云中数据安全
‘Cloud’ an entirely fresh model of Computing has established itself with a reputation of offering the greatest level of elasticity and flexibility over a computing environment for various platforms such as software, infrastructure and development platforms. The model has brought along the offerings of decreased costs and faster deployments as compared to the traditional solutions. Despite being equipped with these beneficial features, why is it so that not many are seen to ride of the wave of cloud in the Industry?. Well the primary concern to all is its security and encapsulates a broader spectrum of problems such as (a) Concern about Cloud computing service provider, (b) Propagation of data within the Cloud, (c) Concerns about the Control
“云”是一种全新的计算模型,以在各种计算平台(例如软件,基础架构和开发平台)的计算环境上提供最大程度的弹性和灵活性而著称。 与传统解决方案相比,该模型带来了更低的成本和更快的部署。 尽管具备了这些有益的功能,但为什么在行业中没有多少人能看到云的浪潮呢? 好吧,所有人最关心的问题是它的安全性,并囊括了更广泛的问题,例如(a)对云计算服务提供商的关注, (b)在云中传播数据, (c)关于控制的关注
Keeping aside the concerns regarding security, its indeed possible to manage the known risks and experience the advantages of Cloud. Users can consider the suggestions listed below when opting for a Cloud Hosting Computing Solution
除了安全性方面的顾虑外,确实有可能管理已知的风险并体验Cloud的优势。 用户选择云托管计算解决方案时可以考虑以下建议
Strategic Thinking Approach : There are differences in the workloads hence every workload can be considered carefully and only deciding to shift it over to the Cloud. Careful consideration for each workload about the governance and cloud security needs should be determined and analyzed if it would fit appropriately within the Cloud infrastructure. Strategically evaluating the process and selecting the workloads accordingly and preventing the data proliferation can be easily achieved.
战略思维方法:工作负载之间存在差异,因此可以仔细考虑每个工作负载,并且仅决定将其转移到云中。 应确定并分析每个工作负载有关治理和云安全需求的仔细考虑,如果它们适合云基础架构。 从战略上评估流程并相应地选择工作负载并防止数据扩散很容易实现。
Defining Roles and Responsibilities based on Evaluations : Choosing between Public, hybrid and Private Cloud depends largely upon the end user and the provider much similar to any traditional IT solutions provider. Both the entities should be aware of their roles and responsibilities, such that, it is the responsibility of the service provider to take care of the aspect of security of the SaaS whereas if it is IaaS the end user or the consumer is the one who needs to bear the responsibility of maintaining the security of the VM’s.
根据评估定义角色和职责:在公共云 ,混合云和私有云之间进行选择在很大程度上取决于最终用户和提供商,与任何传统的IT解决方案提供商非常相似。 两个实体都应了解其角色和责任,因此,服务提供商有责任注意SaaS的安全性,而如果是IaaS,则最终用户或消费者是需要的人。承担维护虚拟机安全性的责任。
Laying Down a Fool-Proof Back Up Strategy : Evaluating the measures laden by the service provider for Disaster Recovery and restoration, it should ideally involve off-site backup, availability of services, redundancy etc. Based on such evaluations you may design your own backup and restoration procedures that would further strengthen your existence over the Cloud.
制定简单的备份策略:评估服务提供商对灾难恢复和恢复所采取的措施,理想情况下,它应涉及异地备份,服务可用性,冗余等。基于此类评估,您可以设计自己的备份和恢复程序,将进一步加强您在云上的生存能力。
Evaluate SLAs and Communication channels : Reliablecloud hosting service providers would have a perfectly designed SLA which would clearly define various factors such as uptime, alerts and notifications, restoration services, recovery strategies, turn-around-time for resolution, etc. You can also expect to receive proactive notifications regarding outages, issues, issue resolution procedures etc.
评估SLA和沟通渠道: 可靠的 云托管 服务提供商将拥有设计完善的SLA,其中可以明确定义各种因素,例如正常运行时间,警报和通知,还原服务,恢复策略,解决方案的周转时间等。您也可以希望收到有关停机,问题,问题解决程序等的主动通知。
For businesses and users, it is equally important to test the services that the service providers claim to offer. The testing parameters can be based up performance checks, speed test evaluations, security functions for ensuring a safe existence of your business in a Cloud environment. Moreover, it is equally important to do a recheck the parameters on a regular basis to achieve an optimum level of security and functionality.
对于企业和用户而言,测试服务提供商声称提供的服务同样重要。 测试参数可以基于性能检查,速度测试评估,安全功能,以确保您的业务在云环境中的安全存在。 此外,定期重新检查参数以达到最佳级别的安全性和功能同等重要。
Sticking to the basics : It is closely observed that many enterprises tend to invest in time and money in development and implementation of security strategies based on the latest available tools and techniques but fail to stick to the basics of risk assessment and management, policy development / enforcement, and rigorous validation of established and essential controls. The following is a list of security issues as observed in the year 2011 :
坚持基本原则 :密切观察到,许多企业倾向于在时间和金钱上投资于基于最新可用工具和技术的安全策略的开发和实施,但没有遵循风险评估和管理,政策制定/执行和严格验证已建立的基本控制。 以下是2011年发现的安全问题的列表:
- Compromised security due to so called outdated vulnerabilities 由于所谓的过时漏洞而导致的安全性受损
- Weak management policies 管理政策薄弱
- Delayed addressal to probable risks 延迟解决可能的风险
Cloud is something which should not be considered any different that the traditional computing solutions. The vulnerabilities apply equally to every service offerings, there may be differences in managing them differently. Ideally, it is responsibility of the organization and the service provider to know their individual responsibilities and act accordingly to ensure a safer and hassle free existence over the Cloud.
云计算不应与传统计算解决方案有所不同。 漏洞平等地适用于每种服务产品,以不同方式管理它们可能有所不同。 理想情况下,组织和服务提供商的责任是了解他们各自的责任并采取相应的行动,以确保在云上更安全,更轻松地生存。
翻译自: https://www.eukhost.com/blog/webhosting/security-in-a-cloud/
云中数据安全
扫一扫
276
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
