This section is a follow-on to my Learning Alibaba Cloud in 7 Days and Alibaba Cloud DevOps Cookbook. Please note that this will be a work in progress. I will be learning how to use Alibaba Cloud so I may go back and improve individual pages as I progress.
Please contact me via email to make suggestions to improve this content. Please include the subject: "Alibaba Cloud Security".
This website section is dedicated to security with a focus on Alibaba Cloud from a developer's perspective. This covers how to design and implement security as part of a company architecture. Where applicable, actual source code that demonstrates how to accomplish specific portions will be included.
Security is hard to understand, implement and enforce. This is not a game for amateurs. Just as you would not hire a person who has only read a book about HTML to design a large website, don't employ engineers that do not have solid security theory and implementation experience to design your security framework. Help them will policies, documentation and training. Employ an expert (or a team of experts) full-time or as a consultant.
Good security is a lot like religion. Good security is filled with "you shall", else you will be breached, compromised, reprimanded, terminated, on the evening news, bankrupt.
Good security is not cheap. Good security is better than the consequences of being breached. There is a constant trade-off between the value of data being protected versus the cost to protect this data. Understand the value of data and implement appropriate security levels based upon the data being protected.
Good security begins with data and ends with people and includes everything in between. Start with the concept that all data must be protected at all times with no exceptions. Train your staff to follow this concept in everything they do, no matter how small or large.
Copyright 2018 NeoPrime LLC