下面為大家整理一篇優(yōu)秀的
essay代寫范文-The risks of cloud services,供大家參考學習,這篇論文討論了云服務的風險。如今,云服務的主流地位已不可動搖,并且每年都在接管更多的企業(yè)職能。以前云服務僅限于簡單的存儲或者聯(lián)系人管理,而現(xiàn)在像ERP這樣的核心功能已經(jīng)遷移到云中。隨著越來越多的基本服務不斷遷移到云中,我們必須關注當今云環(huán)境中固有的風險,并采取預防措施來緩解這些風險。
Essay代寫范文
Cloud services and their associated risks will only become more important over time.This article explains how to manage these risks without losing the benefits of the cloud.
隨著時間的推移,云服務及其相關風險將變得更加重要。本文將解釋如何在不損失云優(yōu)勢的情況下管理這些風險。
The dominant position of cloud services is already unshakable,and it is taking over more enterprise functions every year.Previously,cloud services were limited to simple storage or contact management,but now core functions like ERP have migrated to the cloud.As more basic services continue to migrate to the cloud,IT leaders must focus on the risks inherent in today's cloud environment and take precautions to mitigate them.
云服務的主導地位已經(jīng)不可動搖,它每年都會接管更多的企業(yè)功能。以前,云服務只限于簡單的存儲或聯(lián)系人管理,但現(xiàn)在像ERP這樣的核心功能已經(jīng)遷移到云上。隨著更多的基礎服務繼續(xù)遷移。對于云,IT領導者必須關注當今云環(huán)境中固有的風險,并采取預防措施來減輕風險。
In banking,the ability to adapt to risk is often set to guide business decisions.Conservative risk resilience,for example,can lead Banks to reject lucrative but highly uncertain loans.The"knife-licking""type of risk adaptation could yield higher returns in the boom years.Banks could be hit hard by the next crisis.
在銀行業(yè),適應風險的能力往往被設定為指導業(yè)務決策的能力。例如,保守的風險恢復能力可以導致銀行拒絕利潤豐厚但高度不確定的貸款。“舔刀子”式的風險適應可以在繁榮時期產(chǎn)生更高的回報。銀行可能會受到下一次危機。
From an IT management perspective,an enterprise's risk adaptation will guide your due diligence,ongoing monitoring,and willingness to invest in risk reduction measures.For example,an enterprise can establish a hierarchical approach to mitigate risks and maximize the use of limited resources.The approach to reducing the risk of"level 1"cloud service failure is achieved through staffing,periodic testing,and the adoption of top level vendor support.
從IT管理的角度來看,企業(yè)的風險適應將指導您的盡職調(diào)查、持續(xù)監(jiān)控和投資于風險降低措施的意愿。例如,企業(yè)可以建立一種分級方法來降低風險并最大限度地利用有限的資源。通過人員配備、定期測試和采用頂級供應商支持來降低“1級”云服務失敗的風險。
Cloud providers like to emphasize ease of use and flexibility.Once an enterprise experiences the ease of use of the cloud,it is rarely willing to go back in time and maintain its old infrastructure.But a lackadaisical attitude to cloud services can put employees at risk because of their stupidity.
云提供商喜歡強調(diào)易用性和靈活性。一旦一個企業(yè)體驗到云的易用性,它就很少愿意回到過去并維護其舊的基礎設施。但是,對云服務的懶散態(tài)度會使員工因愚蠢而面臨風險。
John Hodges,vice President of product strategy at AvePoint,commented:"the point is that cloud services often encourage'casual use'of data;I can collect,search and store anything anywhere.We often see this in systems like Box,DropBox,and OneDrive,where there is a real danger of mixed use in terms of content storage and sharing."However,simply and crudely prohibiting the use of mixtures can also cause problems.
Banning high-risk cloud services would help,but it doesn't eliminate the problem entirely.Hodges explains:"for accounts provided by enterprises,such as the Slack channel or Microsoft Teams,and other systems,users always take the most convenient route of data sharing.But this behavior may not be consistent with records retention policies or restrictions on data sharing."If your company is subject to litigation or a similar investigation,inconsistent application of record-keeping policies can be a headache for businesses.
Zero trust is an IT security policy that requires every user,system,or device within and outside the perimeter to be validated and certified before being connected to its system.How can you use the zero-trust model to reduce cloud risk?Insurity is an enterprise specializing in property and casualty insurance services and software,for which a zero-trust approach means very strict access restrictions.
Jonathan Victor,chief information officer at Insurity,said:"we provide minimal and privileged logical access to a very small number of users that meets the requirements of working functionality.This control is audited internally by our corporate security department and is part of our annual SOC external audit."
Periodically check the user access level and see if this is reasonable.Does the enterprise need dozens of users with administrative access rights?Every super user adds additional risk.
Spend some time researching industry news about cloud-related failures that will help reduce cloud risk.In today's enterprise,the complexity and evolving nature of cloud applications means there is always something to be learned from blockbuster events.
Rich Petersen,co-founder and President of JetStream software,commented:""we're focused on the loss of data,so we've learned important lessons from a few events.For example,in August 2017 Meraki lost data in which the local system failed to back up the data to the cloud service as designed."
Cisco has also acknowledged that cloud configuration errors have led to data loss and reduced productivity.As Register reports,"the incident caused cisco a great deal of trouble because Meraki sold cloud services based on its support,which avoided the amount of tedious work required to run networks and voice systems.Meraki has made such a big mistake-and it seems the lack of data protection tools to recover from this contingency is a big stain on its reputation."
Automation,virtual assistants and data processing not only help businesses sell more products,but also manage their cloud services.For Barracuda networks,the range of manual security jobs has shrunk dramatically since the cloud began to automate processes.
Greg Arnette,director of data protection platform strategy at Barracuda networks,said:"we have abandoned manual security checks and moved to automated scans,as the growing and ongoing threat forces us to be constantly vigilant to ensure system integrity,data protection and compliance control requirements."
However,when it comes to reducing cloud risk,moving to automation has significant limitations.After all,it's impossible to automatically assess the risk to cloud providers.But if you use more automated tools to detect problems in the cloud and standardize the configuration,employees can spend more time focusing on complex issues,such as cultivating and managing relationships with cloud providers.
Whether you have the right to audit cloud providers is a hot issue.If your company's contracts and agreements lack this clause,you will feel tied down in the event of an accident.Big cloud providers,on the other hand,are putting these requirements back on the enterprise.
Ted Rogers,head of executive advisory operations for the UpperEdge project,said:"with regard to auditing,there are a number of cloud providers that are in turn putting pressure on companies not to have the authority to audit their data centers and their processes,procedures and security measures.Why?Because they don't want a third party to show up and audit.Instead,suppliers say they are compliant,or they say they don't have to worry because if they don't,they will get into trouble for other reasons of the contract,such as leaks.
One solution is to critically evaluate the auditing methods developed by cloud providers.Rogers recommends the following alternatives:"access the cloud provider's audit documentation.Specifically,see if they've made an update based on facebook's difficulties with data privacy.Some cloud providers say they are just data processors.They claim they don't touch the data and they don't leak it."This raises the question:how do you know if providers are keeping their promises?
There are ways to mitigate this risk,even if cloud providers are reluctant to give their audit rights to the enterprise.You can ask for more comprehensive reports and emphasize the need to provide key risk indicators.You can also ask the company's internal audit department to give an opinion when discussing the contract.
Finally,hacking and security aren't the only risks to consider.There is also the risk of falling behind.
Tony Buffomante,us regional head of cybersecurity services at KPMG,commented:"for some of our less mature clients,the key business risk is not actively pursuing cloud transformation and services.Cloud is not only a new technology,it has also changed the business and operating model of many industries.It's about transforming the business to be more flexible and competitive."
Moreover,few businesses have the budget or the willingness to build data centers,develop all their own software,and build local infrastructure.In fact,companies with weaker IT capabilities will benefit from the risk management capabilities of large cloud providers.