As someone that works for a cloud provider, I anticipated finding this book, Securing the Cloud: Cloud Security Techniques and Tactics by Vic (J.R.) Winkler, boring or not to contain any insight I would carry forward. I found out I was wrong just in the first two chapters. The goal of the book is not to tell you what cloud provider or form of solution to pick, but how to get to that choice.
The author works hard to simplify and break down each general area so the seasoned IT professional or the CIO can easily digest each section. The structure and flow of the book takes you from the initial introduction to exactly what cloud computing and offerings exist and then blends into the differences in architecture before addressing security.
Legal aspects are not a deep topic in chapter 3. Each subsection could almost be a book of it’s own if someone wanted to write the very specific nuances each area required like HIPPA and EU Safe Harbor. Instead, the author highlights key and common risk issues and what should be evaluated and asked of yourself and the provider.
The middle chapters 4-6 work through the architecture, data security techniques and techniques for deployment in a secure fashion. Even though the chapters are about 30-50 pages each, the detail was perfect. I found the summary to be the place I started to understand what I was about to cover and then I read the chapter. It might be a personal preference but I like a higher overview right away to get a feel for where we are headed and stop points I can take.
Chapter 8 builds a checklist you need to begin the cloud provider selection process. Standards, verifications and even plain old claims are addressed. The author does well providing some basic criteria to start your own investigation into choosing a provider.
The two end chapters anticipate you have chosen a provider and now want to begin the basics operating your cloud security and architecture. These chapters are shorter than the middle ones where the meat of the book is anyway.
Overall I plan on reading this book again and making more bookmarks and notes. I wish I had gotten the digital version to make that whole process easier and I can see where the author can take subsections and additional writings as the interest in the cloud continues to grow for companies.
I suggest you get your hands on this now before making the leap into cloud technology to save a lot of time and effort after the fact.
Disclosure: the links for the book are all Amazon affiliate and I was not compensated to write any form of review for this book.