Securing Cloud and Mobility

Securing Cloud and Mobility: A Practitioner's Guide

Published:
Content:
Author(s):
Free Standard Shipping

Purchasing Options

Hardback
$79.95
ISBN 9781439850558
Cat# K12301
Add to cart
eBook (VitalSource)
$79.95 $55.97
ISBN 9781439850572
Cat# KE12331
Add to cart
SAVE 30%
eBook Rentals
Other eBook Options:
 
 

Features

  • Covers network, server, and endpoint security
  • Offers technical discussions of security, based on academic research and real-world experiences
  • Includes implementation plans, technical decision points, and process consideration points
  • Provides guidelines and examples of security virtualization

Summary

Although virtualization is a widely accepted technology, there are few books dedicated to virtualization and security. Filling this need, Securing Cloud and Mobility: A Practitioner's Guide explains how to secure the multifaceted layers of private and public cloud deployments as well as mobility infrastructures. With comprehensive coverage that includes network, server, and endpoint security, it provides a strategic view of the security implications of virtualization and cloud computing.

The book begins by deconstructing the terminology of cloud computing. It explains how to establish a secure framework within the virtualized environment and breaks down the various deployment and service models for cloud computing.

For private clouds, it discusses the issues of physical versus logical segmentation, securing orchestration, encryption services, threat intelligence, and identity management. For public clouds, it provides three frameworks for reviewing cloud services: cursory, in-depth, and outsourced.

On the mobility side, the text discusses the three major mobile architectures: Apple IOS, Android, and Blackberry. Filled with real-world examples, it addresses the various mobile management approaches, secure mobile code development and standards, and the emerging threats to both cloud and mobility.

Laying out decision-making frameworks to help you secure your virtual environment, the book includes coverage of physical and virtual segregation, orchestration security, threat intelligence, identity management, cloud security assessments, cloud encryption services, audit and compliance, certifications, and secure mobile architecture. It includes helpful implementation considerations, technical decision points, and process flows to supply you with practical guidance on how to navigate the undulating terrains of cloud and mobility.

Table of Contents

RETHINKING IT AND SECURITY

Tectonic Shifts
Disruptive Forces
Deconstructing Cloud Computing
     NIST Definition
     The Three Service Models 
     The Four Deployment Models
The Rise of Mobility
New IT
References

The Evolving Threat Landscape
From Cryptographers to World Leaders
The Changing Threat Landscape
Hacktivists 
     Motivation 
     Modus Operandi 
     Hacktivism and Cloud
     Hacktivism and Mobility 
     Hacktivism and Security
Organized Cyber Crime
     Motivation
     Modus Operandi
     Organized Crime and Cloud
     Organized Crime and Mobility
     Organized Crime and Security
Cyber Espionage and Terrorism 
     Motivation 
     Modus Operandi
     Cyber Espionage, Terrorism, and Cloud 
     Cyber Espionage, Terrorism, and Mobility 
     Cyber Espionage, Terrorism, and Security
Hackers for Hire
     Motivation and Modus Operandi 
     Hackers for Hire and the Cloud 
     Hackers for Hire and Mobility
     Hackers for Hire and Security
Insider Threat
References

DECONSTRUCTING CLOUD SECURITY

The Cloud Dialogues
The Point of Cloud
Capability
Financials
Agility
Security
Licensing
Service Level Agreements
References

SECURING PRIVATE CLOUD COMPUTING

Segmentation and the Private Cloud
Physical and Logical Segmentation
Physical Segmentation
Physical and Virtual Segmentation
Highly Optimized Segmentation Model
Production-Based Segmentation Model
Storage Segmentation Model

Orchestration and Cloud Management
What Is Orchestration?
Benefits and Challenges
Information Security Considerations
     Secure Service Delivery Workflows
     Secure Resource Delivery Automation 
     Secure Orchestration Management 
     Security Monitoring

Encryption Services
Holistic Encryption Strategy
Scope Reduction
Transport Layer Encryption 
     Secure Socket Layer (SSL) 
     Virtual Private Networks (VPNs) 
     Secure Shell (SSH)
     Secure File Transfer Protocol (SFTP) 
     Transport Layer Security (TLS)
Data Layer Encryption 
     Database Encryption 
     File Encryption 
     Encryption Appliances 
     Disk Encryption 
     Virtualization Encryption
Key Management Life Cycle
References

Threat Intelligence
Security Threats to Private Cloud
Threat Prevention Strategies
Threat Detection Toolset
Making Threat Detection Intelligent

Identity Management for Private Clouds
Layers of Identities
Challenges of Disparate Identity Repositories
Centralizing Identity Repositories 
     Entitlements Aggregator 
     Authoritative Sources of Identities 
     Administrative Access 
     Task User Access 
     Central Identity Repository

SECURING PUBLIC CLOUDS

Enterprise Cloud Governance
Security Exposure of Public Cloud Use
Corporate Cloud Use Policy
Cloud Request Form
Cloud Approval Workflow
References

The Cursory Cloud Use Review
Overview
Interview with Cloud Service Provider
Cursory Review—Assessment Report

In-Depth Cloud Assessment
Overview
Interview with the Requestor
Security Governance
Data Protection 
     Overview
     Data Protection Questions for All Service Models 
     SaaS Data Protection Questions 
     PaaS Data Protection Questions 
     IaaS Data Protection Questions
Security Architecture
Application Security 
     Overview 
     SaaS Application Security 
     PaaS Application Security
Identity and Access Management 
     Overview 
     Identity Access Management for CSP Staff 
     Identity and Access Management for CSP Customers
Compliance
Electronic Discovery
Closing the Loop
References

Third-Party Cloud Assessment
Overview
Selecting an Assessor
Finalizing the SOW
Closing the Loop

SECURING MOBILE

Mobile Security Infrastructure
Overview
BlackBerry® Enterprise Server Architecture
Exchange to Support iOS, Android™, and Windows® Phone
References

The Mobile Client Itself
Overview
Tablet and Smart Phone Security Issues
Bring Your Own Device (BYOD)
Lack of Encryption
Lack of Good Authentication and Password Controls
Unfiltered Mobile Apps
Saying No Is a Tricky Business
Updating Mobile Standards and Searching for Solutions
Performing Sanity Testing
Garnering Executive Support and the Big Win
References

Connecting to Enterprise and Third-Party Applications from Mobile Devices
Overview
Connecting to Exchange
Connecting via VPN
Connecting to Microsoft SharePoint® 2010 or Later
Connecting to a Desktop or Server
Connecting to File Shares
Connecting to or Installing Third-Party Applications
References

Creating Secure Mobile Applications
Mobile Application Development in Your Organization
Start with the Stakeholders
Step through the Entire SDLC
Guidelines Regarding Enterprise App Store/Google® Play 
     Overview of Infrastructure 
     Overview of Environment Setup and General Controls 
     A Note about Publishing Your Apps
          Dealing with the Apple® App Store 
          Dealing with Android’s Google Play

References

Index

 
Textbooks
Other CRC Press Sites
Featured Authors
STAY CONNECTED
Facebook Page for CRC Press Twitter Page for CRC Press You Tube Channel for CRC Press LinkedIn Page for CRC Press Google Plus Page for CRC Press Pinterest Page for CRC Press
Sign Up for Email Alerts
© 2014 Taylor & Francis Group, LLC. All Rights Reserved. Privacy Policy | Cookie Use | Shipping Policy | Contact Us