Four tips for large data cloud security strategy

Source: Internet
Author: User
Keywords Security large data cloud security cloud security

The combination of cloud computing and big data can be said to be a perfect match. Large data requires a flexible computing environment, which can be extended quickly and automatically to support massive amounts of data. The infrastructure cloud can deliver these requirements precisely. But whenever we talk about cloud computing, we can't avoid the following questions:

  

What is the cloud security policy for large data?

When referring to cloud security policies in large data use cases, we hope that any security solution will provide the same flexibility as the cloud without impacting deployment security. When transferring large data to the cloud, the following four tips will allow users to enjoy the flexibility of cloud computing and secure a rigorous cloud security strategy.

1. Encrypt sensitive data (highly recommended)

Data encryption will build a "virtual wall" for your cloud infrastructure. Deploying cloud encryption measures is considered the first step, but they are not suitable for all solutions. Some cryptographic solutions require local gateway encryption, which does not work well in a cloud-wide data environment. There are also solutions, such as encrypting data by a cloud service provider, that force end users to trust those who have keys, which are inherently dangerous and vulnerable.

Recent encryption techniques, such as split-key encryption, are ideal for cloud computing. While enjoying the advantages provided by the infrastructure cloud solution, users can keep the key in their own hands and keep the key in a secure state. In order to get the best encryption solution for your large data environment, it is recommended to use split key encryption.

2, looking for the structure to expand the cloud security solution

In large data, each component of the structure should be extensible, and cloud security solutions are no exception. When choosing a cloud security solution, users need to make sure that they can play a role in all the trans-regional cloud deployment points. In addition, they must be able to scale efficiently in large data infrastructures. On the surface, this does not involve hardware issues. However, because the Hardware security module (HSM) is not extensible and is not flexible enough to accommodate cloud patterns, they are not suitable for large data use cases.

To achieve the necessary scalability, it is recommended to use cloud security solutions designed specifically for cloud computing, whose security can be equivalent (or even more than) hardware-based solutions.

3, to achieve the maximum degree of automation

The cloud security architecture cannot easily be scaled up, leading to a setback in the development of large data cloud computers. Traditional cryptographic solutions require HSM (hardware) units. Needless to be true, hardware deployments cannot be automated.

In order for cloud security policies to be as automated as possible, users should choose virtual tool solutions rather than hardware solutions. Users need to understand that the APIs available (preferably unused APIs) are also part of the cloud security solution. Virtual Tools plus unused APIs provide the flexibility and automation needed in cloud-wide data usage cases.

4. Never compromise on data security

Although cloud security is often complex, users will find "security shortcuts" in large data deployments. These "security shortcuts" often seem to circumvent complex settings while keeping large data structures "harmless".

Some customers may use the Free encryption tool and store the key on the hard disk (this is a very insecure practice that can cause encrypted data to be exposed to anyone who has access to the virtual hard drive), and some customers do not even take encryption measures. These shortcuts are certainly not complicated, but they are clearly not safe.

When it comes to large data security, users should classify them according to the sensitivity of the data, and then take appropriate measures to protect them. In some cases, the results are often dramatic. Not all large data infrastructures are safe, and users may need to find alternatives if the data at risk is very sensitive or regulatory data.

Cloud security policy for large data

Only by establishing the strictest security standards for data can large data continue to enjoy the scalability, flexibility, and automation provided by cloud computing. Encryption is considered to be the first step in protecting Cloud (large) data. New technologies such as split key encryption and homomorphic Key management should be put into the protection of sensitive data, while users also need to strictly adhere to HIPAA, PCI and other regulations.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.