Recently returned a post online, someone asked "some enterprises or individuals will worry about the data on the cloud security and confidentiality, how to" break "? "I put the relevant answers into articles to share with you." &NBSP Many people are concerned about the data in the cloud, security and confidentiality how to protect? In fact, this architecture pattern of cloud storage data is much more secure than the traditional IDC model for storing data. But why are so many companies and companies that are not comfortable with data deployment cloud? The is in fact the following two concerns: 1, the existing deployment in the IDC application, if the deployment to the cloud, the migration costs too high, the risk is too large. For a stable operation in the IDC room for many years of the project, if deployed to the cloud, the migration costs, the risk is very large, may be a lot of people are not willing to accept. So many businesses and individuals just deploy some new projects in the cloud to "test the water." &NBSP, 2, by the traditional IDC "feudal" thought of curing. Cloud computing is a trend that will replace the traditional IDC model, but now cloud computing is not popular, want to make the majority of people generally accepted, I think it may still need a distance to go. Compared to Amazon, Google and the domestic Aliyun, in the cloud computing services this piece is more mature. Many people do not know about the cloud, never touched, so for most people, the data in the cloud is a risky behavior. &NBSP How does the data on the cloud guarantee security and confidentiality? I answer in the following ways: 1, physical security at the bottom. &NBSP First, the Cloud room is a five-star room, in the fire management, power security, temperature and humidity management, etc., are effective protection. Second, in the physical layer has a very important security is that you from the cloud room to pull out a hard disk, the hard disk data are encrypted stored data, so do not worry about data loss. &NBSP 2, network security in Network access control, anti-DDoS and other networks security, have a special hardware firewall to effectively protect data security. &NBSP 3, cloud Platform at the cloud platform level, the server intranet of different users is not interoperable. such as Aliyun , in Ip/mac/arp deception, abnormal behavior analysis, isolation between different users, are through the flying system (Aliyun self-help research and development) kernel-level control, effectively protect the confidentiality of user data and security. &NBSP 4, System security, Application security Host intrusion defense systemsystem security reinforcement, port safety monitoring, Web site backdoor inspection, web vulnerability monitoring, Web page hanging horse monitoring and so on, at the bottom are to use the use of firewalls to protect our data security and confidentiality. &NBSP 5, multiple replicas distributed storage The cloud is a distributed structure in which information is split into many pieces of data stored on different devices, and each piece of data stores multiple replicas. The distributed characteristics of cloud computing storage mechanism not only improve the data card training, but also improve the security of data. &NBSP 6, data ownership The customer is always the owner and user of the data, and the cloud platform ensures the security and confidentiality of the data. This data is not only security and confidentiality to external visitors, but also security and confidentiality for internal visitors, such as Amazon and Aliyun internal engineers. &NBSP 7, vpn users with special requirements for link security can access cloud services through VPN access. &NBSP 8, Physical layer Isolation cluster deployment in the financial sector, data security requirements are higher. Financial applications and data are deployed in different cluster centers, the virtual machine is located in the physical machine, and other industry users virtual machine is separated from the physical machine. &NBSP 9, separate cluster This part of the request is the highest, generally is the state-owned enterprise application. For example, China Unicom, Aliyun 's flying system deployed inside them, is not deployed in the cloud room. &NBSP Good, simple introduction here, I hope you support the original article! I also hope that we can share their experiences and experience! This article has what the shortage of places, I hope you can add a lot of and shoot bricks! &NBSP
Original Author: schema Cloud Shoke article from: http://game.aliyun.com forwarding Please indicate the source
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.