Cloud application development faces challenges

Verizon's Gavan Egan and John Thielens of Axway have extensive discussions on how to encourage more people to accept cloud technology .

Research has shown that some companies are already taking a evasive approach to cloud services due to lack of security skills. When data is shifted to mobile and people can access data from any location, the lack of appropriate security technologies to protect data security becomes a vexing problem.

According to a survey commissioned by CA Technologies Quocirca, more than 40% of British companies are reluctant to use cloud services, or some try to completely abandon cloud services. But concerns about cloud technology security are without, experts say. Gavan Egan, vice president of Verizon Sales, said: "The biggest obstacle to cloud application is security, but there is no significant difference in security between the cloud and other internal IT environments." ”

He also pointed out that service reliability and data migration are also the main factors that affect cloud applications. These problems can be overcome by doing more homework in the selection of cloud service providers.

"In particular, companies need to focus on specific practices and industry standards. If the contract is supported by a strictly transparent service level agreement, then the enterprise can be assured of cloud transfer. Because such cloud services are safe and reliable, and businesses can benefit from them. ”

But Axway's chief security officer, John Thielens, says the cloud is a perfect learning platform for the development of its own services.

"I will encourage those who want to improve their skills independently and those who want to nurture the elite in their IT staff, first of all to prove this." If we throw people into a pool, naturally they can learn to swim: There are all kinds of online training, but lack of practice, it is difficult to achieve results. ”

There are other online learning communities and groups, such as the Cloud Security Alliance, which provide online training and provide certification for people eager to learn more.

But in the cloud, security is the most important safety awareness, which is the most effective defense weapons.

"Misconceptions about cloud security are so widespread that some companies are understandably choosing to avoid cloud applications," says Egan. But cloud service providers have the opportunity and responsibility to help customers eliminate uncertainty by making their customers understand the real security threats facing cloud computing. ”

The survey also found that 63% of British institutions believe that the hybrid cloud model can most effectively implement security services such as single sign-on, federated identity and access management, and identity management. With the increasingly difficult management of multi-user identity and multiple access, it may lead to the crash of security defenses, and the application of mixed cloud mode to implement security services is becoming more and more important.

Thielens is one of the main advocates of the Identity Alliance. He argues that most businesses should use a hybrid cloud, because most businesses have an online employee database as an ID repository, closely linked to the mailing directory, meaning that the repository is tightly tied to other human resources, such as hiring.

"This is very important," he stressed, "when employees leave, their information needs to be written off immediately, and when new employees get in, their messages need to be entered into the database immediately." So these repositories play an important role. "Egan added:" Identity and access management, improve user access management efficiency and security. ”

"The cloud-based Indexed access method (IAM) simplifies complex federated identities. It acts like a broker, implements authentication between systems, and can compare it to a hub with multiple spokes. By simplifying complexity, new ' spokes ' can be acquired quickly, whether they are new internal systems or new systems created by collaboration or mergers. ”

However, with these multiple identities and new single sign-on, cloud providers must further consider how to protect online identities and confidential information.

Thielens listed Google's Gmail strategy. Whenever a user accesses his or her account with a new device, the system sends a text message with the authentication password.

This is an innovative way to ensure that consumers ' identities are in the cloud. But it also means that internally active, directory-based systems need to be optimized further.

"Edit Recommendation"

Three tips to help cloud computing age data security private cloud, mixed cloud may be the answer to security and latency questions why is cloud security a huge challenge? Technology challenges in cloud application deployment ideal Cloud applications: Current cost VS potential cloud cost savings "executive Editor: Xiao Yun TEL: (010) 68476606"