Cloud security (also known as cloud computing security) includes many of the same security controls, technologies, practices and procedures that are used to protect physical data centers, network and compute environments—only they are deployed as a service to protect your cloud data.
Cloud security is unique in that the duty of care is shared. Some of the responsibility of securing cloud assets falls to the cloud provider, some to the customer. Most cloud service providers, including Amazon Web Services (AWS), Google Cloud and Microsoft Azure, have some form of a Shared Responsibility Model that outlines who is responsible for their sensitive data and where it lives. According to Amazon, the provider is responsible for “security of the cloud” — the infrastructure that runs the cloud services — while the customer is responsible for “security in the cloud,” or the deployments, virtual servers and applications that are being run.
Cloud operations take some level of visibility and control away from the customer, and as such many believe that cloud security is more difficult to achieve than traditional data security. That is partially true, but cloud security may in some ways be easier to manage than on-premise security. The cloud provider bears some of the load for securing operations, and moreover the cloud security systems offer users the ability to manage cloud assets from a central location or dashboard. In addition, the cloud also reduces some of the strain of physical security and network-level security for the customer. In short, cloud security doesn’t have to be overwhelmingly difficult if implemented correctly.
In this piece, we drill down into an analysis of the most common security risks and threats as they relate to cloud deployments, discuss how to create a secure cloud environment and implement practical security solutions for your biggest security concerns.