E-Book, Englisch, 228 Seiten
Lim / Coolidge / Hourani Securing Cloud and Mobility
Erscheinungsjahr 2013
ISBN: 978-1-4398-5057-2
Verlag: Taylor & Francis
Format: PDF
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
A Practitioner's Guide
E-Book, Englisch, 228 Seiten
ISBN: 978-1-4398-5057-2
Verlag: Taylor & Francis
Format: PDF
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
Although virtualization is a widely accepted technology, there are few books dedicated to virtualization and security. Filling this need, Securing Cloud and Mobility: A Practitioner's Guide explains how to secure the multifaceted layers of private and public cloud deployments as well as mobility infrastructures. With comprehensive coverage that includes network, server, and endpoint security, it provides a strategic view of the security implications of virtualization and cloud computing.
The book begins by deconstructing the terminology of cloud computing. It explains how to establish a secure framework within the virtualized environment and breaks down the various deployment and service models for cloud computing.
For private clouds, it discusses the issues of physical versus logical segmentation, securing orchestration, encryption services, threat intelligence, and identity management. For public clouds, it provides three frameworks for reviewing cloud services: cursory, in-depth, and outsourced.
On the mobility side, the text discusses the three major mobile architectures: Apple IOS, Android, and Blackberry. Filled with real-world examples, it addresses the various mobile management approaches, secure mobile code development and standards, and the emerging threats to both cloud and mobility.
Laying out decision-making frameworks to help you secure your virtual environment, the book includes coverage of physical and virtual segregation, orchestration security, threat intelligence, identity management, cloud security assessments, cloud encryption services, audit and compliance, certifications, and secure mobile architecture. It includes helpful implementation considerations, technical decision points, and process flows to supply you with practical guidance on how to navigate the undulating terrains of cloud and mobility.
Zielgruppe
IT management and executives, CISOs, security middle management, security practitioners and consultants, and academics.
Autoren/Hrsg.
Fachgebiete
- Wirtschaftswissenschaften Betriebswirtschaft Wirtschaftsinformatik, SAP, IT-Management
- Mathematik | Informatik EDV | Informatik Computerkommunikation & -vernetzung Netzwerksicherheit
- Mathematik | Informatik EDV | Informatik Betriebssysteme Virtuelle Maschinen, Virtualisierung
- Mathematik | Informatik EDV | Informatik Computerkommunikation & -vernetzung Cloud-Computing, Grid-Computing
Weitere Infos & Material
RETHINKING IT AND SECURITY
Tectonic Shifts
Disruptive Forces
Deconstructing Cloud Computing NIST Definition The Three Service Models The Four Deployment Models
The Rise of Mobility
New IT
References
The Evolving Threat Landscape
From Cryptographers to World Leaders
The Changing Threat Landscape
Hacktivists Motivation Modus Operandi Hacktivism and Cloud Hacktivism and Mobility Hacktivism and Security
Organized Cyber Crime Motivation Modus Operandi Organized Crime and Cloud Organized Crime and Mobility Organized Crime and Security
Cyber Espionage and Terrorism Motivation Modus Operandi Cyber Espionage, Terrorism, and Cloud Cyber Espionage, Terrorism, and Mobility Cyber Espionage, Terrorism, and Security
Hackers for Hire Motivation and Modus Operandi Hackers for Hire and the Cloud Hackers for Hire and Mobility Hackers for Hire and Security
Insider Threat
References
DECONSTRUCTING CLOUD SECURITY
The Cloud Dialogues
The Point of Cloud
Capability
Financials
Agility
Security
Licensing
Service Level Agreements
References
SECURING PRIVATE CLOUD COMPUTING
Segmentation and the Private Cloud
Physical and Logical Segmentation
Physical Segmentation
Physical and Virtual Segmentation
Highly Optimized Segmentation Model
Production-Based Segmentation Model
Storage Segmentation Model
Orchestration and Cloud Management
What Is Orchestration?
Benefits and Challenges
Information Security Considerations Secure Service Delivery Workflows Secure Resource Delivery Automation Secure Orchestration Management Security Monitoring
Encryption Services
Holistic Encryption Strategy
Scope Reduction
Transport Layer Encryption Secure Socket Layer (SSL) Virtual Private Networks (VPNs) Secure Shell (SSH) Secure File Transfer Protocol (SFTP) Transport Layer Security (TLS)
Data Layer Encryption Database Encryption File Encryption Encryption Appliances Disk Encryption Virtualization Encryption
Key Management Life Cycle
References
Threat Intelligence
Security Threats to Private Cloud
Threat Prevention Strategies
Threat Detection Toolset
Making Threat Detection Intelligent
Identity Management for Private Clouds
Layers of Identities
Challenges of Disparate Identity Repositories
Centralizing Identity Repositories Entitlements Aggregator Authoritative Sources of Identities Administrative Access Task User Access Central Identity Repository
SECURING PUBLIC CLOUDS
Enterprise Cloud Governance
Security Exposure of Public Cloud Use
Corporate Cloud Use Policy
Cloud Request Form
Cloud Approval Workflow
References
The Cursory Cloud Use Review
Overview
Interview with Cloud Service Provider
Cursory Review—Assessment Report
In-Depth Cloud Assessment
Overview
Interview with the Requestor
Security Governance
Data Protection Overview Data Protection Questions for All Service Models SaaS Data Protection Questions PaaS Data Protection Questions IaaS Data Protection Questions
Security Architecture
Application Security Overview SaaS Application Security PaaS Application Security
Identity and Access Management Overview Identity Access Management for CSP Staff Identity and Access Management for CSP Customers
Compliance
Electronic Discovery
Closing the Loop
References
Third-Party Cloud Assessment
Overview
Selecting an Assessor
Finalizing the SOW
Closing the Loop
SECURING MOBILE
Mobile Security Infrastructure
Overview
BlackBerry® Enterprise Server Architecture
Exchange to Support iOS, Android™, and Windows® Phone
References
The Mobile Client Itself
Overview
Tablet and Smart Phone Security Issues
Bring Your Own Device (BYOD)
Lack of Encryption
Lack of Good Authentication and Password Controls
Unfiltered Mobile Apps
Saying No Is a Tricky Business
Updating Mobile Standards and Searching for Solutions
Performing Sanity Testing
Garnering Executive Support and the Big Win
References
Connecting to Enterprise and Third-Party Applications from Mobile Devices
Overview
Connecting to Exchange
Connecting via VPN
Connecting to Microsoft SharePoint® 2010 or Later
Connecting to a Desktop or Server
Connecting to File Shares
Connecting to or Installing Third-Party Applications
References
Creating Secure Mobile Applications
Mobile Application Development in Your Organization
Start with the Stakeholders
Step through the Entire SDLC
Guidelines Regarding Enterprise App Store/Google® Play Overview of Infrastructure Overview of Environment Setup and General Controls A Note about Publishing Your Apps Dealing with the Apple® App Store Dealing with Android’s Google Play
References
Index
