This book provides an overview of security architecture processes and explains how they may be used to derive an appropriate set of security controls to manage the risks associated with working in the Cloud.
Cloud computing represents a major change to the IT services landscape. Cloud services, such as SalesForce, Amazon Web Services®, and Microsoft® Azure® offer enterprise grade computing power to businesses of all sizes without the need to invest in the hardware, software, and staff usually required to support equivalent on-premise services.
Unfortunately, this flexibility in IT service deployment introduces a different set of potential security risks that need to be understood and addressed.
This book provides an overview of security architecture processes and explains how they may be used to derive an appropriate set of security controls to manage the risks associated with working in the Cloud.
Part 1 introduces Cloud computing and describes the main service models (IaaS, PaaS, and SaaS) and deployment models (public, private, community, and hybrid) as defined by NIST. It outlines the common benefits, and describes some of the potential pitfalls of and threats associated with, Cloud computing.
Part 3 provides summary conclusions and speculates on the future of Cloud computing and its associated market.
This book goes beyond the subject of generic Cloud security and, instead, offers a more detailed and architectural approach to securing Cloud services.
It is aimed at business decision-makers, senior IT stakeholders, enterprise architects, information security professionals, and anyone else who is interested in working with Cloud services but who might be concerned about the potential security implications.