New book : Cloud Security And Privacy

Lockergnome posted a reference to a very interesting (upcoming) book : Cloud Security & Privacy

Reason for highlighting this book or rather the topic discussed in this book (I haven’t read the book yet) is that this is one of the topics talk about the must but understand the least about. This goes for IT architects, security Officers and also many vendors selling the stuff.

Ofcourse Vendors like Microsoft, Amazon, Salesforce, etc have specialists on these topics and the services that come out of the factory meet the required standards; that isn’t the issue. The issue is where the services meet the customers. Where is the data ?, how do you authenticate ?, Are we still compliant with the security guidelines in our industry ? and many more questions like these.

From the brief overview of the topics addressed in this book I understand that it “forces” the people who should take care of Information Security in any company to consider ‘the cloud’ in that context. The cloud is here and it is not blowing over .. how does that impact your information security ?

Ideal for IT staffers, information security and privacy practitioners, business managers, service providers, and investors alike, offers you sound advice from three well-known authorities in the tech security world. You’ll learn detailed information on cloud computing security that-until now-has been sorely lacking.

  • Review the current state of data security and storage in the cloud, including confidentiality, integrity, and availability
  • Learn about the identity and access management (IAM) practice for authentication, authorization, and auditing of the users accessing cloud services
  • Discover which security management frameworks and standards are relevant for the cloud
  • Understand the privacy aspects you need to consider in the cloud, including how they compare with traditional computing models
  • Learn the importance of audit and compliance functions within the cloud, and the various standards and frameworks to consider
  • Examine security delivered as a service-a different facet of cloud security …

Source: Cloud Security And Privacy