Although virtualization is a widely accepted technology, there are few books dedicated to virtualization and security. Filling this need, Securing Cloud and Mobility: A Practitioner's Guide explains how to secure the multifaceted layers of private and public cloud deployments as well as mobility infrastructures. With comprehensive coverage that includes network, server, and endpoint security, it provides a strategic view of the security implications of virtualization and cloud computing.
The book begins by deconstructing the terminology of cloud computing. It explains how to establish a secure framework within the virtualized environment and breaks down the various deployment and service models for cloud computing.
For private clouds, it discusses the issues of physical versus logical segmentation, securing orchestration, encryption services, threat intelligence, and identity management. For public clouds, it provides three frameworks for reviewing cloud services: cursory, in-depth, and outsourced.
On the mobility side, the text discusses the three major mobile architectures: Apple IOS, Android, and Blackberry. Filled with real-world examples, it addresses the various mobile management approaches, secure mobile code development and standards, and the emerging threats to both cloud and mobility.
Laying out decision-making frameworks to help you secure your virtual environment, the book includes coverage of physical and virtual segregation, orchestration security, threat intelligence, identity management, cloud security assessments, cloud encryption services, audit and compliance, certifications, and secure mobile architecture. It includes helpful implementation considerations, technical decision points, and process flows to supply you with practical guidance on how to navigate the undulating terrains of cloud and mobility.
Table of Contents
Rethinking IT and Security. Tectonic Shifts. The Evolving Threat Landscape. Deconstructing Cloud Security. The Cloud Dialogues. Securing Private Cloud Computing. Segmentation and the Private Cloud. Orchestration and Cloud Management. Encryption Services. Threat Intelligence. Identity Management for Private Clouds. Securing Public Clouds. Enterprise Cloud Governance. The Cursory Cloud Use Review. In-Depth Cloud Assessment. Third-Party Cloud Assessment. Securing Mobile. Mobile Security Infrastructure. The Mobile Client Itself. Connecting to Enterprise and Third-Party Applications from Mobile Devices. Creating Secure Mobile Applications.
Lim, Ian; Coolidge, E. Coleen ; Hourani, Paul