One of the cloud's great advantages is its arbitrary degree of abstraction: even developers don't need to worry about how a particular cloud treats its data internally.
In some cases, though, less abstraction is needed, because more direct control over data is required. On a very concrete level, this is true for encrypted data: the developer no less than the end-user needs to worry about how secure data is encrypted. Not only access to data, but also the data itself, needs to be kept secure.
Of course, some security decisions can be made on a case-by-case basis. If your application stores sensitive personal information in the cloud, then the sensitive personal information needs to be encrypted at some very low level -- probably at the level of the data file itself.
For some applications, though, case-by-case decisions waste too much time -- particularly if the use-cases keep recurring.
And the most obvious example of a recurring use-case involving security-demanding data is probably backup. In itself, of course, backup involves IT rather than development -- but backup easily becomes a development-related issue when, say, your development actually involves databases.
So if you really haven't thought much about cloud security for repeat use cases, you might want to read through this article.
The author treats some data security issues generally related to backup, but also runs over three different approaches to data encryption offered by three major cloud storage providers:
- Oxygen Cloud
The comparative analysis is the most interesting part from a developer's point of view. Check out the full post, and maybe use some of these three providers' techniques to keep data secure in your own cloud applications.