The hottest Microsoft protects user privacy and ke

Microsoft: protect users' privacy and keep the bottom line of cloud services

refuse transparent people. I'll protect your privacy.

in the process of cloud computing capabilities gradually penetrating the Internet and more and more traditional industries, customer data is constantly generated in a massive form. On the one hand, a considerable number of traditional enterprises still have doubts about the security and stability of the cloud, On the other hand, individual users also have concerns that their data may be abused or leaked. The previously exposed internal employees of e-commerce used their positions to resell user data, which almost once plunged the whole society into a privacy panic. With the advent of the cloud era and the increasing reliance on big data technology, the privacy and control of customer data has become an important topic at present. In Chinese Mainland, using Microsoft's technology to serve the world, the trusted cloud service operated by 21vianet has also realized this: it is imperative to protect the privacy of customer data. Let's see how they protect the privacy of data owners

data is yours, and technology ensures privacy.

big data is like a double-edged sword. Society benefits a lot from the use of big data, but there is no hiding place for customer data privacy. In recent years, data privacy infringement cases have occurred from time to time, such as personal privacy disclosure events, corporate cloud data loss events, portal and social networking attacks by hackers, resulting in the disclosure of tens of millions of users' information and other events, which have seriously violated the legitimate rights and interests of customers' data owned by customers. In order to realize the promise that customers' data belongs to the data owner, 21vianet starts from three aspects to ensure that customers have their own data: Advanced privacy design and protection technology, simple and transparent data protection policies, and strict constraints on maintenance engineers

first, the development of privacy technology follows the Microsoft SDL (secure development lifecycle) process. Use the multi tenant architecture and azure ad to log in to the system with the same account, and separate user data through logical isolation to ensure that other customers cannot obtain access to your data

second, in the process of customers purchasing and using 21vianet trusted cloud services, 21vianet will record and manage the generated data according to types. For example, all data provided by customers to 21vianet, including text, software, etc., is called customer data. In the process of providing threat monitoring, repair, troubleshooting and other services, 21vianet must first obtain the consent of the data owner before it can use customer data. Other types of data, including personal information provided by customers when registering as administrators, are called administrator data; The payment tool information provided by the customer when paying is called payment data; Store cookie data of customer preferences and settings, etc. different types of data have different access control and audit strategies, which have also been published on the network

third, strictly control internal data access. Sometimes internal prevention is more important than external prevention. When recruiting engineers, 21vianet will first review the background of candidates, and engineers will receive special training after taking up their posts. During the training process, it is repeatedly emphasized that customer data should not be touched, and it is set as the bottom line. 21vianet will also conduct annual reviews in accordance with ISO 27000, ISO 27001 and information system security classification protection standards. Only when the customer seeks help, the operation and maintenance personnel are granted temporary limited access. The authorization strictly follows the principles of just in time and role based access control. Paper documents are submitted layer by layer, and the corresponding responsible persons are authorized to sign one by one for large-scale withdrawals from similar banks

data is dominated by you, who have become an important pawn in the group's layout of the East China market in less than five years. Customers have full control of the data. Data sovereignty is in the hands of the owner. Because of the effect of additional efforts, it is also natural for the owner to have the right to process data, just like the deposit and withdrawal, transfer and other operations of his own bank account, which is simple and ordinary. 21vianet promises that data owners not only own their own data, but also have full control over their own data, which is mainly reflected in three aspects: controlling the access rights of data, controlling the security options of data, and completely taking away data when leaving the service

first of all, except for the data owner himself, the access rights of others to the data are authorized and controlled by the data owner. For example, engineers of 21vianet do not have permanent access to customer data. Only when customers ask for help, engineers can obtain access under the supervision of the management, and the permission is only used to serve customers

second, 21vianet encrypts the data in transmission and provides an encryption mechanism for the stored data for customers to choose. Key vault is one of the measures. Customers can customize the key to encrypt other keys, and store them in the key vault to centrally manage keys, ciphertext passwords and policies

third, when customers want to leave the trusted cloud service of 21vianet, they can download the data copy by themselves without the assistance of 21vianet. 21vianet will completely delete all data copies, including all cached or backed up copies. For retired hardware, customized destruction of software will be carried out. At the request of customers, 21vianet can retain customer data for 90 days to facilitate data export or recovery

data privacy control, 21vianet protection

customer privacy is a minefield faced by every cloud service provider. 21vianet also knows this bottom line, resolutely protects users' privacy rights and interests, and will not excavate and steal customers' data for any business purpose. In reality, many cloud service providers will automatically collect customer information and submit it to third-party advertisers for customized advertising, from which service providers will benefit. And 21vianet clearly pointed out in the user statement: unless instructed by you, or according to your agreement or the description in this privacy statement, or according to applicable laws and regulations, we will not disclose customer data, administrator data or payment data (your information) to a third party other than 21vianet or its affiliates

in addition, compared with other cloud service providers, Microsoft and 21vianet have no e-commerce business. The former focuses on cloud technology, and the latter focuses on IDC and cloud computing operation and maintenance services. Neither company has a competitive relationship with most commercial customers, nor has the motivation to mine customer data, let alone steal user data

21vianet's commitment to cloud privacy protection shows the calm, atmosphere and loyalty created by IDC and cloud computing operation and maintenance services for more than a decade. The rigorous Microsoft chose 21vianet as the operator of Microsoft azure, office 365 and power Bi cloud services in China, which fully reflects Microsoft's recognition and trust in 21vianet. The trusted cloud, which is provided by Microsoft and independently operated by 21vianet blue cloud, has entered the Chinese market for the fourth year. In the four years of wind and rain, the warmest encouragement to 21vianet comes from the trust of customers. Presumably, 21vianet will be more dedicated to the operation and maintenance services of trusted cloud, and live up to the expectations of Microsoft and customers. It will not only do a good job of trusted cloud, but also make conscience cloud

protect current user privacy and hold the bottom line of cloud services

in the era of cloud intelligence, data privacy is a double-edged sword. Enterprises need a lot of data to analyze user behavior, improve production and life efficiency, and promote social progress, but it will also touch the privacy protection boundary of personal identity information and customer data. How to ensure users' right to know, authorize users to use, and not use data beyond their authority is the moral bottom line that cloud computing service providers should keep. We should not trample on our commitments to users because of the needs of commercial interests, or collect and mine user data information in the name of security maintenance and free services. National laws and regulations on data privacy protection are to be gradually improved, and enterprises need to establish and implement data privacy protection strategies from the aspects of Technology, management and awareness. The experience and practice of 21vianet in data privacy protection is worthy of learning and reference