Cloud and security are like two lines of twine, and cloud computing can work with security to provide tremendous growth opportunities for businesses. For example, data protection issues. The ability of an enterprise to migrate sensitive information to the cloud is essential for an enterprise to operate efficiently and safely. But this capability must be supported by a comprehensive data protection strategy. The trick is to create data that protects data at all times, and protects it before it goes into the "cloud" side of the data. Only in this way can the enterprise ensure that the data source is fully protected and the risk of data leakage is greatly reduced.
There is also the problem of accessing data anytime, anywhere. The cloud provides a working team with the ability to remotely access the infrastructure. With the cloud, you don't have to come to the meeting when suddenly found that the material version on the U disk does not affect the work, the sales team can check the inventory level in real time, Home Office employees can also work as efficiently as in the office.
If a framework is able to comprehensively protect all data as it is created and throughout its lifecycle, it can effectively remove all potential security barriers to the cloud.
Enterprises in order to "Teng Yun" more secure, must pay attention to the four major technologies:
1, maintain the integrity of the reference
Reserved format encryption (FPE) preserves the initial structure and format of the dataset, and encrypts the data without altering the IT infrastructure to ensure that the structure fits into the existing system. FPE also retains the "referential integrity" of the data, which can analyze the data in a protected state without first decrypting the data.
2. Ensure high performance processing
High performance stems from: When the data flow in the enterprise, remove the manual encryption and decryption process, thereby eliminating the database performance bottlenecks. Data protection policies include encryption and token (tokenization) technologies that organizations can perform locally at the application, database, and Web server levels. This approach enables organizations to dynamically protect massive amounts of data without the need for complex processes and additional technology, or to hinder current business processes.
3, the use of data-centric encryption
By encrypting data at the time of the data generation (regardless of the type and source of the data), no matter where the data is migrated, organizations can protect it throughout its lifecycle, safely using data, and do not need to encrypt and decrypt data as it enters different IT environments.
4, no state of the token
Token is a way to replace sensitive data with insensitive data, and is one of the data protection methods recommended by certain industry specifications, such as the payment Card Industry data security standard. A stateless token removes the token database, does not need to store sensitive data, and does not require a key that matches the token to the original sensitive data. This approach enables organizations to efficiently address data location and privacy requirements, and can retain sensitive data through legitimate permissions. Organizations can safely migrate and store data in a cloud environment and can decrypt and work with data only if specifically allowed