Cloud security has also become a focus of attention in the industry, and cloud data security is one of the most central issues in cloud security.
1.Cloud data faces threats from the tenant's own insiders, and tenant insiders can have maximum access to add, delete, and change cloud data;
2.Hacker APT attacks, SQL injections, database vulnerabilities and other attacks;
3.Attack methods such as virtual machine escape may be used to obtain sensitive data;
4.Business personnel do not do privacy on sensitive data access, which may cause data leakage;
In response to the security problems of cloud platform data, establish a monitoring and defense system for the entire life cycle of the data, regularly carry out data security vulnerability scanning to identify potential data security vulnerabilities and threats; implement a permission control mechanism, and formulate a permission access mechanism according to the roles of different cloud database accesses, so as to prevent data leakage and misuse. For the scenarios of data sharing and outgoing as well as real-time access, achieve desensitization of sensitive data.
1. Detailed records of logs of sensitive data access, electronic forensics, accurate to the person;
2. Identify the existence of vulnerabilities and weak passwords in the database through a comprehensive scanning and detection mechanism, timely risk and repair potential security vulnerabilities and threats;
3. Establish access rights control for internal personnel or third-party operation and maintenance personnel to effectively prevent malicious attacks by hackers and high-risk operations;
4. For development and testing personnel access or data sharing scenarios, desensitize business sensitive data such as cell phone numbers, ID cards, bank card numbers, etc. before data sharing to protect the privacy and security of sensitive data.
Support for multiple cloud architectures: support for VMware vCloud, Openstack, KVM, RHEV, Hyper-V, CloudStack and so on.
Separation of rights: different cloud tenants provide separation of rights rules to ensure complete separation of rights and responsibilities between tenants.
Independent of the cloud platform: independent of the cloud platform, the user directly controls the security logs, to ensure the neutrality of the security protection results, but also to facilitate the upgrading and maintenance of security capabilities.
Qianhai Building,Shenzhen,China
Tel:400-622-8990
Email:support@ankki.com
