Cloud computing relies on eliminating data security risks

In the 2013, the scale of cloud computing in our country is expanding, the annual growth rate is far beyond international level, the innovation ability is greatly enhanced, and the construction speed of industrial chain is accelerated. Sadie predicts: 2014 China's cloud computing will be from the development stage into a rapid growth stage, the new industrial pattern will be formed.

Cloud computing can use virtual machines to do business centralized management, so most companies choose cloud computing in the original intention is to save operating costs. While the cloud is developing, the security environment around it is constantly changing. This security focus for the cloud has shifted from the original endpoint security to the delivered application, data, and user experience. This requires us to enjoy the information provided by the cloud integrity, open, good user experience and other advantages, but also to ensure data security. Without security, the value of cloud applications is not only greatly compromised, but it can lead to disaster.

So how to let cloud computing or cloud technology away from the hidden dangers of data security, to deal with a variety of complex and changeable environment must establish a systematic and effective protection system.

Data protection is the core of people's attention to information security generally from the equipment and links, as well as protection, interdiction and other aspects of the consideration. In fact, the content or the data itself security protection is the core. This is especially true in cloud computing environments, where security can be truly achieved by securing the data itself.

Basic control is the key to nearly 60 security base controls that protect the most important assets, and is the key to all information security, including the cloud environment. must be validated to ensure that cloud technology complies with security controls for your system, business, and operations.

Security responsibilities should be clarified many users will believe that the cloud service provider should be responsible for the data, while the supplier is apt to blame the customer's own measures are not effective. According to the survey, more than One-third of customers still expect their software, the service provider, to secure applications and data. In fact, means are important, how to effectively use the means is equally important. Only the supply and demand of both sides to assume their own responsibility for the security is an unassailable fundamental guarantee.

The assessment must be done to migrate from the traditional internet to the cloud, while gaining the benefits of sharing and reducing costs, but also facing a more complex ecological environment. Security vulnerabilities must be evaluated to ensure that all controls are in place and functioning properly. At the same time, research needs to be done before the cloud service provider is selected, and the service provider is required to disseminate the capabilities of the same type of control as physical security, logical security, encryption, change management and business continuity, and disaster recovery.

Encryption should be more commonly said here encryption, not only terminal to the terminal encryption, but also includes the transfer of data to the cloud before the enterprise can encrypt data inside. Cloud vendors need to develop powerful cryptographic solutions that allow businesses to secure their data.

Anomaly detection should be as early as possible if an attacker acquires account information, even confidentiality is not helpful. Therefore, cloud vendors must deploy good anomaly detection systems and share their information and audit records with customers. Using different tools to ensure that cloud vendors meet customer needs is a tiered approach.

Workload to pay attention to the equipment and applications, such as the focus of information workload, fully consider its uniqueness, the development of more targeted security plans, than the traditional operation to provide a more secure protection.

Build logs are more important to maintain audit of administrative access logs is very important, that is, a certain amount of log information can be offered to all the enterprises need to track the various analysis. But most small cloud services do not provide this information.

Risk control plans should develop a formal risk mitigation plan, including risk documentation, response to these risks, education and training. It is also important to look at flexible requirements to develop an elastic plan that, if you want to recover quickly in the event of a disaster or attack, be careful to ensure that the workload recovers at any time and minimizes the impact of business continuity.

Security services using a good independent security services advisory, trusteeship and other types of service providers have gradually developed, the use of these specialized institutions or service providers, the implementation of long-term protection and even proactive monitoring and protection, both to reduce their own pressure and fixed costs, but also more proactive.

Life cycle full-time anti-agile technology proposed comprehensive, omni-directional, the whole life cycle "three whole protection", comprehensive, omni-directional mainly through each kind of information security technology realizes, but the whole life cycle needs the consciousness, the technology, the system synthesis in place, continues, depends on diligently the cloud technology management and the periodic security review.

Mixed mode is quite effective with the provision of a mixed security service model, the cloud services and out-of-the-way service mix, a variety of models at the same time, to help reduce the pressure, on the other hand, the combination of increased protection variables, so that protection more effective.

Cloud security is not a short-term problem, cloud computing want to continue and long-term development, data security issues must not be overlooked, this article of these methods, the basic data source of security protection is the most important. Therefore, it is an effective choice to use the cloud technology to protect the core data with the specific and flexible encryption technology.