Securing Cloud Services

Cloud services, such as SalesForce, Amazon Web Services and Microsoft(R) Azure, offer enterprise grade computing power to businesses of all sizes, without them having to invest in the hardware, software and staff usually needed to support equivalent on-premise services. Cloud Computing represents a major change to the IT services landscape, but it also introduces a different set of potential security risks, which need to be understood and addressed. Securing Cloud Services - A pragmatic approach to security architecture in the Cloud goes beyond the subject of generic Cloud security and, instead, offers a more detailed, architectural approach to securing Cloud services. It describes how security architecture processes may be used to derive a set of security controls to manage the risks associated with working in the Cloud. It uses a conceptual security reference model (SRM) to define a set of common security services, and then explains how these services can be delivered across the various Cloud service models in order to secure a Cloud-based service.
Lee Newcombe is an enterprise architect with commercial experience gained at numerous high-profile companies, including a retail bank, a systems integrator and one of the Big 4 consultancies. He has worked within various Cloud programmes and acted as the IT industry security expert during the early days of the UK Government's G-Cloud programme. Lee has been writing about, presenting on, and working with Cloud technologies since 2007, and is a named contributor to the Cloud Security Alliance guidance document.