When using cloud services, you often have to worry about security, and resort to cryptographic techniques such as digital signatures and encryption. There are many reasons for doing this. You may be storing sensitive data (for example, people’s health reports) and you are mandated by law to provide extra protection. You may be protecting sensitive data regarding your business that you don’t want in the wrong hands. Or you could simply be paranoid and not trust Microsoft or any other cloud provider. Whatever your reason, you can take several steps to add further levels of protection to your data.
All of this has very little to do with your trust for Microsoft or any other cloud provider. All cloud providers (and Microsoft is no different) have multiple levels of security and several checks to ensure that unauthorized personnel cannot access customer applications or data. However, you often have little choice of whether you want to trust a cloud provider. You might be mandated to add further security levels by anything from internal IT policy to financial regulations and compliance laws.
This chapter is slightly different from all the others in that a majority of the discussion here is devoted to looking at security and cryptography. Frankly, the code and techniques used in this chapter could just as easily be used for data on a file server as for data in the cloud. Why does it show up in a book on cloud computing, then?
The decision to ...