You are viewing a free preview of this lesson.
Subscribe to unlock all 10 lessons in this course and every other course on LearningBro.
Cloud computing introduces unique security challenges. Understanding the shared responsibility model, cloud-specific threats, and security controls is essential for protecting cloud environments.
| Model | You Manage | Provider Manages | Example |
|---|---|---|---|
| IaaS | OS, apps, data, middleware | Hardware, virtualisation, network | AWS EC2, Azure VMs, GCP Compute |
| PaaS | Applications and data | OS, runtime, middleware, hardware | Heroku, Azure App Service, Google App Engine |
| SaaS | Data (and sometimes config) | Everything else | Microsoft 365, Salesforce, Google Workspace |
Security in the cloud is shared between the cloud provider and the customer:
┌─────────────────────────────────────────────────┐
│ Customer Responsibility │
│ ┌────────────────────────────────────────────┐ │
│ │ Data, Identity, Access, Configuration │ │
│ │ Application Security, Encryption Keys │ │
│ │ Network Security (security groups, NACLs) │ │
│ │ OS Patching (IaaS only) │ │
│ └────────────────────────────────────────────┘ │
├─────────────────────────────────────────────────┤
│ Provider Responsibility │
│ ┌────────────────────────────────────────────┐ │
│ │ Physical security, Hardware, Networking │ │
│ │ Hypervisor, Storage infrastructure │ │
│ │ Global infrastructure, Availability │ │
│ └────────────────────────────────────────────┘ │
└─────────────────────────────────────────────────┘
Subscribe to continue reading
Get full access to this lesson and all 10 lessons in this course.