Cloud Security and Governance: Who's on your cloud?
By Sumner Blount and Rob Zanella
1/5
()
About this ebook
The rise of Cloud Computing, with services delivered “in the cloud”, offers businesses incredible power and flexibility. It promises the efficient use of human and financial capital resources, reducing infrastructure and operation costs. It proposes a model of computing that is effective at meeting the demands of business in a rapidly changing environment.
Security and Compliance IssuesOne of the most difficult challenges related to Cloud Computing, revolves around the security and compliance issues associated with it. This is a major concern and will continue to be so, with the ever increasing onslaught of regulations impacting security controls.
This pocket guide explains and highlights some of the key security and compliance issues surrounding Cloud adoption, and provides helpful insight into how they can be addressed.
Sumner Blount
Sumner Blount has been associated with the development and marketing of software products for over 25 years. He has managed the large computer operating system development group at Digital Equipment and Prime Computer, and was Director of Software for Pathway Designs. He later was instrumental in the original conception and development of the DCE (Distributed Computing Environment) technology from the Open Software Foundation, and served as the DCE Program Manager within Digital. He also was the Chairman of the DCE Special Interest Group for five years. More recently, he has held a number of Product Management positions, including management of the Distributed Computing Product Management group at Digital and Senior Product Manager at Netegrity. He came to CA Technologies in 2004, where he has served in the Security and the GRC product marketing groups. He currently is the Director of Security Solutions and focuses primarily on compliance issues. He is the author of several industry journal articles, and has spoken at a number of industry conferences.
Related to Cloud Security and Governance
Related ebooks
Cloud Computing: Assessing the risks Rating: 0 out of 5 stars0 ratingsCSA Guide to Cloud Computing: Implementing Cloud Privacy and Security Rating: 0 out of 5 stars0 ratingsSecuring Cloud Services: A pragmatic approach to security architecture in the Cloud Rating: 0 out of 5 stars0 ratingsSecuring Cloud Services - A pragmatic guide: Second edition Rating: 0 out of 5 stars0 ratingsThe Official (ISC)2 CCSP CBK Reference Rating: 0 out of 5 stars0 ratingsBuilding Effective Cybersecurity Programs: A Security Manager’s Handbook Rating: 4 out of 5 stars4/5GDPR for DevOp(Sec) - The laws, Controls and solutions Rating: 5 out of 5 stars5/5Data Protection and the Cloud: Are the risks too great? Rating: 4 out of 5 stars4/5Microsoft Azure Security Rating: 0 out of 5 stars0 ratingsA Practitioner's Guide to Adapting the NIST Cybersecurity Framework Rating: 0 out of 5 stars0 ratingsThe Basics of Cloud Computing: Understanding the Fundamentals of Cloud Computing in Theory and Practice Rating: 4 out of 5 stars4/5Cyber Essentials: A guide to the Cyber Essentials and Cyber Essentials Plus certifications Rating: 0 out of 5 stars0 ratingsModern Cybersecurity Practices: Exploring And Implementing Agile Cybersecurity Frameworks and Strategies for Your Organization Rating: 0 out of 5 stars0 ratingsFederal Cloud Computing: The Definitive Guide for Cloud Service Providers Rating: 5 out of 5 stars5/5Cybersecurity and Third-Party Risk: Third Party Threat Hunting Rating: 0 out of 5 stars0 ratingsThe EU Data Protection Code of Conduct for Cloud Service Providers: A guide to compliance Rating: 0 out of 5 stars0 ratingsThe Case for ISO27001:2013 Rating: 1 out of 5 stars1/5Fundamentals of Adopting the NIST Cybersecurity Framework Rating: 0 out of 5 stars0 ratingsStart-Up Secure: Baking Cybersecurity into Your Company from Founding to Exit Rating: 0 out of 5 stars0 ratingsInfosec Management Fundamentals Rating: 5 out of 5 stars5/5The Cyber Security Handbook – Prepare for, respond to and recover from cyber attacks Rating: 0 out of 5 stars0 ratingsBuilding an Effective Cybersecurity Program, 2nd Edition Rating: 0 out of 5 stars0 ratingsFight Fire with Fire: Proactive Cybersecurity Strategies for Today's Leaders Rating: 0 out of 5 stars0 ratingsMulti-Cloud Administration Guide: Manage and optimize cloud resources across Azure, AWS, GCP, and Alibaba Cloud (English Edition) Rating: 0 out of 5 stars0 ratingsSecurity Engineering: CISSP, #3 Rating: 0 out of 5 stars0 ratingsAZURE AZ 500 STUDY GUIDE-1: Microsoft Certified Associate Azure Security Engineer: Exam-AZ 500 Rating: 0 out of 5 stars0 ratingsThe Cloud Security Ecosystem: Technical, Legal, Business and Management Issues Rating: 0 out of 5 stars0 ratingsSecuring the Cloud: Cloud Computer Security Techniques and Tactics Rating: 5 out of 5 stars5/5
Security For You
CompTIA Security+ Study Guide: Exam SY0-601 Rating: 5 out of 5 stars5/5Destination CISSP Rating: 3 out of 5 stars3/5Hacking For Dummies Rating: 4 out of 5 stars4/5Cybersecurity For Dummies Rating: 4 out of 5 stars4/5Practical Lock Picking: A Physical Penetration Tester's Training Guide Rating: 5 out of 5 stars5/5Tor and the Dark Art of Anonymity Rating: 5 out of 5 stars5/5Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5CompTIA Network+ Review Guide: Exam N10-008 Rating: 0 out of 5 stars0 ratingsCybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity Rating: 5 out of 5 stars5/5Codes and Ciphers - A History of Cryptography Rating: 4 out of 5 stars4/5Make Your Smartphone 007 Smart Rating: 4 out of 5 stars4/5Cybersecurity All-in-One For Dummies Rating: 0 out of 5 stars0 ratingsMike Meyers CompTIA Security+ Certification Passport, Sixth Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5Amazon Web Services (AWS) Interview Questions and Answers Rating: 5 out of 5 stars5/5Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5Network+ Study Guide & Practice Exams Rating: 4 out of 5 stars4/5Wireless Hacking 101 Rating: 4 out of 5 stars4/5Remote/WebCam Notarization : Basic Understanding Rating: 3 out of 5 stars3/5Social Engineering: The Science of Human Hacking Rating: 3 out of 5 stars3/5Blockchain Basics: A Non-Technical Introduction in 25 Steps Rating: 5 out of 5 stars5/5Ethical Hacking 101 - How to conduct professional pentestings in 21 days or less!: How to hack, #1 Rating: 5 out of 5 stars5/5How to Hack Like a Pornstar Rating: 5 out of 5 stars5/5How to Become Anonymous, Secure and Free Online Rating: 5 out of 5 stars5/5Ultimate Guide for Being Anonymous: Hacking the Planet, #4 Rating: 5 out of 5 stars5/5
Reviews for Cloud Security and Governance
1 rating0 reviews
Book preview
Cloud Security and Governance - Sumner Blount
Cloud Security and Governance
Who’s on your Cloud?
Cloud Security
and Governance
Who’s on your Cloud?
SUMNER BLOUNT
ROB ZANELLA
Every possible effort has been made to ensure that the information contained in this book is accurate at the time of going to press, and the publisher and the author cannot accept responsibility for any errors or omissions, however caused. No responsibility for loss or damage occasioned to any person acting, or refraining from action, as a result of the material in this publication can be accepted by the publisher or the author.
Apart from any fair dealing for the purposes of research or private study, or criticism or review, as permitted under the Copyright, Designs and Patents Act 1988, this publication may only be reproduced, stored or transmitted, in any form, or by any means, with the prior permission in writing of the publisher or, in the case of reprographic reproduction, in accordance with the terms of licences issued by the Copyright Licensing Agency. Enquiries concerning reproduction outside those terms should be sent to the publisher at the following address:
IT Governance Publishing
IT Governance Limited
Unit 3, Clive Court
Bartholomew’s Walk
Cambridgeshire Business Park
Ely
Cambridgeshire
CB7 4EH
United Kingdom
www.itgovernance.co.uk
© Sumner Blount and Rob Zanella 2010
The authors have asserted the rights of the author under the Copyright, Designs and Patents Act, 1988, to be identified as the authors of this work.
First published in the United Kingdom in 2010 by IT Governance Publishing.
ISBN 978-1-84928-098-3
FOREWORD
Shifting paradigms introduce a period of fear, uncertainty and doubt.
Organizations – as well as individual roles within the organization – find comfort in the old way of doing things, but are challenged to be innovative and leverage new approaches that bring agility, efficiency and effectiveness to enterprise operations. Cloud Computing is one of those paradigm shifts that is showing the power to completely revolutionize how technology delivers value to the business. It is aimed at the rapid provisioning and agility that business demands in its complex, dynamic and distributed business environment. It promises the efficient use of human and financial capital resources, reducing infrastructure and operation costs. It proposes a model of computing that is effective at meeting the requirements and demands of business in an environment that is changing rapidly.
However, the paradigm shift to Cloud Computing has introduced a major concern: security. How does business take advantage of the wealth of benefits that Cloud Computing promises while avoiding the compromise of confidentiality, integrity and availability of critical business information and processes? Many security officers and managers have dragged their feet and fought tooth and nail against this new paradigm in fear of security compromise. With an onslaught of regulations impacting security controls, this concern has continued to grow.
Just as an organization can have a secure infrastructure or an insecure infrastructure, the same is true of