As more and more data center managers turned to a private cloud, public cloud and hybrid cloud infrastructure, facing new security challenges, and cloud computing also provides a new technology to help cope with security challenges. There is an obvious security issues cloud-based infrastructure: As the company's business in the cloud, may be exposed to the public Internet. Enterprise applications stored in the cloud platform, data, applications and other assets located in the heart behind a firewall, data and other assets have different vulnerabilities in comparison. This find the weaknesses and loopholes created more opportunities to attack the attacker.
Whether it is on-premise, public infrastructure, or some form of hybrid cloud infrastructure, you can use the container, the micro-service, non-server functions implement different types of application deployment. This means monitoring the application of traditional methods of security is no longer applicable. Infiniti Consulting Group Chief Technology Officer JohnGray said: "The use of non-server, run some transactions can be completed only a few microseconds to track how it will monitor how this is something new application monitoring tools to obtain real reason for the rapid growth.??. "
Challenges of security information and event management (SIEM) system
Cloud computing infrastructure transient also allows certain types of log records become obsolete, or at least need to change the method. For example, to migrate its infrastructure to part of the cloud platform, some companies are considering migrating its security information and event management software to the cloud platform.
Ali Golshan cloud security vendor StackRox co-founder and chief technology officer, security information and event management (SIEM) system requires a lot of storage capacity, migrate them and similar functions to the cloud can reduce costs, easier operation . But only to migrate security information and event management (SIEM) system to the cloud is not enough to deal with new cloud computing network security environment.
Golshan said, we must first understand that the cloud computing deployment does not require a lot of historical data storage, because many of the historical data will soon be obsolete. At the same time, companies need to be able to track the event of the container, cloud micro-server and non-server functions. He said, "Many companies have a traditional environment, and want to have security information and event management (SIEM) system, but many companies do not really follow the historical data can not be migrated traditional security information and event management (SIEM) system to the new cloud-based environment. "
Network security vendor of Malwarebytes Malwarebytes laboratory director Adam Kujawa said that if companies use security information and event management (SIEM) to deal with traditional local infrastructure, then in addition to cost savings, running in the cloud there is an additional benefit. He said, "If companies have a security information and event management on a local network (SIEM) system and is compromised, the attacker could break into the system and modify the log. However, if the isolated enterprise network, the attacker will be more hard to do this. this is an additional layer of security. "
Companies can further employ another method, using different cloud service providers in different aspects in the field of security. Pravin Kothari cloud security vendor CipherCloud CEO, said: "all control and data encryption keys and other cloud providers and cloud service providers saved separately has become a practice."
Security Challenges
Data Center Network Security is responsible for people who need time to understand the new infrastructure operating mode. Infiniti consulting firm Gray said: "In the past, companies can employ the industry's commonly used tools for internal deployment monitoring, people can make good use of them."
According to research firm CyberEdge Group's recent survey showed that, in the protection of cloud computing infrastructure, the most popular strategy is to train existing staff, which is not surprising. 40% of respondents chose another, more popular strategies that employ dedicated security personnel responsible for cloud security. Another 36 percent of respondents said it plans to increase staff outside consultants and contractors, while 33 percent of respondents said it plans to use third-party security service providers. Only 24 percent of respondents said they plan to use cloud security software or cloud services from independent software vendors.
However, when the data center business began to migrate to the cloud, many companies will retain its traditional infrastructure over a period of time, if there is no increase in staff, the staff had to manage data center will not only need to learn a new cloud-based system It is also responsible for managing the security of two operating environments.
Gray said, "AWS, Microsoft, Google, and the industry's manufacturers are quick to promote cloud computing environment changes. This makes it difficult for enterprises to know what to choose from. After six months, there will be some newer, easier to use version or a completely different services, which enable enterprises to become more difficult in the choice. "but he added that, in addition to cost savings and greater flexibility to migrate to cloud computing there is a great advantage. "It gives companies the opportunity to start again, from scratch to build a data center. If done right, it can make the enterprise business in a cleaner environment, if you take the time to build it, then. Moreover, companies can more easily in the cloud separation of the infrastructure, so that you can isolate the environment. "
This means that compared to conventional infrastructure, cloud computing environment may be easier to manage, less vulnerable to attack. "Cloud computing is definitely more secure than on-premises." He said. For example, cloud computing makes it easier to automate the process of container and start the service. If you have done well, which means that data centers can ensure that all appropriate control measures are always in place. "But if you automate a mess, it will destroy the business environment." Gray added.
Dalian Professional Women's Hospital mobile.dlgcyy.cn