The difficulty of cloud computing--four of the world's top security companies

"51cto.com exclusive translation" Today, everyone is talking about cloud computing and security. But what causes it to be so difficult to deploy? Microsoft, trend technology, EMC's RSA division, McAfee and Symantec executives all made their own comments on the security challenges facing cloud computing. Earlier this month, Ballmer, Microsoft's chief executive, said at the University of Washington that "while cloud computing is a huge development space, it will be a continuing challenge to technological innovation and communication innovation." Some people think that the security of cloud computing is very good, some people know it is not safe and reliable, and others do not consider these issues. Can we give people the tools to feel that they are in control and feel responsible? I think [users] will be aware of the problem of cloud security after seeing the cloud. But now that users don't know what's going on, it highlights the importance of the tools and technologies that make cloud computing easier to control over interactions. "Sharing makes cloud security a challenge," said Eva Chen, chief executive of Trend Technology, in an interview with the receptacle World website at the RSA Conference: "Traditionally, you have your IT infrastructure." Chen Yihua But after deploying cloud computing, your computing power and storage capacity are all shared. You must want to know who is sharing with you. In order to be safe, would you live in a hotel where the door is unlocked? As in a hotel, you may be temporarily renting a period of time in the cloud, but you need to find out if there is a lock. "At the RSA conference, receptacle World also interviewed EMC's RSA department head, executive vice President Art Coviello. Coviello said, "The most difficult thing about cloud security?" To be honest, I think the problem is at the chip level, because building trust from the root of the hardware is essential to building a cloud computing process. Another problem is management, which is a big challenge. In order to gain control, you need to integrate security policies with all your business strategies and make them balanced and coordinated. Organizations that use cloud computing services must be able to influence the policies of cloud service providers or their alliances, and only users can determine the supplier. Dave DeWalt, president and chief executive of McAfee, told receptacle world that training was the biggest challenge: "A lot of companies are starting to get nervous because they've been controlling the situation for the last twenty or thirty years, but by the way of the cloud, Sometimes only a few vendors are controlling their data. They feel uneasy about losing control of key assets. This is the 1th. Second, there is no standard for cloud computing yet, and cloud computing is maturing, so it needs to be improved slowly. During this time, vulnerabilities are present and errors can occur. "Symantec company president and chiefExecutive Enrique Salem says cloud computing has raised some new security requirements. "First, from a framework perspective, security needs to be closer to application and data," Salem said in an e-mail interview. Under a shared services architecture, it is not enough to just secure the perimeter of the cloud, data center security, even if you secure each host or storage array. Second, the organization needs to strengthen regulatory measures for corporate information. Organizations need to define policies and processes and strictly implement them. It's not that simple. Another important requirement is that the IT staff need to be more aware of the security situation of the cloud service provider and the operation. Users of cloud computing services need real-time visualization so they can be confident that their information is secured and managed in accordance with their own regulatory strategy. Finally, there is a need for security services that are based on cloud and can work with contingency plans. This interoperability becomes critical, enabling organizations to put together different models and maximize their benefits. "" 51cto.com exclusive translation, reproduced please specify the source and the author! 】