Learning about cloud security is a bit like going to the dentist: It has to be done, but who wants to do it? This book will make the process painless and perhaps even enjoyable. Though the information in this book will be useful to everyone who has data, uses the cloud, or lives on the planet, it will be most useful to people who are responsible for the management of company data security — particularly, when that data is stored in the cloud.

Cloud security is data security. Books about cloud security tend to focus on only the aspects of using the cloud. But this book could have been titled Data Security Even When You Use the Cloud For Dummies. But that was too long. This book covers emerging information security topics, such as DataOps and AIOPs, that, though not cloud specific, are important topics to know about when your company manages sensitive data or develops applications to manage critical data. They are more than technologies — they are philosophies that will help you create a strategy for managing information security. If you’re in the infosec business, you know it’s a lot like herding cats — and those cats are having kittens, like, every day!

You'll learn about technologies that range from AI to key fobs that will assist you in getting the job done right. Most of all, you'll learn that your biggest concern isn’t hardware or VPNs or cryptographic strength. It’s people. (Remember Soylent Green? Maybe not. It depends on your weakness for early 1970s sci-fi.)

In any event, people are the highest risk in any effort to protect data. Putting it in the cloud just makes it particularly hard to protect because it lies outside your local network security and firewall.

Some people will try to hack into your system and steal your data. It happens millions of times a day, most of which are automated attempts to find weaknesses in your data security or to find areas of the applications you use that can be exploited. Even scarier than protecting your data from people trying to hack into your systems is protecting your data from the people who have authorized access. They may not mean any harm, but if they’re careless or uninstructed in the proper ways of The Force (information security), they can unwittingly hand over the keys to the kingdom.

There are also so many different ways that your data is threatened today. One of the biggest threats now facing companies is ransomware. World leaders are meeting at this very moment (well, at the moment I wrote this paragraph) to discuss what can be done about this terrible threat to economic stability. Add to that the gigantic breaches that happen many times each year, revealing personally identifying information and financial data, and you have a data security nightmare.

Armed with this book, you can find new approaches to protecting your information, particularly when it’s stored in the cloud. You'll learn about how virtual environments make your job a challenge as you try to keep up with the fluid environment that makes the cloud so powerful. There are also different kinds of clouds, not just different brands. You need to know about topics such as public, private, and hybrid clouds and how to manage data as it moves between them.

One of the keys to modern information security is good encryption. Though this book is a bit forward-looking, it doesn’t attempt to deal with the challenge of post-quantum encryption. However, you will learn about different types of encryption as well as some of the ways to manage encryption keys, your company’s deepest secrets.

About This Book

Books in the For Dummies brand are organized in a modular, easy-to-access format that lets you use the book as an owner’s manual. Because cloud security isn’t about just a single application, you can think of this book as a handbook or guide to the many technologies and efforts to bring about information security, particularly in the cloud. This book’s chapters are organized to first explore basic concepts and then move to more complex solutions. Still, it’s not critical that you read the book completely through. You can head right to concepts that interest you the most, though there's a chance you might need to jump back to earlier chapters to review basic ideas or gain context. The first part of this book is best used by companies first starting on their journey into the types of information security practices that include using clouds as part of the IT environment. If you’re further down that path, you will find more advanced topics in Parts 2, 3, and 4.

Web addresses appear in monofont. If you’re reading a digital version of this book on a device connected to the Internet, you can click a web address to visit that website, like this: www.dummies.com.

Foolish Assumptions

The ideas, information, and details about cloud security are relevant to nearly every business that manages data. I’m assuming, if you’re reading this book, that you have some background in managing or working directly in the information security field. This book is meant as a primer, so some readers may find the information more of a review while others see some of these topics for the first time.

Icons Used in This Book

As you make your way through this book (if that's how you're reading it), you see the following icons in the margins:

The Tip icon marks bits of information you will find particularly helpful. When you’re skimming the book, these tips should pop out to give you a quick grasp of the topic.

Remember icons mark information that is important to keep in mind. Some of them review topics from earlier in the book that are relevant to the information being presented.

The Technical Stuff icon marks information of a technical nature that is more important to someone working in the field and might need a bit more depth.

The Warning icon points out bits of information you can use to avoid issues you might encounter.

Beyond the Book

Because cloud security is an evolving and complex field, there’s no single source or best place to go for more information. Every business has a unique need when protecting their private information, so throughout this book, I’ve done my best to include URLs to further information about both products and frameworks that will evolve as the information security challenge evolves.

In addition to what you’re reading right now, this book comes with a free, access-anywhere Cheat Sheet that gives you an overview of some of the major cloud security topics I discuss in greater detail in this book. To find this Cheat Sheet, visit www.dummies.com and search for Cloud Security For Dummies Cheat Sheet in the Search box.

Where to Go from Here

Get started reading Chapter 1 to help you understand some of the responsibilities required of someone taking on the job of cloud security. Chapters 2 and 3 dive into cloud-specific resources and basic techniques for protecting data. Chapter 4 is specifically for companies that develop their own software. (If your company doesn’t do software development, you might want to skip this chapter.) Chapter 5 might be the most important chapter, dealing as it does with restricting access to your cloud resources. The rest of the book talks about security applications and complying with security regulations, and then ends with a chapter pointing to some of the more important applications you might want to use in your fight to keep your information secure.