Full disclosure: this book is sponsored by the Cloud Security Alliance of which I am a founding member. I am also friends with 2 of the authors.
Even though cloud computing is mainstream such that even the Federal Government is on board; it’s not necessarily so that it will always make computing cheaper and faster. And all the more so when it comes to security and privacy.
The challenge is how to reap the benefits of the cost savings and agility of cloud computing, without throwing security and privacy out the door.
In the CSA Guide to Cloud Computing: Implementing Cloud Privacy and Security, authors Raj Samani, Jim Reavis and Brian Honan provide a good overview of the core areas around cloud security and privacy.
The books starts with an introduction of what cloud computing is. And then gets into key areas such as security considerations for the cloud, privacy imperatives, compliance and regulatory issues, and more.
Chapter 9 on Dark Clouds: What to Do in the Event of a Security Incident is of particular interest, as it is inevitability that there will be security incidents in the cloud. The problem is that many organizations don’t plan for that and when the incident occurs, are completely unprepared on how to deal with it.
At just under 200 pages, the book provides a good overview of the topic. For those looking for a solid introduction to the issue around the security and privacy of cloud computing, the CSA Guide to Cloud Computing: Implementing Cloud Privacy and Security is a solid guide in which to use.