Securing Cloud Services: A pragmatic approach to security architecture in the Cloud
Book Details
Author(s)Lee Newcombe
PublisherIT Governance
ISBN / ASINB01GQB554W
ISBN-13978B01GQB5547
Sales Rank400,570
MarketplaceUnited States 🇺🇸
Description
Securing Cloud Services: A pragmatic approach to security architecture in the Cloud
“... this book is a must-read for those looking for guidance based on real-life experience and a pragmatic perspective. The book is easy to read, and provides an account of the author’s research and experience ... It has a very clear purpose, and that is to prepare individuals at organizations interested in adopting cloud computing to recognize security risks and help them learn best practices for managing those risks.”
Phoram Mehta, Computing Reviews
“This book is richly enhanced with tables, diagrams, concepts, and references to various web sites and pages for further examination, it is a book for any security professional, student or IT risk practitioner who wishes to see the cloud from its more practical side.”
Ibe Kalu Etea, ISACA.org website review
Cloud Computing represents a major change to the IT services landscape. Cloud services, such as SalesForce, Amazon Web Services® and Microsoft® Azure®, offer enterprise grade computing power to businesses of all sizes, without the need to invest in the hardware, software and staff usually required to support equivalent on-premise services.
Unfortunately, this flexibility in IT service deployment introduces a different set of potential security risks, which need to be understood and addressed.
An architectural approach to securing Cloud services
This book provides an overview of security architecture processes and explains how they may be used to derive an appropriate set of security controls to manage the risks associated with working in the Cloud.
Part 1 introduces Cloud Computing and describes the main service models (IaaS, PaaS and SaaS) and deployment models (public, private, community and hybrid) as defined by NIST. It outlines the common benefits, and describes some of the potential pitfalls of, and threats associated with, Cloud Computing.
Part 2 outlines security architecture concepts and describes how they relate to Cloud Computing. It uses a conceptual security reference model (SRM) to define a set of common security services and explains how they can be delivered across the various service models in order to secure a Cloud service.
Part 3 provides summary conclusions, and speculates on the future of Cloud Computing and its associated market.
Beyond the generic
This book goes beyond the subject of generic Cloud security and, instead, offers a more detailed and architectural approach to securing Cloud services.
It is aimed at business decision makers, senior IT stakeholders, enterprise architects, information security professionals and anyone else who is interested in working with cloud services, but might be concerned about the potential security implications.
About the author
Lee Newcombe is an enterprise architect with commercial experience at numerous high-profile companies, including a retail bank, a systems integrator and one of the Big 4 consultancies. He has worked within various Cloud programmes and acted as the IT industry security expert during the early days of the UK Government’s G-Cloud programme. Lee has been writing about, presenting on, and working with Cloud technologies since 2007, and is a named contributor to the Cloud Security Alliance guidance document.
“... this book is a must-read for those looking for guidance based on real-life experience and a pragmatic perspective. The book is easy to read, and provides an account of the author’s research and experience ... It has a very clear purpose, and that is to prepare individuals at organizations interested in adopting cloud computing to recognize security risks and help them learn best practices for managing those risks.”
Phoram Mehta, Computing Reviews
“This book is richly enhanced with tables, diagrams, concepts, and references to various web sites and pages for further examination, it is a book for any security professional, student or IT risk practitioner who wishes to see the cloud from its more practical side.”
Ibe Kalu Etea, ISACA.org website review
Cloud Computing represents a major change to the IT services landscape. Cloud services, such as SalesForce, Amazon Web Services® and Microsoft® Azure®, offer enterprise grade computing power to businesses of all sizes, without the need to invest in the hardware, software and staff usually required to support equivalent on-premise services.
Unfortunately, this flexibility in IT service deployment introduces a different set of potential security risks, which need to be understood and addressed.
An architectural approach to securing Cloud services
This book provides an overview of security architecture processes and explains how they may be used to derive an appropriate set of security controls to manage the risks associated with working in the Cloud.
Part 1 introduces Cloud Computing and describes the main service models (IaaS, PaaS and SaaS) and deployment models (public, private, community and hybrid) as defined by NIST. It outlines the common benefits, and describes some of the potential pitfalls of, and threats associated with, Cloud Computing.
Part 2 outlines security architecture concepts and describes how they relate to Cloud Computing. It uses a conceptual security reference model (SRM) to define a set of common security services and explains how they can be delivered across the various service models in order to secure a Cloud service.
Part 3 provides summary conclusions, and speculates on the future of Cloud Computing and its associated market.
Beyond the generic
This book goes beyond the subject of generic Cloud security and, instead, offers a more detailed and architectural approach to securing Cloud services.
It is aimed at business decision makers, senior IT stakeholders, enterprise architects, information security professionals and anyone else who is interested in working with cloud services, but might be concerned about the potential security implications.
About the author
Lee Newcombe is an enterprise architect with commercial experience at numerous high-profile companies, including a retail bank, a systems integrator and one of the Big 4 consultancies. He has worked within various Cloud programmes and acted as the IT industry security expert during the early days of the UK Government’s G-Cloud programme. Lee has been writing about, presenting on, and working with Cloud technologies since 2007, and is a named contributor to the Cloud Security Alliance guidance document.
