BÀI TẬP BỔ TRỢ TIẾNG ANH 11 THEO ĐƠN VỊ BÀI HỌC - CẢ NĂM - CÓ FILE NGHE (GLOB...
Cloud computing-security-issues
1. 5 Critical Security Issues in Cloud
Computing
Information security can make or break your cloud project
By John Kinsella, Protected Industries / published by CSOonline.com
2. Private clouds are not secure
A cloud placed behind enterprise firewall is not inherently
secure – it needs to be implemented and managed with
security in mind
Security is limited to the weakest link – be that users,
departments with less security sense, or unprotected
applications
Consider that a private cloud might morph to public in the
future via “capacity clearinghouses.” Security could quickly
become a large concern, at too late a point in time
3. Security visibility and risk
awareness
Monitoring not just resources, but the security state of a
cloud is of utmost importance
Do not just gather metrics – make them easily accessible,
displayed in a meaningful way. Look for potential issues
every day, not only during compliancy-required monthly
reviews
Research what metrics your cloud provider is able to provide.
Consider how they can improve your security posture
4. Safely storing sensitive information
Sensitive data must be encrypted with a strong industry-
trusted encryption library. Do not “roll your own”
Very difficult to guarantee absolutely no eavesdropping in a
cloud environment
Decide to encrypt data in the cloud, or before It gets to the
cloud
5. Application security
The shared environment and difference in security
architecture of a cloud increases the importance of
application security
Before migrating an application to the cloud, perform an
architecture review and see where cloud benefits can be
leveraged
Migrating an application to the cloud is a unique chance to
increase the security of the application through increased
availability, ability to scale, and use of cloud APIs
6. Authentication and authorization
Should enterprise authentication be extended to the cloud?
Depends on usage and sophistication of security program
Authentication system should be flexible enough to support
different authentication methods for different cloud services
Wide variety of commercial solutions available
Authentication and authorization system logs can provide
insight into reconnaissance or malicious activity
7. Read the article at www.csoonline.com/article/717307
By John Kinsella, Protected Industries
www.protectedindustries.com