×

Uh-oh, it looks like your Internet Explorer is out of date.

For a better shopping experience, please upgrade now.

Auditing Cloud Computing: A Security and Privacy Guide
     

Auditing Cloud Computing: A Security and Privacy Guide

5.0 2
by Ben Halpert
 

See All Formats & Editions

The auditor's guide to ensuring correct security and privacy practices in a cloud computing environment

Many organizations are reporting or projecting a significant cost savings through the use of cloud computing—utilizing shared computing resources to provide ubiquitous access for organizations and end users. Just as many organizations, however, are

Overview

The auditor's guide to ensuring correct security and privacy practices in a cloud computing environment

Many organizations are reporting or projecting a significant cost savings through the use of cloud computing—utilizing shared computing resources to provide ubiquitous access for organizations and end users. Just as many organizations, however, are expressing concern with security and privacy issues for their organization's data in the "cloud." Auditing Cloud Computing provides necessary guidance to build a proper audit to ensure operational integrity and customer data protection, among other aspects, are addressed for cloud based resources.

  • Provides necessary guidance to ensure auditors address security and privacy aspects that through a proper audit can provide a specified level of assurance for an organization's resources
  • Reveals effective methods for evaluating the security and privacy practices of cloud services
  • A cloud computing reference for auditors and IT security professionals, as well as those preparing for certification credentials, such as Certified Information Systems Auditor (CISA)

Timely and practical, Auditing Cloud Computing expertly provides information to assist in preparing for an audit addressing cloud computing security and privacy for both businesses and cloud based service providers.

Editorial Reviews

From the Publisher
"To summarize, the book is a good review of the current situation in the field. Every CISO and CIO should be aware of the developments in the cloud regardless of the intention of actually implementing its use." (Blog.itgovernance.co.uk, April 2012)

Product Details

ISBN-13:
9781118116043
Publisher:
Wiley
Publication date:
07/05/2011
Series:
Wiley Corporate F&A , #21
Sold by:
Barnes & Noble
Format:
NOOK Book
Pages:
224
File size:
2 MB

Related Subjects

What People are Saying About This

From the Publisher
"To summarize, the book is a good review of the current situation in the field. Every CISO and CIO should be aware of the developments in the cloud regardless of the intention of actually implementing its use." (Blog.itgovernance.co.uk, April 2012)

Meet the Author

BEN HALPERT, CISSP, is an information security researcher and practitioner. He has keynoted and presented sessions at numerous conferences and was a contributing author to Readings and Cases in the Management of Information Security and the Encyclopedia of Information Ethics and Security. Halpert writes a monthly security column for Mobile Enterprise magazine as well as an IT blog (www.benhalpert.com). He is also an adjunct instructor and on the advisory board of numerous colleges and universities.

Customer Reviews

Average Review:

Post to your social network

     

Most Helpful Customer Reviews

See all customer reviews

Auditing Cloud Computing: A Security and Privacy Guide 5 out of 5 based on 0 ratings. 2 reviews.
RBFowler More than 1 year ago
“Auditing Cloud Computing: A Security and Privacy Guide”, edited by Ben Halpert, CISSP, is a tremendous resource for auditors, security professionals, privacy officers and IT executives who need to understand the risks and mitigation strategies for an effective cloud computing solution. The chapters are written by leading professionals in IT, audit, security and management and cover progressively more detail and complexity so the reader builds on knowledge and the basics are not repeated. The editing provides a consistent style and tone throughout the book, making for smooth transitions from chapter to chapter. While the title focuses on auditing, the information provided in each chapter addresses topics that are pertinent to non-auditors, particularly security managers and business executives who are interested in an objective, vendor-independent overview of cloud computing risks and benefits. The information can also benefit cloud providers, particularly from the information on customer and auditor expectations. The book includes an appendix with an audit checklist for cloud computing, and includes a reference to the key review aspects covered in the various chapters of the book. While this is not itself a risk-based audit program, it does provide sufficient guidance for a risk assessment to be generated and the applicable audit checklist steps could then be performed. Overall, this book is quite readable and provides significant coverage of audit and security concerns for cloud computing. More and more companies are considering cloud computing, and whether or not they actually move their data, applications and/or processing to the cloud, it is beneficial for auditors and security professionals to be aware of the risks in advance of that move. With the number of cloud providers increasing, particularly those having FedRAMP or NIST 500-291 compliance, the concerns with third-party and vendor data being cloud based will be a concern even if the auditor’s company data is retained onsite.
RonnyNussbaum More than 1 year ago
I've had the pleasure of being one of the first few people to read this book. Companies are exponentially increasing their reliance on Cloud Computing, for reasons such as cost savings and increased efficiency. But are they ready for the cloud? If you are a person responsible for migrating your company to the cloud, there are many concerns that you need to think about and address prior to that migration if you want to avoid possible privacy incidents, loss of data, lack of compliance with regulations, and potential disasters that will cost you and your customers in loss revenue and productivity. This is where Auditing Cloud Computing shines, and provides you with a holistic approach to get the necessary information you need before the actual implementation. In 9 chapters, Mr. Halpert collected the thoughts of 12 industry leaders in areas of Cloud computing, reflecting on the following topics: 1. Introduction to Cloud computing 2. Cloud-Based IT Audit Process 3. Cloud-Based IT Governance 4. System and Infrastructure Lifecycle Management for the Cloud 5. Cloud-Based IT Service Delivery and Support 6. Protection and Privacy of Information Assets in the cloud 7. Business Continuity and Disaster Recovery 8. Global Regulation and Cloud Computing 9. Cloud Morphing: Shaping the Future of Cloud Computing Security and Audit The book provides ample information for anyone interested in Cloud computing, whether to implement new cloud infrastructure, migrate to a cloud provider, or simply get an understanding of this amazing technology. This book is a must-have for anyone dealing with Cloud Computing.