Jim Revis, managing director of the Cloud Security Alliance (CSA), said that as more companies began to choose to use outsourcing to manage data and applications, this approach could get the attention of hackers, starting to attack the cloud's backend infrastructure and platform-service (PaaS) systems. "I think people are going to see a very serious accident and things are going to be very interesting because they could lead to a discussion of who is in need of liability for breach of contract," the executive said. Revis is in Singapore to attend a meeting of the International Organization for Standardization on cloud safety standards, while establishing the CSA Singapore office. He noted that it was important to discuss "how to build a vendor-and-customer-controlled architecture" at a cloud security standards conference that included government officials and private sector representatives. Revis believes that the establishment of security standards has become a number one problem, as companies migrate to the cloud faster and faster. He further noted that, in particular, virtualization and cloud computing had brought more and more data and assets to a separate infrastructure, and that the problem of risk concentration needed to be recognized. "Take virtualization as an example," he explains. We know that attacks against virtual machine managers can lead to a virtual machine movement, which means that many customers may be affected. "Revis stressed the importance of maintaining communication with Governments and national regulators, as well as responding to the consequences of natural disasters, and as stakeholders, they could learn to use their systems or suppliers to mitigate the damage caused by cyber attacks." The solution to the data privacy problem in addition to the development of security standards, Revis is also very concerned about the current use of data location privacy legislation to deepen. This, he explains, is due to the lack of "appropriate and effective data privacy laws and regulations". Revis points out that different regions currently have different views on how to protect the security of sensitive information. For example, companies in the European Union cannot store data in data centers outside of the zone. Of course, Revis admits that the problem can be bypassed by adopting a model of "safe zones". One possible approach, he explains, is "format encryption, so that the encrypted information in the software can be placed in any location without compromising data integrity, in accordance with the Software as a service (SaaS) model." However, he further added that the effects of these methods were "very limited". On a personal level, Revis that discussions on more permanent solutions should "speed up" to allow the law to confirm this as soon as possible, while CSA is committed to accelerating communication with national regulators. "Help the law makers and government officials understand how cloud models work, and explain that the law is still being adhered to in the application of technology," Davis said in detail, noting that if the practice succeeds, not only for companies in highly regulated industries to benefit, cloud service providers will alsoBenefit from the expansion of the potential customer base. "From an economic point of view, cloud service providers can serve customers beyond the country," Revis said. If you want to become a regional or global supplier, the jurisdictional constraints will have an impact on the probability of success. The CSA executive predicts that the next 18 months will be critical for the cloud industry as a large number of companies will see the results of the cloud project. In fact, he has found that in the past three months, the "migration rate of large projects has become very rapid". Revis pointed out: "The company has believed that the cloud belongs to the future development direction, the question now is how to carry on the concrete deployment"; For businesses, while there is a lot of discussion about what percentage of data should be allocated to private and public clouds, at least they are starting to focus on mixing. As a CSA executive, Ray Davis is encouraged by current trends and is confident that the next 1.5-cloud standard is set to make the industry "more coordinated". "Editorial recommendations" cloud-based data protection strategy is the general trend Cisco new technology: Improve cloud computing performance, efficiency and security cloud computing security technology architecture help trend Technology OfficeScan seven Lian Shengyun era how to weigh the benefits of cloud computing and risk cloud computing security? 43% of respondents questioned "responsible editor: Jia Jia TEL: (010) 68476606" Original: Attack threat prompted cloud security standards to be quickly set up return to network security home
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.