Cloud Security - Erevio Notes

> [!abstract] In short: Cloud security is about protecting data, applications, and infrastructure in the cloud. The core idea to anchor everything else is the **shared responsibility model**: the provider secures the building, you secure your unit. ## The shared responsibility model Think of the cloud like an apartment building. The cloud provider secures the building itself (the infrastructure), while you secure your own unit (your data and your applications). Both sides have a job, and gaps appear when one side assumes the other has it covered. ## Common threats > [!danger] Data breach - Unauthorized individuals gain access to sensitive information. > [!danger] Insecure APIs - Flaws in the system that let unauthorized people get in. Hackers actively look for these and exploit them. > [!danger] Misconfigured cloud storage - Improper settings unintentionally expose data to the public. Often nobody attacked anything, the door was just left open. > [!danger] Account hijacking - Attackers gain control over an account and access data without permission. This usually happens through phishing or reused passwords, which is why **MFA (multi-factor authentication)** is one of the first defenses against it. ## Key areas of cloud security These are the main areas you focus on to protect against the threats above. |Area|What it does| |---|---| |**Data protection**|Encrypting data both at rest (stored) and in transit (being moved), so it stays secure at all times.| |**Identity and Access Management (IAM)**|Ensures only authorized individuals can access the data.| |**Network security**|Firewalls and VPNs that protect data as it moves through the network.| |**Compliance and governance**|Laws and regulations on how data is handled and secured, making sure practices meet industry standards and legal requirements.| ## Who is responsible for what Security in a shared environment is divided across three groups. 1. **Cloud service providers** handle the security of the cloud infrastructure, providing a safe environment for everyone. They are like facility management for the building. 2. **You / the administrator** handle strong passwords, manage user access through IAM, and safeguard your own data within the cloud. It is like locking your own door even though the building already has security. 3. **Security teams** develop strategies, conduct risk assessments, and make sure both the technical and the human sides of security are addressed effectively. > [!tip] Most cloud incidents come down to someone assuming a responsibility belonged to the other side. Know which half is yours.