Securing the Cloud
Author: Vic (J.R.) Winkler
Cloud computing and cloud services have proliferated in the first place because of one simple reason: they lower the cost of doing business.
The worrying about the security implications of switching to the cloud has started a bit later, but as more and more companies started to migrate their assets and data – and as attackers spotted the trend – securing them against compromise became more and more important.
About the author
Vic (J.R.) Winkler is a Senior Associate at Booz Allen Hamilton, providing technical consultation to U.S. Government clients. He is a published InfoSec and cyber security researcher as well as an expert in intrusion/anomaly detection.
Inside the book
“Securing the Cloud” is a book aimed at anyone who is considering using, building or securing a cloud implementation, but can also come in hand to executives looking to learn about the pitfalls of doing it poorly.
It starts with a broad introduction to the notion of cloud computing, the technological foundation for it, its advantages, its roots, and the changes it brings, followed by detailed explanations about the cloud computing architecture, the cloud service models and the cloud delivery models (private, public, hybrid, and community) – all with a list of pros and cons, and helpful real-world examples of the delivery models.
Cloud computing brings with it its own specific security concerns, risks and legal issues, all of which are addressed very clearly in Chapter 3, which should definitely be required reading for everybody involved in the decision-making process regarding the cloud implementation and, obviously, the business’ legal department.
The next two chapters familiarize the reader with things to think about and steps to perform for securing the cloud architecture and the data contained in the cloud. These chapters are extensive, cover everything from key strategies for secure operation to data encryption and access control, and do so in a very easy-to-understand manner that should not present problems for those readers who haven’t got a wide technical knowledge.
Text boxes containing tips and warnings are effectively used throughout the books to point out details and share knowledge that would otherwise go unnoticed.
Chapter 6 is another must-read, as it contains key strategies and best practices for securing the cloud and monitoring it, complete with great to-do lists.
Next, the issues tied with the decisions to build a private cloud or to use a public one are addressed – including the pros and cons, and the considerations that need to be thought of when choosing an external cloud provider.
In order to evaluate your cloud security, Chapter 9 offers a number of handy checklists and the metrics to evaluate their results, and great real-life examples show why some things are important.
“Securing the Cloud” might be the very first considerably technical book that I read as if it were a novel, and I attribute that to the author’s great writing. He doesn’t complicate what is simple, and has a way of simplifying complex concepts that makes for some very easy reading.