Share this article from the public micro-channel number - Tencent cloud storage
I believe all businesses and individual developers regard the data in the selection of cloud storage product safety standards as an important consideration. This article describes how to protect users in advance of Tencent cloud object storage COS, things in control, three ex post facto means to ensure their own safety data.
First, the advance guard means
1. Privilege Isolation
of the cloud enterprises, account security and reasonable resource is the first authorization to build three-dimensional door protection system. Authorization resource management on the cloud should avoid the following risks:
the use of Tencent cloud main account for daily operation;
for employees to build a sub-account, but the authorization is too large;
the lack of management systems and processes using an account privileges;
no regular permission to audit the management of users and login information;
no high authority and high-risk sub-account operating conditions for access control;
Tencent cloud account by CAM grade, clear classification authority and other measures to protect the rights, safety and controllable.
Accounts Classification: main account for all possible legal CAM users, including sub-accounts, and other collaborators, to grant access to programming and console access different forms of access and so on;
Classification authority: through authorized service level, interface level, such as different levels of resource level, authorized CAM user what operations can be performed on what resources and under what conditions, by what way;
first of all, you can create an account in the primary sub-accounts, to manage sub-accounts under the authority of the resources allocated primary account, without the need to share relevant credentials main account.
In addition, it is possible for different resources, authorize different access to different people. For example, you can allow certain sub-account has read access to a COS buckets, while others sub-account or primary account can have write permissions, a COS storage object. Here's resources, access rights, users can batch packaged, thereby leading to the refinement of rights management.
For high-risk operations (such as delete data) access, it may be dissected out authorization, allowing the user to operate only the console, while the secondary authentication is performed by opening the check MFA. After opening MFA check when users perform high-risk operations such messages will trigger checksum for verification.
2. Object Locks
for some of the core sensitive data, such as financial transactions, medical imaging data, is available to prevent files from being deleted or tampered with after uploading the lock through the object.
After the configuration object lock function in the life of configurations, all of the data stored in the tub will be read-only, can not be overwritten or deleted, this operation is valid for all CAM users and anonymous users, including primary account numbers.
This feature is in beta, users need to submit a ticket application trial.
3. 数据灾备
腾讯云对象存储提供了包括数据加密、版本控制、跨地域复制和生命周期功能等多种功能在内的数据管理能力支持。
敏感文件可通过加密功能保障数据读写安全;
通过版本控制和跨地域复制实现异地容灾,保障数据持久性,确保数据误删或者被恶意删除时可从备份站点恢复数据;
通过生命周期进行数据沉降和删除,减少数据存储成本;
版本控制功能还可以保障用户的文件不会被覆盖写或者删除。在开启版本控制配置后,所有同名文件的写操作都会视同新增不同版本的同名文件,删除操作等同于新增一项删除标记;可以通过指定版本号访问过去任意版本的数据,可实现数据的回滚操作,解决数据误删和覆盖的风险。
在这里插入图片描述此外,对象存储还提供了跨地域复制的功能,帮助用户将所有增量文件通过专线复制到其他城市的数据中心,实现异地容灾的作用。当主存储桶中的数据被删除时,可从备份存储桶中通过批量拷贝的方式恢复数据。
考虑到版本控制和跨地域复制功能都可能造成文件数增加,用户也可以通过生命周期功能将一些备份数据沉降至低频或者归档存储等更便宜的存储类型,从而实现低成本存储。综合数据加密、版本控制、跨地域复制和生命周期功能,腾讯云对象存储对外提供的完整冷备方案,如下图所示。
对于一些数据主要存储在其他云厂商,且对数据持久性要求苛刻的客户,COS也提供基于云函数的多云灾备方案。
首先数据存储在其他云厂商上(如AWS或者OSS),客户可通过云函数触发数据同步或者跨地域复制实现异地容灾,保障数据持久性;
同时,通过云函数触发数据迁移,将核心数据备份到腾讯云的对象存储服务上,并通过腾讯云的跨地域复制功能,实现异地灾备;
Finally, permission Tencent cloud control, manage COS data access, guarantee extreme cases data can recover data from Tencent cloud COS;
for some of the data is mainly stored in other cloud vendors, and data persistence demanding customers, COS also provides disaster recovery program based on cloud cloudy functions.
First, data stored on other cloud vendors (such as AWS or OSS), customers can be triggered by cloud data synchronization function or cross-regional Replication for offsite disaster recovery to ensure data persistence;
at the same time, triggered by cloud data migration function, the core data backup Tencent to the cloud object storage service, and through cross-regional replication Tencent cloud for offsite disaster recovery;
at last, Tencent cloud of authority control, management COS data access, protect data from extreme cases Tencent cloud COS the recovery data;
Second, things in control means
Tencent cloud object storage cloud-based functions provide event notification function.
For such high-risk operation to delete a file, you can configure the operation of high-risk for this type of cloud DeleteObject function, immediately sent by SCF operating in high-risk behavior on the phone or e-mail notification, ensure timely detection of high-risk behavior, and to take measures to suspend.
Third, the ex post facto means
Tencent cloud object storage provides users log monitoring and auditing capabilities of multi-channel low threshold.
For user access log bucket, such as deleting files (DeleteObject), covering write file (PutObjectCopy), modify the file permissions (PutObjectACL) and other operations, can be tracked by logging bucket access, high-risk behaviors such as deletions can be traced back verification;
for bucket configuration management behavior, such as deleting buckets (DeleteBucket), modify the bucket access control lists (PutBucketACL), modify the bucket strategy (PutBucketPolicy), etc, can be tracked through cloud audit log, permissions configuration changes and other acts also can be traced back verification.