Minimization principle
The security minimization principle is one of the most basic principles. The fewer services provided, the lower the security risk. When enterprises build business systems based on cloud-based SaaS, PaaS, and IaaS, they always follow the security minimization principle, including:
Principle of network minimization: Open as few public network access portals as possible, open as small a range of control ports as possible, use VPCs or subnets as much as possible to minimize network segmentation, and isolate and monitor network segments;
Identity minimization principle: reduce the number of system administrators as much as possible, and assign users identities with the idea of binding roles and permissions;
Principle of minimum permissions: In principle, only specific minimum permissions are allowed in the whitelist mode. However, this is often difficult to implement in the actual landing process, but this is one of the important principles of safety design.
Principle of minimizing RAM user permissions: Generally, we recommend that you use RAM users for identity management and fine-grained allocation of RAM user permissions;
Principle of minimizing AccessKey permissions: In some best practices, we recommend that you do not create an AccessKey under an Alibaba Cloud account. Generally, we recommend that you apply for an AccessKey for automated calls under a RAM user or an account that can be monitored and has controlled permissions.
audit traceability principle
Make sure that audit records are kept for all access requests from clients. When a network attack occurs, you can use cloud resource operation logs, cloud resource access logs, and change logs to restore the attack event and trace the attack process. This helps enterprises determine and locate the level, impact, and loss of the attack event.
Data security protection principles
Based on the security responsibility sharing model, the system construction of data security is also divided into tenants and cloud platforms. We recommend that you design a data security protection system on the tenant side based on the following principles:
The principle of data classification and grading: enterprises should consciously establish data classification and grading system and system in combination with practical application and business characteristics. Classification and grading is a long-term and dynamic work, and also the first step to carry out classification protection;
The principle of data RAM and authority minimization: enterprises should combine the actual workflow, sort out the user identity, purpose, authority and way of data access, and manage the authority and access way through relevant technical control means;
Static data protection principle: access authentication and data encryption for static data;
dynamic data protection principle: the transmission encryption and data encryption shall be carried out on the channel through which the data flows and the data in the flow;
Data audit principle: In principle, a comprehensive audit of data access, operation and movement should be conducted.
Data sharing principle: Identify the ways and means of data sharing, such as obtaining and sharing data online through APIs and SDKs, and sharing data offline. These shared accesses need to be identified and relevant protection measures need to be established.
Data compliance principle: We should pay attention to data compliance, disassemble the technical control measures and management measures required to meet compliance requirements, and incorporate them into the planning of enterprise data security system construction.
Compliance principles
Enterprises in Chinese mainland, Hong Kong, Macao, Taiwan, and overseas regions shall fully consider the requirements of local laws and regulations when building business systems and providing external services based on Alibaba Cloud infrastructure. In the process of safety architecture design, the regulatory requirements should be fully analyzed and understood, and the relevant technical control measures and management control measures that can meet the regulatory requirements should be marked. In order to build security capabilities, you can clearly understand and clarify what products and services cloud vendors can provide to meet compliance requirements for enterprises.