An internationally renowned Team of Experts decipher the most challenging aspect of cloud computing-security Cloud computing allows for both large and small organizations to have the opportunity to use Internet-based services so that they can reduce start-up costs, lower capital expenditures, use services on a pay-as-you-use basis, access applications only as needed, and quickly reduce or increase capacities. However, these benefits are accompanied by a myriad of security issues, and this valuable Book tackles the most common security challenges that cloud computing faces. The Author team consists of bestselling authors, one of whom is the founding member of the Cloud Security Alliance. They offer you years of unparalleled expertise and knowledge as they discuss the extremely challenging topics of data ownership, privacy protections, data mobility, quality of service and service levels, bandwidth costs, data protection, and support. *Begins with an overview of the fundamentals of Cloud computing, and progresses to coverage of service delivery approaches, deployment models, software as a service, platform as a service, and security governance *Tackles the difficult areas of data ownership, privacy protections, bandwidth costs, data protection, and more *Examines Cloud computing risk management, compliance and legal responsibilities of remotely stored and maintained data, life cycle management, and disaster recovery planning from the perspective of the user and the Cloud provider *Addresses handling of incidents and remediation, application security, encryption issues, storage, virtualization mechanisms and vulnerabilities, and access control As the most current and complete guide to helping you find your way through a maze of security minefields, this book is mandatory reading if you are involved in any aspect of cloud computing.
Ronald L. Krutz, PhD, is a senior information systems security consultant with more than 30 years of experience. He founded the CMRI Cybersecurity Center at Carnegie Mellon University. Russell Dean Vines is Chief Security Advisor for Gotham Technology Group, LLC, and has been an information systems security expert for over 25 years. They coauthored the bestselling CISSP Prep Guide.
Foreword. Introduction. Chapter 1 Cloud Computing Fundamentals. Chapter 2 Cloud Computing Architecture. Chapter 3 Cloud Computing Software Security Fundamentals. Chapter 4 Cloud Computing Risks Issues. Chapter 5 Cloud Computing Security Challenges. Chapter 6 Cloud Computing Security Architecture. Chapter 7 Cloud Computing Life Cycle Issues. Chapter 8 Useful Next Steps and Approaches. Glossary of Terms and Acronyms. References. Index.
Excerpts from Inner Flap (Front)
Secure your cloud to maximize its value Cloud computing is flexible, efficient, and cost-effective, but not without risks. To maximize its potential, you need to fully understand its vulnerabilities and how to offset them. This guide thoroughly examines cloud fundamentals, architecture, risks, and security principles. Two leadingsecurity experts detail critical approaches and solutions, helping you achieve the maximum return on cloud investments without compromising the safety of your information. * Avoid leakage and unauthorized data access among virtual machines running on the same server * Properly handle sensitive information * Prevent release of critical data to law enforcement or government agencies without approval by the client * Follow compliance and regulatory requirements * Deal with system crashes or failures * Protect against hacker invasions into client applications hosted on the cloud * Implement solid, robust security protection * Manage interoperability that allows a client to easily move applications among different cloud providers and avoid "lock-in"