Cloud Security and Governance: Who's on your cloud?
By Sumner Blount and Rob Zanella
1/5
()
About this ebook
The rise of Cloud Computing, with services delivered “in the cloud”, offers businesses incredible power and flexibility. It promises the efficient use of human and financial capital resources, reducing infrastructure and operation costs. It proposes a model of computing that is effective at meeting the demands of business in a rapidly changing environment.
Security and Compliance IssuesOne of the most difficult challenges related to Cloud Computing, revolves around the security and compliance issues associated with it. This is a major concern and will continue to be so, with the ever increasing onslaught of regulations impacting security controls.
This pocket guide explains and highlights some of the key security and compliance issues surrounding Cloud adoption, and provides helpful insight into how they can be addressed.
Sumner Blount
Sumner Blount has been associated with the development and marketing of software products for over 25 years. He has managed the large computer operating system development group at Digital Equipment and Prime Computer, and was Director of Software for Pathway Designs. He later was instrumental in the original conception and development of the DCE (Distributed Computing Environment) technology from the Open Software Foundation, and served as the DCE Program Manager within Digital. He also was the Chairman of the DCE Special Interest Group for five years. More recently, he has held a number of Product Management positions, including management of the Distributed Computing Product Management group at Digital and Senior Product Manager at Netegrity. He came to CA Technologies in 2004, where he has served in the Security and the GRC product marketing groups. He currently is the Director of Security Solutions and focuses primarily on compliance issues. He is the author of several industry journal articles, and has spoken at a number of industry conferences.
Related authors
Related to Cloud Security and Governance
Related ebooks
Cloud Computing: Assessing the risks Rating: 0 out of 5 stars0 ratingsCSA Guide to Cloud Computing: Implementing Cloud Privacy and Security Rating: 0 out of 5 stars0 ratingsSecuring Cloud Services - A pragmatic guide: Second edition Rating: 0 out of 5 stars0 ratingsSecurity Engineering: CISSP, #3 Rating: 0 out of 5 stars0 ratingsA Practitioner's Guide to Adapting the NIST Cybersecurity Framework Rating: 0 out of 5 stars0 ratingsGovernance and Internal Controls for Cutting Edge IT Rating: 0 out of 5 stars0 ratingsSecuring Cloud Services: A pragmatic approach to security architecture in the Cloud Rating: 0 out of 5 stars0 ratingsData Protection and the Cloud: Are the risks too great? Rating: 4 out of 5 stars4/5Cyber Essentials: A Pocket Guide Rating: 5 out of 5 stars5/5Building Effective Cybersecurity Programs: A Security Manager’s Handbook Rating: 4 out of 5 stars4/5The Official (ISC)2 CCSP CBK Reference Rating: 0 out of 5 stars0 ratingsInfosec Management Fundamentals Rating: 5 out of 5 stars5/5Cyber Security: Essential principles to secure your organisation Rating: 0 out of 5 stars0 ratingsMicrosoft Azure Security Rating: 0 out of 5 stars0 ratingsFundamentals of Adopting the NIST Cybersecurity Framework Rating: 0 out of 5 stars0 ratingsBuilding an Effective Cybersecurity Program, 2nd Edition Rating: 0 out of 5 stars0 ratingsThe EU Data Protection Code of Conduct for Cloud Service Providers: A guide to compliance Rating: 0 out of 5 stars0 ratingsCyber Essentials: A guide to the Cyber Essentials and Cyber Essentials Plus certifications Rating: 0 out of 5 stars0 ratingsGDPR for DevOp(Sec) - The laws, Controls and solutions Rating: 5 out of 5 stars5/5The Cyber Security Handbook – Prepare for, respond to and recover from cyber attacks Rating: 0 out of 5 stars0 ratingsFederal Cloud Computing: The Definitive Guide for Cloud Service Providers Rating: 5 out of 5 stars5/5Modern Cybersecurity Practices: Exploring And Implementing Agile Cybersecurity Frameworks and Strategies for Your Organization Rating: 0 out of 5 stars0 ratingsCybersecurity and Third-Party Risk: Third Party Threat Hunting Rating: 0 out of 5 stars0 ratingsCertified Cybersecurity Compliance Professional Rating: 5 out of 5 stars5/5Moving To The Cloud: Developing Apps in the New World of Cloud Computing Rating: 5 out of 5 stars5/5PKI A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsCCISO Third Edition Rating: 0 out of 5 stars0 ratingsCloud Security Strategy A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratings
Security For You
How to Be Invisible: Protect Your Home, Your Children, Your Assets, and Your Life Rating: 4 out of 5 stars4/5How to Become Anonymous, Secure and Free Online Rating: 5 out of 5 stars5/5Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5Practical Lock Picking: A Physical Penetration Tester's Training Guide Rating: 5 out of 5 stars5/5Social Engineering: The Science of Human Hacking Rating: 3 out of 5 stars3/5Network+ Study Guide & Practice Exams Rating: 4 out of 5 stars4/5CompTIA Network+ Review Guide: Exam N10-008 Rating: 0 out of 5 stars0 ratingsCybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity Rating: 5 out of 5 stars5/5The Hacker Crackdown: Law and Disorder on the Electronic Frontier Rating: 4 out of 5 stars4/5Mike Meyers CompTIA Security+ Certification Passport, Sixth Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5How to Hack Like a Pornstar Rating: 5 out of 5 stars5/5CompTIA Security+ Study Guide: Exam SY0-601 Rating: 5 out of 5 stars5/5Remote/WebCam Notarization : Basic Understanding Rating: 3 out of 5 stars3/5Hacking: Ultimate Beginner's Guide for Computer Hacking in 2018 and Beyond: Hacking in 2018, #1 Rating: 4 out of 5 stars4/5Cybersecurity For Dummies Rating: 4 out of 5 stars4/5The Cyber Attack Survival Manual: Tools for Surviving Everything from Identity Theft to the Digital Apocalypse Rating: 0 out of 5 stars0 ratingsCompTIA CySA+ Practice Tests: Exam CS0-002 Rating: 0 out of 5 stars0 ratingsWireless Hacking 101 Rating: 4 out of 5 stars4/5Dark Territory: The Secret History of Cyber War Rating: 4 out of 5 stars4/5Tor and the Dark Art of Anonymity Rating: 5 out of 5 stars5/5Make Your Smartphone 007 Smart Rating: 4 out of 5 stars4/5CompTIA CySA+ Cybersecurity Analyst Certification Passport (Exam CS0-002) Rating: 5 out of 5 stars5/5CompTIA Network+ Certification Guide (Exam N10-008): Unleash your full potential as a Network Administrator (English Edition) Rating: 0 out of 5 stars0 ratingsThe Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers Rating: 4 out of 5 stars4/5Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5Ultimate Guide for Being Anonymous: Hacking the Planet, #4 Rating: 5 out of 5 stars5/5
Reviews for Cloud Security and Governance
1 rating0 reviews
Book preview
Cloud Security and Governance - Sumner Blount
Cloud Security and Governance
Who’s on your Cloud?
Cloud Security
and Governance
Who’s on your Cloud?
SUMNER BLOUNT
ROB ZANELLA
Every possible effort has been made to ensure that the information contained in this book is accurate at the time of going to press, and the publisher and the author cannot accept responsibility for any errors or omissions, however caused. No responsibility for loss or damage occasioned to any person acting, or refraining from action, as a result of the material in this publication can be accepted by the publisher or the author.
Apart from any fair dealing for the purposes of research or private study, or criticism or review, as permitted under the Copyright, Designs and Patents Act 1988, this publication may only be reproduced, stored or transmitted, in any form, or by any means, with the prior permission in writing of the publisher or, in the case of reprographic reproduction, in accordance with the terms of licences issued by the Copyright Licensing Agency. Enquiries concerning reproduction outside those terms should be sent to the publisher at the following address:
IT Governance Publishing
IT Governance Limited
Unit 3, Clive Court
Bartholomew’s Walk
Cambridgeshire Business Park
Ely
Cambridgeshire
CB7 4EH
United Kingdom
www.itgovernance.co.uk
© Sumner Blount and Rob Zanella 2010
The authors have asserted the rights of the author under the Copyright, Designs and Patents Act, 1988, to be identified as the authors of this work.
First published in the United Kingdom in 2010 by IT Governance Publishing.
ISBN 978-1-84928-098-3
FOREWORD
Shifting paradigms introduce a period of fear, uncertainty and doubt.
Organizations – as well as individual roles within the organization – find comfort in the old way of doing things, but are challenged to be innovative and leverage new approaches that bring agility, efficiency and effectiveness to enterprise operations. Cloud Computing is one of those paradigm shifts that is showing the power to completely revolutionize how technology delivers value to the business. It is aimed at the rapid provisioning and agility that business demands in its complex, dynamic and distributed business environment. It promises the efficient use of human and financial capital resources, reducing infrastructure and operation costs. It proposes a model of computing that is effective at meeting the requirements and demands of business in an environment that is changing rapidly.
However, the paradigm shift to Cloud Computing has introduced a major concern: security. How does business take advantage of the wealth of benefits that Cloud Computing promises while avoiding the compromise of confidentiality, integrity and availability of critical business information and processes? Many security officers and managers have dragged their feet and fought tooth and nail against this new paradigm in fear of security compromise. With an onslaught of regulations impacting security controls, this concern has continued to grow.
Just as an organization can have a secure infrastructure or an insecure infrastructure, the same is true of