One way or another, data has always been handled, even at a time when there was no paper, no parchment, no papyrus… Knowledge was passed on verbally to one another. And even back then, there was a danger of losing some information if it was known to a single person who had not passed it on to others during his lifetime.
With the advent of computers, nothing has fundamentally changed – it is still necessary to take measures to preserve data and ensure, on the one hand, its accessibility and, on the other hand, confidentiality.
Preservation
Preservation means that the data will not be lost under any circumstance.
Accessibility
Usually data is not stored for nothing, just for the fact of being stored. – It is used and therefore it must be accessible.
The data can be stored safely but if it cannot be retrieved at any point in time then it is of no use to the user.
Privacy
Many types of data are not intended for public use. For example, a person’s personal data or a company’s business plans.
To regulate access to data, you need to know who is trying to access it and what data they are allowed to work with.
Sources of threat
To avoid some kind of threat, you first need to be aware of it. Let’s consider what in a computer information system can prevent the security, availability and confidentiality of data.
The field related to the security of computer information systems is quite vast. There are many techniques, products and tools in it. An article and a medium-sized book won’t be enough to give a complete review of them. Therefore, for now, let’s focus only on the cloud aspects of security, and in a particular cloud: 1cloud.
On the one hand, we encourage you to think of virtual servers as being functionally the same as physical servers. On the other hand, there are a number of advantages to using a virtual machine in the cloud.
In general, they are related to the fact that cloud computing resources can be configured and scaled up very easily and quickly.
Prevent
A common practice in protecting information systems (and today it is always computer networks) is to build security perimeters. In this case, the servers of the system are not open to the Internet directly, and are located in separate network segments, and all traffic passes through special gateways and can be filtered. This allows you to close the working servers from many potential attacks.
If the information system consists of several segments dispersed over the Internet, they need to communicate with each other via a secure channel (VPN or at least SSL/TLS).
Cloud 1cloud provides a universal service IaaS, so there are ample opportunities to combine virtual servers in networks of different types, configure and protect them. In the near future, users will have a ready-made firewall, which they will be able to configure on their own and easily in the Control Panel. At the same time, the option to use any other firewall installed on a separate virtual machine is available now and will remain so in the future.
Warning
In case a problem does occur, it is advisable to consider measures to minimize its impact on your information system.
For example, if it is assumed that a server may become inoperable as a result of an external attack or administrator error, you can create a spare instance of the virtual server in advance, to quickly run it instead of the faulty. This will reduce downtime.
The system can be made uninterrupted by using not individual servers, but their groups in which servers run in parallel, the so-called pools and clusters. If one of the machines in the pool fails, the rest will continue to perform their functions.
Save
The most valuable thing in any information system is the data stored and processed in it. Their safety is always at the top of the system administrator’s priority list. Therefore, regardless of the level of system reliability, the need for data backups never disappears.
Identify
Information systems can be very different: both in configuration and functionality, so it is very difficult to come up with a universal means of verification covering all aspects of their work.
Recover
If you have a backup, you can restore a virtual server from it very quickly. Obviously, if the application data is stored on the server itself, it will be restored with it.
If the data is stored separately and the server provides only certain functionality, there is no need to back it up every day. After all, the software on it does not change every day. In this case, it is more rational to save a template of the configured server and use it to create a new or new.