Even though it’s been a while since the movie Deep Blue Sea, one line said by Michael Rapaport’s character “Tom Scoggins” has always stuck with me – “Trust Me. Why? Because I’m trustworthy.” But what does it mean to be trustworthy? Everyone will define this differently, but when it comes to Microsoft, in his 2002 whitepaper, Microsoft’s Craig Mundie defined being trustworthy as having a framework that addresses for key areas:
- Business Integrity
While working with trustworthy technologies and providers is always top of mind, it is even more top of mind when it comes to hosting applications in the Cloud. Understandably so, given that you’re essentially handing over control of those 4 areas to someone (a company) outside of your own company.
In a previous post, Putting Your Cloud Security Worries to Bed, I introduced you to a blog series that looked at security and how that’s addressed. Now let’s take a look at the next area of concern – privacy.
For your company’s security architects and chief security officer (CSO), when you suggest to put an application in the Cloud and you “pitch” the Cloud as a platform with technical and development advantages, they’re thinking about, amongst other things, privacy considerations. Traditionally, your organization (and in turn, them) is accountable for all aspects of data protection, from how personal information is used to how data is stored and protected on your servers. Applications hosted in the Cloud differ in that information is stored and transmitted from datacentres owned and managed by cloud providers. Understanding who is responsible for what and the obligations for security and privacy between you and the cloud providers is a new challenge for them.
So like you got security concerns out of the way by educating yourself on how security is addressed, let’s do the same for privacy. This way, next time your security architects/CSO become blockers on your path to migrating applications to or developing new applications for the Cloud, you’ll be equipped with the knowledge you’ll need to diffuse the situation, and again, put their (privacy) worries to bed.
These videos discuss the importance of privacy in the cloud with Microsoft’s Chief Privacy Officer, Brendon Lynch. Brendon explains the three tenets of Microsoft’s approach to cloud computing privacy: responsibility, transparency, and choice.
Continuing the mission of equipping you with the information you need in order to help your security architects/CSOs feel more comfortable with the Cloud, check out these additional videos:
- Cloud Computing Requires Transparency
- Cloud Transparency as an Element of Trust
- Evaluating Different Cloud Service Offerings by Comparing Security Controls
- Compliance in the Cloud
- E-discovery in the Cloud
A Million Different Directions
These types of conversations can go in a million different directions. If you get into a situation where you’re trying to educate folks around you about the different aspects of Cloud computing and you get stuck, start a new discussion in the Canadian Developer Connection group on LinkedIn. Myself and other Cloud experts are part of the group and are there to help you as best we can. Plus, you’ll also be able to get the perspective of others who may be experiencing the same thing in their companies and be able to learn from those experiences.
Photo Credit: Alan Cleaver