How to protect data security on the other side of public cloud computing

Internet boss Google's various types of cloud computing products have been familiar, word processing, spreadsheets and presentation of the production tools of the three major online office software has been out for a long time. In addition, Google sites and app engine, and so on, many users. And another giant Microsoft is not idle, impatient in the web of its own products ...

This cloud computing is fire up, but this user's security problem also comes with, let a person quite a headache.

Submarine cable rupture, core router overload things like that service interruption let us not say that the data are kept in the cloud, the security of the cloud how to protect?

In fact, in the "cloud computing" just come out that will, its data security questions have been criticized, users care about their own data will not be arbitrarily deleted, the most concerned about their own information will not be unrelated to access, data leakage.

Generally speaking, enterprise data has its confidentiality. But these companies to the cloud computing services providers, with data priority is not the corresponding enterprises, but cloud computing service providers. In this way, it is impossible to rule out the possibility of corporate data being leaked. In addition to cloud computing service providers, a large number of hackers who covet cloud data are not idle, they continue to explore the service provider Web application vulnerabilities, in order to open the gap, to get the data they want.

In the first half of 2009, Google embarrassed to acknowledge and fix some of its products ' privacy leaks. Since Google is using a single sign-on mode, hackers enter the user's Gmail, their doc documents, spreadsheets, code base, and so can all unrestricted access. Unfortunately, some hackers have exploited these vulnerabilities before the problem was discovered.

There are a lot of such questions, not one for example. The security of public cloud computing is so bad, does the user have some countermeasures to strengthen it?

First, the establishment of a private "cloud"

For companies, cloud computing represents a convergence of technology trends in enterprise computing, and private cloud is a much stronger combination of modular hardware and networking that can be spun off, and storage resources that can be dynamically allocated through preset policies. Private cloud has excellent security and can reduce the loss of shared assets. With companies such as HP and Dell continually offering such solutions, this is no longer a difficult task today. It's just that it's expensive and not suitable for small and medium enterprises.

Ii. Strengthening of management

The first step is to ensure that employees do not upload relatively confidential information to the public cloud computing environment. "Most CIOs are primarily concerned about the fact that employees put data that should not be made public," says Terremark worldwide, the global IT infrastructure provider, a senior vice president for security services. ”

This worry is not unreasonable. If the Board finds that its strategic solution is in the public cloud environment, and anyone can see it, what will it be? So CIOs need to put a clear policy in place and then communicate these security policies to employees.

Iii. use of encryption tools

The second method, though relatively simple. But the use of cloud computing has been greatly reduced. And the use of encryption tools, you can better compensate for this shortcoming. But a lot of traditional encryption software to start the threshold high, plus decryption operation cumbersome. Not conducive to the web as the main carrier of cloud computing promotion and use.

With the increasing requirements of users, some of the encryption software, which is simple to operate and integrated into the browser, has gradually entered into people's vision. For example, the ―――gwebs Doccloak, a new online Office document security system, supports Google and Microsoft's online documentation. Can be done when editing, decryption, save when encryption. No matter where you are, no matter who you authorize. No one else can get information about the document, and even if the other person has a Google account or a Microsoft Live account, your document is still not leaking.

There is also Gwebs Mailcloak, an e-mail privacy protection system that protects Gmail and Google Apps's enterprise apps throughout. Online application of data security system--gwebs Saascloak, support Google sites (collaboration platform) full encryption protection.

In the current form, most of the security risks are from the hacker's prank, the government's behavior monitoring, the interests prompted by the network intrusion. Of course, search engines also have to count, after all, this on the internet things, not encrypted who also do not trust. We have to monitor ourselves and our colleagues, use more reliable encryption means, in order to prevent, in a protected situation to enjoy the benefits and ease of cloud computing.