Will cloud computing make data centers more secure in the future?
Source: Internet
Author: User
KeywordsSecurity data center Prevent can they
As always, the issue of IT security has been a cause for concern again at the dawn of the new 2013 years. In the new year, there may be a number of high-profile large enterprises and institutions due to slow response, or do not respond to the data security threats caused by the example.
Over the past few years, security threat trends are already well known to people looking for solutions in rapidly changing it areas. The rapid adoption of cloud computing, moving to virtualized infrastructure and transitioning to BYOD, has meant a waste of the effort of the IT department to increase enterprise efficiency and to seek the synergy of the various sectors of the enterprise.
Fast-paced it changes
The high level of enterprise management's trust in the ability of IT department professionals and their technical infrastructure makes the enterprise fully rely on it technology and its convenient service. Despite the compelling evidence, everyone seems to believe that a security breach will not happen to them, or that they still maintain that their existing IT security measures are adequate. Despite the fact that the enterprise IT environment fundamentally changes everything. Confidence in the IT department's ability to respond adequately to current IT security challenges may be good, but the expected speed may be bleak.
Advances in technology have enabled us to work more efficiently. Departmental collaboration and mobile devices also bring more complex data and security vulnerabilities. The more we try to simplify our business by deploying virtualization and cloud services, the more vulnerable we are to these complex vulnerabilities, and the more expensive it will be to finally fix them.
Data security threat increases in 2013
Verizon's 2012 Data Disclosure report showed that 94% of data leaks occurred because their server infrastructure was attacked directly. Only one example is the distractors seeking to make waves or achieve high penetration. Highly organized criminal groups, even countries that attempt to steal or sabotage strategic information, also threaten public and private technological infrastructures in the United States and elsewhere.
May be largely overlooked, but even your own employees can be a security risk factor, especially if they have relevant expertise and access to sensitive system data. Not only are some of the employees dissatisfied with the enterprise risk, some highly authorized users, when it comes to passwords and other related issues, should also keep them vigilant, or prevent the device is simply stolen or lost.
Mobile malware is also on the rise, with Android users at considerable risk, and a growing number of sophisticated data access and data-theft programs are at significant risk of being implanted into applications. Apple devices are not immune in this case. Apple's itunes and QuickTime are referenced in malware reports by Kaspersky and other IT security providers. Java vulnerabilities are still the target of large hackers, and, according to the 2012 study, Java vulnerabilities account for more than half of all detected vulnerabilities. Other vulnerabilities, such as Adobe's Flash Player, are still under development.
Ensure data security requires planning
The deployment of security measures for each service from the outset is really irreplaceable. When an application, process, or policy is created, security measures should be an important factor in considering the impact of design and maintenance services, not just an afterthought or a separate process.
Another structural measure is often a lack of segmentation. By enforcing access control at different boundaries, you can limit any damage to the scope of the intrusion. Use edge security devices such as firewalls to check data flowing into and out of the data center to filter out bad traffic. These devices need to provide effective intrusion detection and prevention, as well as virtual private networks, to prevent the device from becoming a serious network bottleneck.
In your data center, virtualized computing environment traffic does not benefit from edge filtering, but such traffic can be divided between individual tenants and even tenants in the region on a per-server basis. segmentation ensures the effective implementation of security policies in a dynamic virtualized environment that itself must be scalable and efficient to ensure data security. The policy itself should be able to be segmented according to the equipment, functions and organizational sectors.
Security Policy and risk assessment
A staggering number of business and technical executives do not have a formal security risk management strategy. This negligence has led to sectoral measures that are reactive rather than preventive, and a very weak defence against emerging threats.
Analyze potential security threats in the future and project your IT security strategy into the future to guard against the threats you face at next year's annual meeting. You should be able to see the security threat intrusion patterns that your organization has experienced in the past, and then develop a ballpark list of the types of security attacks you might face. While you may not necessarily be able to prevent future security threats, your goal is not simply to deal with more security threats.
Whether you can effectively anticipate and counteract the underlying security threats you know about your current and future systems, you can always help mitigate any threat by improving your response process. You can quickly identify and address security threats, limit the scope of their threats, and even prevent them altogether.
As long as you make the relevant decision, why not make a formal risk assessment as part of your annual or quarterly review process? Integrate security assessments into the work processes of each design team, each of the best practice scenarios, and even part of your corporate culture. You can have better integration measures to prevent known security threats, develop a prevention strategy that you are likely to face over the next few months, and respond quickly to events that have occurred. This will undoubtedly help your business reduce risk and increase flexibility.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.