Managing risk and security in outsourcing IT services: onshore, offshore and the cloud
With cloud computing quickly becoming a standard in today's IT environments, many security experts are raising concerns regarding security and privacy in outsourced cloud environments-requiring a change in how we evaluate risk and protect information, processes, and people.Managing Risk and Sec...
Gespeichert in:
| 1. Verfasser: | |
|---|---|
| Format: | Buch |
| Sprache: | English |
| Veröffentlicht: |
Boca Raton [u.a.]
CRC Press
2014
|
| Schlagworte: | |
| Online-Zugang: | Inhaltsverzeichnis |
| Zusammenfassung: | With cloud computing quickly becoming a standard in today's IT environments, many security experts are raising concerns regarding security and privacy in outsourced cloud environments-requiring a change in how we evaluate risk and protect information, processes, and people.Managing Risk and Security in Outsourcing IT Services: Onshore, Offshore and the Cloud explains how to address the security risks that can arise from outsourcing or adopting cloud technology. Providing you with an understanding of the fundamentals, it supplies authoritative guidance and examples on how to tailor the right ri |
| Beschreibung: | XVII, 226 S. |
| ISBN: | 9781439879092 |
Internformat
MARC
| LEADER | 00000nam a2200000 c 4500 | ||
|---|---|---|---|
| 001 | BV041467214 | ||
| 003 | DE-604 | ||
| 005 | 20220406 | ||
| 007 | t | ||
| 008 | 131209s2014 |||| 00||| eng d | ||
| 020 | |a 9781439879092 |c hbk |9 978-1-43987909-2 | ||
| 035 | |a (OCoLC)874380738 | ||
| 035 | |a (DE-599)GBV772615454 | ||
| 040 | |a DE-604 |b ger |e aacr | ||
| 041 | 0 | |a eng | |
| 049 | |a DE-473 | ||
| 084 | |a ST 515 |0 (DE-625)143677: |2 rvk | ||
| 100 | 1 | |a Siepmann, Frank |e Verfasser |4 aut | |
| 245 | 1 | 0 | |a Managing risk and security in outsourcing IT services |b onshore, offshore and the cloud |c Frank Siepmann |
| 264 | 1 | |a Boca Raton [u.a.] |b CRC Press |c 2014 | |
| 300 | |a XVII, 226 S. | ||
| 336 | |b txt |2 rdacontent | ||
| 337 | |b n |2 rdamedia | ||
| 338 | |b nc |2 rdacarrier | ||
| 520 | 1 | |a With cloud computing quickly becoming a standard in today's IT environments, many security experts are raising concerns regarding security and privacy in outsourced cloud environments-requiring a change in how we evaluate risk and protect information, processes, and people.Managing Risk and Security in Outsourcing IT Services: Onshore, Offshore and the Cloud explains how to address the security risks that can arise from outsourcing or adopting cloud technology. Providing you with an understanding of the fundamentals, it supplies authoritative guidance and examples on how to tailor the right ri | |
| 650 | 0 | 7 | |a Outsourcing |0 (DE-588)4127582-2 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Dienstleistung |0 (DE-588)4012178-1 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Risikomanagement |0 (DE-588)4121590-4 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Informationstechnik |0 (DE-588)4026926-7 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Datensicherung |0 (DE-588)4011144-1 |2 gnd |9 rswk-swf |
| 689 | 0 | 0 | |a Informationstechnik |0 (DE-588)4026926-7 |D s |
| 689 | 0 | 1 | |a Dienstleistung |0 (DE-588)4012178-1 |D s |
| 689 | 0 | 2 | |a Outsourcing |0 (DE-588)4127582-2 |D s |
| 689 | 0 | 3 | |a Risikomanagement |0 (DE-588)4121590-4 |D s |
| 689 | 0 | 4 | |a Datensicherung |0 (DE-588)4011144-1 |D s |
| 689 | 0 | |5 DE-604 | |
| 776 | 0 | 8 | |i Erscheint auch als |n Online-Ausgabe |z 978-1-439-87910-8 |
| 856 | 4 | 2 | |m Digitalisierung UB Bamberg - ADAM Catalogue Enrichment |q application/pdf |u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=026913440&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |3 Inhaltsverzeichnis |
| 999 | |a oai:aleph.bib-bvb.de:BVB01-026913440 | ||
Datensatz im Suchindex
| _version_ | 1804151600799809536 |
|---|---|
| adam_text | Contents
Foreword
xi
Preface
xiii
Acknowledgments
xvii
Chapter
1
Outsourcing
1
History of Outsourcing
1
Early Days ofOutsourcing
2
Current State
3
Delivery Models
3
Ο η
shoring
3
Ne ar
shoring
З
O rï
shoring
З
Outsourcing Types
4
Technology Outsourcing
4
Business Process Outsourcing
4
Business Transtormation Outsourcing
5
Knowledge Process Outsourcing
5
Internals or Outsourcing
5
Phases
5
Typical Financial Outsourcing Model
6
Geographical Regions
7
Top Outsourcing Countries
8
India
9
Indonesia
14
Estonia
16
Singapore
17
China
20
VI
CONTENTS
Bulgaria
26
Philippines
31
Thailand
35
Lithuania
40
Malaysia 43
Outsourcing Personnel
46
Consulting Personnel
46
Former Lmpiovces ot Clients
47
Internal Resources
47
[bird-Party Personnel
47
1
lireil Personnel
48
Teams
49
Salaries
52
(jrowth Strategies
53
Chapter
2
The Cloud
55
Software as a Service (SaaS)
55
Platform as a Service (PaaS)
56
Infrastructure as a Service (laaS)
57
Private Cloud
57
Community Cloud
58
Public Cloud
58
Hybrid Clouds
60
What the Cloud Is and Is Not
61
Beyond the Cloud °2
Virtual Private Cloud
64
Standardization between CSPs
64
Compliance in the Cloud
65
Security and Privacy Issues with Cloud Computing
65
Scalability versus Elasticity
65
On-Demand Self-Service
66
Rapid Elasticity
66
Resource Pooling
67
Outages
68
Denial of Service
68
Virtualization Security
68
Metering
69
Hypervisor Security
69
Virtual Networks
70
Memory Allocation/Wiping
70
Cloud Network Configuration
71
Firewalls in the Cloud
73
Self-Service
75
Malicious Insiders
77
Availability and Service Level Agreements
77
Authentication, Authorization, Accounting
80
Tenant Credibility
81
CONTENTS
VII
Chapter
3
Chapter
4
Address the Cloud Security/Privacy Dilemma
SAS-70,
SOC
1,
and
SOC
2
Audits
Cryptograph} and the Cloud
Encryption Keys and the Cloud
Third-Party Cloud Security Providers
FcdRAMP and the Federal Cloud
I low to Securely Move to the Cloud
Before You Decide to Outsource
Security and Privacy Impacts
Secure Communication
Telephones
c-Mail
Mobile/Cell Phones
Smartphones
Black Bcrrvs
Instant Messenger
I -etters
and Parcels
Organizational I mpacts
I .egal
Aspects
Personnel Issues
Technical Challenges
Network Address Translation (NAT) Issues
Single Sign-On and Federation (SAML/XACML)
Backup Technologies
Remote Desktop Support
Trouble Ticket Systems
Business Continuity
Ready to Outsource
Perfect Outsourcing Company
Doing Your Homework
Understand What Is Offered
Audit Reports
Is Business Transformation Outsourcing the Right Choice?
Ask the Right Questions
Dedicated Resources or Not?
Talking with Existing Clients
What Matters for the Outsourcing Company?
Challenges Outsourcing Companies Face
Which Security Controls
—
Ours or Theirs?
Staff Augmentation
Complete Outsourced Operation
Cost Savings
Security Controls
Next Step
—
Clean House
Maturity Level
82
»2
83
84
85
86
86
8
У
89
90
91
93
94
95
96
96
98
99
99
99
100
100
100
101
101
101
102
105
105
105
110
110
114
115
115
116
117
118
119
119
119
120
121
126
126
VIII CONTENTS
Alignment
оі
Stratégies
127
I
ranstorming
127
Outsourcing Preparation
128
I
ii
tonn.it
ion
Security
Poliev
128
Organization
ot
Information Security
129
Kxtenial Parries Security
130
Information
CI
.
ι
>
^
îficarion
Security
131
Prior to
ľ.mploymcnt
Security
131
During hmplovmcnt Security
132
Termination or Change ot-T mploymcnt Security
132
Secure Area*· Security
133
Kquipmcnt Security
134
Operational Procedures ami Responsibility Security
137
Ih ml-Parrv
Service Delivery Management Security
137
System I>lati
ning
;
ami Acceptance Security
138
Protection
uitai
nst Malicious ami Mobile Code
Securit}
139
Information Backup Security
140
Network Security Management Security
140
Media-I landling Security
141
Exchange of Information Security
142
Electronic Commerce Services Security
144
Monitoring Security
145
Business Requirement for Access Control Security
148
User Access Management Security
148
User Responsibilities Security
150
Network Access Control Security
151
Operating System Access Control Security
154
Application and Information Access Control Security
156
Mobile Computing and Teleworking Security
158
Security Requirements
ofinformation
Systems
159
Correct Processing in Applications Security
161
Cryptographic Controls Security
162
Security of System Files
163
Security in Development and Support Services
164
Technical Vulnerability Management Security
166
Reporting Information Security Events and Weaknesses
Security
167
Management of Information Security Incidents and
Improvements Security
169
Information Security Aspects of Business Continuity
Management
171
Compliance with Legal Requirements Security
173
Information Systems Audit Considerations Security
178
Outsourcing Security Readiness Assessment
180
Tactical Goals
—
Now or Later?
182
Strategic Objectives
—
When?
182
CONTENTS
IX
Chapter
5
Chapter
6
Chapter
7
Index
Day One and Beyond
185
Enabling the Outsourcing Company
188
Access to Required Information
188
Documentation
189
Personnel
189
Transition Phase
190
Ί
lie Stable Years
191
Security Incidents
191
Outsourcing Personnel Turnover
192
Regular Activities
193
Reporting
195
When We Part
199
I low to
Prepari.1
200
lhe
Contract
200
Analysis of What Needs to Be Done
201
Exit Plan
201
When the
Dav
Comes
202
Taking Control
203
Outsourcing Anecdotes
205
British Health Records
205
Transportation Strike in Bangalore
206
Submarine Cable Cuts
206
Cloud Outages
207
Т
-Mobile:
Sidekick in Danger of the Microsoft Cloud
207
Outages at Amazon Are Sometimes due to Gossip
207
Google Services Impacted by Cloud Outages
208
Microsoft s Azure and Hotmail
208
Salesforce.corn s Cloud Goes Down
208
CloudFlare DDoS
208
Background Investigation Lacking
209
Privacy Laws
—
Not Here
209
Can You Hear Me Now? CDMA Limitations
209
Overlooked
210
Premature Transformation
210
Public Instant Messenger
—
Share the Joy
210
213
|
| any_adam_object | 1 |
| author | Siepmann, Frank |
| author_facet | Siepmann, Frank |
| author_role | aut |
| author_sort | Siepmann, Frank |
| author_variant | f s fs |
| building | Verbundindex |
| bvnumber | BV041467214 |
| classification_rvk | ST 515 |
| ctrlnum | (OCoLC)874380738 (DE-599)GBV772615454 |
| discipline | Informatik |
| format | Book |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>02390nam a2200433 c 4500</leader><controlfield tag="001">BV041467214</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20220406 </controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">131209s2014 |||| 00||| eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781439879092</subfield><subfield code="c">hbk</subfield><subfield code="9">978-1-43987909-2</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)874380738</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)GBV772615454</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">aacr</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-473</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 515</subfield><subfield code="0">(DE-625)143677:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Siepmann, Frank</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Managing risk and security in outsourcing IT services</subfield><subfield code="b">onshore, offshore and the cloud</subfield><subfield code="c">Frank Siepmann</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Boca Raton [u.a.]</subfield><subfield code="b">CRC Press</subfield><subfield code="c">2014</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">XVII, 226 S.</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="520" ind1="1" ind2=" "><subfield code="a">With cloud computing quickly becoming a standard in today's IT environments, many security experts are raising concerns regarding security and privacy in outsourced cloud environments-requiring a change in how we evaluate risk and protect information, processes, and people.Managing Risk and Security in Outsourcing IT Services: Onshore, Offshore and the Cloud explains how to address the security risks that can arise from outsourcing or adopting cloud technology. Providing you with an understanding of the fundamentals, it supplies authoritative guidance and examples on how to tailor the right ri</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Outsourcing</subfield><subfield code="0">(DE-588)4127582-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Dienstleistung</subfield><subfield code="0">(DE-588)4012178-1</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Risikomanagement</subfield><subfield code="0">(DE-588)4121590-4</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Informationstechnik</subfield><subfield code="0">(DE-588)4026926-7</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Datensicherung</subfield><subfield code="0">(DE-588)4011144-1</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Informationstechnik</subfield><subfield code="0">(DE-588)4026926-7</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="1"><subfield code="a">Dienstleistung</subfield><subfield code="0">(DE-588)4012178-1</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="2"><subfield code="a">Outsourcing</subfield><subfield code="0">(DE-588)4127582-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="3"><subfield code="a">Risikomanagement</subfield><subfield code="0">(DE-588)4121590-4</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="4"><subfield code="a">Datensicherung</subfield><subfield code="0">(DE-588)4011144-1</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Online-Ausgabe</subfield><subfield code="z">978-1-439-87910-8</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">Digitalisierung UB Bamberg - ADAM Catalogue Enrichment</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=026913440&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-026913440</subfield></datafield></record></collection> |
| id | DE-604.BV041467214 |
| illustrated | Not Illustrated |
| indexdate | 2024-07-10T00:57:24Z |
| institution | BVB |
| isbn | 9781439879092 |
| language | English |
| oai_aleph_id | oai:aleph.bib-bvb.de:BVB01-026913440 |
| oclc_num | 874380738 |
| open_access_boolean | |
| owner | DE-473 DE-BY-UBG |
| owner_facet | DE-473 DE-BY-UBG |
| physical | XVII, 226 S. |
| publishDate | 2014 |
| publishDateSearch | 2014 |
| publishDateSort | 2014 |
| publisher | CRC Press |
| record_format | marc |
| spelling | Siepmann, Frank Verfasser aut Managing risk and security in outsourcing IT services onshore, offshore and the cloud Frank Siepmann Boca Raton [u.a.] CRC Press 2014 XVII, 226 S. txt rdacontent n rdamedia nc rdacarrier With cloud computing quickly becoming a standard in today's IT environments, many security experts are raising concerns regarding security and privacy in outsourced cloud environments-requiring a change in how we evaluate risk and protect information, processes, and people.Managing Risk and Security in Outsourcing IT Services: Onshore, Offshore and the Cloud explains how to address the security risks that can arise from outsourcing or adopting cloud technology. Providing you with an understanding of the fundamentals, it supplies authoritative guidance and examples on how to tailor the right ri Outsourcing (DE-588)4127582-2 gnd rswk-swf Dienstleistung (DE-588)4012178-1 gnd rswk-swf Risikomanagement (DE-588)4121590-4 gnd rswk-swf Informationstechnik (DE-588)4026926-7 gnd rswk-swf Datensicherung (DE-588)4011144-1 gnd rswk-swf Informationstechnik (DE-588)4026926-7 s Dienstleistung (DE-588)4012178-1 s Outsourcing (DE-588)4127582-2 s Risikomanagement (DE-588)4121590-4 s Datensicherung (DE-588)4011144-1 s DE-604 Erscheint auch als Online-Ausgabe 978-1-439-87910-8 Digitalisierung UB Bamberg - ADAM Catalogue Enrichment application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=026913440&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis |
| spellingShingle | Siepmann, Frank Managing risk and security in outsourcing IT services onshore, offshore and the cloud Outsourcing (DE-588)4127582-2 gnd Dienstleistung (DE-588)4012178-1 gnd Risikomanagement (DE-588)4121590-4 gnd Informationstechnik (DE-588)4026926-7 gnd Datensicherung (DE-588)4011144-1 gnd |
| subject_GND | (DE-588)4127582-2 (DE-588)4012178-1 (DE-588)4121590-4 (DE-588)4026926-7 (DE-588)4011144-1 |
| title | Managing risk and security in outsourcing IT services onshore, offshore and the cloud |
| title_auth | Managing risk and security in outsourcing IT services onshore, offshore and the cloud |
| title_exact_search | Managing risk and security in outsourcing IT services onshore, offshore and the cloud |
| title_full | Managing risk and security in outsourcing IT services onshore, offshore and the cloud Frank Siepmann |
| title_fullStr | Managing risk and security in outsourcing IT services onshore, offshore and the cloud Frank Siepmann |
| title_full_unstemmed | Managing risk and security in outsourcing IT services onshore, offshore and the cloud Frank Siepmann |
| title_short | Managing risk and security in outsourcing IT services |
| title_sort | managing risk and security in outsourcing it services onshore offshore and the cloud |
| title_sub | onshore, offshore and the cloud |
| topic | Outsourcing (DE-588)4127582-2 gnd Dienstleistung (DE-588)4012178-1 gnd Risikomanagement (DE-588)4121590-4 gnd Informationstechnik (DE-588)4026926-7 gnd Datensicherung (DE-588)4011144-1 gnd |
| topic_facet | Outsourcing Dienstleistung Risikomanagement Informationstechnik Datensicherung |
| url | http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=026913440&sequence=000002&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA |
| work_keys_str_mv | AT siepmannfrank managingriskandsecurityinoutsourcingitservicesonshoreoffshoreandthecloud |