Cloud Security and Privacy An Enterprise Perspective on Risks and Compliance

Name: Cloud Security and Privacy An Enterprise Perspective on Risks and Compliance
Availability: InStock
ISBN: 9780596802769

ISBN-10: 0596802765

ISBN-13: 9780596802769

Edition: 2009

Authors: Tim Mather, Subra Kumaraswamy, Shahed Latif

List price: $43.99

30 day, 100% satisfaction guarantee!

Semester Rental: $17.58 Due date: 8/13/2024

Rental notice: supplementary materials (access codes, CDs, etc.) are not guaranteed with rental orders.

Buy used: $8.21

Marketplace

4 new & used from $4.39

what's this?

Rush Rewards U
Members Receive:

You have reached 400 XP and carrot coins. That is the daily max!

Book details

List price: $43.99
Copyright year: 2009
Publisher: O'Reilly Media, Incorporated
Publication date: 10/8/2009
Binding: Paperback
Pages: 334
Size: 7.13" wide x 9.09" long x 0.70" tall
Weight: 0.330
Language: English

Tim Mather is V.P. & Chief Security Strategist for RSA, The Security Division of EMC. He is assigned to the vendor-agnostic RSA Conference, responsible for keeping ahead of security industry trends, technology, and threats.

Subra Kumaraswamy has more than 17 years of engineering and management experience encompassing information security, Internet and e-commerce technologies. He is currently leading a security access management program in the IT Security office at Sun.

Shahed Latif is a partner in KPMG's Advisory practice having extensive IT and business skills. He has over 21 years of experience working with the global fortune 1000 companies focusing on providing business and technology solutions across a variety of areas. Shahed has spent 10 years in the London office working in the financial sector consulting group, Information Risk management group and the assurance practice. He has worked on large global companies giving him the opportunity to have worked in Africa, Asia, and Europe.



Preface



Introduction


ï¿½Mind the Gapï¿½


The Evolution of Cloud Computing


Summary



What Is Cloud Computing?


Cloud Computing Defined


The SPI Framework for Cloud Computing


The Traditional Software Model


The Cloud Services Delivery Model


Cloud Deployment Models


Key Drivers to Adopting the Cloud


The Impact of Cloud Computing on Users


Governance in the Cloud


Barriers to Cloud Computing Adoption in the Enterprise


Summary



Infrastructure Security


Infrastructure Security: The Network Level


Infrastructure Security: The Host Level


Infrastructure Security: The Application Level


Summary



Data Security and Storage


Aspects of Data Security


Data Security Mitigation


Provider Data and Its Security


Summary



Identity and Access Management


Trust Boundaries and IAM


Why IAM?


IAM Challenges


IAM Definitions


IAM Architecture and Practice


Getting Ready for the Cloud


Relevant IAM Standards and Protocols for Cloud Services


IAM Practices in the Cloud


Cloud Authorization Management


Cloud Service Provider IAM Practice


Guidance


Summary



Security Management In The Cloud


Security Management Standards


Security Management in the Cloud


Availability Management


SaaS Availability Management


PaaS Availability Management


IaaS Availability Management


Access Control


Security Vulnerability, Patch, and Configuration Management


Summary



Privacy


What is Privacy?


What Is the Data Life Cycle?


What Are the Key Privacy Concerns in the Cloud?


Who Is Responsible for Protecting Privacy?


Changes to Privacy Risk Management and Compliance in Relation to Cloud Computing


Legal and Regulatory Implications


U.S. Laws and Regulations


International Laws and Regulations


Summary



Audit and Compliance


Internal Policy Compliance


Governance, Risk, and Compliance (GRC)


Illustrative Control Objectives for Cloud Computing


Incremental CSP-Specific Control Objectives


Additional Key Management Control Objectives


Control Considerations for CSP Users


Regulatory/External Compliance


Other Requirements


Cloud Security Alliance


Auditing the Cloud for Compliance


Summary



Examples Of Cloud Service Providers


Amazon Web Services (laaS)


Google (SaaS, PaaS)


Microsoft Azure Services Platform (PaaS)


Proofpoint (SaaS, laaS)


RighiScale (laaS)


Salesforce.com (SaaS, PaaS)


Sun Open Cloud Platform


Workday (SaaS)


Summary



Security-As-A-[Cloud] Service


Origins


Today's Offerings


Summary



The Impact of Cloud Computing on The Role of Corporate It


Why Cloud Computing Wilt Be Popular with Business Units


Potential Threats of Using CSPs


A Case Study Illustrating Potential Changes in the IT Profession Caused by Cloud Computing


Governance Factors to Consider When Using Cloud Computing


Summary



Conclusion and The Future of The Cloud


Analyst Predictions


Survey Says?


Security in Cloud Computing


Program Guidance for CSP Customers


The Future of Security in Cloud Computing


Summary



Sas 70 Report Content Example



Systrust Report Content Example



Open Security Architecture for Cloud Computing


Glossary


Index