14 DAY TRIAL // When it comes to cloud computing security, one of the aspects that haven’t been discussed as much as it should have is the process of securely developing such services.
The latest installment of the Cloud Fundamentals Video Series from Microsoft’s Trustworthy Computing is meant to shed some light in this area.
As Tim Rains, director, Trustworthy Computing, Microsoft, notes in a recent blog post, the focus has been on the cloud service providers.
Indeed, the manner in which these providers manage the operations of their cloud service offerings is of great importance to cloud computing security, but it is not the only aspect that needs to be detailed.
“This aspect of cloud computing is very important, especially for cloud customers that have compliance obligations to maintain. A topic of equal importance that I see much less focus on in the industry is how to securely develop cloud services,” Rains notes.
“After all, a perfectly operated cloud service that has vulnerabilities in it that are the product of a poor development processes isn’t going to help protect the data that cloud customers store and process in the cloud.”
He notes that developers of cloud applications and platforms need to ensure that the development process is secure and that they minimize the number and the severity of security vulnerabilities that affect the online services they build.
Security is one aspect of the development process that needs to be taken into consideration right from the beginning.
During their cloud provider evaluation process, customers should also inquire about the development processes and the manner in which each cloud services provider addresses security.
In the video embedded below, you can see Steve Lipner, partner director of program management in Trustworthy Computing at Microsoft, offering some info on the importance of secure development practices when it comes to cloud services.