What is cloud security?

Cloud security refers to the set of practices, technologies, policies, and measures designed to safeguard data, applications, and infrastructure in cloud environments. Security in clouds is crucial because it addresses the unique security challenges and risks associated with cloud computing, which includes services such as IaaS, PaaS, and SaaS.

Important note

Gartner reports (https://www.gartner.com/en/newsroom/press-releases/2021-11-10-gartner-says-cloud-will-be-the-centerpiece-of-new-digital-experiences) that 99% of cloud breaches are traced back to preventable misconfigurations or mistakes by cloud customers.

It is evident that cloud computing services bring some overriding concerns too, and most of them can be prevented if they are configured correctly. This includes network and system misconfigurations, IAM misconfigurations, and accidental exposure of resources. We will read more about major configuration risks in Chapter 11, but some of them are explained in the following subsection.

Security concerns with the public cloud

There are several overriding concerns associated with cloud computing that organizations should be aware of:

• Unauthorized access: Public cloud services can be vulnerable to unauthorized access, which can lead to data breaches and the exposure of sensitive information.
• Insider threats: Cloud providers have access to users’ data, which means that insider threats can pose a risk to security.
• Data loss: Public cloud services can suffer from data loss, which can occur due to hardware failures or other technical issues:

Figure 1.2 – Cloud security concerns

• Compliance issues: Public cloud services may not always meet regulatory and compliance requirements for data storage and security.
• Multi-tenancy risks: Public cloud services are often multi-tenant, which means that multiple users share the same physical infrastructure. This can increase the risk of data leakage or unauthorized access if they’re not managed properly.
• Vulnerabilities in third-party tools: Public cloud services often rely on third-party tools and vendors, which can create vulnerabilities if these vendors are not properly vetted or have weak security measures in place.
• Lack of control: Public cloud services are managed by the cloud provider, which means that users have limited control over the security measures that are implemented.
• DDoS attacks: Public cloud services can be vulnerable to distributed denial of service (DDoS) attacks, which can disrupt service availability.
• Data breaches through APIs: Public cloud services often use APIs to enable integration with other systems, which can create vulnerabilities if these APIs are not secured properly.
• Data exposure through misconfigured services: Public cloud services can be vulnerable to data exposure if services are misconfigured, or access controls have not been set up properly.

It is important to understand these risks and take appropriate measures to mitigate them, such as implementing strong authentication and access controls, regularly monitoring and auditing activity, and using encryption to protect sensitive data. It is also important to work with reputable cloud providers who have a strong track record for security and compliance, be aware of the overriding concerns, and take steps to mitigate these risks through careful planning, risk assessment, and ongoing monitoring and management.

Now that you understand cloud computing and the security concerns around it, let us learn about the shared responsibility model.