Cloud strategy and security considerations and recommendations

Cloud Strategy and security considerations and recommendations

Crape Myrtle Live Li Wanhong

1. Strengthen investment and achieve cloud strategy.

Companies in three years to set up in Beijing, Shanghai, Shenzhen Three cloud platform, mutual backup for the company's internal research and development, testing, production, office to provide support, but also external rental cloud host, cloud storage, to realize the commercialization of the cloud for the company to create value.

The cloud platform has many benefits, not only can save more than 80% of the cost, but also improve the utilization of the equipment, the use of cloud technology, the elastic function, automatic migration function, easy to build millions, tens of thousands of users of the online education website, as well as financial sites, to ensure high concurrency and high availability of the site, to create the most advanced education For this need to increase investment efforts, purchase servers, storage, network and other equipment, to create the country education financial cloud Platform Tai ' an.

Cloud Platform is the basis of big data, Hadoop storage, processing big data need a large number of virtual machines, without the support of cloud platform. Cloud computing, Big Data is a revolution, changing the software model, with limitless prospects, we must seize this technology trend, pre-layout, do a good job of cloud platform and big data, develop related business, to create value for the company and customers.

2. Recruit cloud computing, big data talent.

In order to achieve the cloud and big data strategy, the need to recruit high-end talent, including PhD, Master, from the computer professional recruitment of a large number of relevant personnel, big data can recruit some of the mathematics department of the doctor, but to the computer major, because the computer professional students know more programming, combat power is stronger.

3. Strengthening security management of operational and peacekeeping systems.

Ctrip's official website and app, No. 5.28, were paralyzed, unable to function properly until 23:29 in the evening, but lost more than 1 million and the share price fell 1.59%.

The incident was due to an employee error, which took a long time to verify that the functionality between the application and the service was working properly due to the wide range of businesses, applications and services that Ctrip was involved in.

"Before, Hore", this is a lesson, sounded the alarm of computer system security, we must warning, strengthen the system's operation and security work, ensure foolproof.

Therefore, it is necessary to implement centralized security control platform for host operation and maintenance, realize unified identity authentication, authorization, security audit, prevent unauthorized operation behavior, resource abuse and ultra vires operation, effectively evade personnel safety risk and maintenance automation and tool, so as to advance defense, interrupt in the event, audit afterwards, To do a good job of the application system and database backup, and monthly recovery drills, improve the fault handling capacity and recovery capabilities, to be prepared. The company's large number of systems run on the virtual machine, to strengthen the security research of the cloud platform, to prevent all kinds of internal and external destruction, to take effective means and tools anti-virus, Trojan, hacker and vulnerability attacks, SQL injection attacks, application layer denial of service attack (DDOS), etc., improve the security of the system, to be impregnable.

At present, the company is cracked version of the VMware Cloud operating system, the proposed purchase of genuine, conducive to security improvements, but also need to purchase VMware-compatible anti-virus software, such as Symantec.

Wave Company's server China first, its security equipment is also quite good, the tide Big Enterprise Data Center security solution conforms to the national information security class protection level Three technical requirements, recommends adoption.

Wave provides Web application security and load balancing solutions that provide the best Web application vulnerabilities and unknown threat defenses, comprehensive analysis of HTTP/HTTPS and compressed data streams, prevention of SQL injection, cross-site attacks, (XSS), buffer overflow, DDoS attacks, and more. Effectively protect data Center Web server security while improving the performance of your business applications and increasing the efficiency of your data center's underlying equipment.

Host system level using host reinforcement technology, from the operating system layer to ensure server, terminal equipment security, through the white list reinforcement strategy to prevent known and unknown virus Trojan Horse, backdoor attack events, effectively improve the operating system security level, protect large enterprise Web site business and core database and other server security.

Through the establishment of internal operation and maintenance of security control platform, effectively reduce the internal operation and maintenance of potential personnel security risks, prevent internal leaks or misuse, through the application system monitoring, to the business perspective of comprehensive monitoring of data center business assets, data center security situational awareness, data center to ensure efficient and secure.

2015-5-31

Copyright NOTICE: This article for Bo Master original article, without Bo Master permission not reproduced.

Cloud strategy and security considerations and recommendations