Securing Cloud Services:A pragmatic approach to security architecture in the Cloud'written by Lee Newcombe of Capgemini,provides an overview of security architecture processes.This book explains how such processes may be used to derive an appropriate set of security controls to manage the risks associated with working in the Cloud.
Cloud Computing brings with it many benefits to the end user including reducing,or even eradicating,the need to invest in the hardware,software and staff usually required to support equivalent on-premise services.This flexibility in IT service deployment,alongside with an attendant opaqueness in the delivery of that service,introduces a different set of potential security risks which need to be understood and addressed-'Securing Cloud Services:A pragmatic approach to security architecture in the Cloud'(www.itgovernance.co.uk/products/3896)will help readers do just that.
'Securing Cloud Services:A pragmatic approach to security architecture in the Cloud'is presented in the following structure:
Part 1 introduces Cloud Computing and describes the main service models(IaaS,PaaS and SaaS)and deployment models(public,private,community and hybrid)as defined by NIST.
Part 2 outlines security architecture concepts and describes how they relate to Cloud Computing.
Part 3 provides summary conclusions,and speculates on the future of Cloud Computing and its associated market.
The book is written by Lee Newcombe,an enterprise architect with commercial experience at numerous high-profile companies,including a retail bank,a systems integrator and one of the Big 4 consultancies.Currently working at Capgemini,Lee has used his extensive knowledge and experience to bring to those interested,this authoritative guide on securing Cloud services.
Business decision makers,senior IT stakeholders,enterprise architects and information security professionals,anyone working with Cloud services,should all read'Securing Cloud Services:A pragmatic approach to security architecture in the Cloud'.
Author,Lee Newcombe says,'This book represents a step forward from the more generic guidance that is already out there-there is plenty of material simply stating the risks of adopting the cloud model.My book adopts a different approach,identifying the risks but then using architectural techniques to derive appropriate ways of managing those risks.Importantly,the book recognizes that there isn't a single"cloud"and describes the differences between the different cloud service models of Infrastructure as a Service,Platform as a Service and Software as a Service and provides guidance tailored for each model.'
Alan Calder,CEO of IT Governance adds,'This book isn't just another generic Cloud Computing book.What is special about this book is its architectural approach and the way in which it will enable the reader to understand security architecture processes.From this,readers will be able to develop security controls that will help them manage the risks associated with Cloud;a vital skill to have in today's information age.This book truly is a must-have guide for any security professional interested in working with the Cloud.'
