by Jared Carstensen, Bernard Golden and JP Morgenthal
Using jargon-free language and relevant examples, analogies and diagrams, this up-to-date, clear, comprehensive guide discusses the primary concerns of most businesses leaders regarding the security and risk elements of the Cloud.
Cloud Computing - Assessing the Risks
Do you trust the Cloud? Should you trust the Cloud? 'Cloud Computing' is the phrase on everyone's lips it's the latest technology, the way forward. But how safe is it? Is it reliable? How secure will your information be? Questions ... Cloud Computing: Assessing the risks answers these questions and many more. Using jargon-free language and relevant examples, analogies and diagrams, it is an up-to-date, clear and comprehensive guide the security, governance, risk, and compliance elements of Cloud Computing. Written by three internationally renowned experts, this book discusses the primary concerns of most businesses leaders the security and risk elements of the Cloud. But 'security and risk are just two elements of Cloud Computing, and this book focuses on all the critical components of a successful cloud program, including compliance, risk, reliability, availability, areas of responsibility, Cloud Computing borders, legalities, digital forensics and business continuity. This book covers them all. ... and answers This book will enable you to: understand the different types of Cloud and know which is the right one for your business have realistic expectations of what a Cloud service can give you, and enable you to manage it in the way that suits your business minimize potential disruption by successfully managing the risks and threats make appropriate changes to your business in order to seize opportunities offered by Cloud set up an effective governance system and benefit from the consequential cost savings and reductions in expenditure understand the legal implications of international data protection and privacy laws, and protect your business against falling foul of such laws know how Cloud can benefit your business continuity and disaster recovery planning.item_dimensions: 2.13 x 1.38 x 0 inches; 12.64 ounces
shipping_weight: 13.44 ounces
Table of Contents
Cloud Computing?Assessing the Risks
Chapter 1 ? Cloud Computing Explained
The potential of Cloud Computing
Cloud Computing defined
Key characteristics of Cloud Computing
Characteristic One: On-demand self-service
Characteristic Two: Broad network access
Characteristic Three: Resource pooling
Characteristic Four: Rapid elasticity
Characteristic Five: Measured service
Summary of Cloud Computing characteristics
Cloud Computing definition summary
What TheNew York Times tells us about Cloud Computing
Chapter 2 ? How Cloud Computing Changes Security, Governance, Risk and Compliance
Relationship between security, compliance and risk
Governance, compliance and risk in a Cloud environment
Security in a Cloud Computing environment
Chapter 3 ? Governance of Cloud Computing
Which governance framework is right for Cloud?
Role of the service catalogue
Dude, where?s my server? (The need for policy management)
Chapter 4 ? Cloud Computing Top Security Risks
Security ? the shift from static to dynamic
Breakdown of security assumptions
Chapter 5 ? Assessing Security in the Cloud
Assessing Cloud security
Peeking below the trust boundary
The challenge of evaluation
Role of certification
Certifications and audits
Mapping the CAI and CCM to the security stack
Chapter 6 ? Cloud Computing Application Security
Identity management and role-based access controls
Application architecture and deployment topology
Code update and patch management
Chapter 7 ? Organisational Risks Associated with Cloud Computing
Organisational risks of Cloud Computing
Cloud Computing does and doesn?t change everything
Impact of Cloud Computing on executive decision-making roles
Impact of Cloud Computing on traditional IT roles
Developing for a multi-tenant universe
The runaway train: Cloud sprawl
Chapter 8 ? Business Continuity and Disaster Recovery in Cloud Computing
Business continuity overview
Disaster recovery overview
Differences between Cloud vs. traditional BC and DR
SaaS business continuity challenges
PaaS business continuity challenges
IaaS business continuity challenges
Possible issues and challenges
What to ask your Cloud provider
Cloud-based BC and DR offerings
Restructuring plans and procedures
Testing and walkthrough of updated plans
Recent business continuity/disaster recovery case study
Chapter 9 ? Investigations and Forensics in the Cloud
Forensics: what has changed?
Who conducts these investigations?
Forensic procedures and requirements
Forensic investigations vs. analysis
Traditional forensics vs. Cloud forensics
Data in transit
Encryption and investigations
Custom Cloud APIs
Cloud solution forensic tools
Chapter 10 ? Cloud Computing Borders ? National and International Deployment
Legislation and regulatory (including privacy)
Data protection and data privacy
EU Data Protection/Privacy
Recent reporting trends
European Privacy Directive 2002/58/EC
Current EU data protection and privacy challenges
Where to next for EU data protection?
United States data protection and privacy
International privacy at a glance (USA/EU/APEC)
Guidelines for success
Chapter 11 ? Evaluating Compliance in the Cloud
Need for compliance functions
Compliance vs. internal audit
Value of compliance done correctly
Cloud first ? compliance second?
What changes for compliance functions?
Who is responsible for what?
Compliance strategy and framework
The domino effect
Cost of compliance (or non-compliance!)
Cloud Computing standards and compliance
Recent trends and surveys
Segregation of duties
SOD in Cloud environments
Where to start?
Chapter 12 ? Where Cloud Computing is Heading
Get Paper Book, Kindle Ebook, PDF Ebook(Left to Right)Now by clicking below:
Browse Below for 8000+ more Business Computer Management Books:
Did you like this? Share it:
- Cloud Computing: Principles, Systems and Applications | by Nick Antonopoulos and Lee Gillam (eds) | 2010 | ISBN: 9781849962407. Tools and Technologies for Building Cloud Computing. Cloud Computing Reference Model. Framework for Running Applications on Clusters, Grids, and Scalable Computing Clouds.
- Management Strategies for the Cloud Revolution: How Cloud Computing Is Transforming Business and Why You Can?t Afford to Be Left Behind | by Charles Babcock | 2010 | ISBN: 9780071740753. NASA?s Strategic Cloud Computing. How to Overcome Resistance to the Cloud.
- Cloud Computing: Implementation, Management, and Security | by John W. Rittinghouse and James F. Ransome | 2010 | ISBN: 9781439806807. Open Cloud Consortium. Software-as-a-Service (SaaS). Cloud-Based Service Offerings. Infrastructure-as-a-Service (IaaS). Monitoring-as-a-Service (MaaS).
- Cloud Computing: A Practical Approach | by Anthony T. Velte, Toby J. Velte and Robert Elsenpeter | 2010 | ISBN: 9780071626941. Cloud Computing Services. Cloud Storage Providers. Software as a Service. Software plus Services Offerings. Enterprise-Class Cloud Offerings.
- Mobile Application Security | by Himanshu Dwivedi, Chris Clark and David Thiel | 2010 | ISBN: 9780071633567. Tips for Secure Mobile Application Development. Android Security. Windows Mobile Security. SymbianOS Security. SMS Security. Mobile Security Penetration Testing Tools
- CASP CompTIA Advanced Security Practitioner Study Guide (Exam CAS-001) | by Michael Gregg and Billy Haines | ISBN: 9781118083192 | CASP Certified Professional. Securing Virtualized, Distributed, and Shared Computing. Application Security and Penetration Testing
- Algorithms and Parallel Computing | by Fayez Gebali | ISBN: 9780470902103 | Cluster Computing. Grid (Cloud) Computing. Computational Geometry Analysis.
- Introducing Windows Azure: An Introduction to Cloud Computing Using Microsoft Windows Azure | by Henry Li | 2009 | ISBN: 9781430224693. Cloud Data Storage with Relational Data Structure. Azure Cloud Environment
- Application Security in the ISO27001 Environment | by Vinod Vasudevan et al. | ISBN: 9781905356355. International Information Security Standards. Secure Application Development Lifecycle. Information Security Management System.
- Schneier on Security | by Bruce Schneier | ISBN: 9780470395356. Information Security Books. The Architecture of Security. The Risks of Cyberterrorism. Identity-Theft Disclosure Laws. The Security of RFID Passports. Cybercrime and Cyberwar. Software Vulnerabilities
- Handbook of Research on Information Security and Assurance | by Jatinder N. D. Gupta and Sushil K. Sharma (eds) | 2009 | ISBN: 9781599048550. E-Commerce Security Risks and Countermeasures. Information Security Management Research. Effective Security Policies and Procedures.
- The Handbook of Research on Scalable Computing Technologies | by Kuan-ching Li et al. | 2010 | ISBN: 9781605666617. Pervasive Grid Architectures and Applications. P2P Computing. Scalable Parallel Computing. Grid Transaction Management. Web Application Server Clustering with Distributed Java Virtual Machine. Scalable Fault Tolerance for Large-Scale Parallel and Distributed Computing. Performance Models for Grid Computing.
- Assessing Information Security: Strategies, Tactics, Logic And Framework | by Andrew Vladimirov, Konstantin Gavrilenko and Andriej Michajlowski | 2010 | ISBN: 9781849280365. Information Security Auditing Strategies And Tactics. Security Policies And Compliance.
- The Next Wave of Technologies: Opportunities from Chaos | by Phil Simon | 2010 | ISBN: 9780470587508. Three Requirements for Successful Enterprise 2.0 Projects. Cloud Computing. Software as a Service (SaaS). Service Oriented Architecture. Mobile Business Application. Enterprise Search and Retrieval. Enterprise 2.0 Business Intelligence. Agile Software Development
- Cyber Risks for Business Professionals: A Management Guide | by Rupert Kendrick | 2010 | ISBN: 9781849280921. Technology Risks. Legal Compliance Risks. Operational Risks. Risk Management Strategies.
- Information Security Management Handbook, Sixth Edition, Volume 3 | by Harold F. Tipton and Micki Krause (eds) | 2009 | ISBN: 9781420090925. Identity Management Systems. Mobile Data Security. Web Application Firewalls. Botnets.
- The Executive MBA in Information Security | by John J. Trinckes, Jr. | 2010 | ISBN: 9781439810071. Information Security Management. IT Audit and Compliance. Effective Information Security Program. Administrative Controls. Technical Controls. Application Controls. Perimeter Controls
- Computer Certifications Study Guide. ExamWise for CompTIA 2009 Security+ Certification Exams SY0-201 and BR0-001 | by David Failor | 2009 | ISBN: 9781590952139. Computing Infrastructure Security. Communication and Wireless Security. IT Vulnerabilities, Threats, and Attacks.
- The Art of Enterprise Information Architecture: A Systems-Based Approach for Unlocking Business Insight | by Mario Godinez et al. | 2010 | ISBN: 9780137035717. Cloud Computing Architecture. Enterprise Information Integration. Enterprise Metadata Management.
- Computer and Information Security Handbook | by John R. Vacca (ed) | 2009 | ISBN: 9780123743541. System and Network Security. TEN STEPS TO BUILDING A SECURE ORGANIZATION. Unix and Linux Security. Internet Security. Information Technology Security Management. Security Management Systems. Computer Forensics
- Windows Azure Platform | by Tejaswi Redkar | 2009 | ISBN: 9781430224792. Modeling Cloud Service Offerings. Cloud Services Drivers and Barriers. Essential Cloud Architecture. Windows Azure Service Management. Programming with the AppFabric Service Bus. Database Migration Strategies
- Large-Scale Distributed Computing and Applications: Models and Trends | by Valentin Cristea (ed) et al. | 2010 | ISBN: 9781615207039. SERVICE-ORIENTED ARCHITECTURES. Application Development Tools and Frameworks.
- CFO Fundamentals: Your Quick Guide to Internal Controls, Financial Reporting, IFRS, Web 2.0, Cloud Computing, and More | by Jae K. Shim, Joel G. Siegel and Allison I. Shim | ISBN: 9781118132494 | Chief Financial Officer?s Role. Key Financial Accounting Areas
- Security Testing Handbook for Banking Applications | by Arvind Doraiswamy et al. | 2009 | ISBN: 9781905356829. 12 Basic Security Tests and Techniques. Credit Card Payment Management applications. Loan Management application. Electronic payment switch.
- Security Valuation and Risk Analysis: Assessing Value in Investment Decision Making | by Kenneth S. Hackel | 2011 | ISBN: 9780071744355. Business Investment Ebook. Cost of Equity Capital Credit Model
- Professional Visual Basic 2010 and .NET 4 | by Bill Sheldon et al. | 2010 | ISBN: 9780470502242. Visual Basic Power Packs ToolsCommon Language Runtime. Exception Handling and Debugging. Cloud Computing Programming. ADO.NET ARCHITECTURE.
- Software Engineering for Modern Web Applications: Methodologies and Technologies | by Daniel M. Brandon (ed) | ISBN: 9781599044927. WEB DEVELOPMENT BEST PRACTICES. Data Integration for Web-Enabled Information Systems. Web Application Architectures. Resources on Web-Centric Computing.
- Android Forensics: Investigation, Analysis, and Mobile Security for Google Android | by Andrew Hoog | ISBN: 9781597496513 | Android Software Development Kit. Android Application and Forensic Analysis
- Handheld Computing for Mobile Commerce: Applications, Concepts and Technologies | by Wen-Chen Hu and Yanjun Zuo (eds) | 2010 | ISBN: 9781615207619. J2ME Mobile Application. Peer-to-Peer Service Sharing on Mobile Platforms. Mobile Video Streaming. B2C M-Commerce
- Safety and Security Review for the Process Industries: Application of HAZOP, PHA and What-If Reviews, 2nd Edition | by Dennis P. Nolan | ISBN: 9780815515463. Qualitative Safety Reviews. Security Vulnerability Analysis (SVA). Process Hazard Analysis Reviews. Quality Assurance Audit Checklist.
- Bio-Inspired and Nanoscale Integrated Computing | by Mary Mehrnoosh Eshaghian-Wilner | 2009 | ISBN: 9780470116593. DNA Sequence Matching at Nanoscale Level. MATERIALS OF NANOTECHNOLOGY. Molecular Computing. Quantum Computing. Biomimetic Cortical Nanocircuits. Medical Nanorobotics. Nanomagnetic Recording.
- 600+ Computer Science Books. Software Engineering Books. Computer Programming Books. IT Management & Strategies Ebooks. Computer Networking Ebook. ERP Book. Cloud Computing Books.
- Application-Layer Fault-Tolerance Protocols | by Vincenzo De Florio (ed) | 2009 | ISBN: 9781605661827. Computer Books. Fault-Tolerant Software. RESILIENT COMPUTING. FAULT-TOLERANT PROGRAM. THE ARIEL RECOVERY LANGUAGE
- Managing Information Security | by John R. Vacca (ed) | 2010 | ISBN: 9781597495332. How to Protect Mission-Critical Systems. Security Management Systems. Information Technology Security Management. Intrusion Prevention and Detection Systems. Computer Forensics.
- Handbook of Research on Grid Technologies and Utility Computing: Concepts for Managing Large-Scale Applications | by Emmanuel Udoh and Frank Zhigang Wang (eds) | 2009 | ISBN: 9781605661841. Grid Computing. Grid Architecture and Services. Grid Scheduling and Optimization
- Hedge Fund Operational Due Diligence: Understanding the Risks | by Jason A. Scharfman | 2009 | ISBN: 9780470372340. Smart Investing Books. INVESTORS Guide to Managing Investment Risks. Techniques for Modeling Operational Risk
- Information Security Management Handbook, Sixth Edition, Volume 4 | by Harold F. Tipton and Micki Krause (eds) | 2010 | ISBN: 9781439819029. IT Security Management Ebook. Global Information Systems Transformation (GIST). Network Attacks and Countermeasures. ISO 27001 Certification. Business Continuity Planning
- Collaborative Computer Security and Trust Management | 2010 | ISBN: 9781605664149. Data Protection in Collaborative Business Applications. Unified Trust Management Framework. Wireless Sensor Network Security.
- The Handbook of Risk Management: Implementing a Post-Crisis Corporate Culture | by Philippe Carrel | 2010 | ISBN: 9780470681756. Risk Mitigation Strategies and Hedging Tactics. ASSET LIABILITY RISKS. How to Mitigate Liquidity Risks.
- Risk Management in Finance: Six Sigma and Other Next Generation Techniques | by Anthony Tarantino and Deborah Cernauskas | 2009 | ISBN: 9780470413463. Total Quality Management Using Lean Six Sigma. Operational Risk Management Framework. OFF-BALANCE-SHEET RISKS. FINANCIAL LIABILITIES AND EQUITY RISKS.