Cloud security-three points technology seven management

After nearly three years of large-scale infrastructure expansion, Microsoft and other software platforms to enter, so that China's http://www.aliyun.com/zixun/aggregation/13598.html "> Enterprise-Class application of cloud computing finally into the countdown."

A CIO-led survey conducted by Itvalue and Intel shows that 19% of companies are already deploying or applying cloud computing, and 28% are considering the recent deployment of cloud computing, and 53% of companies currently have no timetable for deploying cloud computing. For the public cloud, CIOs ' concerns focus on security and privacy, as well as integration with other information systems in the enterprise.

Cloud computing faces a kick in the door, the "private data" of the information security problem is still the end users around the psychological threshold. Century Interconnection (Beijing century Internet Broadband Data Center Co., Ltd., 21vianetgroup,inc.nasdaq:vnet) cloud computing chief expert Dr Li Zhijian commented: "Cloud security three-point technology, seven by management." The use of security issues or regulatory barriers as an excuse (such as the government intranet does not allow cloud) will slow down the whole process of it evolution of the enterprise. ”

Dr Li Zhijian's explanation is that "the perfect security solution The CIO waits for does not exist, which can be explained by three questions: 1, only technology, no security policy, enterprise risk assessment and user awareness?" 2, high availability, confidentiality, correctness, the three can be perfect at the same time? 3. Is there a completely unable to eavesdrop transmission media? It is clear that no firm has yet been able to give a completely positive answer. ”

Dr Li Zhijian that the psychological barriers to the use of cloud technology come from a lack of awareness of the actual application scenarios of cloud computing. "Data security is relative. Enterprise data is likely to be compromised whether or not the cloud is used. As long as there are hackers on earth, security can never do 100 points, security problems will always exist. But with the support of institutions and expertise, the security of public banks is no worse than private safes. ”

A Microsoft survey of small and medium-sized enterprises shows that because cloud services are managed by vendors, the security benefit is that cloud services it cuts security management time by 18 hours a week. In the past three years, companies using cloud services have had the advantage of reducing security spending by more than 5 times times, and 20% of companies using cloud services say they have reduced security management costs, but this is only 4% of companies that do not use the service.

Dr Li Zhijian said: "Cloud security is in fact eager's ceo,cio excuse, should not be the reason why enterprises refuse to cloud." On this basis, CIOs need to have a knowledge of the brutal reality: 1, safe, easy to use, Low-cost, the three can only take the second; 2, the attack will not stop, security problems exist forever; 3, the hidden trouble is not all from the outside, but also from the internal emergence. ”

In fact, CIOs should have a comprehensive assessment of the risks and benefits they might face before they start thinking about enabling a cloud computing platform. Security is not a firewall, not anti-virus software, nor DDoS cleaning, and cloud service providers to jointly develop a sound security defense mechanism is the management weight occupies 70% of the significance.

"We can do only on the basis of policy and knowledge, the use of products to do a good defense in depth, to eliminate the single point of failure." At the same time, the security needs the user, the product supplier, the cloud service provider, even the whole society's joint effort, needs the perfect regulation and regulation. Cloud security is an increasingly mature ecosystem, a journey, not a destination. "Century interconnection Dr Li Zhijian that Cloud security management is not just the responsibility of a single enterprise or cloud service provider, but the CIO's shift in cloud security will push the application of public cloud and corporate private cloud to the ground.

(Responsible editor: Liu Fen)