Cloud technology seems to be the business driver of the last few years.
According to several studies, international corporations as well as
small and medium-sized enterprises (SMEs) are looking to move their
information technology to the cloud. Expectations are high and briefly
summarised: Low costs for the use of information technology, flexible
use and invoicing, always technologically up to date, high availability,
high agility, no commitment of own resources, no responsibility for
operation and maintenance. But what about governance compliance,
responsibility towards information security and data protection? How is
the cloud technology integrated into the company in compliance with
laws, regulations and specifications, what responsibility does the
management have, how are processes to be adapted, what effects arise for
the company, what are the risks? Will changes occur in the company, what
needs to be adapted? How are data protection laws complied with and how
is information security? And how does the company protect itself against
data theft, manipulation, destruction and possibly espionage? Cloud
Security Basics in the updated 2nd edition shows which measures are
necessary to be able to use cloud technology securely. After discussing
the cloud technology with its architecture and the different objects
that are available, the book describes the necessary organisational and
technical measures to achieve security. It looks at governance,
compliance, risk management, information security management and
specifically addresses the situation of data protection. Finally, the
book provides recommendations on which measures should be implemented.
