云安全认证云平台使用安全_云更安全的5种方式

云安全认证云平台使用安全

Businesses migrate to the cloud from dedicated hosting for several different reasons, with one of these being security. It is a widely held belief that cloud environments stand to offer more security and protection than is available with traditional dedicated hosting plans, with many CIOs placing their trust in the advanced encryption and security algorithms that lie at the heart of the cloud and would be pretty much impossible for other organisations to copy on a smaller scale. So what helps to make the cloud more secure? We’ve collated the top 5 reasons that we think make the cloud more secure than dedicated hosting.

出于多种原因，企业从专用托管服务器迁移到云中，其中之一就是安全性。 人们普遍认为，与传统的专用托管计划相比，云环境将提供更多的安全性和保护，许多CIO信任位于云核心的高级加密和安全算法，这将是相当不错的。其他组织要进行较小规模的复制几乎是不可能的。 那么，什么可以使云更安全？ 我们整理了我们认为使云比专用托管更安全的5大理由。

1 –数据已加密 (1 – Data is encrypted)

Your cloud virtual machines are encrypted on the disks on which they are stored and this will encompass all data that these virtual machines contain. In comparison with dedicated hosting, the data on a dedicated server more often than not isn’t encrypted and represents an easy target for hackers where the server isn’t thoroughly secured. As cloud data is encrypted, the data is essentially useless to hackers unless they are also able to obtain the encryption keys that guard the data, but these are often held under tight security themselves; without the encryption keys, data will simply appear as garbled text to the hacker. With your data encrypted, this is another line of defence and means that even if the security of the cloud is compromised then the data hosted on your virtual machines is still protected; however, it doesn’t account for scenarios where the login details of your individual virtual machines have been compromised.

您的云虚拟机在存储它们的磁盘上被加密，并且将包含这些虚拟机包含的所有数据。 与专用托管相比，专用服务器上的数据经常不加密，对于服务器没有完全保护的黑客来说，这是一个容易的目标。 由于云数据是经过加密的，因此除非黑客也能够获得保护数据的加密密钥，否则这些数据对黑客实际上是无用的，但是这些密钥本身通常都受到严格的保护。 如果没有加密密钥，数据将仅显示为乱码给黑客。 加密您的数据后，这是另一道防线，这意味着即使云的安全性受到损害，托管在虚拟机上的数据仍会受到保护； 但是，它不能解决单个虚拟机的登录详细信息遭到破坏的情况。

2 –数据存储集中 (2 – Data storage is centralised)

With most cloud hosting infrastructure architectures, data storage is centralised over a Storage Area Network (SAN), enabling virtual machines to be transported across hypervisor nodes whilst still having access to the data that drives them. This provides additional security benefits as this means that if the primary network or individual hypervisors are compromised, then your data won’t be compromised. A SAN works separately to the main cloud network and is a private internal network that has been allocated the specific task of handling data storage, therefore the traffic that passes over this network will never be viewable from outside the cloud.

在大多数云托管基础架构中，数据存储通过存储区域网络(SAN)进行集中管理，从而使虚拟机可以跨虚拟机管理程序节点进行传输，同时仍然可以访问驱动它们的数据。 这提供了额外的安全优势，因为这意味着如果主网络或单个虚拟机管理程序受到威胁，则您的数据也不会受到威胁。 SAN与主云网络分开工作，是专用于处理数据存储的专用内部网络，因此，从此云外部无法查看通过该网络的流量。

3 –完全托管的平台 (3 – Fully managed platform)

In the case of the public cloud, customers are provided with a fully managed platform that, if you have your services with a reputable web hosting provider, will have been secured to industry standards – in other words you can expect to be hosted in a highly secure environment. In terms of web hosting, ‘fully managed’ relates to the level of control that the web hosting provider maintains over the hosting environment; with a public cloud the infrastructure and hardware maintenance is taken care of the web hosting company, so all you have to worry about is setting up and configuring your virtual machines to meet your requirements. It also means they are going to go to town with the level of security used and most web hosting companies exploit the latest in security technologies to provide you with an environment which is guarded to an extent that would be hard for most companies to achieve on their own.

对于公共云，将为客户提供一个完全托管的平台，如果您通过信誉良好的网络托管服务提供商提供服务，则该平台将已按照行业标准进行保护-换句话说，您可以期望将其托管在一个高度托管的平台中。安全的环境。 在虚拟主机方面，“完全管理”与虚拟主机提供商对托管环境保持的控制级别有关。 借助公共云，基础架构和硬件维护由Web托管公司负责，因此您只需担心的是设置和配置虚拟机以满足您的要求。 这也意味着他们将使用所使用的安全级别，并且大多数Web托管公司都利用最新的安全技术为您提供一个可以在大多数公司难以实现的程度上受到保护的环境。拥有。

4 –外部攻击更容易缓解 (4 – External attacks are easier to mitigate)

With many users hosted on a single public cloud platform, it has become imperative for cloud hosting companies to invest heavily in security features that will help to mitigate external attacks that are forever growing in size, an example of which would be DDoS attacks. The resources that are necessary to handle large DDoS attacks are still an expensive resource, with a majority of the expense being attributed to the cost of bandwidth and the hardware that is required. Within a shared environment it has never been cost effective for such measures to be taken, and the nature of shared hosting has meant that it is a feature that the clientele would never require; with dedicated hosting, such measures are expensive to implement when it is being done on a per-server basis. As a private cloud customer then you will also have the choice to implement this as a feature and because of the number of virtual machines you are likely to be hosting in a private cloud, the expense could prove to be rather cost effective.

由于许多用户托管在一个公共云平台上，因此云托管公司必须在安全功能上进行大量投资，这将有助于缓解规模不断增长的外部攻击，例如DDoS攻击。 处理大型DDoS攻击所需的资源仍然是昂贵的资源，其中大部分费用都归因于带宽成本和所需的硬件。 在共享环境中，采取这种措施从来都不是具有成本效益的，并且共享托管的性质意味着它是客户永远不需要的功能。 如果使用专用托管，则在每个服务器上实施这些措施的成本很高。 作为私有云客户，您还可以选择将此功能实现为功能，并且由于您可能托管在私有云中的虚拟机数量众多，因此费用证明是相当划算的。

5 –配置新服务器很简单 (5 – Provisioning of new servers is simple)

In most cloud environments, the provision of new virtual machines is a relatively simple procedure that can be completed in just a few clicks through a web interface. The benefit here lies in the fact that if you are facing security issues with a virtual machine then it is fairly easy to take that VM offline and setup a new, more secure VM for the hosting of your services. This would then give you the time necessary to repair or restore the infected virtual machine without inducing any downtime for your website. You can create and destroy virtual machines as you wish so that any infected VMs can be eradicated very quickly before there is a chance for the infection to spread, meanwhile new virtual machines can be created and secured to a higher degree.

在大多数云环境中，提供新虚拟机是一个相对简单的过程，只需单击几下即可通过Web界面完成。 这样做的好处在于，如果您面临虚拟机的安全问题，那么使该VM脱机并设置一个新的，更安全的VM来托管您的服务相当容易。 然后，这将为您提供修复或还原受感染的虚拟机所需的时间，而不会导致您的网站停机。 您可以根据需要创建和销毁虚拟机，以便可以在感染扩散之前Swift消除所有受感染的VM，同时可以创建新的虚拟机并对其进行更高程度的保护。

翻译自: https://www.eukhost.com/blog/webhosting/5-ways-in-which-the-cloud-is-more-secure/

云安全认证云平台使用安全