Services Portfolio Team Academy Blog Contact

Cloud Security: The Shared Responsibility Model

1,988 1 min

The core cloud security concept: the Shared Responsibility Model. The provider (AWS, Azure, GCP) is responsible for physical infrastructure, hypervisor, and network security. The customer is responsible for: data, identity, application security, and configuration. "In the cloud" ≠ "automatically secure."

Common cloud security mistakes: open S3 buckets (data exposed to the internet), overly broad IAM permissions, storing cryptographic keys in code, and missing logging and monitoring. Defences: IAM with least privilege, KMS (key management), CloudTrail/GuardDuty (monitoring), VPC and security group configuration. CIS Benchmarks and the AWS Well-Architected Framework are the reference standards.

Share