Security and Compliance Considerations for the Public Cloud

New Blogpost by Aman Kandola

Setting up your own servers requires a lot of up-front investment and ongoing maintenance. That’s why most technology companies today use an Infrastructure-as-a-Service (IaaS) provider for their compute needs. Cloud providers like Amazon Web Services (AWS), Google Cloud, and Microsoft Azure take care of infrastructure tasks like provisioning new machines and keeping them up to date for you, and their services free up your team to focus on building valuable new functionality for your application.

This post is the fourth in a series about what developers need to keep in mind when sorting out security and compliance for their application. Cloud-based companies frequently need to prove that their software is set up with security best practices in mind. Compliance standards and certifications are an effective way to communicate a company’s security posture and build trust with customers, and we discussed such certifications in our article, Compliance Overview for Developers.

In this article, we focus on the benefits that using public cloud providers brings to the compliance and security aspects of your applications, and the caveats you should consider, to complement the discussion about standards and certifications.