to the present invention can automatically change the color, shape and size of the banner advertisement in conjunction with the security evaluation.

The present invention may have the following configurations as described below.
(Appendix 1)
A sales promotion method for a sales promotion server that proposes security products to customers,
A selection step for selecting security trend information;
An extraction step of extracting one or more security products corresponding to the security trend information selected by the selection step based on a security product database in which the security trend information and the security products are associated;
And a proposing step of proposing to the customer the security product corresponding to the security evaluation of the customer from the one or more security products extracted by the extracting step.
(Appendix 2)
The selecting step is a security incident information collecting step of collecting security incident information from news information based on predetermined search information;
Security trend information selection step for selecting the security trend information corresponding to the security incident information collected by the security incident information collection step based on a security incident database in which the security trend information and the security incident information are associated with each other The sales promotion method according to appendix 1, characterized by comprising:
(Appendix 3)
The selecting step includes a security trouble information collecting step for collecting security trouble information from predetermined log information;
Security trend information selection step for selecting the security trend information corresponding to the security trouble information collected by the security trouble information collection step based on a security trouble database in which the security trend information and the security trouble information are associated with each other The sales promotion method according to appendix 1, characterized by comprising:
(Appendix 4)
4. The sales promotion method according to any one of appendices 1 to 3, wherein the suggesting step proposes the security product to the customer by e-mail.
(Appendix 5)
The proposing step displays an advertisement whose color, shape, or size changes in conjunction with the security evaluation of the security product on a website, and proposes the security product to the customer. The sales promotion method according to any one of appendices 1 to 3, which is characterized by the following.
(Appendix 6)
The proposing step displays an advertisement whose color, shape or size changes based on a result of combining security evaluations of a plurality of the security products, and proposes the security product to the customer. The sales promotion method according to any one of appendix 5, characterized by:
(Appendix 7)
The sales promotion method according to any one of appendices 1 to 6, wherein the security trend information includes category information and solution information.
(Appendix 8)
A sales promotion server that proposes security products to customers,
A selection means for selecting security trend information;
Extraction means for extracting one or more security products corresponding to the security trend information selected by the selection means based on a security product database in which the security trend information and the security products are associated;
A sales promotion server comprising: proposal means for proposing the security product corresponding to the security evaluation of the customer from the one or more security products extracted by the extraction means to the customer.

  The present invention is not limited to the specifically disclosed embodiments, and various modifications and changes can be made without departing from the scope of the claims.

It is a system configuration figure of an example of a sales promotion system by the present invention. It is a hardware block diagram of an example of a server apparatus. It is a main flowchart which shows the process sequence of the server apparatus by this invention. It is a flowchart which shows the procedure of the collection process of a security incident. It is a block diagram of an example of security keyword DB. It is a block diagram of an example of security incident DB. It is a flowchart which shows the procedure of the automatic transmission process of a sales promotion mail. It is a block diagram of an example of customer security evaluation DB (company security ranking DB). It is a flowchart which shows the procedure of a customer's security evaluation process. It is a block diagram of an example of security product DB. It is a block diagram of an example of customer's product purchase (introduction) history DB. It is an image figure of an example of an edit page. It is an image figure of an example of a sales promotion mail. It is a flowchart which shows the procedure of the automatic display process of advertisement. It is a flowchart of an example of the setting process of the color and shape of a banner advertisement. It is an image figure of an example showing the color and shape of a banner advertisement. It is an image figure of an example showing the setting process of the color and shape of a banner advertisement. It is an image figure of another example showing the setting process of the color and shape of a banner advertisement. It is an example of an outline figure showing processing in the case of seeing a security tendency from an in-house construction environment. It is an example of an outline figure showing processing in the case of seeing a security tendency from an IDC environment. It is a flowchart which shows the procedure of the collection process of a security trouble. It is a block diagram of an example of solution DB of unauthorized access. It is a block diagram of an example of security trouble DB. It is a flowchart which shows the procedure of the automatic transmission process of a sales promotion mail. It is a flowchart which shows the procedure of the automatic display process of advertisement.

Explanation of symbols

1 Sales promotion system 2 Security service provider environment 3 News site 4 Self-built environment (user environment)
5 IDC (Internet Data Center) Environment 6 User Environment 7 Internet 11 Server Device 12 Storage Device 13, 15, 19 External Server 14, 16, 20 Firewall 17, 21 Internal Server 18, 22 Client 100 Security Trend Analysis Selection Means 101 Collecting means for security incident 102 Automatic sending means for promotional mail 103 Automatic means for displaying advertisement 104 Setting means for color and shape of banner advertisement 105 Collecting means for security trouble 106 Customer security evaluation means 110 Security keyword DB
111 Security Incident DB
112 Security Product DB
113 Customer Product Purchase (Introduction) History DB
114 Customer Security Evaluation DB (Enterprise Security Ranking DB)
115 Basic figure and color DB corresponding to security evaluation rank
116 Unauthorized Access Solution DB
117 Security Trouble DB
201 Input Device 202 Output Device 203 Drive Device 204 Auxiliary Storage Device 205 Memory Device 206 Arithmetic Processing Device 207 Interface Device 208 Recording Medium

Claims (5)

A sales promotion method for a sales promotion server that proposes security products to customers,
A selection step for selecting security trend information;
An extraction step of extracting one or more security products corresponding to the security trend information selected by the selection step based on a security product database in which the security trend information and the security products are associated;
And a proposing step of proposing to the customer the security product corresponding to the security evaluation of the customer from the one or more security products extracted by the extracting step. The selecting step is a security incident information collecting step of collecting security incident information from news information based on predetermined search information;
Security trend information selection step for selecting the security trend information corresponding to the security incident information collected by the security incident information collection step based on a security incident database in which the security trend information and the security incident information are associated with each other The sales promotion method according to claim 1, further comprising: The selecting step includes a security trouble information collecting step for collecting security trouble information from predetermined log information;
Security trend information selection step for selecting the security trend information corresponding to the security trouble information collected by the security trouble information collection step based on a security trouble database in which the security trend information and the security trouble information are associated with each other The sales promotion method according to claim 1, further comprising:   4. The sales promotion method according to claim 1, wherein the suggesting step proposes the security product to the customer by e-mail. A sales promotion server that proposes security products to customers,
A selection means for selecting security trend information;
Extraction means for extracting one or more security products corresponding to the security trend information selected by the selection means based on a security product database in which the security trend information and the security products are associated;
A sales promotion server comprising: proposal means for proposing the security product corresponding to the security evaluation of the customer from the one or more security products extracted by the extraction means to the customer.

Images