We have all heard so much about cloud and the impact it is going to have on the way we develop and provide services in Africa. While the Cloud holds much promise one of the key issues raised, mostly by businesses with current on-premise applications, has been security and privacy in the public cloud. This issue, while of significant interest does not appear to be as weighty for 'born on the cloud' enterprises. One of the possible reasons for this is that 'born on the cloud' enterprises factor security and privacy into their business and application model whereas enterprises may be retrofitting their applications to live on the cloud.
Before I continue with this point it is important to understand the difference between security and privacy. Security refers to the actions taken to secure the application and its underlying infrastructure from malicious persons such as hackers which are increasing daily. Data privacy on the other hand is about who can access personal or sensitive data in your application other than the authorized individuals. In many cases issues around privacy are more related to government legislation and government organizations or other organizations getting access to this data rather than the leak of private information after a security breach.
So how is this affecting you and what do you need to take into consideration when putting your application and data on the cloud? It does it matter whether it is a Platform as a Service (PaaS) or an Infrastructure as a Service (IaaS) environment. IBM offers both solutions, IaaS through SoftLayer and Bluemix.
The general guidelines provided in this paper: Guidelines on Security and Privacy in Public Cloud Computing although seemingly apparent are worth mentioning:
1. Carefully plan the security and privacy requirements of a solution
2. Understand and ensure that the cloud computing environment satisfies the needs of the solution
3. Don't forget the client side environment
4. Maintain accountability over the privacy and security of data and applications on the public cloud
In the next few entries we will spend some time reviewing and discussing some of the privacy cover features in Bluemix and Softlayer that will help you meet your application, data security and privacy requirements.
Special thanks to Indran Naick, Ecosystem Development Lead for South Africa and his in-depth knowledge of Bluemix considerations in Africa.
Please leave your comments below or find me at @MarinierCom on Twitter.