{"id":94570,"date":"2018-11-19T01:15:47","date_gmt":"2018-11-19T09:15:47","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=94570"},"modified":"2018-11-19T01:15:47","modified_gmt":"2018-11-19T09:15:47","slug":"bulut-guvenligi-ortak-bir-sorumluluktur","status":"publish","type":"post","link":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/2018\/11\/bulut-guvenligi-ortak-bir-sorumluluktur\/?lang=tr","title":{"rendered":"BULUT G\u00dcVENL\u0130\u011e\u0130 ORTAK B\u0130R SORUMLULUKTUR"},"content":{"rendered":"<p><strong>Bulut g\u00fcvenli\u011fi, bulut bili\u015fim kullan\u0131m\u0131na \u00f6zg\u00fc verilerin, uygulamalar\u0131n ve altyap\u0131n\u0131n \u00e7e\u015fitli ilkeler, teknolojiler ve denetimler gibi yollarla g\u00fcvenli hale getirilme \u00e7abalar\u0131n\u0131 ifade etmektedir.<\/strong><\/p>\n<p>Bulut tabanl\u0131 uygulamalar ve bunlar\u0131 tamamlayan veriler, kurulu\u015fun \u00e7evikli\u011fini art\u0131rmak ve maliyetleri azaltmak i\u00e7in \u00e7e\u015fitli ortamlarda gittik\u00e7e daha fazla da\u011f\u0131t\u0131lmaktad\u0131r. Bu ortamlara \u00f6zel bulutlar, genel bulutlar (hibrit veya ayr\u0131lm\u0131\u015f) ve hizmet olarak yaz\u0131l\u0131m (SaaS) dahildir ve her biri kendi benzersiz \u00e7eviklik avantajlar\u0131 ile g\u00fcvenlik sorunlar\u0131n\u0131 da beraberine getirir.<\/p>\n<p>Verilerin tehlikeye maruz kalmas\u0131na y\u00f6nelik endi\u015feler, bulut g\u00fcvenli\u011fini \u00f6ncelikli bir konu haline getirmi\u015ftir. Buradaki zorluk, bir yandan uygulamalar\u0131n g\u00fcvenli\u011fini iyile\u015ftirip \u00e7e\u015fitli bulut ortamlar\u0131 aras\u0131nda dola\u015fan veriyi g\u00fcvenli hale getirirken, di\u011fer yandan kurulu\u015fun \u00e7eviklik ihtiyac\u0131n\u0131 da dengelemektir. G\u00f6r\u00fcn\u00fcrl\u00fck elde etmek ve hem harici bir konumdan hem de yanal sald\u0131r\u0131 yoluyla veri s\u0131zd\u0131rmaya \u00e7al\u0131\u015fan sald\u0131r\u0131lar\u0131 \u00f6nlemek, uygulamalar\u0131n ve verilerin yer ald\u0131\u011f\u0131 t\u00fcm konumlarda zorunlu olmaktad\u0131r.<\/p>\n<p>Bir kurulu\u015f i\u00e7inde bulut g\u00fcvenli\u011finden sorumlu olabilecek birka\u00e7 farkl\u0131 grup vard\u0131r: a\u011f ekibi, g\u00fcvenlik ekibi, uygulamalar ekibi, uyum ekibi veya altyap\u0131 ekibi. Ancak bulut g\u00fcvenli\u011fi ayn\u0131 zamanda bulut hizmetleri sat\u0131c\u0131s\u0131 ile kurulu\u015f aras\u0131nda ortak bir sorumluluktur.<\/p>\n<p>&nbsp;<\/p>\n<p><strong>\u00d6zel<\/strong> \u2013 Bulut kendi veri merkezlerinde bar\u0131nd\u0131r\u0131ld\u0131\u011f\u0131 i\u00e7in g\u00fcvenli\u011finin tamam\u0131ndan da kurum sorumludur. Buna fiziksel a\u011f, altyap\u0131, misafir sistem ara katman\u0131, sanal a\u011f, i\u015fletim sistemleri, g\u00fcvenlik duvarlar\u0131, hizmet konfig\u00fcrasyonlar\u0131, kimlik ve eri\u015fim y\u00f6netimi, vb. dahildir. Kurum ayr\u0131ca verinin ve veri g\u00fcvenli\u011finin de sahibidir.<\/p>\n<p><strong>Genel <\/strong>\u2013 AWS\u00ae veya Microsoft\u00ae Azure&#x2122; gibi genel bulutlarda altyap\u0131n\u0131n, fiziksel a\u011f\u0131n ve misafir sistem ara katman\u0131n\u0131n sahibi bulut hizmeti sat\u0131c\u0131s\u0131d\u0131r. Kurum i\u015f y\u00fck\u00fc i\u015fletim sisteminin, uygulamalar\u0131n, sanal a\u011f\u0131n, kirac\u0131 ortam\u0131na\/hesab\u0131na eri\u015fimin ve verilerin sahibidir.<\/p>\n<p><strong>SaaS<\/strong> \u2013\u00a0SaaS sat\u0131c\u0131lar\u0131 \u00f6ncelikle kendi platformlar\u0131n\u0131n g\u00fcvenli\u011finden sorumludur. Fiziksel g\u00fcvenlik, altyap\u0131 ve uygulama g\u00fcvenli\u011fi de bu kapsamda de\u011ferlendirilir. Bu sat\u0131c\u0131lar, m\u00fc\u015fteri verilerinin sahibi de\u011fildir veya m\u00fc\u015fterilerin uygulamalar\u0131 kullanma \u015feklinden sorumlu tutulmazlar. Dolay\u0131s\u0131yla k\u00f6t\u00fc ama\u00e7l\u0131 veri s\u0131zd\u0131rma, yanl\u0131\u015fl\u0131kla tehlikeye maruz kalma veya k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m bula\u015ft\u0131rma riskini \u00f6nleyecek ya da en aza indirecek g\u00fcvenli\u011fin sa\u011flanmas\u0131 kurumun sorumlulu\u011fundad\u0131r.<\/p>\n<p>&nbsp;<\/p>\n<p>\u015eirketler \u00f6zel buluttan genel buluta veya SaaS uygulamalar\u0131na ge\u00e7tik\u00e7e verileri, uygulamalar\u0131 ve altyap\u0131y\u0131 g\u00fcvenli hale getirme sorumlulu\u011fu kurumdan ziyade sat\u0131c\u0131ya y\u00fcklenmektedir. Ancak kullan\u0131lan platforma bak\u0131lmaks\u0131z\u0131n kurum her zaman kendi verilerinin g\u00fcvenli\u011fini sa\u011flamaktan sorumlu olur.<\/p>\n<p><div style=\"max-width:100%\" data-width=\"1006\"><span class=\"ar-custom\" style=\"padding-bottom:35.79%;\"><img loading=\"lazy\" decoding=\"async\"  class=\"alignnone size-full wp-image-92922 lozad\"  data-src=\"https:\/\/www.paloaltonetworks.com\/blog\/wp-content\/uploads\/2018\/10\/Shared-Responsibility-Model-Cloud.png\" alt=\"\" width=\"1006\" height=\"360\" srcset=\"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2018\/10\/Shared-Responsibility-Model-Cloud.png 1006w, https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2018\/10\/Shared-Responsibility-Model-Cloud-230x82.png 230w, https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2018\/10\/Shared-Responsibility-Model-Cloud-768x275.png 768w, https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2018\/10\/Shared-Responsibility-Model-Cloud-500x179.png 500w, https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2018\/10\/Shared-Responsibility-Model-Cloud-510x183.png 510w, https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2018\/10\/Shared-Responsibility-Model-Cloud-112x40.png 112w, https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2018\/10\/Shared-Responsibility-Model-Cloud-650x233.png 650w\" sizes=\"auto, (max-width: 1006px) 100vw, 1006px\" \/><\/span><\/div><\/p>\n<p>Uygulamalar\u0131n g\u00fcvenli bi\u00e7imde etkinle\u015ftirilmesi i\u00e7in BT g\u00fcvenli\u011fi, bulut hizmeti sat\u0131c\u0131lar\u0131n\u0131n uygulaman\u0131z\u0131 ve verilerinizi korumak i\u00e7in uygun g\u00fcvenlik \u00f6nlemlerini uygulad\u0131\u011f\u0131ndan emin olmal\u0131d\u0131r. Bulut hizmeti sat\u0131c\u0131lar\u0131n\u0131n g\u00fcvenli hale getiremedi\u011fi verileri telafi etmek i\u00e7in kurumun do\u011fru ara\u00e7lara sahip olmas\u0131 gerekir. Bu ara\u00e7lar SaaS uygulamalar\u0131 i\u00e7indeki etkinli\u011fe y\u00f6nelik g\u00f6r\u00fcn\u00fcrl\u00fck, veri riskini ve uyum ihlallerini \u00f6nlemek i\u00e7in ayr\u0131nt\u0131l\u0131 kullan\u0131m analizleri, bir ihlal ger\u00e7eklemesi durumunda g\u00fcvenlik uygulamas\u0131n\u0131 ve karantinay\u0131 zorlayacak ba\u011flama duyarl\u0131 ilke denetimleri ve yeni k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m bula\u015fma noktalar\u0131n\u0131 \u00f6nlemek i\u00e7in bilinen ve bilinmeyen tehditleri alg\u0131lamakla ilgili ger\u00e7ek zamanl\u0131 tehdit bilgileri sunmal\u0131d\u0131r.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Bulut g\u00fcvenli\u011fi, bulut bili\u015fim kullan\u0131m\u0131na \u00f6zg\u00fc verilerin, uygulamalar\u0131n ve altyap\u0131n\u0131n \u00e7e\u015fitli ilkeler, teknolojiler ve denetimler gibi yollarla g\u00fcvenli hale getirilme \u00e7abalar\u0131n\u0131 ifade etmektedir. Bulut tabanl\u0131 uygulamalar ve bunlar\u0131 tamamlayan veriler, kurulu\u015fun \u00e7evikli\u011fini &hellip;<\/p>\n","protected":false},"author":40,"featured_media":92946,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[4827],"tags":[],"coauthors":[716],"class_list":["post-94570","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized-tr"],"jetpack_featured_media_url":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2018\/10\/Shared-Responsibility-Model-Cloud.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/94570","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/users\/40"}],"replies":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/comments?post=94570"}],"version-history":[{"count":1,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/94570\/revisions"}],"predecessor-version":[{"id":94571,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/94570\/revisions\/94571"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media\/92946"}],"wp:attachment":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media?parent=94570"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/categories?post=94570"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/tags?post=94570"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/coauthors?post=94570"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}