Enterprise Self-managing cloud computing data security use case analysis

As most security professionals know today, ensuring the security of enterprise cloud computing applications is a considerable challenge. Because cloud-computing data security events are unexpected, security teams often have to learn about the implementation of cloud computing services afterwards. While security managers have been calling for it, business pressures have made it challenging to implement additional security controls, as executives are understandably disgusted at the gradual erosion of estimated cost savings.

This challenge becomes more complex when it comes to the specific issues of ensuring data security in a cloud computing environment. This is because one of the main advantages of cloud computing is the availability of data, especially cloud computing, which promises to enable users to access data across multiple devices and geographically. Concerns about usability are the result of measures that derive from cloud data security (such as those that fail), and this unexpected worry tends to cause business vigilance. So it would not be surprising to see the latest reports from Georgia Tech, and the data from the 2014 Emerging Network Threat reports, which point to companies relying too much on security measures implemented by cloud computing service providers (CSPs) rather than building their own security teams.

In fact, the "Self Management" data protection mechanism can be quite beneficial. By definition, self-management means that the cloud customers themselves implement, maintain, and control controls that run directly against the data itself. In practice, this mechanism usually refers to data encryption (assuming that the customer owns the key), but in such an environment it can also be used to target the scene of the notation or even some access control measures (although, of course, this is limited by the implementation method). By using these mechanisms, customers can not only isolate their data from the CSP in the event of a security failure in the CSP, but also further increase the cloud computing when there is data indicating a risk reduction in the cloud computing environment, thereby facilitating both worlds. It helps to increase resistance to certain attacks (possible due to the size of the CSP economy) without sacrificing "point control" over the proliferation of unwanted data.

That is not to say that every enterprise environment requires these self-management controls. However, in this case, the enterprise does not necessarily need them, the real understanding of when the use of self-management control measures is appropriate will be able to help enterprises in the future to ensure the security of the upcoming use scenarios.

Value of security for additional cloud computing data

To study why additional data protection might be required, the user is first asked to understand the baseline of the security environment for the CSP in the problem, and more detailed information about how to use the service in the enterprise. Believe it or not, these two aspects of knowledge are not always known, and because of the lack of time or resources required for approval prior to deployment, the CSP's knowledge of the appropriate security mechanism is limited, and the use of shadow it implementation and post-deployment proliferation will make it more difficult to continue using the service.

First, it is important to understand that CSPs tend to develop a secure environment that meets most of the needs of their users. It is well known that what is useful to an object (even if it may be most) is not a panacea for all problems, which may mean that the security measures that are significant to a particular organization (but not the needs of most organizations) are not included in the product. However, be sure to confirm with the CSP because the service you need is likely to incur additional costs.

Second, it is important to understand the support economy of CSP. Not all of the CSPs can support every good safety measure in an economic way. Although the CSP is in fact able to efficiently provide some remote service for a particular customer (again because of economies of scale), there is a certain limit. Specifically, if a feature does not scale, the service provider will not be able to maintain the default service that includes this feature more economically. Again, this does not preclude a customer from implementing the functionality themselves or a CSP providing this functionality at an additional cost.

Finally, there is a note about use: A cloud computing customer should also assume some responsibility to ensure that the service is safely used and run. For example, using an administrator password on Facebook will be far more than any security measures a vendor can add.