Cloud security has become the biggest hotspot in the security field

While cloud computing may now be a hype, the advent of the cloud is inevitable as a trend. As cloud computing is increasingly being understood by more and more enterprise users, the security problems brought by "cloud" are gradually heating up. At the world Security (RSA) conference just convened this year, the security issue of cloud computing has become the absolute mainstream topic, "cloud security" has undoubtedly become one of the biggest hotspots in the security field in the 2010.

The idea that the cloud would be a safe disaster has sparked a big stir in the industry, said Cisco's President Chambers. In fact, this is not sensational, data protection, terminal protection, virtual environment, risk management and other information security issues with the advent of cloud computing will be more complex and difficult, enterprise users of information security will face more serious challenges.

Trend Technology 2010 Report on security threats points out that while cloud computing and virtualization can deliver considerable benefits and save a lot of cost, migrating servers to traditional information security boundaries also extends the range of activities of cyber-criminals. On the way of cloud computing, how to remove the "stumbling block" of the security problem and the fog of "cloud security" has become the interest point of mutual concern.

New trend of enterprise information security

In fact, despite the concept of "cloud", the current open Internet environment has made the security issue more changeable and prominent, and showed some new trends. Enterprise CIOs have to make information easier to access and improve the business value of it for the enterprise, while at the same time have to protect the security of information and comply with regulatory requirements.

Based on Symantec's 2010 Information security threat trends, multiple-form security threats will be a major trend in the future. People need to be more than just a virus, social engineering has been used by network criminals handy, in the use of Third-party software also need to be more vigilant.

Cyber criminals will no longer attack the user's computer, but directly attack the data center. In the future, the data center faces the security hidden trouble, all kinds of security hidden trouble and problems have greatly increased the data center operator difficulty and operating costs. Whether it is terminal protection or data center security, with the advent of cloud computing has increased the difficulty of security management, this is undoubtedly a new challenge.

Lenovo Network Royal CTO Bi Coya Article Summary 2010 Years of information security development trends pointed out that security information and event management, more and more equipment, network, host and security equipment recorded a large number of logs, centralized collection and comprehensive analysis, timely and accurate positioning of security incidents has become a universal demand, Is the trend of information security to the advanced stage of development, but also the requirements of compliance; and how security becomes a real challenge under the cloud computing architecture, the next key direction for IT development has been largely recognized, and the biggest drag-security problem-has been gradually materialized.

All sides seek to attack and clear the fog of "cloud security"

Cloud Security Alliance co-founder Jim Reavis said that although there is a lot of hype about the concept of "cloud", the era of cloud technology and its business model has also opened a critical opportunity for CIOs to develop a "trusted cloud "In the best interests of the strategy.

And how to help CIOs determine cloud computing strategies and effectively avoid the security risks posed by cloud computing, the International Alliance of "cloud" organizations is making efforts. For example, the European Network and Information Security Agency (ENISA) has developed a "cloud computing risk Assessment" specification, while the Cloud Security Alliance (CSA) has released "cloud Computing's focus on regional security guidance" covering 13 areas of concern. Regulatory compliance, data control, portability and interoperability, identity and access management are among the key issues of concern to the norms or guidelines developed by these organizations.

Not only that, both the emerging and traditional information security solution providers are also exerting their efforts, they or the introduction of independent cloud security solutions, or alliances, together to solve the "cloud" era of security issues.

"We are facing a new challenge to protect the cloud security computing environment with traditional stand-alone or lan-based information security, and we need to adopt new technologies and new patterns to protect the security of cloud computing architectures." "Chen Yihua, chief executive of Trend Technology, said.

In the 2010, trend technology will provide new cloud-oriented security services under the existing security services based on the cloud computing technology architecture. That is, the concept of Cloud 3.0 is presented from the security from cloudcomputing (Protection from cloud computing), to security for cloudcomputing (which provides protection against cloud computing).

Desktop to Datacenter Virtualization solution Provider Vmwarevmware has a targeted solution for virtual machine protection, remote access, and terminal data protection. Cloud computing security services have also been born. Dipto Chakravarty, general manager of the Novell Cloud computing security business, said Novell is contacting many SaaS (software-as-service) and hosting providers to assess their interest in the Novell partnership in cloud-based Security.

Industry insiders pointed out that if you want to solve the security problem of cloud computing, relying solely on the strength of a manufacturer is not enough, the industry needs to unite to form a complete ecosystem, together to protect the security of cloud computing. It is understood that although many manufacturers are aware of the importance of protecting cloud computing security, but due to the different business scope of manufacturers and their respective understanding of different, information security vendors, virtualization technology suppliers, network infrastructure equipment suppliers, server suppliers, application system suppliers, Operating system manufacturers, such as in the protection of cloud computing security aspects of the situation is inevitable, which will make security work into a disorderly state. Therefore, how to reach a consensus on "cloud security" is still a problem that all kinds of cloud computing vendors and security vendors need to solve in the future.

It is noteworthy that some information security service providers have tried to build a completed security ecosystem. At present, trend technology and VMware, Microsoft and other companies have begun to establish a "cloud security" on the partnership. Following Microsoft, internet giant Google recently announced its inclusion in the Cloud Security Alliance (Cloud), which is dedicated to providing the best security practices and providing valuable information to companies and organizations interested in the cloud computing field.

In short, "cloud security" remains a major concern for companies that are interested in using cloud computing. Only by solving the threat of cloud security, cloud computing may be really raging, which requires the parties to work together to push through the fog of cloud security.