Although virtualization is a widely accepted technology, there are few books dedicated to virtualization and security. Filling this need, Securing Cloud and Mobility: A Practitioner's Guide explains how to secure the multifaceted layers of private and public cloud deployments as well as mobility infrastructures. With comprehensive coverage that includes network, server, and endpoint security, it provides a strategic view of the security implications of virtualization and cloud computing.
The book begins by deconstructing the terminology of cloud computing. It explains how to establish a secure framework within the virtualized environment and breaks down the various deployment and service models for cloud computing.
For private clouds, it discusses the issues of physical versus logical segmentation, securing orchestration, encryption services, threat intelligence, and identity management. For public clouds, it provides three frameworks for reviewing cloud services: cursory, in-depth, and outsourced.
On the mobility side, the text discusses the three major mobile architectures: Apple IOS, Android, and Blackberry. Filled with real-world examples, it addresses the various mobile management approaches, secure mobile code development and standards, and the emerging threats to both cloud and mobility.
Laying out decision-making frameworks to help you secure your virtual environment, the book includes coverage of physical and virtual segregation, orchestration security, threat intelligence, identity management, cloud security assessments, cloud encryption services, audit and compliance, certifications, and secure mobile architecture. It includes helpful implementation considerations, technical decision points, and process flows to supply you with practical guidance on how to navigate the undulating terrains of cloud and mobility.
Table of Contents
Part I. Rethinking IT and Security
Chapter 1. Tectonic Shifts
Chapter 2. The Evolving Threat Landscape
Part II. Deconstructing Cloud Security
Chapter 3. Cloud Dialogues
Chapter 4. Segmentation and the Private Cloud
Part III. Securing Private Cloud Computing
Chapter 5. Orchestration and Cloud Management
Chapter 6. Encryption Services
Chapter 7. Threat Intelligence
Chapter 8. Identity Management for Private Clouds
Part IV. Securing Public Clouds
Chapter 9. Enterprise Cloud Governance
Chapter 10. Cursory Cloud Use Review
Chapter 11. In-Depth Cloud Assessment
Chapter 12. Third-Party Cloud Assessment
Part V. Securing Mobile
Chapter 13. Mobile Security Infrastructure
Chapter 14. The Mobile Client Itself
Chapter 15. Connecting to Enterprise and Third-Party Applications from Mobile Devices
Chapter 16. Creating Secure Mobile Applications