By Ron Zalkind, CTO and Co-Founder, CloudLock

This post is part of Who's at Google I/O, a series of guest blog posts written by developers who are appearing in the Developer Sandbox at Google I/O.


At CloudLock, we're all about cloud data protection. When we decided to build CloudLock for Google Apps, we had three main challenges to solve:
  1. Security of data - No matter which system you use for governance, compliance, and access controls, you want that data to be safe.
  2. Enterprise scalability - By nature, many of the companies facing data governance and regulatory compliance requirements are larger organizations. Because of that, we needed to build CloudLock with the largest Google Apps customers in mind from day one.
  3. Low administrative overhead - We wanted to be able to make the most effective use of our development resources. With App Engine, we spend time building apps rather than managing infrastructure.

Why App Engine?

After researching all the choices available to us, we concluded that Google App Engine was the right choice for us.

1. Data stays within the Google infrastructure - Since CloudLock classifies document sharing permissions to help companies control who has access to what and what is accessible to whom, the location of this highly sensitive data is paramount. Using Google App Engine lets us scan, analyze and present information to our customers natively within the Google infrastructure without any of the data leaving to a third party.

Google's datastore had the attributes we were looking for in a persistent storage solution. It offers a high replication option for high reliability, and since it is implemented on top of BigTable and Google's distributed file system, it runs on the same core infrastructure that powers other Google services like Gmail and Google Apps.

CloudLock customer Brian Bolt from Boise State University put it best, saying "Our security team appreciates the fact that the CloudLock solution is developed and hosted on the Google App Engine platform; and since CloudLock is powered by Google’s App Engine, our data never leaves Google’s Cloud Infrastructure."

2. Scaling with App Engine is easy - While being able to handle the largest Google Apps customers was a top concern, being able to do so on an ongoing basis was another issue we had to solve. Using the Google App Engine Task Queue service, CloudLock is able to analyze massive amounts of data continually. App Engine makes it very easy to start as many background tasks as needed to deal with bursts of load.


The Google Apps Marketplace

The Google Apps Marketplace gives Google Apps customers access to hundreds of applications to extend the capabilities of the core productivity suite. Installing an app from the marketplace is seamless, with a wizard-like interface that makes apps immediately available in a few clicks. The installation securely white-lists the app and grants access to specific domain resources such as Google Docs.


Google’s App Engine Users service allows application developers to easily integrate their app with Google’s account management system (Google account or Google Apps accounts) and OpenID for Single Sign-On. Using the Users service and the marketplace installation we were able to deliver an app that is very easy to install into a domain and gain secure access into the domain's data.

By choosing Google App Engine and the Google Apps Marketplace, we were able to create an application that keeps our customers’ data secure within the Google infrastructure, meets the scaling challenges of the largest Google Apps users, and is immediately and easily available to users.

CloudLock for Google Apps is available directly from the Google Apps Marketplace and runs on Google App Engine.

Update 7:50 AM: This blog post was modified to correctly represent App Engine's certification state. As of May 2011, App Engine is pursuing SAS70-II certification to align it with the other products in the Google Apps suite.

Come see CloudLock in the Developer Sandbox at Google I/O on May 10-11.

Ron Zalkind is the CTO and a Co-Founder of CloudLock, runs the Boston Google App Engine User Group, and has been known to roll up his sleeves and write code while blasting Jay-Z in his headphones.

Posted by Scott Knaster, Editor