book

Securing Cloud and Mobility

by Ian Lim, E. Coleen Coolidge, Paul Hourani

February 2013

Intermediate to advanced

228 pages

4h 53m

English

Auerbach Publications

Read now

Unlock full access

1.1 Disruptive Forces1.2 Deconstructing Cloud Computing1.2.1 NIST Definition1.2.2 The Three Service Models1.2.3 The Four Deployment Models1.3 The Rise of Mobility1.4 New ITReferences
2.1 From Cryptographers to World Leaders2.2 The Changing Threat Landscape2.3 Hacktivists2.3.1 Motivation2.3.2 Modus Operandi2.3.3 Hacktivism and Cloud2.3.4 Hacktivism and Mobility2.3.5 Hacktivism and Security2.4 Organized Cyber Crime2.4.1 Motivation2.4.2 Modus Operandi2.4.3 Organized Crime and Cloud2.4.4 Organized Crime and Mobility2.4.5 Organized Crime and Security2.5 Cyber Espionage and Terrorism2.5.1 Motivation2.5.2 Modus Operandi2.5.3 Cyber Espionage, Terrorism, and Cloud2.5.4 Cyber Espionage, Terrorism, and Mobility2.5.5 Cyber Espionage, Terrorism, and Security2.6 Hackers for Hire2.6.1 Motivation and Modus Operandi2.6.2 Hackers for Hire and the Cloud2.6.3 Hackers for Hire and Mobility2.6.4 Hackers for Hire and Security2.7 Insider ThreatReferences
3.1 Point of Cloud3.2 Capability3.3 Financials3.4 Agility3.5 Security3.6 Licensing3.7 Service Level AgreementsReferences
4.1 Physical and Logical Segmentation4.2 Physical Segmentation4.3 Physical and Virtual Segmentation4.4 Highly Optimized Segmentation Model4.5 Production-Based Segmentation Model4.6 Storage Segmentation Model
5.1 What Is Orchestration?5.2 Benefits and Challenges5.3 Information Security Considerations5.3.1 Secure Service Delivery Workflows5.3.2 Secure Resource Delivery Automation5.3.3 Secure Orchestration Management5.3.4 Security Monitoring
6.1 Holistic Encryption Strategy6.2 Scope Reduction6.3 Transport Layer Encryption6.3.1 Secure Socket Layer (SSL)6.3.2 Virtual Private Networks (VPNs)6.3.3 Secure Shell (SSH)6.3.4 Secure File Transfer Protocol (SFTP)6.3.5 Transport Layer Security (TLS)6.4 Data Layer Encryption6.4.1 Database Encryption6.4.2 File Encryption6.4.3 Encryption Appliances6.4.4 Disk Encryption6.4.5 Virtualization Encryption6.5 Key Management Life CycleReferences
7.1 Security Threats to Private Cloud7.2 Threat Prevention Strategies7.3 Threat Detection Toolset7.4 Making Threat Detection Intelligent
8.1 Layers of Identities8.2 Challenges of Disparate Identity Repositories8.3 Centralizing Identity Repositories8.3.1 Entitlements Aggregator8.3.2 Authoritative Sources of Identities8.3.3 Administrative Access8.3.4 Task User Access8.3.5 Central Identity Repository
9.1 Security Exposure of Public Cloud Use9.2 Corporate Cloud Use Policy9.3 Cloud Request Form9.4 Cloud Approval WorkflowReferences
10.1 Overview10.2 Interview with Cloud Service Provider10.3 Cursory Review—Assessment Report
11.1 Overview11.2 Interview with the Requestor11.3 Security Governance11.4 Data Protection11.4.1 Overview11.4.2 Data Protection Questions for All Service Models11.4.3 SaaS Data Protection Questions11.4.4 PaaS Data Protection Questions11.4.5 IaaS Data Protection Questions11.5 Security Architecture11.6 Application Security11.6.1 Overview11.6.2 SaaS Application Security11.6.3 PaaS Application Security11.7 Identity and Access Management11.7.1 Overview11.7.2 Identity Access Management for CSP Staff11.7.3 Identity and Access Management for CSP Customers11.8 Compliance11.9 Electronic Discovery11.10 Closing the LoopReferences
12.1 Overview12.2 Selecting an Assessor12.3 Finalizing the SOW12.4 Closing the Loop
13.1 Overview13.2 BlackBerry® Enterprise Server Architecture13.3 Exchange to Support iOS, Android™, and Windows® PhoneReferences
14.1 Overview14.2 Tablet and Smart Phone Security Issues14.3 Bring Your Own Device (BYOD)14.4 Lack of Encryption14.5 Lack of Good Authentication and Password Controls14.6 Unfiltered Mobile Apps14.7 Saying No Is a Tricky Business14.8 Updating Mobile Standards and Searching for Solutions14.9 Performing Sanity Testing14.10 Garnering Executive Support and the Big WinReferences
15.1 Overview15.2 Connecting to Exchange15.3 Connecting via VPN15.4 Connecting to Microsoft SharePoint® 2010 or Later15.5 Connecting to a Desktop or Server15.6 Connecting to File Shares15.7 Connecting to or Installing Third-Party ApplicationsReferences
16.1 Mobile Application Development in Your Organization16.2 Start with the Stakeholders16.3 Step through the Entire SDLC16.4 Guidelines Regarding Enterprise App Store/Google® Play16.4.1 Overview of Infrastructure16.4.2 Overview of Environment Setup and General Controls16.4.3 A Note about Publishing Your Apps16.4.3.1 Dealing with the Apple® App Store16.4.3.2 Dealing with Android’s Google PlayReferences

Content preview from Securing Cloud and Mobility

6Encryption Services

6.1 Holistic Encryption Strategy

Encryption is driven by compliance requirements and data threats. Senate Bill 1386, which became effective on July 1, 2003, mandated that notification must be made to California residents if there is reasonable cause to suspect the breach of their unencrypted personal information. The operative word is unencrypted. Many companies have moved to encrypt personal information to avoid the hefty costs and reputational damage of breach notification. The Health Information Technology for Economic and Clinical Health Act (HITECH) enacted in 2009 to complement the Health Insurance Portability and Accountability Act (HIPAA) has encryption implications. Similar to SB1386, HITECH requires breach ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Cyber Resilient Infrastructure: Detect, Protect, and Mitigate Threats Against Brocade SAN FOS with IBM QRadar

Publisher Resources

ISBN: 9781439850558

Securing Cloud and Mobility

by Ian Lim, E. Coleen Coolidge, Paul Hourani

6Encryption Services

6.1 Holistic Encryption Strategy

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like

Cyber Resilient Infrastructure: Detect, Protect, and Mitigate Threats Against Brocade SAN FOS with IBM QRadar

Enterprise Mobility Suite Managing BYOD and Company-Owned Devices

Mastering the Microsoft Kinect: Body Tracking, Object Detection, and the Azure Cloud Services

How I Built a Personal Board of Directors With GenAI

Publisher Resources

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,and much more.

You might also like

Cyber Resilient Infrastructure: Detect, Protect, and Mitigate Threats Against Brocade SAN FOS with IBM QRadar

Enterprise Mobility Suite Managing BYOD and Company-Owned Devices

Mastering the Microsoft Kinect: Body Tracking, Object Detection, and the Azure Cloud Services

How I Built a Personal Board of Directors With GenAI

Publisher Resources

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.