Table of Contents for
Practical Cloud Security

Version ebook / Retour

Cover image for bash Cookbook, 2nd Edition Practical Cloud Security by Chris Dotson Published by O'Reilly Media, Inc., 2019
  1. Cover
  2. nav
  3. Practical Cloud Security
  4. Practical Cloud Security
  5. Preface
  6. 1. Principles and Concepts
  7. 2. Data Asset Management and Protection
  8. 3. Cloud Asset Management and Protection
  9. 4. Identity and Access Management
  10. 5. Vulnerability Management
  11. 6. Network Security
  12. 7. Detecting, Responding, and Recovering from Security Incidents
  13. Index
  14. About the Author(s)
  15. Colophon

Preface

As the title states, this book is a practical guide to securing your cloud environments. In almost all organizations, security has to fight for time and funding, and often takes a back seat to implementing features and functions. Focus on the “best bang for the buck”, security-wise, is important.

This book is intended to help you get the most important security controls for your most important assets in place quickly and correctly, whether you’re a security professional who is somewhat new to cloud, or an architect or developer with security responsibilities. From that solid base, you can continue to build and mature your controls.

While many of the security controls and principles are similar between cloud and on-premises environments, there are some important practical differences. For that reason, a few of the recommendations for practical cloud security may be surprising to those with an on-premises security background. While there are certainly legitimate differences of opinion among security professionals in almost any area of information security, the recommendations in this book stem from years of experience in securing cloud environments, and are informed by some of the latest developments in cloud computing offerings.

The first few chapters deal with understanding your responsibilities in the cloud and how they differ from on-premises environments, as well as understanding what assets you have, what the most likely threats are to those assets, and some protections for them.

The next chapters of the book provide practical guidance, in priority order, of the most important security controls that you should consider first:

  • Identity and Access Management

  • Vulnerability Management

  • Network Controls

The final chapter deals with how to detect when something’s wrong and deal with it. It’s a good idea to read this chapter before something actually goes wrong!

Do you need to get any certifications or attestations for your environment, like PCI certification or a SOC 2 report? If so, you’ll need to watch out for a few specific pitfalls, which will be noted. You’ll also need to make sure you’re aware of any applicable regulations — for example, if you’re handling Personal Health Information in the United States, or of you’re handling Personal Information for EU citizens regardless of where your application is hosted.

Conventions Used in This Book

The following typographical conventions are used in this book:

Italic

Indicates new terms, URLs, email addresses, filenames, and file extensions.

Constant width

Used for program listings, as well as within paragraphs to refer to program elements such as variable or function names, databases, data types, environment variables, statements, and keywords.

Constant width bold

Shows commands or other text that should be typed literally by the user.

Constant width italic

Shows text that should be replaced with user-supplied values or by values determined by context.

Tip

This element signifies a tip or suggestion.

Note

This element signifies a general note.

Warning

This element indicates a warning or caution.

Using Code Examples

This book is here to help you get your job done. In general, if example code is offered with this book, you may use it in your programs and documentation. You do not need to contact us for permission unless you’re reproducing a significant portion of the code. For example, writing a program that uses several chunks of code from this book does not require permission. Selling or distributing a CD-ROM of examples from O’Reilly books does require permission. Answering a question by citing this book and quoting example code does not require permission. Incorporating a significant amount of example code from this book into your product’s documentation does require permission.

We appreciate, but do not require, attribution. An attribution usually includes the title, author, publisher, and ISBN. For example: “Practical Cloud Security by Chris Dotson (O’Reilly). Copyright 2019 O’Reilly Media, 978-1-492-03751-4.”

If you feel your use of code examples falls outside fair use or the permission given above, feel free to contact us at .

O’Reilly

Note

For almost 40 years, O’Reilly Media has provided technology and business training, knowledge, and insight to help companies succeed.

Our unique network of experts and innovators share their knowledge and expertise through books, articles, conferences, and our online learning platform. O’Reilly’s online learning platform gives you on-demand access to live training courses, in-depth learning paths, interactive coding environments, and a vast collection of text and video from O’Reilly and 200+ other publishers. For more information, please visit http://oreilly.com.

How to Contact Us

Please address comments and questions concerning this book to the publisher:

  • O’Reilly Media, Inc.
  • 1005 Gravenstein Highway North
  • Sebastopol, CA 95472
  • 800-998-9938 (in the United States or Canada)
  • 707-829-0515 (international or local)
  • 707-829-0104 (fax)

We have a web page for this book, where we list errata, examples, and any additional information. You can access this page at http://www.oreilly.com/catalog/9781492037514.

To comment or ask technical questions about this book, send email to .

For more information about our books, courses, conferences, and news, see our website at http://www.oreilly.com.

Find us on Facebook: http://facebook.com/oreilly

Follow us on Twitter: http://twitter.com/oreillymedia

Watch us on YouTube: http://www.youtube.com/oreillymedia

Acknowledgments

This book would not have happened without the encouragement and support of my wonderful wife, Tabitha Dotson, who told me that I couldn’t pass up this opportunity and juggled schedules and obligations for over a year to make it happen. I’d also like to thank my children, Samantha (for her extensive knowledge of Greek mythology) and Molly (for constantly challenging assumptions and thinking outside the box).

It takes many people besides the author to bring a book to publication, and I didn’t fully appreciate this before writing a book. I’d like to thank my editors, Andy Oram and Courtney Allen; my reviewers, Hans Donker, Darren Day, and Edgar Ter Danielyan; and the rest of the wonderful team at O’Reilly who have guided and supported me through this.

Finally, I’d like to thank all of my friends, family, colleagues, and mentors over the years who have answered questions, bounced around ideas, listened to bad puns, laughed at my mistakes, and actually taught me most of the content in this book.