Whenever Google's cloud products have some security issues, the media always like to bring a magnifying glass, a deluge of discussion about whether the cloud services security. People affected by it are not sufficiently reliable and secure for cloud services to be able to cope with the complex critical task of applying unlimited skepticism. In my opinion, cloud computing is not as fragile as you might think. Under the pressure of public opinion and various media, cloud computing service providers make frequent backups and strict security policies, and they tend to do more stringent than other companies. Moreover, it is worrying that you can choose one or more cloud services to reduce the cost of the enterprise while also reducing the security risk.
I thought carefully about the safety audits I had done for hundreds of companies in the last decade. In general, there are dozens of security vulnerabilities in a typical enterprise, many of which are at the highest risk, but it is strange that security managers in the enterprise don't make a fuss about my report, they know a lot more questions, and they just rarely take the initiative to solve the problem. I often find huge policy vulnerabilities, mission-critical server software has not been patched, crawling full of bug applications, mixed data recovery, and countless malicious software.
However, the cloud service providers I have reviewed have been different: they have a highly centralized and locked security environment. I don't have to submit 40 to 90 pages of lengthy reports, often 5 to 20 pages to explain the problems that arise. And I found that the larger the cloud provider, the fewer problems (refer to 51CTO related articles: A general introduction to the scale of cloud computing).
I'm not saying that every cloud vendor is perfect, or that cloud products don't lose data or crash. Some bad cloud service providers because of a weak link, the whole house collapsed, but in general, cloud providers in terms of security and usability than the general non-cloud enterprises.
One of the biggest benefits of running the cloud is that you can update all users at once with a patch. In most enterprises today, for example, patching critical security vulnerabilities can take days to weeks from release patches to system updates. And cloud vendors can only do a patch to protect all customers.
In addition, I know that most non-cloud companies do some backup of mission-critical applications or transactions at night, so that the data from the previous night can be restored if there is a problem with the email or Web server. But cloud service vendors usually back up every transaction immediately, and several major cloud providers are scheduling real-time backups of each byte of data on distributed backup arrays in different parts of the world.
Some people are worried about the huge shared cloud that will come up in the future, including myself, will there be a loophole that puts all customers at risk? Of course it's possible, but it's no different from what we've met today. For example, the Robert Morris Worm in 1988 basically brought down the internet,2003-year Slammer worm, and most of the hosts took less than 10 minutes.
Most of the computer security problems we will face in the future have much in common with today's security threats, but we will take a series of efforts to control the problem. For example, a 24/7-day cloud service provider can respond quickly, minimize losses, solve problems, and reboot the system, which can be done faster than before.
I'm not saying that cloud vendors won't lose data or crash, they will, but the new problems will be better solved with the growing and maturing of cloud technology.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.