Skip to content

Cloud Security and Privacy An Enterprise Perspective on Risks and Compliance

Spend $50 to get a free DVD!

ISBN-10: 0596802765

ISBN-13: 9780596802769

Edition: 2009

Authors: Tim Mather, Subra Kumaraswamy, Shahed Latif

List price: $43.99
Blue ribbon 30 day, 100% satisfaction guarantee!
Rent eBooks
Buy eBooks
what's this?
Rush Rewards U
Members Receive:
Carrot Coin icon
XP icon
You have reached 400 XP and carrot coins. That is the daily max!

Customers also bought

Book details

List price: $43.99
Copyright year: 2009
Publisher: O'Reilly Media, Incorporated
Publication date: 10/8/2009
Binding: Paperback
Pages: 334
Size: 7.00" wide x 9.50" long x 0.75" tall
Weight: 0.330
Language: English

Tim Mather is V.P. & Chief Security Strategist for RSA, The Security Division of EMC. He is assigned to the vendor-agnostic RSA Conference, responsible for keeping ahead of security industry trends, technology, and threats.

Subra Kumaraswamy has more than 17 years of engineering and management experience encompassing information security, Internet and e-commerce technologies. He is currently leading a security access management program in the IT Security office at Sun.

Shahed Latif is a partner in KPMG's Advisory practice having extensive IT and business skills. He has over 21 years of experience working with the global fortune 1000 companies focusing on providing business and technology solutions across a variety of areas. Shahed has spent 10 years in the London office working in the financial sector consulting group, Information Risk management group and the assurance practice. He has worked on large global companies giving him the opportunity to have worked in Africa, Asia, and Europe.

Preface
Introduction
�Mind the Gap�
The Evolution of Cloud Computing
Summary
What Is Cloud Computing?
Cloud Computing Defined
The SPI Framework for Cloud Computing
The Traditional Software Model
The Cloud Services Delivery Model
Cloud Deployment Models
Key Drivers to Adopting the Cloud
The Impact of Cloud Computing on Users
Governance in the Cloud
Barriers to Cloud Computing Adoption in the Enterprise
Summary
Infrastructure Security
Infrastructure Security: The Network Level
Infrastructure Security: The Host Level
Infrastructure Security: The Application Level
Summary
Data Security and Storage
Aspects of Data Security
Data Security Mitigation
Provider Data and Its Security
Summary
Identity and Access Management
Trust Boundaries and IAM
Why IAM?
IAM Challenges
IAM Definitions
IAM Architecture and Practice
Getting Ready for the Cloud
Relevant IAM Standards and Protocols for Cloud Services
IAM Practices in the Cloud
Cloud Authorization Management
Cloud Service Provider IAM Practice
Guidance
Summary
Security Management In The Cloud
Security Management Standards
Security Management in the Cloud
Availability Management
SaaS Availability Management
PaaS Availability Management
IaaS Availability Management
Access Control
Security Vulnerability, Patch, and Configuration Management
Summary
Privacy
What is Privacy?
What Is the Data Life Cycle?
What Are the Key Privacy Concerns in the Cloud?
Who Is Responsible for Protecting Privacy?
Changes to Privacy Risk Management and Compliance in Relation to Cloud Computing
Legal and Regulatory Implications
U.S. Laws and Regulations
International Laws and Regulations
Summary
Audit and Compliance
Internal Policy Compliance
Governance, Risk, and Compliance (GRC)
Illustrative Control Objectives for Cloud Computing
Incremental CSP-Specific Control Objectives
Additional Key Management Control Objectives
Control Considerations for CSP Users
Regulatory/External Compliance
Other Requirements
Cloud Security Alliance
Auditing the Cloud for Compliance
Summary
Examples Of Cloud Service Providers
Amazon Web Services (laaS)
Google (SaaS, PaaS)
Microsoft Azure Services Platform (PaaS)
Proofpoint (SaaS, laaS)
RighiScale (laaS)
Salesforce.com (SaaS, PaaS)
Sun Open Cloud Platform
Workday (SaaS)
Summary
Security-As-A-[Cloud] Service
Origins
Today's Offerings
Summary
The Impact of Cloud Computing on The Role of Corporate It
Why Cloud Computing Wilt Be Popular with Business Units
Potential Threats of Using CSPs
A Case Study Illustrating Potential Changes in the IT Profession Caused by Cloud Computing
Governance Factors to Consider When Using Cloud Computing
Summary
Conclusion and The Future of The Cloud
Analyst Predictions
Survey Says?
Security in Cloud Computing
Program Guidance for CSP Customers
The Future of Security in Cloud Computing
Summary
Sas 70 Report Content Example
Systrust Report Content Example
Open Security Architecture for Cloud Computing
Glossary
Index