We read how Google protects data.While Google is an innovator in two-step authentication and encryption methods and may even have more scale of operations than many other companies, all that other companies need to do is to ensure that they don't fall short of the considerations from Google's security efforts. Their implementations can vary but the threats will have been mitigated. Where may companies may lead the initiative is to show how to use the public cloud by setting security standards in its adoption. I enumerate the areas of control. These include:
1) network integration between on-premise and public cloud
2) penetration testing of virtual private network in the public cloud
3) Active Directory connector between virtual private network and on premise
4) System Center Manager for public cloud assets
5) Setting up of monitoring and alerts on all threat related operational activities
6) Successful key management for all assets and operations related key usages
7) Isolation among security groups or access controls for individual instances and groups.
8) Metering and reports on all usages so that anomalies can be detected
9) Metrics on all distributions across regions and fault tolerance
10) Size of large groups and the percentage of fine granularity in resource groups
11)Time based variations over a period
Most public cloud providers publish their own security guidelines and practice while providing documentation and community support forums. These best practice cover many tools and features that the cloud providers give to enable empowering the companies that adopt the public clouds. However, the degree to which each one uses these clouds and their compliance to minimum security standards is largely not governed. The contract between public cloud providers and organizations safeguards the public cloud provider but does not secure the end user or their data in all aspects of their usage. For example, with the use of public cloud for private networks, an organization may or may not guarantee isolation of user data on the same server, its robustness and reliability against loss, theft or mishandling, its availability to export when the user no longer wishes to use the services and its portability. Moreover, administrators have their own administration tasks that require certain level security compliance as we saw with our coverage of how Google secures its data. These tasks include writing rules that dictate data retention, showing responsibility towards legal hold and law enforcement response, maintaining transparency in their actions and the publication of their reports, or showing discretion in other maintenance activities.
Therefore, adoption of public cloud computing for organizational needs requires certain criteria that can evolve as an internal security compliance requirement.
More reading at https://1drv.ms/w/s!Ashlm-Nw-wnWrF0qVoeSgL7Xnu1w
#codingexercise
Yesterday we were discussing a codingexercise that attempted to sort a doubly linked list of 0 and 1.
It had a helper function to cut and insert element before or after the transition point. We implemented the insertion after the transition point and we implement the insertion before the transition point.
dll CutAndInsertBefore(dll transition, dll current, dll root)
{
assert (current != null && root != null);
if (transition == null) return root; // nothing to do
if (transition == current) return root;
if (current == root) return root; // this op only when current > transition
// root == transition is acceptable
// cut current;
var temp = current.next;
if (temp)
temp.prev = current.prev;
if (current.prev){
current.prev.next = current.next;
current.next = null;
}
// insert before
if (transition.prev)
transition.prev.next = current;
else
root = current;
current.next = transition;
current.prev = transition.prev;
transition.prev = current;
return root;
}
1) network integration between on-premise and public cloud
2) penetration testing of virtual private network in the public cloud
3) Active Directory connector between virtual private network and on premise
4) System Center Manager for public cloud assets
5) Setting up of monitoring and alerts on all threat related operational activities
6) Successful key management for all assets and operations related key usages
7) Isolation among security groups or access controls for individual instances and groups.
8) Metering and reports on all usages so that anomalies can be detected
9) Metrics on all distributions across regions and fault tolerance
10) Size of large groups and the percentage of fine granularity in resource groups
11)Time based variations over a period
Most public cloud providers publish their own security guidelines and practice while providing documentation and community support forums. These best practice cover many tools and features that the cloud providers give to enable empowering the companies that adopt the public clouds. However, the degree to which each one uses these clouds and their compliance to minimum security standards is largely not governed. The contract between public cloud providers and organizations safeguards the public cloud provider but does not secure the end user or their data in all aspects of their usage. For example, with the use of public cloud for private networks, an organization may or may not guarantee isolation of user data on the same server, its robustness and reliability against loss, theft or mishandling, its availability to export when the user no longer wishes to use the services and its portability. Moreover, administrators have their own administration tasks that require certain level security compliance as we saw with our coverage of how Google secures its data. These tasks include writing rules that dictate data retention, showing responsibility towards legal hold and law enforcement response, maintaining transparency in their actions and the publication of their reports, or showing discretion in other maintenance activities.
Therefore, adoption of public cloud computing for organizational needs requires certain criteria that can evolve as an internal security compliance requirement.
More reading at https://1drv.ms/w/s!Ashlm-Nw-wnWrF0qVoeSgL7Xnu1w
#codingexercise
Yesterday we were discussing a codingexercise that attempted to sort a doubly linked list of 0 and 1.
It had a helper function to cut and insert element before or after the transition point. We implemented the insertion after the transition point and we implement the insertion before the transition point.
dll CutAndInsertBefore(dll transition, dll current, dll root)
{
assert (current != null && root != null);
if (transition == null) return root; // nothing to do
if (transition == current) return root;
if (current == root) return root; // this op only when current > transition
// root == transition is acceptable
// cut current;
var temp = current.next;
if (temp)
temp.prev = current.prev;
if (current.prev){
current.prev.next = current.next;
current.next = null;
}
// insert before
if (transition.prev)
transition.prev.next = current;
else
root = current;
current.next = transition;
current.prev = transition.prev;
transition.prev = current;
return root;
}
No comments:
Post a Comment