Securing Cloud Services

Cloud services, such as SalesForce, Amazon Web Services and Microsoft® Azure, offer enterprise grade computing power to businesses of all sizes, without them having to invest in the hardware, software and staff usually needed to support equivalent on-premise services.

Cloud Computing represents a major change to the IT services landscape, but it also introduces a different set of potential security risks, which need to be understood and addressed.

Securing Cloud Services – A pragmatic approach to security architecture in the Cloud goes beyond the subject of generic Cloud security and, instead, offers a more detailed, architectural approach to securing Cloud services.

It describes how security architecture processes may be used to derive a set of security controls to manage the risks associated with working in the Cloud.  It uses a conceptual security reference model (SRM) to define a set of common security services, and then explains how these services can be delivered across the various Cloud service models in order to secure a Cloud-based service.



Lee Newcombe is an enterprise architect with commercial experience gained at numerous high-profile companies, including a retail bank, a systems integrator and one of the Big 4 consultancies. He has worked within various Cloud programmes and acted as the IT industry security expert during the early days of the UK Government’s G-Cloud programme. Lee has been writing about, presenting on, and working with Cloud technologies since 2007, and is a named contributor to the Cloud Security Alliance guidance document.