Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance (Google eBook)

Front Cover
"O'Reilly Media, Inc.", Sep 4, 2009 - Computers - 338 pages
4 Reviews

You may regard cloud computing as an ideal way for your company to control IT costs, but do you know how private and secure this service really is? Not many people do. With Cloud Security and Privacy, you'll learn what's at stake when you trust your data to the cloud, and what you can do to keep your virtual infrastructure and web applications secure.

Ideal for IT staffers, information security and privacy practitioners, business managers, service providers, and investors alike, this book offers you sound advice from three well-known authorities in the tech security world. You'll learn detailed information on cloud computing security that-until now-has been sorely lacking.

  • Review the current state of data security and storage in the cloud, including confidentiality, integrity, and availability
  • Learn about the identity and access management (IAM) practice for authentication, authorization, and auditing of the users accessing cloud services
  • Discover which security management frameworks and standards are relevant for the cloud
  • Understand the privacy aspects you need to consider in the cloud, including how they compare with traditional computing models
  • Learn the importance of audit and compliance functions within the cloud, and the various standards and frameworks to consider
  • Examine security delivered as a service-a different facet of cloud security

  

What people are saying - Write a review

User Review - Flag as inappropriate

Best book on cloud security and privacy I have read so far. Very exhaustive and informative resource for IT executives when adopting the cloud approach. Also recommended for geeks who are into cloud security as a good reference.

User Review - Flag as inappropriate

very well, thnx

Contents

Chapter†1†Introduction
1
Chapter†2†What Is Cloud Computing?
7
Chapter†3†Infrastructure Security
35
Chapter†4†Data Security and Storage
61
Chapter†5†Identity and Access Management
73
Chapter†6†Security Management in the Cloud
109
Chapter†7†Privacy
145
Chapter†8†Audit and Compliance
167
Chapter†10†SecurityAsaCloud Service
217
Chapter†11†The Impact of Cloud Computing on the Role of Corporate IT
225
Chapter†12†Conclusion and the Future of the Cloud
239
Appendix†A†SAS 70 Report Content Example
267
Appendix†B†SysTrust Report Content Example
273
Appendix†C†Open Security Architecture for Cloud Computing
279
Glossary
293
Index
299

Chapter†9†Examples of Cloud Service Providers
203

Common terms and phrases

About the author (2009)

Tim Mather is V.P. & Chief Security Strategist for RSA, The Security Division of EMC. He is assigned to the vendor-agnostic RSA Conference, responsible for keeping ahead of security industry trends, technology, and threats.

Subra Kumaraswamy has more than 17 years of engineering and management experience encompassing information security, Internet and e-commerce technologies. He is currently leading a security access management program in the IT Security office at Sun.

Shahed Latif is a partner in KPMG's Advisory practice having extensive IT and business skills. He has over 21 years of experience working with the global fortune 1000 companies focusing on providing business and technology solutions across a variety of areas. Shahed has spent 10 years in the London office working in the financial sector consulting group, Information Risk management group and the assurance practice. He has worked on large global companies giving him the opportunity to have worked in Africa, Asia, and Europe.

Bibliographic information