From Sony to Black: It's time to talk about private cloud and public cloud security

The entanglement between Sony and hackers has evolved from a technical battle to an international dispute. To get Obama's attention and comment across the globe, Sony's experience has made everyone aware of the importance of information security. If the Snowden incident is a trigger for a renewed message security topic, then the attack by the Sony film Hacker is another wake-up call for us.

There are concerns about information security that all businesses will have. International hacking is not a case, and as technology advances, the battle between information security and hacker attacks has never stopped. To Sony, for example, the network security problems can be traced back to at least 2011, from the earliest PlayStation video game network was invaded, to 2013 the company intranet was hackers lurking, in recent years, Sony faced with the network security problems emerge.

What if the target is not Sony, but other companies? Sony Pictures, in addition to its technological prowess, has hired former U.S. Department of Homeland Security officer Philip Reitinger as senior vice president and chief information security officer. To lead the internal information security work of Sony.

But for some traditional enterprises, or it technology weak enterprises, how to better protect their information security?

In many of the traditional views of enterprises, often think that enterprises to build their own servers and systems than the current popular public cloud services more secure, in many enterprises in the heart, the data on their own server is the safest way.

But in fact, if we think about it another way, perhaps a public cloud like Windows Azure would be more secure than a private cloud built by the enterprise itself. The problem can be seen in a very simple example:

By comparing public cloud services to banks, private cloud services are like safes in their own homes. Using public cloud services is like putting your money in a bank, and the private cloud is putting money in your own home safe. So which one is more secure, it will be judged at once.

This view can be well understood from the construction process and maintenance mode. The private cloud of the enterprise is often built autonomously or through some outsourcing company, and the public cloud service provides the most professional service security. First of all, in terms of technology, the technical level of the internal it is not average, there are high and low, and the outsourcing team's technical strength is not able to be guaranteed.

So the technology to make the "safe" you dare to use? While the public cloud service is from the world's top team to build, its technical strength than the autonomy and outsourcing will be a lot stronger.

On the other hand in maintenance, if there is a outsourcing team to serve a business is already a very good situation. But in the public cloud provider, it is a global force, with the highest depth of technology and the most experienced operation, services to thousands of companies, the security of the best of all can be imagined.

From these two aspects, public cloud services than private cloud or the enterprise itself to build a network of services to be safe, after all, not all enterprises in the technology circle, have advanced technical strength.

Because the public cloud service is to serve the vast majority of users, it is necessary to provide sufficient strong support on information security. Now in the Chinese market, the Century interoperability team running Windows Azure has more than 350 people, which is divided into different teams according to the technical fields that everyone specializes in, and solves the problem of the user quickly, which is far less than the public cloud service.

In the case of hacker attacks alone, technology still occupies the majority of the proportion, Sony can only be in a passive defensive state. For more companies with weak it technology, a more secure public cloud service might be a good solution. After all, the data connected to the network after the security risks, the matter to the most professional people may be better results.