Cloud Computer Security Techniques and Tactics

Wednesday, July 27, 2011

Ben Rothke

3e35900ae6facc6c146a85c435c71d82

Cloud computing is one of the hottest technologies around. Using Amazon as a barometer, there are scores of books on cloud computing. 

Companies are spending billions of dollars migrating applications and data centers to the cloud.  In fact, one is hard pressed to find many of the Fortune 500 who has not yet used some semblance of cloud computing.

But in the rush to move to the cloud, many companies have neglected to ensure that cloud security is built into their model.  Firms often assume that a cloud vendor is a secure cloud vendor. 

Nothing could be further from the truth.  Not all cloud vendors are created equal and the levels of security and privacy protection they provide ranges from world class to world’s worst.

With that, Securing the Cloud: Cloud Computer Security Techniques and Tactics provides the reader with a good overview of what you need to do to ensure that your cloud-based infrastructure provides you with an adequate level of security.

At 275 pages, the book provides the reader with a comprehensive overview of the core topics around cloud security. The 10 chapters progress from introduction to more detailed technical issues, all in an easy to read style.

The book is written for those who need a good high-level framework in which to design security around their cloud initiatives. 

The author provides many real-world examples of how you can implement the various scenarios he details. This makes some of the more abstract concepts a bit easier to understand.

The first two chapters of the book provide the reader with an introduction to cloud computing and security and the various cloud computing architectures. 

If you don’t now know the difference between such acronyms as Iaas, SaaS or PaaS; you will after finishing these chapters.

Chapter 8 is one of the best chapters in the book on the topic of Selecting an External Cloud Provider.  The chapter goes through the many details on what to do to and what criteria to create in order to make an effective decision on select a cloud provider. 

This is not a trivial decision, as the provider will ultimate determine if your cloud solution works or is a disaster.

For those that want a more detailed and comprehensive view of the cloud, titles such as Cloud Application Architectures: Building Applications and Infrastructure in the Cloud, Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance and Cloud Computing Bible will give them the breadth they need.

For those looking for a fundamental introduction to cloud security, Securing the Cloud is a good place to start.

Cross-posted from RSA

Possibly Related Articles:
12134
Cloud Security
Service Provider
Cloud Security SaaS Managed Services Data Center Enterprise vendors
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.