Skip to Content

Securing Cloud and Mobility

A Practitioner's Guide

By Ian Lim, E. Coleen Coolidge, Paul Hourani

Auerbach Publications – 2013 – 228 pages

Purchasing Options:

  • Add to CartHardback: $79.95
    978-1-43-985055-8
    February 11th 2013

Description

Although virtualization is a widely accepted technology, there are few books dedicated to virtualization and security. Filling this need, Securing Cloud and Mobility: A Practitioner's Guide explains how to secure the multifaceted layers of private and public cloud deployments as well as mobility infrastructures. With comprehensive coverage that includes network, server, and endpoint security, it provides a strategic view of the security implications of virtualization and cloud computing.

The book begins by deconstructing the terminology of cloud computing. It explains how to establish a secure framework within the virtualized environment and breaks down the various deployment and service models for cloud computing.

For private clouds, it discusses the issues of physical versus logical segmentation, securing orchestration, encryption services, threat intelligence, and identity management. For public clouds, it provides three frameworks for reviewing cloud services: cursory, in-depth, and outsourced.

On the mobility side, the text discusses the three major mobile architectures: Apple IOS, Android, and Blackberry. Filled with real-world examples, it addresses the various mobile management approaches, secure mobile code development and standards, and the emerging threats to both cloud and mobility.

Laying out decision-making frameworks to help you secure your virtual environment, the book includes coverage of physical and virtual segregation, orchestration security, threat intelligence, identity management, cloud security assessments, cloud encryption services, audit and compliance, certifications, and secure mobile architecture. It includes helpful implementation considerations, technical decision points, and process flows to supply you with practical guidance on how to navigate the undulating terrains of cloud and mobility.

Contents

RETHINKING IT AND SECURITY

Tectonic Shifts

Disruptive Forces

Deconstructing Cloud Computing

NIST Definition

The Three Service Models

The Four Deployment Models

The Rise of Mobility

New IT

References

The Evolving Threat Landscape

From Cryptographers to World Leaders

The Changing Threat Landscape

Hacktivists

Motivation

Modus Operandi

Hacktivism and Cloud

Hacktivism and Mobility

Hacktivism and Security

Organized Cyber Crime

Motivation

Modus Operandi

Organized Crime and Cloud

Organized Crime and Mobility

Organized Crime and Security

Cyber Espionage and Terrorism

Motivation

Modus Operandi

Cyber Espionage, Terrorism, and Cloud

Cyber Espionage, Terrorism, and Mobility

Cyber Espionage, Terrorism, and Security

Hackers for Hire

Motivation and Modus Operandi

Hackers for Hire and the Cloud

Hackers for Hire and Mobility

Hackers for Hire and Security

Insider Threat

References

DECONSTRUCTING CLOUD SECURITY

The Cloud Dialogues

The Point of Cloud

Capability

Financials

Agility

Security

Licensing

Service Level Agreements

References

SECURING PRIVATE CLOUD COMPUTING

Segmentation and the Private Cloud

Physical and Logical Segmentation

Physical Segmentation

Physical and Virtual Segmentation

Highly Optimized Segmentation Model

Production-Based Segmentation Model

Storage Segmentation Model

Orchestration and Cloud Management

What Is Orchestration?

Benefits and Challenges

Information Security Considerations

Secure Service Delivery Workflows

Secure Resource Delivery Automation

Secure Orchestration Management

Security Monitoring

Encryption Services

Holistic Encryption Strategy

Scope Reduction

Transport Layer Encryption

Secure Socket Layer (SSL)

Virtual Private Networks (VPNs)

Secure Shell (SSH)

Secure File Transfer Protocol (SFTP)

Transport Layer Security (TLS)

Data Layer Encryption

Database Encryption

File Encryption

Encryption Appliances

Disk Encryption

Virtualization Encryption

Key Management Life Cycle

References

Threat Intelligence

Security Threats to Private Cloud

Threat Prevention Strategies

Threat Detection Toolset

Making Threat Detection Intelligent

Identity Management for Private Clouds

Layers of Identities

Challenges of Disparate Identity Repositories

Centralizing Identity Repositories

Entitlements Aggregator

Authoritative Sources of Identities

Administrative Access

Task User Access

Central Identity Repository

SECURING PUBLIC CLOUDS

Enterprise Cloud Governance

Security Exposure of Public Cloud Use

Corporate Cloud Use Policy

Cloud Request Form

Cloud Approval Workflow

References

The Cursory Cloud Use Review

Overview

Interview with Cloud Service Provider

Cursory Review—Assessment Report

In-Depth Cloud Assessment

Overview

Interview with the Requestor

Security Governance

Data Protection

Overview

Data Protection Questions for All Service Models

SaaS Data Protection Questions

PaaS Data Protection Questions

IaaS Data Protection Questions

Security Architecture

Application Security

Overview

SaaS Application Security

PaaS Application Security

Identity and Access Management

Overview

Identity Access Management for CSP Staff

Identity and Access Management for CSP Customers

Compliance

Electronic Discovery

Closing the Loop

References

Third-Party Cloud Assessment

Overview

Selecting an Assessor

Finalizing the SOW

Closing the Loop

SECURING MOBILE

Mobile Security Infrastructure

Overview

BlackBerry® Enterprise Server Architecture

Exchange to Support iOS, Android™, and Windows® Phone

References

The Mobile Client Itself

Overview

Tablet and Smart Phone Security Issues

Bring Your Own Device (BYOD)

Lack of Encryption

Lack of Good Authentication and Password Controls

Unfiltered Mobile Apps

Saying No Is a Tricky Business

Updating Mobile Standards and Searching for Solutions

Performing Sanity Testing

Garnering Executive Support and the Big Win

References

Connecting to Enterprise and Third-Party Applications from Mobile Devices

Overview

Connecting to Exchange

Connecting via VPN

Connecting to Microsoft SharePoint® 2010 or Later

Connecting to a Desktop or Server

Connecting to File Shares

Connecting to or Installing Third-Party Applications

References

Creating Secure Mobile Applications

Mobile Application Development in Your Organization

Start with the Stakeholders

Step through the Entire SDLC

Guidelines Regarding Enterprise App Store/Google® Play

Overview of Infrastructure

Overview of Environment Setup and General Controls

A Note about Publishing Your Apps

Dealing with the Apple® App Store

Dealing with Android’s Google Play

References

Index

Name: Securing Cloud and Mobility: A Practitioner's Guide (Hardback)Auerbach Publications 
Description: By Ian Lim, E. Coleen Coolidge, Paul Hourani. Although virtualization is a widely accepted technology, there are few books dedicated to virtualization and security. Filling this need, Securing Cloud and Mobility: A Practitioner's Guide explains how to secure the multifaceted layers of...
Categories: IT Security, Management of IT, Operations Management