The cloud is everywhere. It is all over us. But everybody knows that. I have been interested in could security for quite a while, so I decided to read a book to see how it is defined from A to Z today. After reading some reviews I chose the Securing The Cloud; Cloud computer security techniques and tactics written by Vic (J.R.) Winkler.

One important aspect why I chose this book is that one review had said that it is a little bit too technical. And that is what I wanted: ones and zeros, source code and hexdump. I didn’t get that though. However the book is still a very good reading. The target audience is quite wide. I think the following people might be interested in the book:
  • IT management: the management of a company who is considering to move it’s infrastructure to the could can get a good overview about the whole cloud technology, it’s advantages, how they can benefit from the cloud and what are it’s potential risks.
  • IT operations engineer: these people will be needed to make the cloud related decisions. This book can help them to prepare for that task.
  • Generally everybody involved in IT: to keep up what is happening in the world.

So basically I say that it is worth for everybody to read this book and here is why. I don’t want to go through the whole table of contents because it’s available on Amazon but I would highlight a few parts. It gives a good description about the state of the cloud technology. It gives detailed information about the different aspects of the cloud security such as the architecture, data security, risks, legal issues. Here I must add that even the legal parts were not boring which shows how well written is this book. Regarding the technical details, although there was no source code in the book however it explained how the cabling of the datacenter should be done, so actually it went sometimes quite deep in technical questions, hence at the end of the day my eager for technicality was satisfied. The security topics are discussed from the different perspectives of the different cloud models. It also gives a bunch of checklists which can be really helpful when a company embraces the cloud (or is embraced by the cloud). But the most important this book can be used as a handbook during the process of the transformation but especially in the planning/design phase.

I always like to clarify the NO-GOALs in projects just to make sure what shouldn’t be expected. So regarding this book it is not the manual for moving to cloud computing. It won’t tell you which provider to choose or which model to implement but it will tell you how you can make an educated decision. To make it clear the book doesn’t give answers instead it gives you the questions you should ask yourself, but you have to find the answers yourself.