You may regard cloud computing as an ideal way for your company to control IT costs, but do you know how private and secure this service really is? Not many people do. With Cloud Security and Privacy, you'll learn what's at stake when you trust your data to the cloud, and what you can do to keep your virtual infrastructure and web applications secure. Ideal for IT staffers, information security and privacy practitioners, business managers, service providers, and investors alike, this book offers you sound advice from three well-known authorities in the tech security world. You'll learn detailed information on cloud computing security that-until now-has been sorely lacking.

• Review the current state of data security and storage in the cloud, including confidentiality, integrity, and availability

• Learn about the identity and access management (IAM) practice for authentication, authorization, and auditing of the users accessing cloud services

• Discover which security management frameworks and standards are relevant for the cloud

• Understand the privacy aspects you need to consider in the cloud, including how they compare with traditional computing models

• Learn the importance of audit and compliance functions within the cloud, and the various standards and frameworks to consider

• Examine security delivered as a service-a different facet of cloud security

Amazon.com® Reader Reviews (Ranked by Helpfulness)

Average Amazon.com® Rating:  Based on 7 Ratings

THE BLIND MEN AND THE ELEPHANT - 2009-11-10
Reviewer Rating:
My title is no accident, I heard Marry Ann Davidson CSO of Oracle, use it in an RSA conference referring to cloud computing she also spoke about it in ISF Canada 2009. Where the whole subject has been elevated to theological warfare.

To sort the whole subject out and become familiar with the evolution of cloud computing I searched for a book on the subject and found many. To be fair to the rest of the books out there, I only read one of them, yes you guessed it, Cloud Security and Privacy. Being a security person myself the title had the 2 operative words I needed to see Security and Privacy (and yes, I am shallow).

Oh! yes about the book, this is by far the best book I have read for a long time, what impressed me is the way it is written, there are questions in nearly every chapter, as you read the question you realize that you were thinking that exact question, or you would have if you knew what to think. For example "what is cloud computing?" Ok I know that's given but stay with me; now here are some of the rest of the questions, "What Is Privacy?" I think that is one hell of a question and the answers given by the author are not ground breaking, however "What Is the Data Life Cycle?" "What Are the Key Privacy Concerns in the Cloud? ", "Who Is Responsible for Protecting Privacy?" put all these questions and more together and properly answer them all, you end up with a near masterpiece.

By the end of Chapter 3 you are not only familiar with cloud computing but you are now able to speak IAAS, PAAS, SAAS and actually understand the infrastructure security as it relates to IAAS.

I specially liked Chapter 6. Security management in the cloud, a very well written chapter about security management as it relates to the cloud computing, both ITIL and ISO27001 controls are mapped to the cloud.

Chapter Seven which deals with Privacy is one of the most important chapters, Privacy may be the single most important factor in deciding whether one chooses to use the cloud computing or not. The author includes a very reach sampling of many of the laws related to Privacy acts throughout the glob and yet in the beginning of the chapter you'll find the following dilemma " but although it may be possible to transfer liability via contractual agreements, it is never possible to transfer accountability." -Cloud Security and Privacy. I may argue that this chapter should have been the second chapter of the book.

In conclusion:
I could write a book about this book, but that would not be fair to you (as you may have noticed, I do not have the talent). Simply buy the book and read it yourself, it is not that expensive and it certainly looks more intelligent than those other books you have about Hacking something or other.

Best Fishes and thank you for reading.
Vik

Cloudy no more - 2009-11-08
Reviewer Rating:
There are two kinds of reactions I get when talking to various folks about Cloud computing - either they love it or hate it. The second category is primarily due to paranoia about entrusting someone else with the responsibility to keep their business systems operating safely. This book does a very good job of methodically laying out the issues and the steps to address them.

The things I liked in this book are
* easy to read with just the right mix of technical jargons
* references and links to a many practical issues that have already occurred, that makes the stuff you are reading very relevant

I am sure that this book will come in handy to me as an architect helping management decide which systems should be hosted in house vs which go into the cloud.

Sanjay

Important and timely topic - excellent coverage - 2009-10-23
Reviewer Rating:
Cloud computing is such a hot topic in today's IT world. The business reasons for adopting cloud computing to run SMB and enterprise IT operations is so strong that it is almost inevitable that we will see a movement toward more and more cloud services being offered. Perhaps a dark cloud that hangs over cloud computing is the question of security (and privacy). The authors of "Cloud Security and Privacy" have done an excellend job of describing today's landscape and the security issues swirling around cloud computing. They provide a good mix of perspectives from IT InfoSec to auditor to cloud provider. They provide a clear and organized view of the security challenges. I would recoomend this book for anyone who is thinking about using or providing cloud services.

For programmers trying to adopt cloud computing methods and offers an assessment of the latest options in data security - 2010-01-11
Reviewer Rating:
Tim Mather, et.al.'s CLOUD SECURITY AND PRIVACY: AN ENTERPRISE PERSPECTIVE ON RISKS AND COMPLIANCE blends theory and applications in a powerful survey of Cloud computing and on demand computing. It is for programmers trying to adopt cloud computing methods and offers an assessment of the latest options in data security and storage.

If you want to be well informed on Security in Cloud...this book is the one. - 2009-10-19
Reviewer Rating:
"Cloud Computing" has been the buzz word for a while now and fortune
1000 companies are drawn to this new trend. The technology is being
adopted by customers without fully understanding the pros and cons of
Cloud Computing, similar to the early days of Virtualization. This
book addresses the pros and cons of Cloud Computing to help IT (who is
responsible for service delivery to their business customers)
understand the risks and advantages of utilizing Cloud services.

Virtualization administrators, security administrators, CIOs,
practically everyone responsible for service delivery can benefit from
this book. This book introduces the concept, digs deeper into the
deployment models, threats, vulnerabilities, talks about compliance
challenges in cloud, and compares various services that leverage cloud
to deliver security-as-a-service.

This book is great read to keep up with this emerging trend and to arm
yourself with technical and business knowledge to make informed
decisions, specially if you are part of the team deciding to go the
cloud for your computing needs.

Thanks
Sudhakar

Browse Similar Topics

Top Level Categories:
Security

Sub-Categories:
Security > Internet/Online