Auditing Cloud Computing: A Security and Privacy Guide: 21 (Wiley Corporate F&A) - Hardcover

Über die Autorin bzw. den Autor

BEN HALPERT, CISSP, is an information security researcher and practitioner. He has keynoted and presented sessions at numerous conferences and was a contributing author to Readings and Cases in the Management of Information Security and the Encyclopedia of Information Ethics and Security. Halpert writes a monthly security column for Mobile Enterprise magazine as well as an IT blog (www.benhalpert.com). He is also an adjunct instructor and on the advisory board of numerous colleges and universities.

Von der hinteren Coverseite

Gain assurance with your hosted services with Auditing Cloud Computing

Cloud Computing has taken the IT world by storm. Often viewed as the utopia of utility computing, Cloud Computing offers flexibility and financial benefits second to none. But in today's high-stakes corporate world, one devastating breach could quickly break a company. Learn how to harness and secure the computing power of the Cloud while helping your bottom line with Auditing Cloud Computing.

Edited by Ben Halpert, a well-respected authority in IT security, Auditing Cloud Computing presents a rich compilation of ideas and strategies from thought leaders who show you how to develop better ways of evaluating the security and privacy practices of Cloud services.

This comprehensive collection of papers is arranged to allow for a logical flow of informationbeginning with a thorough introduction to the field, followed by in-depth coverage of governance, audit, legal, service delivery, and other perspectivesto provide you with a 360 perspective of the Cloud Computing space.

Designed to help you audit the security and privacy of your hosted services, Auditing Cloud Computing answers your Cloud-related questions, including:

• Is the Cloud secure enough to house my data?
• What kind of data shouldn't be stored in the Cloud?
• What are the key regulatory issues?
• Why do I need to establish a governance model before using the Cloud?
• What steps do I need to take to remain in compliance?
• What are the causes and effects of regulation?
• What are the real and perceived risks and benefits?
• How do I balance business risk and business opportunity with the appropriate internal audit?
• What are the traditional lifecycle management techniques?
• What are the Cloud's benefits over traditional IT outsourcing?
• How do I manage my company's service agreements?
• What is the future of regulation?
• What's holding Cloud Computing back?

Timely and practical, Auditing Cloud Computing lays out the groundwork to help you and your organization build a proper audit that ensures operational integrity and customer data protection for Cloud-based resources.

Aus dem Klappentext

Companies are increasingly looking to Cloud Computing to improve operational efficiency, reduce head counts, and help with the bottom line. But security and privacy concerns present a strong barrier to entry. In an age when the consequences and potential costs of mistakes could quickly become catastrophic for companies that handle confidential and private customer data, auditors and IT security professionals must develop better ways of evaluating the security and privacy practices of Cloud services. Auditing Cloud Computing presents a collection of white papers written by renowned thought leaders in the field of auditing Cloud Computing to show you how to audit your company's hosted services.

Providing a holistic view to this elastic, on-demand service, Auditing Cloud Computing is your one-stop reference to Cloud Computing and the many questions that may arise during preparation of an audit program or throughout the course of an audit or assessment. Edited by renowned information security researcher and practitioner Ben Halpert, this volume gathers a team of prominent Cloud experts who have labored to provide insight into many aspects that you and your organization will encounter during your foray into the Cloud.

Written for Cloud consumers, providers, and integrators, Auditing Cloud Computing explores:

• The history, relevant definitions, deployment models, and challenges of Cloud computing
• What you can expect when creating audit programs for Cloud environments
• How the industry efforts of CSA, NIST, ISACA, and ENISA have influenced security and compliance programs
• Implementing, extending, and maintaining a governance program for Cloud activities
• How to leverage existing lifecycle controls
• Cross-cloud deployments
• Cloud-based IT delivery and support
• How "radical simplification" and "securely shared" concepts apply to all Cloud deployment models, even private Clouds
• Architecture considerations for Cloud service delivery and support
• The Cloud security continuum
• Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP)
• Regulations along with Cloud-specific considerations
• Shaping the future of Cloud Computing security and audit

Learn how to conduct a proper audit to ensure the security and privacy of your company's data in the Cloud with the necessary guidance found in Auditing Cloud Computing.