• Cybercrime


Cybercrime is a constantly evolving and ever-increasing challenge for all organizations. The combination of expanded access to the Internet, the explosive increase in connected devices, and the rapid expansion of innovative cloud-based services is creating tremendous economic and social opportunity for consumers, governments, and businesses. Unfortunately, it has also opened new avenues of attack for cybercriminals and other malicious actors.

Like all technical advances, the storage of data and applications in the cloud has attracted an entire criminal ecosystem, from individual hackers to highly organized groups that aim to take down entire networks. Cybercriminals, motivated by everything from profit to political gain, use the Internet to disrupt business activities and access sensitive personal and financial data. Because most companies rely on a third party to administer their cloud services, it's critical that companies that provide cloud services, are committed to, and capable of, fighting cybercrime.

Unfortunately, cybercrime is not purely a technical problem—nor will it ever “go away.” Cloud service providers must continuously fight cybercrime at multiple levels using teams of specialists, from IT security experts to policy advocates. It takes a concerted effort as well as deep financial and operational investment to truly understand cybercrime and effectively fight it.

21Vianet knows that security and privacy are intrinsically connected—your data on our cloud services must be kept private. We work diligently to help protect your data from unauthorized access—both internally and externally. 21Vianet has made significant investments in the security of its platform, which, when combined with high levels of security-intelligence and strategic partnerships, helps keep our cloud-based products and services more secure.

Platform security

21Vianet believes that security doesn’t end in the public cloud. Security needs to be engineered into a system end to end, from the public cloud all the way to the desktop. From the very beginning, we architected our cloud services platform with multiple levels of security that are virtually and physically isolated. Your data is protected by hardened operating systems and backed by a defense-in-depth strategy that helps protect our cloud services.

In addition, we have continuous, proactive, and reactive threat monitoring and analytics. We also encrypt customer data in transit, and encrypt Customer Data that passes between our datacenters. Datacenters are constructed, managed, and monitored to protect data from unauthorized access. We also do not engineer backdoors into our services.

Learn more about encryption

Learn more about physical security

Network security

We provide secure communications between your infrastructure and our cloud services and block unauthorized traffic.

Learn more about network security

Security features

Specific platform security features include:

  • SQL Always Encrypted gives you the tools to encrypt sensitive data, such as credit card numbers and national identification numbers, and stored it in Azure SQL Database or SQL Server databases. SQL Always Encrypted creates data separation between those who own the data (authorized users) and those who manage the data (cloud database operators or administrators).

Anatomy of a breach

Cybercrime is relentless. Understanding the anatomy of a breach, and how people infiltrate enterprise network defenses, can help you identify potential threats and better protect yourself and your company.

Most breaches go through similar stages:

  • Stage one: The initial foothold. A spam email or a vulnerability can open the door for malicious hackers to gain a foothold in your organization.
  • Stage two: Local escalation. Once they’re in, they’ll look for a higher level of access or administrator rights to escalate and widen their influence.
  • Stage three: Network escalation. They gain access to high value credentials. Now, they reuse those across the environment to access to what they’re looking for.
  • Stage four: Persistence. They settle in for the long haul, commonly installing a permanent backdoor for long-term, repeat access to your systems.