Symantec: Cloud Security is a system engineering

Lead】

The advent of cloud computing has changed the business model of the past, enabling people to enjoy the infrastructure resources needed at a more affordable price, like water, electricity and coal. However, for users, how many people are willing to accept this service mode? According to the survey, enterprise users have been able to accept the private cloud, but when converting these enterprise users to individual users, they begin to become hesitant to face the public cloud.

Undoubtedly, cloud security has become the biggest "stumbling block" to cloud computing, how to break this bottleneck? Symantec China President Wu Xiyuan recently accepted the "Communications industry newspaper" (NET) Deputy Editor-in-Chief Lin Ziyu interview, explained his views and suggestions on cloud security.

Wu Xiyuan that, compared with the traditional security proposition, cloud security is not only a technology can be solved, but requires a variety of factors, including related laws and regulations, trust and audit, so cloud security is a systematic project.

At the same time, cloud computing has brought new propositions and service patterns to security, the birth of a "security cloud". At present, several security vendors, including Symantec, have put forward a "security cloud". As a leading manufacturer of security, Symantec has established a global Cloud Security Service Response Center to provide secure cloud services to more than 30,000 small and medium-sized enterprises, with data volume near 30PB online backup, Symantec has Filestore as a file-based storage architecture for the cloud services it provides, To provide more than 40PB of online storage space for more than 9 million users worldwide, is currently the world's largest SaaS storage environment.

Body】

Cloud computing is once again faced with security criticism.

A few days ago, Sony PlayStation receptacle a user data leakage incident, making the company more than 100 million users of personal data is threatened. The events in Sony have also led the entire cloud computing industry to rethink the industry's prospects, while corporate users are increasingly paying attention to the corresponding security measures when using cloud services.

"No one can be really safe, Sony is just the tip of the iceberg," said Eric Johnson, a professor at Dartmouth College in Eric Johnson, who specializes in computer security counseling for large enterprises. ”

It is conceivable that, as more and more companies start to use or provide cloud services, events like Sony are inevitable, so the role of security in the cloud computing industry is becoming increasingly important.

In this respect, Symantec Big China President Wu Xiyuan in the Communications industry newspaper (NET) reporter interview, said: "Cloud computing is imperative, not because of security problems and a taste." At the same time, cloud security is different from traditional security, is a system engineering, with many links to improve, the cloud security fence will be more solid. ”

Do system engineering well

In the traditional security proposition, the emphasis is on border security, through the firewall, anti-virus software and intrusion detection and other security tools to protect the border.

However, villains, outsmart. "In the context of cloud computing, we find that the biggest security threat is not from the outside but from the inside," Wu Xiyuan said. Because only the internal people really understand the secret information is hidden in the end, it is easier to leak confidential information. ”

As a result, cloud security has changed the pattern of previous border security and turned to comprehensive security protection. "The prevention of information leakage is more important than the protection of border security." This can be seen from our company's related security software shipments. Wu Xiyuan said that in the past two years, Symantec's Information security protection products DLP show twice times even more trend growth.

At the same time, it should be noted that in the cloud-tube-side cloud computing architecture, users are often worried about "cloud" security and refuse to use cloud services. As everyone knows, the security threat is more in the "End".

"Many users do not pay much attention to security, for example, when they use laptops, tablets and mobile phones and other terminals, random input account password and other confidential information, or when there is a pop-up box prompts security warning, they will also choose to ignore." These actions have hidden security concerns. Wu Xiyuan said that users must improve their personal security attention, so as to make the cloud security to obtain comprehensive protection.

This is confirmed in the latest issue of the Symantec Internet Security Threat Report. In the 2010, attackers launched targeted attacks on various listed multinationals, government agencies and a staggering number of small businesses. Many facts suggest that attackers will study key victims within each company and then use customized social engineering attacks to invade the victim's network. As a result of their clear objectives, many such attacks will be successful even if the affected enterprises have basic security measures.

Therefore, for the "cloud-tube-end", Symantec has provided the appropriate security products and solutions. However, in Wu Xiyuan's view, this is far from enough, technology is only for cloud computing to establish the first security fence, and cloud security is a system engineering, but also need to improve the laws and regulations and mature audit system support.

First of all, in terms of laws and regulations, users can regulate the use of cloud services behavior. For example, how to make sure that the user clears all the data when they unsubscribe from the cloud, and that, for example, the user's account is compromised by the user or the cloud service provider, which requires the appropriate laws and regulations to constrain it.

Second, as far as auditing is concerned, the user wants to audit the cloud service provider before selecting it to gain trust in it, and after selecting the service provider, the user also wants to be audited on demand to ensure the security of the cloud service. So, for cloud computing, the audit system is also indispensable.

"From the above analysis can be seen, cloud security is a systematic project, the need for a number of links, there is a lot of space to improve." Wu Xiyuan again stressed that cloud security is not just a technical issue.

Changing the Security Service model

Cloud computing poses a lot of challenges to security, while also giving security a new development proposition-security cloud.

For security vendors, the introduction of cloud computing can greatly enhance their ability to collect virus samples and reduce the corresponding time of threat. In this respect, Wu Xiyuan the same: "Cloud computing has changed the security vendors to sell only product license marketing model, making the service model possible, through the cloud to the security services to the end user." ”

Symantec, for example, has set up a security service center around the world, providing secure cloud services for more than 30,000 small and medium sized enterprises, with data volumes near 30PB.

At the same time, Symantec delivers next-generation security and enterprise storage management solutions for businesses through Amazon EC2 Services. For example, Symantec Endpoint homeowner and Veritas Storage Basic can be obtained via Amazon Foundation. By adopting Symantec Solutions, businesses can provide additional protection against Windows platform-facing servers in their cloud, prevent threat intrusion in a comprehensive way, and use a single "toolbox" to manage their cloud storage online, leveraging its reliability, scalability, and high performance features.

Online backup can not be ignored

"For cloud computing, storage and security are equally important," says Wu Xiyuan. First, the data center has a lot of data, if there is no response to the management software, it will cause the data center to continue to expand storage equipment, become more and more bloated. Second, backup to prevent data loss. ”

Symantec reflects the forward-looking nature of such issues. Symantec has established a cloud backup service center around the world, including Amazon, Salesforce.com, and ebay, all of which are customers of the center. Symantec Filestore as a file-based storage architecture subordinates in the cloud services provided by their own, to the global more than 9 million users with more than 40PB of online storage space, is currently the world's largest SaaS storage environment.

At the same time, Symantec Storage management software for its convenient and efficient in the industry reputation. such as storage Foundation, it can provide a unified management interface, whether in the cloud or in the enterprise, all storage resources can be unified management. This April, Symantec released the latest version of its flagship product, NetBackup, NETBACKUP7, which automates the discovery and protection of virtual machines (virtual Machine intelligent Policy) technology for VMware Environments, It also reinforces existing data protection policies. Symantec's data protection and recovery market share has increased from 40% to 51.8% in the past year, taking the top spot in the market, while Symantec is also number one and holds a 52.6% share in data archiving, according to IDC statistics. In the area of data management, Symantec's market share increased from 12.3% to 23.1%.

In data security and management, the biggest challenge for the IT industry is the security of unstructured data. Symantec's data insight technology can improve this situation by allowing managers to understand who owns the data, in what mode and who is using it, to better protect and manage unstructured data.

"Symantec wants to be a security enterprise that gives users a source of confidence, which is what we advocate," he said. Symantec will fully protect the security of cloud computing and provide users with a better environment for cloud services. "Wu Xiyuan said.

LV, a professor at Beijing University of Posts and telecommunications, once said cloud computing: Some people worry that their personal information on the "cloud" is not safe, very simple, money is hidden in the home, sewing in the clothes safe, or put in the bank security? The "cloud" powerful information management capabilities will go far beyond personal servers. As well as adapting to banks and various bank cards, people quickly adapt to cloud computing and cloud services.

It can be expected that with the security and many other aspects of the improvement, cloud computing will be overwhelming arrival.

Original source from "Bit net", reprint please keep the original link: http://sec.chinabyte.com/322/12157822.shtml

(Responsible editor: Liu Fen)