高分essay代写范文-云服务的风险

　　下面为大家整理一篇优秀的essay代写范文-The risks of cloud services，供大家参考学习，这篇论文讨论了云服务的风险。如今，云服务的主流地位已不可动摇，并且每年都在接管更多的企业职能。以前云服务仅限于简单的存储或者联系人管理，而现在像ERP这样的核心功能已经迁移到云中。随着越来越多的基本服务不断迁移到云中，我们必须关注当今云环境中固有的风险，并采取预防措施来缓解这些风险。

Essay代写范文

 

　　Cloud services and their associated risks will only become more important over time.This article explains how to manage these risks without losing the benefits of the cloud.

 

　　随着时间的推移，云服务及其相关风险将变得更加重要。本文将解释如何在不损失云优势的情况下管理这些风险。

 

　　The dominant position of cloud services is already unshakable,and it is taking over more enterprise functions every year.Previously,cloud services were limited to simple storage or contact management,but now core functions like ERP have migrated to the cloud.As more basic services continue to migrate to the cloud,IT leaders must focus on the risks inherent in today's cloud environment and take precautions to mitigate them.

 

　　云服务的主导地位已经不可动摇，它每年都会接管更多的企业功能。以前，云服务只限于简单的存储或联系人管理，但现在像ERP这样的核心功能已经迁移到云上。随着更多的基础服务继续迁移。对于云，IT领导者必须关注当今云环境中固有的风险，并采取预防措施来减轻风险。

 

　　In banking,the ability to adapt to risk is often set to guide business decisions.Conservative risk resilience,for example,can lead Banks to reject lucrative but highly uncertain loans.The"knife-licking""type of risk adaptation could yield higher returns in the boom years.Banks could be hit hard by the next crisis.

 

　　在银行业，适应风险的能力往往被设定为指导业务决策的能力。例如，保守的风险恢复能力可以导致银行拒绝利润丰厚但高度不确定的贷款。“舔刀子”式的风险适应可以在繁荣时期产生更高的回报。银行可能会受到下一次危机。

 

　　From an IT management perspective,an enterprise's risk adaptation will guide your due diligence,ongoing monitoring,and willingness to invest in risk reduction measures.For example,an enterprise can establish a hierarchical approach to mitigate risks and maximize the use of limited resources.The approach to reducing the risk of"level 1"cloud service failure is achieved through staffing,periodic testing,and the adoption of top level vendor support.

 

　　从IT管理的角度来看，企业的风险适应将指导您的尽职调查、持续监控和投资于风险降低措施的意愿。例如，企业可以建立一种分级方法来降低风险并最大限度地利用有限的资源。通过人员配备、定期测试和采用顶级供应商支持来降低“1级”云服务失败的风险。

 

　　Cloud providers like to emphasize ease of use and flexibility.Once an enterprise experiences the ease of use of the cloud,it is rarely willing to go back in time and maintain its old infrastructure.But a lackadaisical attitude to cloud services can put employees at risk because of their stupidity.

 

　　云提供商喜欢强调易用性和灵活性。一旦一个企业体验到云的易用性，它就很少愿意回到过去并维护其旧的基础设施。但是，对云服务的懒散态度会使员工因愚蠢而面临风险。

 

　　John Hodges,vice President of product strategy at AvePoint,commented:"the point is that cloud services often encourage'casual use'of data;I can collect,search and store anything anywhere.We often see this in systems like Box,DropBox,and OneDrive,where there is a real danger of mixed use in terms of content storage and sharing."However,simply and crudely prohibiting the use of mixtures can also cause problems.

 

　　Banning high-risk cloud services would help,but it doesn't eliminate the problem entirely.Hodges explains:"for accounts provided by enterprises,such as the Slack channel or Microsoft Teams,and other systems,users always take the most convenient route of data sharing.But this behavior may not be consistent with records retention policies or restrictions on data sharing."If your company is subject to litigation or a similar investigation,inconsistent application of record-keeping policies can be a headache for businesses.

 

　　Zero trust is an IT security policy that requires every user,system,or device within and outside the perimeter to be validated and certified before being connected to its system.How can you use the zero-trust model to reduce cloud risk?Insurity is an enterprise specializing in property and casualty insurance services and software,for which a zero-trust approach means very strict access restrictions.

 

　　Jonathan Victor,chief information officer at Insurity,said:"we provide minimal and privileged logical access to a very small number of users that meets the requirements of working functionality.This control is audited internally by our corporate security department and is part of our annual SOC external audit."

 

　　Periodically check the user access level and see if this is reasonable.Does the enterprise need dozens of users with administrative access rights?Every super user adds additional risk.

 

　　Spend some time researching industry news about cloud-related failures that will help reduce cloud risk.In today's enterprise,the complexity and evolving nature of cloud applications means there is always something to be learned from blockbuster events.

 

　　Rich Petersen,co-founder and President of JetStream software,commented:""we're focused on the loss of data,so we've learned important lessons from a few events.For example,in August 2017 Meraki lost data in which the local system failed to back up the data to the cloud service as designed."

 

　　Cisco has also acknowledged that cloud configuration errors have led to data loss and reduced productivity.As Register reports,"the incident caused cisco a great deal of trouble because Meraki sold cloud services based on its support,which avoided the amount of tedious work required to run networks and voice systems.Meraki has made such a big mistake-and it seems the lack of data protection tools to recover from this contingency is a big stain on its reputation."

 

　　Automation,virtual assistants and data processing not only help businesses sell more products,but also manage their cloud services.For Barracuda networks,the range of manual security jobs has shrunk dramatically since the cloud began to automate processes.

 

　　Greg Arnette,director of data protection platform strategy at Barracuda networks,said:"we have abandoned manual security checks and moved to automated scans,as the growing and ongoing threat forces us to be constantly vigilant to ensure system integrity,data protection and compliance control requirements."

 

　　However,when it comes to reducing cloud risk,moving to automation has significant limitations.After all,it's impossible to automatically assess the risk to cloud providers.But if you use more automated tools to detect problems in the cloud and standardize the configuration,employees can spend more time focusing on complex issues,such as cultivating and managing relationships with cloud providers.

 

　　Whether you have the right to audit cloud providers is a hot issue.If your company's contracts and agreements lack this clause,you will feel tied down in the event of an accident.Big cloud providers,on the other hand,are putting these requirements back on the enterprise.

 

　　Ted Rogers,head of executive advisory operations for the UpperEdge project,said:"with regard to auditing,there are a number of cloud providers that are in turn putting pressure on companies not to have the authority to audit their data centers and their processes,procedures and security measures.Why?Because they don't want a third party to show up and audit.Instead,suppliers say they are compliant,or they say they don't have to worry because if they don't,they will get into trouble for other reasons of the contract,such as leaks.

 

　　One solution is to critically evaluate the auditing methods developed by cloud providers.Rogers recommends the following alternatives:"access the cloud provider's audit documentation.Specifically,see if they've made an update based on facebook's difficulties with data privacy.Some cloud providers say they are just data processors.They claim they don't touch the data and they don't leak it."This raises the question:how do you know if providers are keeping their promises?

 

　　There are ways to mitigate this risk,even if cloud providers are reluctant to give their audit rights to the enterprise.You can ask for more comprehensive reports and emphasize the need to provide key risk indicators.You can also ask the company's internal audit department to give an opinion when discussing the contract.

 

　　Finally,hacking and security aren't the only risks to consider.There is also the risk of falling behind.

 

　　Tony Buffomante,us regional head of cybersecurity services at KPMG,commented:"for some of our less mature clients,the key business risk is not actively pursuing cloud transformation and services.Cloud is not only a new technology,it has also changed the business and operating model of many industries.It's about transforming the business to be more flexible and competitive."

 

　　Moreover,few businesses have the budget or the willingness to build data centers,develop all their own software,and build local infrastructure.In fact,companies with weaker IT capabilities will benefit from the risk management capabilities of large cloud providers.