Cloud security: Protecting "tools" or attacking "sharp weapons"

With the advent of cloud computing, the concept of "cloud security", like the heat wave that hit the world, heats up fast. However, this concept of "security" brings to most users a stronger sense of "insecurity" and confusion. Confused cloud security users worry and confusion from two aspects, on the one hand, relying on cloud computing, cloud storage, Virtualization, SaaS "Cloud Application" has been unstoppable, but the relevant security issues have continued unabated, according to the United States "information weekly" that the " Competition and the urgent sense of application further deepened the user's fear and uneasiness. On the other hand, when users try to choose a "cloud security" product, they cannot find any criteria that can be relied upon. Although even in the domestic market, "cloud security" label can be seen everywhere, including rising, trend technology, Kaspersky, McAfee, Symantec, Panda, Jinshan, 360 security guards and other domestic and foreign security manufacturers have launched a cloud security solutions. However, the answer to what kind of scheme can protect the safety of the enterprise under the cloud wave is always the same as falling into the fog. Ironically, in understanding the concept of "cloud security," hackers seem to have a clearer logic, and quickly put into action, we can see that hackers use the "cloud" in the distributed computing power, can be faster to crack user passwords, can be more efficient through the control of "botnet" to achieve malicious attacks, In recent years, several large-scale network-breaking events, as well as up to more than 10 times times the increase in distributed denial of service attacks, is a good proof of this-"cloud security," the pursuit of the protection concept, is becoming the "murder weapon" of the hackers. Although we cannot arbitrarily assume that hackers have progressed faster than technicians in the use of technology. But we have to acknowledge the fact that security is becoming the most important obstacle and challenge for enterprise users to move towards the "cloud" era. Therefore, the technology and the concept of cloud security urgently needs the comprehensive promotion and the change. Cloud security should jump out of the simple "tool Theory" "cloud security facing the puzzle, is actually a turning point for the security industry." The next generation of cloud security should jump out of the simple ' tool theory ' and adopt new technologies and new models to achieve real cloud security, "Chen Yihua, chief executive of Trend technology, told reporters. Chen Yihua refers to the "tool theory", in simple terms, is the current number of antivirus manufacturers hype and focus: How to take full advantage of the "cloud architecture", faster and more acutely access to the virus and malicious program information, so that the client implementation protection. The focus of this protective mode, more is the "cloud" as a tool to strengthen the enterprise's protection capabilities. Trend Technology argues that while this "cloud security" remains important, the new challenges and principal contradictions must be seen, namely that many cyber-criminals no longer attack users ' computers but directly attack data centers and the cloud itself. This makes the traditional stand-alone version or LAN based information security methods can not be competent cloud security computing environment protection, the user's worry and confusion. Like in the cloud.ERA, the virtualization of enterprise IT resources is becoming more and more popular, and in a virtual server mixed environment, security and reinforcement standards are different, a lower standard virtual machine will become all the sharing of virtual resource security vulnerabilities. As the data center continues to expand, hackers can penetrate such a low protected virtual machine, the resulting proliferation rate and harm will be greatly increased. In addition, such as "cloud" enterprise data loss and leakage, virtualization caused by the technical loopholes "sharing", user accounts, services and identity, etc., are the current "cloud security" real "pain point." In other words, the "cloud" itself is the biggest security risk, in the face of this problem, trend technology 2010 in the original cloud based technology architecture security services, proposed a new cloud Security 3.0 concept, to provide new cloud-oriented security services. That is, from the security from cloudcomputing (Protection from cloud computing) to security for cloudcomputing (to protect cloud computing). Of course, if we want to solve the problem of "cloud security", it is obviously not enough to rely on the power of one manufacturer. Because the nature of security is a confrontation, looking for a "short plate" is much easier than adding all the planks. Therefore, this requires the industry to unite to form a complete protection system to jointly protect the security of cloud computing. You know, "cloud" is not only our tool, but also may become the hacker "the sharp weapon", faces our in "The cloud security" the weakness, unceasingly promotes the new protection technology, but is not the simple label and the concept hype market, is "the cloud security" the further development the fundamental way. "Editorial Recommendation" security protection against physical attack of hacker attacks Day fuse: Cloud security brings complex security challenges "responsible editor: Xu Fengli TEL: (010) 68476606" Original: Cloud Security: protection "tool" or attack "weapon" return to network security home