SAP CTO Zhang Xi: Cloud security isn't scary.

Today, cloud computing is a fire, but the cloud security problem has become a barrier in people's hearts. The Forresterresearch survey showed that 51% small and medium-sized enterprises have not yet used cloud services because of security. In addition, worldwide, more than 90% of German and French business CIOs claim that security is a prerequisite for their adoption of cloud computing. 56% European CIOs Mark cloud computing security as extremely challenging.

"Ensuring data security is fundamental to the implementation of the cloud computing environment." "If security is not enough, it doesn't make any sense to go into the cloud," says a chief technology officer at a small IT company. "This shows that the cloud security concerns have seriously hindered the development of cloud computing."

SAP China CTO Zhang Xi speech at 2011 China Software and Information Technology Services branding Conference

Cloud security isn't scary.

"Cloud security is not very scary," said SAP China CTO Zhang Xi, at the 2011 China Software and Information Technology Services brand Conference, when he told reporters that when it comes to cloud security, the first thing to understand is cloud computing.

In Zhang Xi's view, the reason why people talk about cloud security color change is that the concept of cloud computing is still more confusing, fuzzy, "some people called cloud computing, not necessarily cloud computing." For example, some people think middleware is cloud computing. In his opinion, middleware differs from PAAs (platform or service), and the relationship between them is intersection. In a sense, "PAAs is the middleware of cloud computing level".

Indeed, the advent of cloud computing detonated the IT industry "concept and category" of the hype wave, become the main theme of it in recent years, private cloud, public cloud, personal cloud, city Cloud, Industry Cloud (Vertical Cloud), community Cloud, E-commerce Cloud, HPC Cloud, science and technology cloud, mixed cloud, VPC ( Virtual Private Cloud), Cloud Bridge and many of the "cloud" linked to the endless vocabulary. According to ISO 2009 survey, the definition of cloud computing as many as 20, the industry is difficult to unify opinions, issued the same voice, as the most users of the industry and all walks of life need to know cloud computing people are "in the clouds, fog."

Zhang Xi said that cloud computing now has a lot of practical applications, and is not so scary, fear of cloud security people, must not understand cloud computing. He cited a simple example, the use of mobile phone net to foreign friends and relatives transfer remittances, similar cloud applications are used by many people, security is guaranteed.

In addition, Zhang Xi also emphasized that SAP is a cloud content provider, although the IaaS, PAAs, and SaaS in SAP Cloud computing is covered, but PaaS, SaaS is the content level, more valuable and enhanced space, will be SAP development focus.

Cloud computing is a double-edged sword

At present, the only widely recognized and supported definition of cloud computing is the cloud computing definition of NIST, the National Institute of Standards and Technology, which is the ability to access computing resources (including networks, servers, storage, applications, services, etc.) over the web to facilitate, on-demand, payment. and improve their availability patterns, which come from a shared, configurable pool of resources and can be captured and freed in the least effort and unattended way. This pattern has 5 key features and includes 3 service modes and 4 deployment modes.

Faced with a lot of ambiguity and controversy over cloud computing, Professor Kinshan, director of information security at Peking University's Institute of Software and Microelectronics, also agrees with the NIST definition that cloud computing has five features: Ubiquitous network access, resource pooling, metering of paid services, fast and flexible, on-demand self-service, And pointed out that these five characteristics are indispensable.

So is security in the cloud computing environment higher or lower than the cloud? Professor Qing said that he asked Microsoft's vice president on this question, and got the answer: both. Professor Qing said, to increase the reliability of cloud computing, if you are hosting something to a better big supplier, for example, to put money in the bank, although there are risks, but also better than the home side, which will increase the reliability of cloud computing; if some small businesses do not know enough about security, it is the cloud itself that reduces security.

So cloud computing is a double-edged sword. Enterprises to use well, not only will not affect its information security, but also can really improve information security, and if blindly use, it will be the opposite. How to make good use of this "sword" is a question that all CIOs have to think about.

(Responsible editor: The good of the Legacy)