Worry about external cloud security? The real threat comes from the internal cloud

Source: Internet
Author: User
Keywords Safe real internal cloud

At present, many IT managers are unwilling to migrate their business to the cloud due to security issues. They think hackers will attack the suppliers of their cloud businesses somewhere in the network and steal core data. While there is no denying the fact that this is the case, trust cloud security issues, the future real threat will come from within the company's own internal cloud.


A more common problem will revolve around the security of access to cloud computing, where data loss is usually taken away by employees who have previously resigned or been dismissed. Although this has been the case before, only through the cheap USB flash can be done, but it is important that the current cloud environment makes it easier to implement, enterprise employees through the cloud environment can access to the cloud based data center, access to a large number of sensitive data.

The best way to defend against this data loss is to investigate the working background of a good employee, while ensuring that no one can get permission to download all the data through the cloud environment. This, of course, also includes limiting the IT staff to provide API-oriented data for use by cloud computing providers.

In addition, the larger problem surrounding cloud computing is that while many of the clouds are set up to guard against the need to effectively protect the server directly or from the external network, many hackers will often use multiple means to attack the enterprise cloud environment. This usually means that they are taking advantage of the core components of cloud computing, such as management program issues, to attack network virtual machines.

Recent research has shown that hackers can use side-channel attacks to steal and peek data on virtual machines in the cloud, such as collecting passwords. At the same time, the researchers demonstrated that the virtual machine installed on the same server, once defined as an attack target, could fully monitor the shared resources on the server.

In addition, trust is the core issue of effective data protection. Many cloud computing providers trust their customers, and each customer is using the data in a cloud computing environment with others. Although logically each user has his or her own data storage space, the cloud vendor is usually focused on the user's trust to achieve security, that is, the so-called external cloud is not secure, and the internal cloud is secure. But if the trust of the internal cloud environment is broken, will the data really be secure?

Cloud-computing providers are actively improving their security policies to meet these new challenges, but they cannot be used as an excuse for companies not to take advantage of cloud computing because they are not being addressed at the moment. These questions are simply made to ensure that the user data and business processes are secure in order for the enterprise to recognize the problems in cloud computing in order to take precautionary measures.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.