Interested to learn more about Alibaba Cloud? Check out our course on Securing Your Data on Alibaba Cloud and get certified today!
Hello everyone! Welcome back to Alibaba Cloud Academy blog series. In this article, we'll be talking more about data security and discussing the strategies to secure your data on Alibaba Cloud. Now, let's talk about the beginning of data security.
What is data security? In the past decade, there have been many large-scale network security incidents, such as the WannaCry incident in 2017. When it came out, one of the terrible things it did was encrypt the victim's computer data, including personal data and sensitive business data. After that, the criminals conducted "bitcoin hijack." In this kind of attack, you have to pay the criminals in bitcoin to get your important personal data back. Now, this may come as a surprise to many, but government organizations and national security agencies are not immune to data leaks and unauthorized access.
We can categorize these attacks into different types of data security issues based on the impact it has on the user. Typically, we call the first type of attack "illegal access of data." It means the data is not accessible by anyone except the hackers. Sometimes the hackers encrypt your data and make it inaccessible, such as WannaCry. The second type of attack is "data tampering or data loss." Data tampering means a third party has made unauthorized changes to your data, and you may not be able to find the original data anymore. With data loss, if the database is hacked, the hackers can retrieve all your valuable user information, such as your password, but they can also delete your database to kick you out of the business.
To give you a better understanding of data security, I would like to divide the big topic into different directions and introduce you to some common solutions. We have a data security model called CIA; confidentiality, integrity, and availability.
Next, let's talk about data protection and security. Physical security is the most fundamental one to keep your servers isolated, fully managed, and secured in security zones. Also, when we talk about security protection, we are talking about auditing and three A's, authentication, authorization, and auditing. In Alibaba Cloud, we use the resource access management to protect your user and role and to defend the different policies to give them enough privilege to get things done.
Regarding confidentiality, we have methodologies like encryption and certification. For integrity, we need to use some algorithms to verify our data integrity. For availability, we can set up master-slave instances and keep the back-up data to the remote instances. For the data protection security, we need to make sure we have timely backup recovery. Also, we have something really interesting called data access authorization and approval. For the different management tasks, you need to assign different roles and make sure the policy assigned to the role is enough to do the job. You cannot give them too many privileges beyond the task they need to finish.
For data backup and disaster tolerance, we have the ECS snapshot, ApsaraDB master-slave instances, and disaster recovery instances to handle the backup and recovery scenario. We can also import and export your logical data to make sure the backup is functioning regularly. For OSS and all the Apsara cloud backend storage, we have multiple methodologies that give you the capability to remotely back up your data in different storage locations.
Talking about data encryption, we can encrypt data in ApsaraDB and the Object Storage Service (OSS). Additionally, we have a very personal and standard service called the key management service. It helps manage the public and private keys through its internal and uses embedded features to support other product encryption features.
Last but not least, when talking about the data transmission security, we have another stand-alone service called Alibaba Cloud Certificates service. You can buy an SSL certificate to secure your website and make it HTTPS compliant.
Alibaba Cloud offers services and products for every scenario possible. I hope this article helps you understand how important data security is to us and how important it is to look into it and make sure the data is kept securely on the cloud and your computer. If you're interested to learn more, I'd strongly suggest checking out our family of products at Alibaba Cloud Security Services or take one of our Clouder courses in security.
Ready to test your knowledge? Take the Secure Your Data on Alibaba Cloud course and get certified today!
How Can a Server Load Balancer Help Your Website or Application?
Alibaba Cloud Academy Certification Courses - A Visual Guide
64 posts | 53 followers
FollowAlibaba Clouder - July 3, 2020
Alibaba Cloud Community - September 27, 2021
Alibaba Clouder - August 10, 2020
Dikky Ryan Pratama - May 25, 2023
Alibaba Clouder - July 9, 2019
Alibaba Clouder - July 12, 2019
64 posts | 53 followers
Follow
RAM(Resource Access Management)
Secure your cloud resources with Resource Access Management to define fine-grained access permissions for users and groups
Learn More
Resource Management
Organize and manage your resources in a hierarchical manner by using resource directories, folders, accounts, and resource groups.
Learn More
Hybrid Cloud Distributed Storage
Provides scalable, distributed, and high-performance block storage and object storage services in a software-defined manner.
Learn More
OSS(Object Storage Service)
An encrypted and secure cloud storage service which stores, processes and accesses massive amounts of data from anywhere in the world
Learn MoreMore Posts by Alibaba Cloud_Academy
