Sail the waves, set sail for the future!
The threat of information security has been around the IT industry. As cloud computing becomes more and more widely used, enterprise data is also exposed to the risks of some cloud computing era. The cloud security company Perspecsys in this article lists seven cloud security errors that you will commit and the corresponding precautions.
1. Handing control of sensitive data to cloud service providers
The use of public cloud services means that all data control is given to cloud service providers, which also include commercially sensitive data.
Security measures: For users, when subscribing to a cloud application for work, the enterprise's information security policy should be adhered to. For enterprises, we should fully understand the data security tools used in the enterprise and the cloud, especially the cloud data encryption and tokenization tools.
2. Loss of tracking of data
Understanding the physical location of data for storage and processing helps to comply with regulations regarding data storage.
Security measures: Make sure you understand the geographic location of your cloud service provider's primary data center and the backup datacenter, as well as the current laws and regulations regarding data privacy in those countries or regions. If the location of data storage is a key consideration in the enterprise application of cloud computing, it is necessary to use technical means to ensure that data is stored only in a certain location.
3. Ignoring cloud application terms
When subscribing to a cloud app, you generally agree to the terms and conditions, but the terms set by the cloud service provider are likely to differ from the data that your organization complies with.
Security measures: If the data that the cloud provider maintains requires specific protection, you should insist on negotiating the terms of the contract with the cloud service provider. For example, storing sensitive information in a third-party cloud platform requires additional security measures to increase the level of protection.
4. Using weak passwords
Weak passwords are simply a form of a fake for hackers. Researchers Mark Burnett, who collected 10 million passwords from data breaches over the past decade, found that the top 100 digits of the popular password rankings were rarely changed.
Security measures: Do not set the same password for different services, always change the password.
5. Think the password is omnipotent
Passwords make it easy to be complacent about security issues, and cyber attacks become more active in 2015 and security incidents continue to increase. The good news is that "strong passwords are not enough to ensure data security," the acceptance is increasing and security personnel are enforcing multiple defenses.
Security measures: Securing network and cloud applications requires multi-factor authentication, and techniques such as data encryption and tokenization should also be used to secure the data transfer process.
6. Do not back up data
If the data is not backed up, it can only be flying blind if an incident occurs, so you must ensure that the cloud service provider allows local backups. Please note that not all cloud providers allow users to make local backups, so they need to be investigated before they can be used.
Security: Regardless of whether or not cloud service data should be backed up, storing data in different cloud service providers can reduce the risk of significant data loss.
7. No plan
When planning a move to a cloud platform, you should consider the possible impact, such as increasingly stringent data privacy regulations.
Security measures: There is a global concept for cloud data, pay more attention to which countries the data will be stored and processed and assess whether the processing of the data will bring you legal problems. "It is advisable not to rain and to dig well without being thirsty."
Original from the "Bit network", reproduced please keep the original link: http://cloud.chinabyte.com/news/442/13462942.shtml
You're bound to make a mistake. Cloud Security Errors