Cloud Security Guidance IBM Recommendations for the Implementation of Cloud Security

An IBM Redpaper publication

Note: This is publication is now archived. For reference only.

Published 30 October 2009, updated 02 November 2009

cover image

IBM Form #: REDP-4614-00
(22 pages)

More options

Rate and comment

Authors: Axel Buecker, Koos Lodewijkx, Harold Moss, Kevin Skapinetz, Michael Waidner


Cloud computing is a flexible, cost-effective, and proven delivery platform for providing business or consumer IT services over the Internet. Cloud resources can be rapidly deployed and easily scaled, with all processes, applications, and services provisioned "on demand", regardless of user location or device. As a result, cloud computing gives organizations the opportunity to increase their service delivery efficiencies, streamline IT management, and better align IT services with dynamic business requirements. In many ways, cloud computing offers the "best of both worlds", providing solid support for core business functions along with the capacity to develop new and innovative services.

In addition to the usual challenges of developing secure IT systems, cloud computing presents an added level of risk, because essential services are often outsourced to a third party. The "externalized" aspect of outsourcing makes it harder to maintain data integrity and privacy, support data and service availability, and demonstrate compliance.

The security measures discussed in this IBM Redpapers™ publication represent best practice implementations for cloud security.

Table of contents

Introduction to cloud computing
Cloud security: the grand challenge
Evaluate different models of cloud computing
Examine the IBM Security Framework
Guide to implementing a secure cloud

Follow IBM Redbooks

Follow IBM Redbooks