How to grasp the security risks posed by cloud computing
Source: Internet
Author: User
KeywordsCloud computing cloud services
Cloud computing is the 4th quarter of 2007, the emergence of a term. The definition and connotation of it are different, we can find at least 100 kinds of statements on the Internet, but there is no accepted definition. This paper tries to synthesize the advantages of each family, and proposes the definition and characteristics of cloud computing. The requirement for this definition is to capture the nature of cloud computing in the most refined language, to cover today's popular typical cloud computing solutions (including Google Cloud computing, Amazon Cloud computing, Salesforce cloud computing, cloud security, etc.), but to differentiate other relevant concepts such as Grid computing, Parallel computation, etc.).
Definition: Cloud computing (Cloud Computing) is a new business computing model. It distributes computing tasks on a large pool of computer-made resources, enabling various application systems to acquire computational power, storage space and various software services as needed.
Developers like cloud computing because it can be deployed soon after deployment; companies like cloud computing because infrastructure costs are reduced and users like cloud computing because they can get new features faster. But a few happy few worry, IT professionals in charge of enterprise information security are racking their brains to find ways to transfer applications and data securely to cloud services.
One of the key goals of the IT organization has long been to strengthen the identity management technology and associated processes, and the security risks posed by cloud computing are no doubt a fallback.
Companies can extend directory service validation outside the enterprise environment to handle applications or systems in cloud services, but if a third-party system is compromised, the authentication system may also be compromised. Companies can also adopt new solutions: Setting up a barrier between cloud services and existing infrastructures, a disadvantage of which is that businesses will have to consolidate multiple identity management and access management systems, so this cumbersome alternative is unattractive.
Fortunately, some cloud vendors are beginning to address this problem. Google's new capabilities can integrate Google Apps into existing single sign-on tools, improving security and simplifying management processes. An enterprise we interviewed deployed advanced authentication servers so that cloud systems can be validated through Lightweight Directory Access Protocol (LDAP). Another enterprise extends its web-based authentication protocol to enable it to work with external sources and to authenticate cloud services using an internal managed system via a network service.
Data loss and backup
Where are the data stored? Which people have access to data security? These are big problems because, in addition to the Software as a service (software as a Service,saas) vendor, cloud service providers rarely have the experience of long-term processing of sensitive data. In general, data is shared and stored in cloud services and therefore potentially dangerous. In fact, it's risky to keep data inside the company, not to mention cloud services. We often evaluate the risks/benefits of data access within an enterprise, which can also be applied to cloud services, determining how those data can be transferred to cloud services, and how data is protected. This requires us to understand and verify the suppliers ' standards and make sure that they can be modified.
When using cloud services, such as the flexible computing cloud of Amazon, an enterprise can encrypt data for operating systems, applications, or database management systems running in virtual instances. When using other services, such as application hosting, it organizations need to be more wary of developing programs to ensure that security is built into the program (for example, data encryption).
Businesses should carefully consider the risk of data loss, regardless of where the data is stored. Amazon understands that computers fail from time to time, so it advises customers to deal with computer failures through redundancy and backup plans. Some cloud vendors provide backup services or data export capabilities so that enterprises can create their own data backups, while others require customers to use a backup program developed by the enterprise or by a third party.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.