{"id":143026,"date":"2021-09-30T10:50:37","date_gmt":"2021-09-30T07:50:37","guid":{"rendered":"https:\/\/www.enerjigazetesi.ist\/?p=143026"},"modified":"2021-09-30T10:52:24","modified_gmt":"2021-09-30T07:52:24","slug":"dijital-donusumdeki-yanlislar-veri-sizintilarini-artiriyor","status":"publish","type":"post","link":"https:\/\/www.enerjigazetesi.ist\/en\/dijital-donusumdeki-yanlislar-veri-sizintilarini-artiriyor\/","title":{"rendered":"(Turkish) Dijital D\u00f6n\u00fc\u015f\u00fcmdeki Yanl\u0131\u015flar Veri S\u0131z\u0131nt\u0131lar\u0131n\u0131 Art\u0131r\u0131yor"},"content":{"rendered":"

Sorry, this entry is only available in Turkish<\/a>. For the sake of viewer convenience, the content is shown below in the alternative language. You may click the link to switch the active language.<\/p>

<\/p>\n

Dijital d\u00f6n\u00fc\u015f\u00fcm, belki bir\u00e7ok kurulu\u015fun hayat\u0131n\u0131 kurtard\u0131 ama yanl\u0131\u015f bulut yap\u0131land\u0131rmalar\u0131 \u00f6nemli g\u00fcvenlik sorunlar\u0131na yol a\u00e7t\u0131. IBM\u2019in 2020 y\u0131l\u0131 raporuna g\u00f6re, 2019 y\u0131l\u0131nda ihlal edildi\u011fi rapor edilen 8,5 milyar kayd\u0131n % 85\u2019i yanl\u0131\u015f yap\u0131land\u0131r\u0131lm\u0131\u015f bulut sunucular\u0131na ve sistemlere dayan\u0131yor. Siber g\u00fcvenlik \u015firketi ESET bulut yap\u0131land\u0131rmas\u0131nda nelere dikkat edilmesi gerekti\u011fini inceleyerek sizlere \u00f6nerilerde bulunuyor.<\/strong><\/h2>\n

\"\"\u015eirketler, dijital d\u00f6n\u00fc\u015f\u00fcm\u00fc<\/strong> k\u00fcresel ekonomik krizden \u00e7\u0131kman\u0131n anahtar\u0131 olarak g\u00f6r\u00fcyorlar. Yeni m\u00fc\u015fteri deneyimleri<\/strong>ni ve operasyonel verimliliklerini<\/strong> g\u00fc\u00e7lendirmek amac\u0131yla tasarlanan uygulamalar, i\u015f s\u00fcre\u00e7lerini destekleyen bulut yat\u0131r\u0131mlar\u0131, bu projelerin merkezinde yer al\u0131yor. Gartner\u2019e g\u00f6re, 2021 y\u0131l\u0131nda k\u00fcresel genel bulut hizmetleri harcamalar\u0131 y\u00fczde 18,4 artarak yakla\u015f\u0131k 305 milyar dolara<\/strong> \u00e7\u0131kacak. 2022 y\u0131l\u0131nda \u00a0da art\u0131\u015f\u0131n % 19<\/strong> olaca\u011f\u0131 tahmin ediliyor.<\/p>\n

Veri ihlallerinin maliyetleri art\u0131yor<\/strong><\/h3>\n

IBM taraf\u0131ndan yay\u0131nlanan rapora g\u00f6re ise veri ihlali maliyetleri ge\u00e7en y\u0131l\u0131n raporunda 3,86 milyon Amerikan dolar\u0131<\/strong>yken, bu y\u0131l bu maliyet y\u00fczde 10<\/strong> artarak 4,24 milyon Amerikan dolar\u0131<\/strong> oldu. 50 ila 65 milyon tutar\u0131ndaki \u201cmega ihlaller\u201d i\u00e7in ise, bu maliyet 2020 y\u0131l\u0131nda 392 milyon Amerikan dolar\u0131yken, y\u00fczde 2 art\u0131\u015fla 401 milyon Amerikan dolar\u0131 seviyesine geldi. Rapora g\u00f6re \u00e7al\u0131nt\u0131 kullan\u0131c\u0131 bilgileri ihlallerin en b\u00fcy\u00fck nedenleri aras\u0131nda yer al\u0131yor. M\u00fc\u015fterilerin ki\u015fisel verileri (parolalar ve isimler de dahil) bu olaylarda if\u015fa olan en yayg\u0131n veri t\u00fcrlerinden ve ihlallerin y\u00fczde 44<\/strong>\u2019\u00fcn\u00fc olu\u015fturuyor.<\/p>\n

Yanl\u0131\u015f yap\u0131land\u0131rmalar hassas verileri k\u00f6t\u00fc ama\u00e7l\u0131 akt\u00f6rlere maruz b\u0131rakt\u0131\u011f\u0131 i\u00e7in insan hatas\u0131n\u0131n kap\u0131lar\u0131n\u0131 aral\u0131yor. Ge\u00e7en y\u0131l bir \u0130spanyol otel rezervasyonu yaz\u0131l\u0131m\u0131 geli\u015ftiricisinin neden oldu\u011fu ve milyonlarca insan\u0131 etkileyen s\u0131z\u0131nt\u0131 gibi, bu kay\u0131tlar bazen ki\u015fi tan\u0131mlayabilir bilgiler (PII)<\/strong> i\u00e7erebiliyor.<\/p>\n

Hibrit uygulamalar karga\u015faya yol a\u00e7abilir<\/strong><\/h3>\n

Korunmas\u0131z veritabanlar\u0131<\/strong>n\u0131 tarayan tehdit akt\u00f6rlerinin say\u0131s\u0131 g\u00fcn ge\u00e7tik\u00e7e art\u0131yor. Ge\u00e7mi\u015f y\u0131llarda veritabanlar\u0131 silindi, haraca ba\u011fland\u0131, dijital a\u011f tarama kodu ile hedef al\u0131nd\u0131. G\u00f6zetim eksikli\u011fi, yetersiz ilke fark\u0131ndal\u0131\u011f\u0131, s\u00fcrekli takip olmay\u0131\u015f\u0131, y\u00f6netilmesi gereken \u00e7ok fazla say\u0131da bulut API\u2019si ve sistemi olmas\u0131 sorunu ortaya \u00e7\u0131karan \u00a0nedenler aras\u0131nda yer al\u0131yor. Kurulu\u015flar birden fazla hibrit bulut ortam\u0131na yat\u0131r\u0131m yapt\u0131klar\u0131 i\u00e7in \u00f6zellikle sonuncusu \u00e7ok etkili. Tahminlere g\u00f6re, bug\u00fcn \u015firketlerin y\u00fczde 92\u2019sinin \u00e7oklu bulut stratejisi varken, y\u00fczde 82<\/strong>\u2019si hibrit bulut stratejisi<\/strong>ne sahip ve bu da karma\u015fay\u0131 art\u0131r\u0131yor.<\/p>\n

Yanl\u0131\u015f bulut yap\u0131land\u0131rmalar\u0131 farkl\u0131 bi\u00e7imlerde olabilir:<\/span><\/p>\n

– Eri\u015fim s\u0131n\u0131rland\u0131rmalar\u0131n\u0131n olmamas\u0131.<\/p>\n

– A\u015f\u0131r\u0131 serbest g\u00fcvenlik grubu ilkeleri.<\/p>\n

– \u0130zin kontrollerinin olmamas\u0131.<\/p>\n

– Yanl\u0131\u015f anla\u015f\u0131lm\u0131\u015f internete ba\u011flanabilirlik yollar\u0131<\/p>\n

– Yanl\u0131\u015f yap\u0131land\u0131r\u0131lm\u0131\u015f sanalla\u015ft\u0131r\u0131lm\u0131\u015f a\u011f i\u015flevleri<\/p>\n

Yanl\u0131\u015f bulut yap\u0131land\u0131rmas\u0131 nas\u0131l d\u00fczeltilir?<\/strong><\/h3>\n

Kurulu\u015flar i\u00e7in \u00f6nemli olan, sorunlar\u0131 otomatik olarak ve en k\u0131sa s\u00fcrede bulup onarmakt\u0131r. Ama bunu ba\u015faram\u0131yorlar. Bir rapora g\u00f6re, bir sald\u0131rgan yanl\u0131\u015f yap\u0131land\u0131rmalar\u0131 10 dakika i\u00e7inde alg\u0131larken kurulu\u015flar\u0131n sadece y\u00fczde 10\u2019u bu sorunlar\u0131 ayn\u0131 s\u00fcre i\u00e7inde giderebiliyor. Kurulu\u015flar\u0131n yar\u0131s\u0131 (%45) yanl\u0131\u015f yap\u0131land\u0131rmalar\u0131 bir saat ile bir hafta aras\u0131nda bir s\u00fcre i\u00e7inde d\u00fczeltiyor.<\/p>\n

\u0130yile\u015ftirmek i\u00e7in neler yap\u0131labilir?\u00a0<\/strong><\/h3>\n

\u0130lk ad\u0131m, bulut g\u00fcvenli\u011finin payla\u015f\u0131lan sorumluluk modelini anlamaktan ge\u00e7iyor. Bu hangi g\u00f6revlerle hizmet sa\u011flay\u0131c\u0131n\u0131n (CSP) ilgilenece\u011fini ve nelerin m\u00fc\u015fterinin g\u00f6rev alan\u0131na girdi\u011fini g\u00f6sterir. CSP\u2019ler bulutun g\u00fcvenli\u011finden<\/em> (donan\u0131m, yaz\u0131l\u0131m, a\u011f ba\u011flant\u0131s\u0131 ve di\u011fer altyap\u0131) sorumlu olsa da, m\u00fc\u015fteriler de bulutta g\u00fcvenli\u011fin<\/em> sorumlulu\u011funu \u00fcstlenmek zorunda.Bu sa\u011fland\u0131ktan sonra \u015funlar yap\u0131labilir;<\/p>\n

\u0130zinleri s\u0131n\u0131rland\u0131r\u0131n:\u00a0<\/strong>Kullan\u0131c\u0131lara ve hesaplara en d\u00fc\u015f\u00fck ayr\u0131cal\u0131\u011f\u0131 verme ilkesini uygulay\u0131n ve b\u00f6ylece riske maruz kalma olas\u0131l\u0131\u011f\u0131n\u0131 en aza indirgeyin.<\/p>\n

Verileri \u015fifreleyin:<\/strong>\u00a0Bir s\u0131z\u0131nt\u0131n\u0131n etkisini hafifletmek i\u00e7in i\u015f a\u00e7\u0131s\u0131ndan \u00f6nemli ya da denetime tabi verilere g\u00fc\u00e7l\u00fc \u015fifreleme uygulay\u0131n.<\/p>\n

Yetkilendirmeden \u00f6nce uyumu denetleyin:\u00a0<\/strong>Kod olarak altyap\u0131ya \u00f6ncelik verin ve geli\u015ftirme ya\u015fam d\u00f6ng\u00fcs\u00fcnde, ilke yap\u0131land\u0131rmas\u0131n\u0131 olabildi\u011fince erken otomatik hale getirin.<\/p>\n

S\u00fcrekli denetleyin:\u00a0<\/strong>Bulut kaynaklar\u0131 herkesin bildi\u011fi gibi k\u0131sa \u00f6m\u00fcrl\u00fc ve de\u011fi\u015fkendir ve uyum gereksinimleri de zaman i\u00e7inde de\u011fi\u015fir. Bu da, ilkeye dayal\u0131 s\u00fcrekli yap\u0131land\u0131rma denetimlerini gerekli hale getirir. Bu s\u00fcreci otomatikle\u015ftirmek ve kolayla\u015ft\u0131rmak i\u00e7in Bulut G\u00fcvenli\u011fi Durumunun Y\u00f6netimi (CSPM) ara\u00e7lar\u0131<\/strong>n\u0131 kullanmay\u0131 d\u00fc\u015f\u00fcn\u00fcn.<\/p>\n

Do\u011fru strateji sayesinde bulut g\u00fcvenli\u011fi riskini daha etkili y\u00f6netebilecek ve personeli ba\u015fka yerlerde daha verimli olacaklar\u0131 \u015fekilde \u00f6zg\u00fcr k\u0131labileceksiniz. Kaybedecek zaman yok \u00e7\u00fcnk\u00fc tehdit akt\u00f6rleri korunmas\u0131z bulut verilerini bulmakta her ge\u00e7en g\u00fcn daha ustala\u015f\u0131yor.<\/p>","protected":false},"excerpt":{"rendered":"

Sorry, this entry is only available in Turkish. For the sake of viewer convenience, the content is shown below in the alternative language. You may click the link to switch the active language. Dijital d\u00f6n\u00fc\u015f\u00fcm, belki bir\u00e7ok kurulu\u015fun hayat\u0131n\u0131 kurtard\u0131 ama yanl\u0131\u015f bulut yap\u0131land\u0131rmalar\u0131 \u00f6nemli g\u00fcvenlik sorunlar\u0131na yol a\u00e7t\u0131. IBM\u2019in 2020 y\u0131l\u0131 raporuna g\u00f6re, 2019 […]<\/p>\n","protected":false},"author":1,"featured_media":143028,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[53,157],"tags":[31910,97013,97014,52056,97012],"views":128,"_links":{"self":[{"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/posts\/143026"}],"collection":[{"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/comments?post=143026"}],"version-history":[{"count":0,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/posts\/143026\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/media\/143028"}],"wp:attachment":[{"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/media?parent=143026"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/categories?post=143026"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.enerjigazetesi.ist\/en\/wp-json\/wp\/v2\/tags?post=143026"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}