Even though it’s been a while since the movie Deep Blue Sea, one line said by Michael Rapaport’s character “Tom Scoggins” has always stuck with me – “Trust Me. Why? Because I’m trustworthy.” But what does it mean to be trustworthy? Everyone will define this differently, but when it comes to Microsoft, in his 2002 whitepaper, Microsoft’s Craig Mundie defined being trustworthy as having a framework that addresses four key areas:
- Business Integrity
While working with trustworthy technologies and providers is always top of mind, it is even more top of mind when it comes to hosting applications in the Cloud. Understandably so, given that you’re essentially handing over control of those 4 areas to someone (a company) outside of your own company.
In a post on the Canadian Developer Connection blog, Putting Your Cloud Security Worries to Bed, I introduced developers to a blog series that looked at security and how that’s addressed. Now let’s take a look at the next area of concern – privacy.
For your company’s security architects, chief security officer (CSO), and you, the management, when developers or solution architects suggest to put an application in the Cloud and they “pitch” you the Cloud as a platform with technical and development advantages, I’m guessing that one of the first things that comes to your mind is privacy considerations. Traditionally, you and your organization have been/are accountable for all aspects of data protection, from how personal information is used to how data is stored and protected on your servers. Applications hosted in the Cloud differ in that information is stored and transmitted from datacentres owned and managed by cloud providers. Understanding who is responsible for what and the obligations for security and privacy between you and the cloud providers will become a new challenge for you.
These videos discuss the importance of privacy in the cloud with Microsoft’s Chief Privacy Officer, Brendon Lynch. Brendon explains the three tenets of Microsoft’s approach to cloud computing privacy: responsibility, transparency, and choice.
Continuing the mission of equipping you with the information you need in order to ease worries around Cloud Computing, check out these additional videos:
- Cloud Computing Requires Transparency
- Cloud Transparency as an Element of Trust
- Evaluating Different Cloud Service Offerings by Comparing Security Controls
- Compliance in the Cloud
- E-discovery in the Cloud
A Million Different Directions
These types of conversations can go in a million different directions. If you get into a situation where you’re trying to educate yourself and others in your organization about the different aspects of Cloud computing and you get stuck, start a new discussion in the AlignIT group on LinkedIn. Myself and other Cloud experts are part of the group and are there to help you as best we can. Plus, you’ll also be able to get the perspective of others who may be experiencing the same thing in their organizations and be able to learn from those experiences.
Photo Credit: Alan Cleaver