0
Home / Catalog / Securing Cloud Services - A pragmatic guide
  
Securing Cloud Services - A pragmatic guide  
Published by IT Governance Publishing
Publication Date:  Available in all formats
ISBN: 9781787782075
Pages: 0
https://doi.org/9781787782075

EBOOK (EPUB)

EBOOK (PDF)

ISBN: 9781787782075 Price: INR 4194.75
Add to cart Buy Now

Description

Table of contents

Securing Cloud Services – A pragmatic guide gives an overview of security architecture processes and explains how they may be used to derive an appropriate set of security controls to manage the risks associated with working in the Cloud. The book: Introduces the concepts of Cloud computing and the associated security threats; Explains key security architectures and how they can be applied to Cloud services; and Covers security considerations for the different Cloud service models: IaaS (Infrastructure as a Service), PaaS (Platform as a Service), SaaS (Software as a Service) and FaaS (Function as a Service). Cloud computing represents a major change to the IT services landscape, but it also introduces changes to the risk landscape, which need to be understood and addressed. The flexibility of Cloud computing does not come without compromise or risk. Security remains a major concern for CIOs (chief information officers) considering a move to Cloud-based services. This book gives organisations pragmatic guidance on how to achieve consistent and cohesive security across their IT services – regardless of whether those services are hosted on-premises, on Cloud services or using a combination of both. This guidance in Securing Cloud Services – A pragmatic guide is provided through the application of a Security Reference Model to the different Cloud delivery models – IaaS, PaaS and SaaS – and also considers the changes in approach required to work securely with the newer FaaS model. Part 1 introduces the concepts embodied within Cloud computing, describes the associated security threats and lists some of the leading industry initiatives dedicated to improving the security of Cloud services. Part 2 introduces security architecture concepts and a conceptual Security Reference Model. This model is then applied to the different Cloud service models to show how the conceptual security services within the reference model can be delivered for each Cloud service model. This book will help organisations looking to implement Cloud services aimed at the enterprise – such as Amazon Web Services, Microsoft Azure, Google Cloud Platform and Salesforce – and to do so in a risk-managed manner. It is aimed at business decision makers, senior IT stakeholders, enterprise architects, information security professionals. Manage the risks associated with Cloud computing – buy this book today!
Rating
Description
Securing Cloud Services – A pragmatic guide gives an overview of security architecture processes and explains how they may be used to derive an appropriate set of security controls to manage the risks associated with working in the Cloud. The book: Introduces the concepts of Cloud computing and the associated security threats; Explains key security architectures and how they can be applied to Cloud services; and Covers security considerations for the different Cloud service models: IaaS (Infrastructure as a Service), PaaS (Platform as a Service), SaaS (Software as a Service) and FaaS (Function as a Service). Cloud computing represents a major change to the IT services landscape, but it also introduces changes to the risk landscape, which need to be understood and addressed. The flexibility of Cloud computing does not come without compromise or risk. Security remains a major concern for CIOs (chief information officers) considering a move to Cloud-based services. This book gives organisations pragmatic guidance on how to achieve consistent and cohesive security across their IT services – regardless of whether those services are hosted on-premises, on Cloud services or using a combination of both. This guidance in Securing Cloud Services – A pragmatic guide is provided through the application of a Security Reference Model to the different Cloud delivery models – IaaS, PaaS and SaaS – and also considers the changes in approach required to work securely with the newer FaaS model. Part 1 introduces the concepts embodied within Cloud computing, describes the associated security threats and lists some of the leading industry initiatives dedicated to improving the security of Cloud services. Part 2 introduces security architecture concepts and a conceptual Security Reference Model. This model is then applied to the different Cloud service models to show how the conceptual security services within the reference model can be delivered for each Cloud service model. This book will help organisations looking to implement Cloud services aimed at the enterprise – such as Amazon Web Services, Microsoft Azure, Google Cloud Platform and Salesforce – and to do so in a risk-managed manner. It is aimed at business decision makers, senior IT stakeholders, enterprise architects, information security professionals. Manage the risks associated with Cloud computing – buy this book today!
Table of contents
  • Cover
  • Title
  • Copyright
  • Preface
  • About the Author
  • Acknowledgements
  • Contents
  • Part 1: Securing Cloud services – setting the scene
    • Introduction
    • Chapter 1: Introduction to Cloud computing
      • Cloud computing
    • Chapter 2: Overview of existing Cloud taxonomies and models
      • Service models
      • Deployment models
      • Hybrid Cloud
    • Chapter 3: The security balance
      • Security benefits
      • Data centre security
      • Improved resilience
      • Improved security patching
      • Automation and DevSecOps
      • Security expertise
      • Knowledge sharing and situational awareness
      • Improved information sharing mechanisms
      • Renewal of security architecture and segmentation
      • Potential pitfalls
      • Availability
      • Shadow IT
      • Information leakage
      • Lock-in
      • Multi-tenancy
      • Visibility
      • Inflexible and/or inadequate terms and conditions
    • Chapter 4: Security threats associated with Cloud computing
      • Cloud provider staff
      • Image/application providers
      • Equipment manufacturers
      • Competitors
      • Crackers/hackers
      • Insiders
      • Governments
      • Transport agents
      • Identity providers
      • Attribute providers
      • Cloud brokers
    • Chapter 5: Privacy and regulatory concerns
      • Data protection issues
      • Payment card industry issues
      • Financial services and the Cloud
      • Others
  • Part 2: Securing Cloud services – in practice
    • Introduction
    • Chapter 6: Introduction to security architecture
      • What is security architecture?
      • What is a service?
      • Architectural layers
      • Advantages of security architecture
    • Chapter 7: Application of security architecture to cloud computing
      • Security Reference Model
      • Security service descriptions
      • Service levels and contracts
      • Service models and the Security Reference Model
      • IaaS
      • PaaS
      • FaaS
      • SaaS
      • Conclusion
    • Chapter 8: Security and the Cloud
      • Existing guidance
      • Common security services
      • Hosting
      • Compliance
      • Security governance
      • Cloud deployment models
    • Chapter 9: Security and Infrastructure as a Service
      • IaaS and the SRM
      • Conclusion
    • Chapter 10: Security and Platform as a Service
      • PaaS and the SRM
    • Chapter 11: Security and Software as a Service
    • Chapter 12: Security and Function as a Service
  • Part 3: Conclusion
    • Introduction
    • Chapter 13: Looking ahead
      • Overview
      • Enterprise perspective
      • Cyber security perspective
    • Chapter 14: Conclusion and summary
  • Appendix A: SRM security service assignments
  • Further reading
User Reviews
Rating