Zesty.io Private Cloud with Akamai
One of the concerns businesses face when adopting cloud solutions is management of their data. Some of the questions it poses are;
- Who has access to it?
- Is it secured?
- How long is it held for?
- How does this fit into our organization's compliance policies?
- Etc.
One of the products offered by Zesty.io is our Software as a Service(SaaS) Content Management System(CMS). Making these concerns relevant for our current and prospective customers. We have addressed this with our Private Cloud OYD(Own Your Data) offering.
Own Your Data
For organizations that need internal controls over data compliance. We allow for customers to own and operate portions of our architecture which manage data in transit and at rest.
There are three types of data we will cover in this article.
- Content delivery
- Content delivery logs
- Content storage
Content Delivery
As a CMS we need to deliver our customers content. This can take many forms but three common scenarios are;
- Webpages
- APIs
- Media
The delivery of this content is done via a Content Delivery Network(CDN). In this article we will explore how using Zesty.io Private Cloud is done with Akamai's CDN.
But first for a quick explanation of what a CDN is and why you want to use one. A CDN is a network of thousands of computers around the world. The computers cache data. Making that data available as physically close to the requester as possible. Ensuring that content is delivered as quickly as possible. Which is why you want to use a CDN.
Note: Edge computing often occurs on these same networks but the difference is that it allows for computation(read: running code) versus just serving cached content.
Akamai is a well established industry leader and are experts on operating this type of network. Providing reliable delivery. It is why many of our customers will choose them in combination with Zesty.io
Content Delivery Logs
When this content is delivered it generates what is called a web request log. A set of information which describes the request. E.g. What domain and url was requested. The user agent(read: browser) who requested it. The IP address which originated the request.
With the advent of GDPR there are now compliance requirements around how these logs are stored. The short explanation is that it should not contain any personally identifiable information. E.g. IP address. By selecting and operating their own CDN service our customers maintain control over this data.
These web requests are ultimately sent to the Zesty.io origin which means we generate web request logs as well. But we only receive what is provided upstream(read: CDN) so if this data is being stripped or anonymized it creates a complete chain of compliance.
Content Storage
We provide our customers control over managing their content compliance by allowing for provisioning of their own database, maintained within their cloud. This database is registered with their Zesty.io instance. Meaning they have full operation of the database and can apply their internal process with regards to security and compliance.
Our APIs then connect to this customer database and allow for our SaaS CMS to operate against it.
Cache Invalidation
We need one final piece of infrastructure to complete this content pipeline. An endpoint which triggers cache invalidation with the CDN. We recommend using a cloud function service but any endpoint which includes the necessary CDN purging logic will do. For customers who use Google Cloud Platform(GCP) we have a prebuilt Akamai Purge Cloud Function.
This allows Zesty.io to tell the CDN when the content it has is stale and that it should come back to the origin to fetch the latest.
In Conclusion
Businesses who need to maintain strict compliance of their data in transit and at rest should consider the Zesty.io Private Cloud OYD product offering. By provisioning 3 pieces of infrastructure; CDN, Database and Cloud Function. They can gain both the benefits of their internal compliance controls alongside the power of a web based SaaS CMS.
We are always interested in understanding use cases and needs. If this article was interesting and you want to discuss further how this all works, we would love to talk.
Updated 23 days ago