Only 40% companies pay attention to cloud security?

 

Now with the continuous progress and development of cloud computing, many cloud computing providers are also starting to serve as a third-party cloud service to users of various cloud computing services, in the cloud, data security has always been the user and enterprise managers have been particularly concerned about, many companies are also beginning to consider their own data security strategy and planning issues.   Cloud ERA blow only 40% enterprises pay attention to cloud security? Now more and more companies choose to put their own data in the cloud, which includes the public cloud as well as the private cloud of the enterprise and mixed cloud, which means that data and network security has become the biggest responsibility of these providers, many companies also closely follow the cloud wave, The infrastructure and business applications needed for cloud computing services are being upgraded and developed, making cloud data a safer security. But no matter how much infrastructure and how many network services and business applications The enterprise moves into the cloud, the ultimate responsibility for information and networking rests with the enterprise itself. That's why companies need to elaborate cloud security policies. Although cloud services are on the rise, only 40% of companies have a formal, centralized cloud security policy, according to a 2013-year endpoint state survey by the Ponemon Research Institute. This provides an ample opportunity for administrators to tighten their company's data and network. The above data we can see that until the rapid development of cloud computing today, there are still many enterprises do not realize, or still do not take the necessary data security control measures and strategies to protect the user's data, This is a reminder for cloud computing providers and many business users.   Cloud computing strategy key points   cloud computing security is a commonplace topic, and to make data more secure, the security policies and solutions of an enterprise's internal cloud computing network are essential, Hazdra, security Service provider Neohapsis's chief Security advisor, once said: " After the accident, the enterprise will realize that we did not expect such a thing to happen.   A short sentence of the importance of data security in cloud computing, it is true that many companies are aware of the importance of deploying cloud computing security policies only when data is compromised and data is lost, but by then it is already too late, ideally Enterprises should create their own cloud security policies before deploying the cloud.   In these issues, the important question is whether the enterprise has a clear data classification policy. The more sensitive data companies have, the more important the problem is, especially in tightly regulated industries such as health care and financial services companies. Data classification helps businesses prevent accidental uploads of critical data in data centers, and helps protect data that travels through network services. For example, Rackspace provides a way for clients to control which types of traffic can go through the paths of virtual networks, but businesses first need to classify traffic.    Of course cloud computing security is not limited to data classification, divide the data into classes, companies may have to deploy various applications of cloud computing to other data policies, and companies will have to decide whether to allow users to access directly to the cloud servers they host, and the benefit is that users can easily upload and download data and information, but again, The downside is that data security receives threat factors that are rising.     in determining where existing policies overlap with new cloud policies, check to see if the cloud technology vendors considered by the enterprise are compliant with your policies. "If the cloud supplier does not have any policies or controls that the company wants, it needs to consider whether the supplier applies to the company," Hazdra said. "  Locate data location   The physical location of the data involves legal and privacy issues." Can the cloud service provider move data from the enterprise to the outside? Does the supplier agree to keep the enterprise's data in a specific data center? If the supplier policy does not meet all the requirements of the enterprise, what data should be kept within the enterprise? From these issues, data classification is important.    for the data that the enterprise holds in the public cloud, the Enterprise Manager will certainly want to get the data security information from the cloud service provider, especially when it comes to SaaS, the problem is particularly important, and software developers have been working to improve the performance of their programs. Sometimes it may conflict with good security. Sometimes developers are allowed to turn off security features to achieve the required level of performance. Enterprises need to prioritize security and performance.   In addition, whether the performance of the cloud services infrastructure is directly proportional to the enterprise's investment in cloud computing and a point that business users deserve to consider, it is particularly important to carefully consider the standards and priorities of cloud computing services because the enterprise needs to prioritize, and to ensure that cloud supplier policies meet business expectations.    If the enterprise is now considering a full cloud security policy, it will be necessary to think about who is authorized or approved to audit the agreement with the cloud vendor, which makes it easier for individual employees to work, but will also put enterprise data at risk. Specify a specific location to set up a cloud service for work purposes and consider the specific consequences of violating policies. >>  Cloud computing security who's going to pay the bill   The core issue of cloud computing is security, so when it comes to security issues who should be responsible, it may be a headache for many of the cloud computing industry's friends, and it is hard to define whether it is a SaaS service provider or an IaaS service provider, This is not true, but in any case, corporate users should be responsible for their own data security, as well as the security policies and data information provided by these providers.    Whoever is handling this information. If you are looking for an infrastructure provider, you must ensure that the supplier is able to fulfill its commitments, whether through performance, inspection or cloudThe vendor shall discuss the specific details. As enterprises move to SaaS, implementing acceptable use, privacy, encryption, and data mining policies remains a business responsibility. CIOs must also ensure that cloud providers follow their own policies.   Editor's words   cloud security is not a short-term topic, cloud computing to long-term development and by individuals and business users trust and attention, data security issues must be in the first place, otherwise cloud computing service strategy is like rowing, our future work and life must be inseparable from the cloud, A large amount of data is placed in the cloud, and security issues are not negligible.