In This Chapter
Recognizing security risks
Carrying out required security tasks
Managing user identity
Using detection and forensics programs
Creating a security plan
Any IT manager thinking about the impact of cloud computing on the corporation worries about security first, second, and third. Whether you're looking at creating a private cloud or leveraging a public cloud, you need to have a security strategy. Without a secure environment, no organization would dare implement cloud computing.
Even if your IT organization already has a well-designed security strategy, different issues will surface with cloud computing. Therefore, your strategy has to take this different computing model into account. In fact, you want to make sure that your IT security strategy is lined up with your cloud security strategy.
Cloud service providers each have their own way of managing security. They might be compatible with the compliance and overall security plan of your business. On the other hand, the security approach may conflict with your company's rules. No governance body will accept the excuse that you simply didn't know how your provider protected your information. In this chapter, we show you how your company's information and technology security strategy needs to be integrated with your overall cloud computing strategy and plan.
Starting with a list of issues and questions helps you to ...