If companies are looking to reduce it costs and complexity by leveraging cloud computing services, the preemption should ensure that there is no potential privacy issue in the process, according to a report released recently by the World Privacy Forum. Once you give the data to outsiders, you face potential problems. Businesses may often not even know where their data is stored. Information sometimes ends up in multiple places, and each place may need to comply with different privacy requirements.
a user who wants to cut costs through cloud computing services often ignores such issues and needs to clarify the privacy aspects of the contract. So is it possible for us to avoid the risk of cloud computing? In fact, any innovation can be risky, and we always find ways to reduce and eliminate risk:
1. Control Data Location
Another problem that
affects size customers is the location of the data because different countries apply different privacy and data management laws. So this is especially important for companies that are involved in cross-border business. The EU, for example, has strict rules on which data on the individual can be kept and kept for long. Many banking regulators also require customers ' financial data to remain in their home countries, and many compliance requirements cannot be put together with other data on a shared server or database.
today, users may not even know where their data is in the cloud computing environment. This fact brings with it a variety of compliance issues such as data privacy, isolation, and security.
But the uncertainty about the location of the data is starting to change, as Google allows customers to specify where to keep their apps data, thanks to its acquisition of an e-mail security company Postinie and, for example, a Swiss bank requesting customer data files to be kept in a Swiss country, Google can do that now.
A further step in
is the ability to physically isolate users ' data from other customers ' data in a multi-tenant architecture of cloud computing service environments. However, this isolation technology is expected to be implemented through a virtualization technology that is still in its early stages but increasingly powerful.
2. Data encryption
data encryption can mitigate some of the privacy risks associated with unintentional or malicious disclosure-this encryption is for data that is stored on the server of the cloud service provider and for the end user.
In addition, implementing a two-factor authentication scheme to control access to data stored by a cloud service provider is expected to ensure that only users who have access to the data can see the data. Of course, if the enterprise is all in place, and has done the work beforehand, it is not much different to store the data itself or to store the data by the cloud service provider.
3. Data loss and backup processing
Where are the
data stored? Who has access to data security? This is a big problem because, in addition to software and services (Software as a Service,saas) vendors, cloud service providers have little experience in dealing with sensitive data over the long term.
Generally, data is shared and stored in cloud computing services and therefore potentially dangerous. In fact, it's risky to keep data inside the company, not to mention cloud services. This approach, which often evaluates the risks/benefits of data access within an enterprise, can also be applied to cloud services.
to determine what data can be transferred to cloud services and how to protect data, we need to know well to verify suppliers ' standards and make sure that they can be modified.
when using cloud computing services, such as the flexible computing cloud of Amazon, companies can encrypt data from operating systems, applications, or database management systems running in virtual instances. When using other services, such as application hosting, IT organizations need to keep an eye out for developing programs to ensure that security measures, such as data encryption, are built into the program.
Cloud computing Services is a new technology in today's network, but enterprises should carefully consider the risk of data loss regardless of where the data resides. Amazon understands that computers fail from time to time, so it is recommended that their customers deal with computer failures through redundancy and backup plans. Some cloud vendors provide backup services or data export capabilities, so that enterprises can create their own data preparation other vendors require customers to use the enterprise's own development or third-party development of the backup program.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
