Essay On Cloud Security
We debated multiple cloud services a few weeks ago. Cloud security and data protection were one of the few main concerns we didn’t discuss then. These are very important issues and cannot be neglected. Standstill infrastructure of a company against malicious attack is due to strong security measures, and to protect data from falling into the wrong hands, data protection is very important. In this assignment I would be discussing four different companies and their unique ways to protect their data.
First, we will look into AWS or Amazon Web Services. AWS offers multiple control factors to assist secure a customer’s environment and data to secure customer’s environment AWS offers multiple measures. They provide Access, which allows the customers to regulate the services Amazon provides. This makes sure that no access can be given to someone else without customer’s knowledge. Amazon services are also to make sure safe and secure while in transit or at rest. Other than that if a lot of logs are attempted the system will review the logs to prevent breach. One of the features Amazon offers is storage in multiple areas in multiple regions, where customer can choose where their data is stored. Amazon also provides a security component. This offer allows customers to encrypt their data with strong encryptions to guard their data while at rest or in transit. With this Amazon allows the customer to manage the encryption keys so if AWS was ever breached they might not get the keys for customer data.
EMC is the next company we will discuss about. This company provides multiple storage solutions for patrons to store their data. They provide a special sort of data protection. Many of EMC’s cloud storage is typically used for personal cloud infrastructures. Although they do offer some online services most of their business is in private cloud. As a part of this EMC’s does take some measures to guard their data by using encryption on the storage. This encryption is typically setup onsite for companies and therefore the company has the keys. Along side this EMC offers a secondary purchase you’ll make in their Data Protection Suite. Which offers a good sort of protection of all data within the company not just on the storage devices.
Qualys may be a vulnerability scanning system that tracks vulnerabilities within the company. As you’ll imagine this is often not information you’d need a hacker to possess their hands on as this might cripple the corporate if they knew the way to exploit it. Qualys takes interest to guard their customer’s data. They only use the very best available encryption for web access. They also employ a robust encryption on all data. They use Blowfish encryption on all of their data. Blowfish may be a symmetric block cipher that takes a variable key of 32bits to 448bits. This suggests that it’s almost impossible to access without the encryption key. This key’s only held by the customer and nobody else.
Even Qualys can’t gain access to your data. Qualys has multiple customers and a few in government settings which suggests that Qualys has got to abide by the SSAE 16 or other industry standards to supply service. The scanning appliance is put behind the customer’s firewall and is merely constructed around a hardened Linux kernel. They use not sort of service to scan the systems and haven’t any open ports on the system. All scans are conducted via a secure SSL connection.
Salesforce will be the last company we will discuss about. Sales department holds an abundance of customer data that has got to be protected in the least times. They need a huge infrastructure and customer list that they need to keep protected. Sales department starts their security measures from their coding and building phase. They work to make sure their code is secured and tested rigorously. Salesforce also knows there are multiple sorts of security needed. They don’t just secure the cloud but the infrastructure. They ensure their datacenters are fortified with physical also as cyber security.
Salesforce only uses the newest encryption technology for connections via SSL and that they use certificate issued by VeriSign. They also use a mess of Firewalls and routers to make sure that the traffic coming in is secure and authentic. Salesforce along side the safety in situ uses multiple, sophisticated monitoring tools to watch for any breaches and or wrong doing within the environments. Along side the protection that Salesforce provides they also take it one step further as they permit customers to make custom fields in their system and allows the customer to encrypt those fields. this is often in order that if there’s any personal private information(PPI), Medical, or maybe banking information stored within the system the customer can encrypt this data using AES 128 encryption.
Even though each of those companies provide different services from each other, it’s important to understand that every of them take security and data protection rather seriously. Currently the simplest method for data protection during a cloud scenario is that the use of key encryption. This is often important in order that nobody can gain access to information they ought to not have access too. Although key encryption does help to guard data it’s sometimes cumbersome and may be slow when it involves editing, searching, or viewing data. I think each of those companies do a good amount to assist protect their customer’s data. It’s going to not be perfect but it does seem to be working quiet well for every of them as each company has been growing exponentially over the past 5 years.