Inventory hidden dangers in cloud computing services

Source: Internet
Author: User
Keywords Cloud computing Services inventory

If companies are looking to reduce it costs and complexity by leveraging cloud computing services, the preemption should ensure that there is no potential privacy issue in the process, according to a report released recently by the World Privacy Forum.

Once you give the data to outsiders, you face potential problems. Businesses may often not even know where their data is stored. Information sometimes ends up in multiple places, and each place may need to comply with different privacy requirements.

Users who want to cut costs through cloud computing services tend to overlook such issues and need to clarify the privacy aspects of their contracts.

So is it possible for us to avoid the risk of cloud computing? In fact, any innovation can be risky, and we always find ways to reduce and eliminate risk:

1. Control the data position. Another problem that affects the size of customers is the location of the data because different countries apply different privacy and data management laws. So it's particularly important for companies that are involved in cross-border business.

The EU, for example, has strict rules on which data on the individual can be kept and kept for long. Many banking regulators also require customers ' financial data to remain in their home countries, and many compliance requirements cannot be put together with other data on a shared server or database.

Today, users may not even know where their data is in the cloud computing environment. This fact brings with it a variety of compliance issues such as data privacy, isolation, and security.

But the question of uncertain data positions is beginning to change, as Google allows customers to specify where to keep their Google Apps data, thanks to its acquisition of an e-mail security company Postinie and, for example, a Swiss bank that requires customer data files to be kept in a Swiss country, Google can do that now.

A further step is the ability to physically isolate users ' data from other customers ' data in a multi-tenant architecture of cloud computing environments. However, this isolation technology is expected to be implemented through a virtualization technology that is still in its early stages but increasingly powerful.

2. Data encryption. Data encryption can mitigate some of the privacy risks associated with unintentional or malicious disclosure-this encryption is for data that is stored on the server of the cloud service provider and for the end user.

In addition, the implementation of a two-factor validation scheme to control access to data stored by cloud service providers is expected to ensure that only users with access to data can see the data. Of course, if the enterprise is all in place, and has done the work beforehand, it is not much different to store the data itself or to store the data by the cloud service provider.

3. Data loss and backup processing. Where are the data stored? Who has access to data security? This is a big problem because cloud service providers have little experience with time-sensitive data in addition to software and services (Software as a Service,saas) vendors.

In general, data is shared and stored in cloud computing services and therefore potentially dangerous. In fact, it's risky to keep data inside the company, not to mention cloud services. This approach, which often evaluates the risks/benefits of data access within an enterprise, can also be applied to cloud services.

Determining what data can be transferred to cloud services and how to protect the data requires that we understand the criteria of the well verification vendor and make sure that they can be modified.

When using cloud computing services, such as the flexible computing cloud of Amazon, organizations can encrypt data from operating systems, applications, or database management systems running in virtual instances. When using other services, such as application hosting, IT organizations need to keep an eye out for developing programs to ensure that security measures, such as data encryption, are built into the program.

Businesses should carefully consider the risk of data loss, regardless of where the data is stored. Amazon understands that computers fail from time to time, so it is recommended that their customers deal with computer failures through redundancy and backup plans. Some cloud vendors provide backup services or data export capabilities, so that enterprises can create their own data preparation other vendors require customers to use the enterprise's own development or third-party development of the backup program.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.