Skip to main content

Cloud Security Guidance IBM Recommendations for the Implementation of Cloud Security

An IBM Redpaper publication

Note: This is publication is now archived. For reference only.


Published on 30 October 2009, updated 02 November 2009

  1. .PDF (0.9 MB)

Share this page:   

IBM Form #: REDP-4614-00

Authors: Axel Buecker, Koos Lodewijkx, Harold Moss, Kevin Skapinetz and Michael Waidner

    menu icon


    Cloud computing is a flexible, cost-effective, and proven delivery platform for providing business or consumer IT services over the Internet. Cloud resources can be rapidly deployed and easily scaled, with all processes, applications, and services provisioned "on demand", regardless of user location or device. As a result, cloud computing gives organizations the opportunity to increase their service delivery efficiencies, streamline IT management, and better align IT services with dynamic business requirements. In many ways, cloud computing offers the "best of both worlds", providing solid support for core business functions along with the capacity to develop new and innovative services.

    In addition to the usual challenges of developing secure IT systems, cloud computing presents an added level of risk, because essential services are often outsourced to a third party. The "externalized" aspect of outsourcing makes it harder to maintain data integrity and privacy, support data and service availability, and demonstrate compliance.

    The security measures discussed in this IBM Redpapers™ publication represent best practice implementations for cloud security.

    Table of Contents

    Introduction to cloud computing

    Cloud security: the grand challenge

    Evaluate different models of cloud computing

    Examine the IBM Security Framework

    Guide to implementing a secure cloud