l*******G
发帖数: 1191 | 1 云的最大问题是数据安全,我想大的公司和国有企业,政府部门等都不会轻易用
public 或者第三方的云。因此自己公司/部门完全控制的私有云会有市场。而对于中小
企业和个人来说,一来数据量不大,一个小型服务器就够了,二来自己搞datacenter的
成本太高,这会抑制小公司对云服务的需求。因此专门做云服务的公司的客户集中在个
人应用和可以放到云端的不太重要的数据,比如游戏,视频,音乐。法律上也有很多没
有跟上的地方。
不知道将来有没有专门的加密技术,那就是云服务商只提供空间和操作系统,密匙在
客户端软件里,没有客户提供密匙和解密方法,服务商根本不能打开或者使用客户的数
据! |
s******n
发帖数: 6806 | 2 云里可以有small business ERP,比较看好小公司用云里的ERP。
这比自己维护服务器和ERP成本低多了。
oracle 和sap的small business 部门就可以歇菜了。
【在 l*******G 的大作中提到】
: 云的最大问题是数据安全,我想大的公司和国有企业,政府部门等都不会轻易用
: public 或者第三方的云。因此自己公司/部门完全控制的私有云会有市场。而对于中小
: 企业和个人来说,一来数据量不大,一个小型服务器就够了,二来自己搞datacenter的
: 成本太高,这会抑制小公司对云服务的需求。因此专门做云服务的公司的客户集中在个
: 人应用和可以放到云端的不太重要的数据,比如游戏,视频,音乐。法律上也有很多没
: 有跟上的地方。
: 不知道将来有没有专门的加密技术,那就是云服务商只提供空间和操作系统,密匙在
: 客户端软件里,没有客户提供密匙和解密方法,服务商根本不能打开或者使用客户的数
: 据!
|
c****e
发帖数: 1453 | 3 "不知道将来有没有专门的加密技术,那就是云服务商只提供空间和操作系统,密匙在
客户端软件里,没有客户提供密匙和解密方法,服务商根本不能打开或者使用客户的数
据!"
This is common practice. It's called compilance requirement. All major cloud
providers went through compliance certifcation. |
l*******G
发帖数: 1191 | 4
cloud
I'm ignorant on this end, how do they achieve it? I'm afraid that the server
admin can always fake and pretend to be the client and probe the client's
data. Do you think google can not log into clients email? Do you think
amazon can not log onto clients' virtual machines?
【在 c****e 的大作中提到】
: "不知道将来有没有专门的加密技术,那就是云服务商只提供空间和操作系统,密匙在
: 客户端软件里,没有客户提供密匙和解密方法,服务商根本不能打开或者使用客户的数
: 据!"
: This is common practice. It's called compilance requirement. All major cloud
: providers went through compliance certifcation.
|
a******n
发帖数: 5925 | 5 salesforce的marc已经和他的前老板加良师因为这事闹得很不愉快了
【在 s******n 的大作中提到】
: 云里可以有small business ERP,比较看好小公司用云里的ERP。
: 这比自己维护服务器和ERP成本低多了。
: oracle 和sap的small business 部门就可以歇菜了。
|
g*****g
发帖数: 34805 | 6 sure server admin can do a lot of damn things. But they are the employer of
the enterprise and they can lose job if they screw up the servers they are
maintaining.
Amazon's DBA probably can get your credit card information, doesn't mean it'
s
not secure to shop there.
server
【在 l*******G 的大作中提到】
:
: cloud
: I'm ignorant on this end, how do they achieve it? I'm afraid that the server
: admin can always fake and pretend to be the client and probe the client's
: data. Do you think google can not log into clients email? Do you think
: amazon can not log onto clients' virtual machines?
|
b********7
发帖数: 12906 | 7 the control is always on the server (or cloud???) side. no security in this
case. |
c****e
发帖数: 1453 | 8 It depends on how important your data is. Normal users trust the audit
procedure so no insider would/could look their data. Or you can encrypt all
your data and put the key in the secrete store deployed at on-premise server
, which is under your control.
It's related but different between your VM is compromised and your data is
leaked. You rely on various ACL settings on different layer (network,
firewall, OS, password, certificates) to protect your VM, and you also have
encryption to protect your data processed by the VM.
There is no 100% security, even you put your data on private server. It's
all about the security measurements you deployed in your system and how well
you can audit activities, monitoring access, identity anomaly and respond
the incident.
server
【在 l*******G 的大作中提到】
:
: cloud
: I'm ignorant on this end, how do they achieve it? I'm afraid that the server
: admin can always fake and pretend to be the client and probe the client's
: data. Do you think google can not log into clients email? Do you think
: amazon can not log onto clients' virtual machines?
|
b********7
发帖数: 12906 | 9 i'm not sure how you define "normal users". at this stage normal users may
not even know how to user "the cloud" (except for "normal apple users" of
course).
I don't know if I belong to the group of normal users. but I know I will not
trust any of the clouds out there.
private on-premise server is definitely more secure than the cloud if you
know how to do it. the benefits of cloud never include "higher security".
none of the clouds out there dare to boast on security. It's more about
convenience.
Remember that convenience and security can never co-exist. at least not now.
all
server
have
well
【在 c****e 的大作中提到】
: It depends on how important your data is. Normal users trust the audit
: procedure so no insider would/could look their data. Or you can encrypt all
: your data and put the key in the secrete store deployed at on-premise server
: , which is under your control.
: It's related but different between your VM is compromised and your data is
: leaked. You rely on various ACL settings on different layer (network,
: firewall, OS, password, certificates) to protect your VM, and you also have
: encryption to protect your data processed by the VM.
: There is no 100% security, even you put your data on private server. It's
: all about the security measurements you deployed in your system and how well
|
s******n
发帖数: 6806 | 10 如果说admin会捣乱的话,那现有大公司,银行等的私云还不是一样。
所有网购的网站都有客户的信用卡信息,admin想干坏事跟是不是云没有关系。
server
【在 l*******G 的大作中提到】
:
: cloud
: I'm ignorant on this end, how do they achieve it? I'm afraid that the server
: admin can always fake and pretend to be the client and probe the client's
: data. Do you think google can not log into clients email? Do you think
: amazon can not log onto clients' virtual machines?
|
b********7
发帖数: 12906 | 11 ADMIN是自己公司的还是云公司的有很大区别.
【在 s******n 的大作中提到】
: 如果说admin会捣乱的话,那现有大公司,银行等的私云还不是一样。
: 所有网购的网站都有客户的信用卡信息,admin想干坏事跟是不是云没有关系。
:
: server
|
s******n
发帖数: 6806 | 12 不觉得。
另外大公司跟银行肯定不会用,说的是small business.
【在 b********7 的大作中提到】
: ADMIN是自己公司的还是云公司的有很大区别.
|
B*****g
发帖数: 34098 | 13 数据不一定要放到cloud上呀
【在 l*******G 的大作中提到】
:
: cloud
: I'm ignorant on this end, how do they achieve it? I'm afraid that the server
: admin can always fake and pretend to be the client and probe the client's
: data. Do you think google can not log into clients email? Do you think
: amazon can not log onto clients' virtual machines?
|
