How to Secure Your Data on Alibaba Cloud?

Image for post
Image for post

By Alibaba Cloud Academy

Interested to learn more about Alibaba Cloud? Check out our course on Securing Your Data on Alibaba Cloud and get certified today!

Hello everyone! Welcome back to Alibaba Cloud Academy blog series. In this article, we’ll be talking more about data security and discussing the strategies to secure your data on Alibaba Cloud. Now, let’s talk about the beginning of data security.

What Is Data Security?

We can categorize these attacks into different types of data security issues based on the impact it has on the user. Typically, we call the first type of attack “illegal access of data.” It means the data is not accessible by anyone except the hackers. Sometimes the hackers encrypt your data and make it inaccessible, such as WannaCry. The second type of attack is “data tampering or data loss.” Data tampering means a third party has made unauthorized changes to your data, and you may not be able to find the original data anymore. With data loss, if the database is hacked, the hackers can retrieve all your valuable user information, such as your password, but they can also delete your database to kick you out of the business.

The CIA Model and the AAA Framework

  • Confidentiality — When talking about data security, we don’t want someone to illegally access your data.
  • Integrity — Just like data tampering, we want to make sure the data is still original after the transmission. There are several methods to ensure data integrity, and these checks make sure that the data you sent are not tampered with.
  • Data availability is about the opportunity to always be able to access data, just like the high availability (HA) architecture. It is a concept commonly used in the storage industry. When we are using the HA structure, we can make sure that when one node is down, the other node could take over the work immediately and make the business keep running.

Next, let’s talk about data protection and security. Physical security is the most fundamental one to keep your servers isolated, fully managed, and secured in security zones. Also, when we talk about security protection, we are talking about auditing and three A’s, authentication, authorization, and auditing. In Alibaba Cloud, we use the resource access management to protect your user and role and to defend the different policies to give them enough privilege to get things done.

Regarding confidentiality, we have methodologies like encryption and certification. For integrity, we need to use some algorithms to verify our data integrity. For availability, we can set up master-slave instances and keep the back-up data to the remote instances. For the data protection security, we need to make sure we have timely backup recovery. Also, we have something really interesting called data access authorization and approval. For the different management tasks, you need to assign different roles and make sure the policy assigned to the role is enough to do the job. You cannot give them too many privileges beyond the task they need to finish.

For data backup and disaster tolerance, we have the ECS snapshot, ApsaraDB master-slave instances, and disaster recovery instances to handle the backup and recovery scenario. We can also import and export your logical data to make sure the backup is functioning regularly. For OSS and all the Apsara cloud backend storage, we have multiple methodologies that give you the capability to remotely back up your data in different storage locations.

Talking about data encryption, we can encrypt data in ApsaraDB and the Object Storage Service (OSS). Additionally, we have a very personal and standard service called the key management service. It helps manage the public and private keys through its internal and uses embedded features to support other product encryption features.

Last but not least, when talking about the data transmission security, we have another stand-alone service called Alibaba Cloud Certificates service. You can buy an SSL certificate to secure your website and make it HTTPS compliant.

How to Get Started with Alibaba Cloud Security Services?

Ready to test your knowledge? Take the Secure Your Data on Alibaba Cloud course and get certified today!

Original Source:

Follow me to keep abreast with the latest technology news, industry insights, and developer trends.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store