External networks that use cloud computing environments can gain the benefits of offsite storage backups, but at the same time pose some dangers: viruses, spam, malware, and identity thieves are some of the threats you might face.
CIO channel weekly Hot "dot" article
How does the CIO resolve interpersonal conflicts in IT teams? Hold and give up: how the CIO decides
How to reshape the Government CIO function? Challenges faced by CIOs in the 2009 and their coping strategies
Three lessons I have experienced in the strategic transition story away from CEO "intuitive decision" CIO how to seize the opportunity?
Sharing data with outside service providers is at risk, but there are some security benefits, according to Eranfeigenbaum, the company's security director for GoogleApps. While many companies now allow cloud computing service providers access to their data, "It's a big benefit to just share documents, not share the entire infrastructure." ”
Trebryan, chief executive of Opsource, added: "You don't have to figure out multiple security areas because there's only one positive connection." "The company provides data management and backup services for software services (SaaS) and internet companies."
Below, the experts described how to ensure the security of the cloud computing environment.
One, attention to open things
Cloud computing service provider Salesforce warns against opening suspicious e-mail messages at its trusted site. This is a simple truth, but many people have failed to follow the advice. Also pay attention to suspicious links.
Balding suggested that the provider should be asked about the incident response mechanism. He says providers should be able to help in case anyone tries to invade. You also have to ask if the provider will not mirror your machine, or it must be done by yourself.
Craigbalding is the head of technology security at Fortune 500, and has a blog about cloud computing security. He suggests that if you open the file, make sure that network access is encrypted. Amazon, he notes, does not provide data encryption services for its Web services business. Salesforce.com recommends two-factor authentication techniques, such as RSA tokens or smart cards, at their trusted sites.
Second, the protection of Cloud API key
Balding reminder, you need to ensure your own cloud API (application programming Interface) key security. He said: "If someone gets your access key, you can access all your data." The provider is required to provide you with a multiple key to protect each group of data in different risk categories. ”
He also suggested that production data should be placed in one account and that development data should be placed in another account. This, he says, would reduce the risk of someone breaking into a less secure development machine.
Third, how much to pay the use of
Balding suggested that in order to avoid competitors to accumulate arrears, how much cloud services to pay the cost. "It is necessary to set thresholds if the volume of usage increases dramatically," he said. ”
Iv. Replication of data
Google's Feigenbaum emphasizes the importance of replicating data across multiple data centers. For example, in the event of a disaster in the northeast, data can still be accessed from other regions. Feigenbaum said: "If there is a disaster in the northeast, such as a snowstorm, which leads to power outages, you can still access your data from another data center, and no one knows what's behind this." ”