Enterprises need to ensure security in a public cloud environment

In some cases, organizations need to reduce potential unauthorized access or http://www.aliyun.com/zixun/aggregation/18546.html "> Information leaks" in the process of analyzing the most valuable and sensitive information. In other cases, highly sensitive areas contain important information needs analysis, or must maintain an overall lifecycle analysis. In all cases, security issues must be considered primarily.

So when an enterprise is going to perform analysis in a public cloud environment, is it safe to consider that data is as safe in a public cloud as it is in a data center? The answer to this question is a matter of opinions, but there are several key factors, it is worth your reference.

Some aspects of security, public cloud can provide a better solution. For example, the Karpasia host provides cloud services from its so-called data center industry's safest federal standard. The data center provides "concentric ring security, biometric access access points, armed guards and virtually impenetrable lampertz libraries." "the company said. When it comes to physical security, it is difficult to invade military data centers.

Of course, physical security is just one aspect of the public cloud security essentials. As a rule of thumb, more valuable or sensitive data, more reviews are applied to your security processes, whether in a public cloud environment or in a device within your enterprise. Security is critical, and your enterprise security experts should review and approve the security practices of public cloud providers and follow the relevant standards of your business's internal activities. Ultimately, security professionals must verify that the process of using your chosen environment is safe enough.

Not all public clouds have the same security. Security experts will soon see that the public cloud's security practices are different, and cloud security is a common responsibility between suppliers and customers. Many cloud vendors ' virtual machines (VMS), operating system and application security issues are handled by customers. However, other vendors provide additional (often optional) security services. such as Firehost is focused on secure cloud hosted cloud service providers, providing enhanced operating systems, distributed denial of service (DDoS), fully managed antivirus measures, intrusion detection, every virtual machine sets up multiple firewalls, firewall rules, fine-grained controls, and so on.

Analysts need to run applications in a secure environment and often find a public cloud to meet or exceed their needs. However, it is necessary to conduct relevant investigations. Don't assume that a public cloud is inherently safe or unsafe. If you have security requirements that cannot be met, or cannot be validated from the public cloud, it is wise to avoid using the cloud.

Finally, analysis professionals must ensure that data is processed and stored in accordance with the payment Card industry (PCI), the health Insurance Liquidity and Liability Act, and all other relevant standards. You can't assume that security means following the relevant compliance, or that compliance means security. Some cloud vendors support one or more compliance standards, but cannot provide additional security features, such as intrusion prevention. Similarly, the security cloud provides DDoS defenses and anti-virus and does not necessarily support PCI standards.

(Responsible editor: Schpeppen)