Securing the Cloud: Cloud Computer Security Techniques and Tactics


Posted on by Ben Rothke

Cloud computing is one of the hottest technologies around.  Using Amazon as a barometer, there are scores of books on cloud computing.  Companies are spending billions of dollars migrating applications and data centers to the cloud.  In fact, one is hard pressed to find many of the Fortune 500 who has not yet used some semblance of cloud computing.

But in the rush to move to the cloud, many companies have neglected to ensure that cloud security is built into their model.  Firms often assume that a cloud vendor is a secure cloud vendor.  Nothing could be further from the truth.  Not all cloud vendors are created equal and the levels of security and privacy protection they provide ranges from world class to world’s worst. 

With that, Securing the Cloud: Cloud Computer Security Techniques and Tactics provides the reader with a good overview of what you need to do to ensure that your cloud-based infrastructure provides you with an adequate level of security. 

At 275 pages, the book provides the reader with a comprehensive overview of the core topics around cloud security.  The 10 chapters progress from introduction to more detailed technical issues, all in an easy to read style.

The booked is written for those who need a good high-level framework in which to design security around their cloud initiatives.  The author provides many real-world examples of how you can implement the various scenarios he details. This makes some of the more abstract concepts a bit easier to understand.

The first two chapters of the book provide the reader with an introduction to cloud computing and security and the various cloud computing architectures.  If you don’t now know the difference between such acronyms as Iaas, SaaS or PaaS; you will after finishing these chapters.

Chapter 8 is one of the best chapters in the book on the topic of Selecting an External Cloud Provider.  The chapter goes through the many details on what to do to and what criteria to create in order to make an effective decision on select a cloud provider.  This is not a trivial decision, as the provider will ultimate determine if your cloud solution works or is a disaster. 

For those that want a more detailed and comprehensive view of the cloud, titles such as Cloud Application Architectures: Building Applications and Infrastructure in the Cloud, Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance and Cloud Computing Bible will give them the breadth they need.

For those looking for a fundamental introduction to cloud security, Securing the Cloud is a good place to start.


Contributors
Ben Rothke

Senior Information Security Manager, Tapad

Privacy

cloud security data security privacy

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community

Related Blogs