Cloud Computing [electronic resource] : Assessing the Risks.

ISBN:

9781849283601

9781628700114

9781849283618

Title:

Cloud Computing [electronic resource] : Assessing the Risks.

Author:

Carstensen, Jared.

Personal Author:

Carstensen, Jared.

Publication Information:

Ely : IT Governance Publishing, 2012.

Physical Description:

1 online resource (297 pages)

General Note:

Intrusion detection system/intrusion prevention system.

Contents:

What others are saying about this book; Foreword; About the Authors; Acknowledgements; Contents; Chapter 1: Cloud Computing Explained; The potential of Cloud Computing; Cloud Computing defined; Cloud Computing deployment models; Cloud Computing service models; Discussion of each service model; Key characteristics of Cloud Computing; Characteristic One: On-demand self-service; Implications of Characteristic One; Characteristic Two: Broad network access; Implications of Characteristic Two; Characteristic Three: Resource pooling; Implications of Characteristic Three.

Characteristic Four: Rapid elasticityImplications of Characteristic Four; Characteristic Five: Measured service; Implications of Characteristic Five; Summary of Cloud Computing characteristics; Cloud Computing definition summary; What The New York Times tells us about Cloud Computing; Chapter 2: How Cloud Computing Changes Security, Governance, Risk and Compliance; Relationship between security, compliance and risk; Understanding the trust boundary; Governance, compliance and risk in a Cloud environment; Security in a Cloud Computing environment; The challenge of dynamism.

The challenge of a shared environmentThe challenge of security deperimeterisation; Cloud security challenges summary; Conclusion; Chapter 3: Governance of Cloud Computing; Which governance framework is right for Cloud?; Role of the service catalogue; Dude, where's my server? (The need for policy management); Conclusion; Additional resources; Chapter 4: Cloud Computing Top Security Risks; Security -- the shift from static to dynamic; Breakdown of security assumptions; Facility: Cloud provider responsibility; Facility physical infrastructure: Cloud provider responsibility.

Facility computing infrastructure: Cloud provider responsibilityComputing hardware infrastructure: Cloud provider responsibility; Computing software infrastructure: Cloud provider responsibility; Computing software infrastructure: Cloud user responsibility; Operating system; Middleware; Application code; Other application components; Templates; Licensing; Conclusion; Chapter 5: Assessing Security in the Cloud; Assessing Cloud security; Peeking below the trust boundary; The challenge of evaluation; Role of certification; Certifications and audits; How certifications work.

Dealing with multiple compliance standardsCloud Security Alliance; Leveraging the CSA; Overview of the CAI and CCM; Mapping the CAI and CCM to the security stack; Conclusion; Chapter 6: Cloud Computing Application Security; Identity management and role-based access controls; User identity management; Administrator identity management; Identity management conclusion; Network security; Network security conclusion; Data security; Data security conclusion; Instance security; Firewall; System services; Vulnerability assessment/penetration testing.

Local Note:

eBooks on EBSCOhost

Subject Term:

Added Author:

Format:

Electronic Resources

Electronic Access:

Click here to view

Publication Date:

2012

Publication Information:

Ely : IT Governance Publishing, 2012.

Available:*

Shelf Number	Material Type	Copy	Shelf Location	Status
005.8	1:E-BOOK	1	1:ONLINE	Searching... Unknown

Bound With These Titles

On Order

Summary

Do you trust the Cloud? Should you trust the Cloud?

'Cloud Computing' are the words on everyone's lips - it's the latest technology, the way forward. But how safe is it? Is it reliable? How secure will your information be?

Questions ...

Cloud Computing: Assessing the risks answers these questions and many more. Using jargon-free language and relevant examples, analogies and diagrams, it is an up-to-date, clear and comprehensive guide the security, governance, risk, and compliance elements of Cloud Computing.

Written by three internationally renowned experts, this book discusses the primary concerns of most businesses leaders - the security and risk elements of the Cloud. But 'security and risk' are just two elements of Cloud Computing, and this book focuses on all the critical components of a successful cloud programme including - compliance, risk, reliability, availability, areas of responsibility, Cloud Computing borders, legalities, digital forensics and business continuity. This book covers them all.

... and answers

This book will enable you to:

understand the different types of Cloud and know which is the right one for your business have realistic expectations of what a Cloud service can give you, and enable you to manage it in the way that suits your business minimise potential disruption by successfully managing the risks and threats make appropriate changes to your business in order to seize opportunities offered by Cloud set up an effective governance system and benefit from the consequential cost savings and reductions in expenditure understand the legal implications of international data protection and privacy laws, and protect your business against falling foul of such laws appreciate how the Cloud can benefit your business continuity and disaster recovery planning.

Author Notes

Carstensen Jared :

Jared Carstensen is an internationally recognised and renowned information security specialist working for Deloitte & Touche. He is a certified industry professional by the International Information Systems Security Consortium (ISC)2, Information Systems Audit and Control Association (ISACA), British Standards Institute (BSI), Cloud Security Alliance (CSA), City & Guilds, and the NCC (UK).

Jared has contributed and led projects for numerous Fortune 500 companies, government and state bodies, financial institutions, large multinationals, intelligence and law enforcements bodies, and blue-chip firms around the world. These include projects in Ireland, the United Kingdom, the United Arab Emirates, Nigeria, South Africa and the United States. Jared has also led a number of highly complex flagship projects in West Africa, South Africa and the United States.

He regularly contributes as a member of the following organisations - International Information Systems Security Consortium (ISC)2, Information Systems Audit and Control Association (ISACA), the British Standards Institute (BSI), and Standards.org.

Jared has been a featured speaker at numerous international events on security and best-practice related topics, and was selected as a member of the IT Governance Expert Panel (10+ Domains) and an advisory panel member for Standards.org.

Morgenthal JP :

JP Morgenthal is one of the world's foremost experts in IT strategy and Cloud Computing. He has been applying technology solutions to complex business problems for more than 25 years. He is a respected author and is the Lead Cloud Computing Editor for InfoQ. JP is also President of the Cloud Security Alliance Washington DC, USA Chapter.

Golden Bernard :

Bernard Golden is the CEO of HyperStratus, a Silicon Valley Cloud Computing consultancy which works with clients throughout the world. Bernard is the Cloud Computing Advisor for CIO Magazine and an award-winning blogger. He has been described as a Top 100 'Most Powerful Voice' in security. He is a well-known writer and speaker on Cloud Computing.

JP Morgenthal is one of the world's foremost experts in IT strategy and Cloud Computing. He has been applying technology solutions to complex business problems for more than 30 years. He is a respected author and is the Lead Cloud Computing Editor for InfoQ. JP is also President of the Cloud Security Alliance Washington DC, USA Chapter.