Five Measures to Make Alibaba Cloud Storage More Secure

New Challenges to Storage Security

Security Compliance Is Now Mandatory

On June 1, 2017, the Cybersecurity Law of the People’s Republic of China was officially implemented, marking an important milestone in China’s establishment of strict network governance guidelines. On May 13, 2019, the “Baseline for Classified Protection of Cybersecurity” and other relevant national standards were officially released, opening the era of Classified Protection 2.0. Additionally, the “Measures for Data Security Management (Draft for Comments)”, “Regulation on the Protection of Children’s Personal Information Online”, “Guideline for Internet Personal Information Security Protection”, “Measures for Security Assessment of Cross-Border Data Transfer of Personal Information and Important Data”, and “Cryptography Law of the People’s Republic of China” were released in quick succession. The General Data Protection Regulation (GDPR) issued by the European Union in 2018 is currently the most stringent and detailed law designed to protect the security of user data. Starting in January 2020, the California Consumer Privacy Act (CCPA) came into force. This act regulates all business activities that involve data related to California residents.

Threats from Hackers and Ransomware

Constant attacks by hackers and ransomware also pose major challenges to data security. According to the “Ransomware Virus Analysis Report for February” released by 360 Security Brain, there are many new ransomware additions. There are familiar names like GlobeImposter, Phobos, and Cryosis as well as new names like HackedSecret and Makop. All of these ransomware launched violent attacks against various systems.

Human Error Is Extremely Destructive

Protecting data security against human error is an aspect of data security that is often overlooked. Inside enterprises, such human errors include the improper selection of technologies, weak security awareness, lack of backup and disaster recovery planning, and improper process configurations, such as improper permissions or privileged users. Manual operations can result in service crashes or the deletion of core databases, which can permanently damage the operational capabilities and competitiveness of an enterprise.

New Data Security Technologies

Data sharing platforms based on a centralized data exchange mechanism have the problems of complex processes, high costs, and low efficiency in personal privacy protection. Therefore, data security needs to be empowered by new digital technologies. For example, artificial intelligence (AI) technology is required to implement more efficient data security management, help ensure the secure use of data at large scale, and advance the digital transformation of the economy and society.

Alibaba Cloud’s Best Security Practices in the Storage Field

1) Precise Permission Management to Ensure Secure Data Access

Data access permissions specify when, how, and by whom data can be obtained. Access management is an effective way to protect data.

2) Multiple Data Encryption Methods to Ensure End-to-End Data Security

As the most common data security method, data encryption can be performed by the source, intermediate device, or transmission channel. The main problems in data encryption are how to store and use keys properly.

3) Traceable Operation Records to Ensure the Backtracking of Unexpected Behaviors

For cloud users, it is very important to know who accessed what data at what time and what operations they performed. In particular, when a security event occurs, users must be able to quickly locate the source of the event by querying operation records, determine whether the event is resulting from an internal or external attack, and address the event immediately.

4) Powerful Backup and Disaster Recovery Capabilities to Defend Against Ransomware

In terms of security for enterprise data, ransomware is one of the most dangerous cyberattack forms. After data is encrypted by ransomware, it is difficult to decrypt unless you pay the ransom. Data center faults, natural disasters, and accidental deletion may also incur data security risks and business interruptions. The intrinsic resource advantages of the cloud provide the conditions that make it possible to solve these problems.

5) Innovative Fusion of Storage and AI

AI security technology for protecting data privacy has developed in the field of distributed computing and information security, providing a new computing model for collaborative network computing. This approach uses multiple technologies to protect data security, including secure multi-party computing, differential privacy, dynamic encryption, and encrypted search and computing. By leveraging AI and related technologies, Alibaba Cloud storage products are evolving to be more automated and intelligent in the security and governance of stored data. At the same time, the Alibaba Cloud Storage team will work with DAMO Academy to explore ways to reduce trust costs and financial costs and give full play to the value of data.


Currently, Alibaba Cloud provides storage services to millions of customers in government, Internet, finance, healthcare, and education. Our storage services are deployed on a global scale with a capacity exceeding 100 EB. Alibaba Cloud is committed to providing users with stable, secure, reliable, and easy-to-use storage services.

Original Source:



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store