Cloud Security
Cloud security is the whole bundle of technology, protocols, and best practices that protect cloud computing environments, applications running in the cloud, and data held in the cloud. Securing cloud services begins with understanding what exactly is being secured, as well as, the system aspects that must be managed.
As an overview, backend development against security vulnerabilities is largely within the hands of cloud service providers. Aside from choosing a security-conscious provider, clients must focus mostly on proper service configuration and safe use habits. Additionally, clients should be sure that any end-user hardware and networks are properly secured.
The full scope of cloud security is designed to protect the following, regardless of your responsibilities:
Physical Networks
Routers, Electrical Power, Cabling, Climate Controls, etc.
Data Storage
Hard Drives, etc.
Data Servers
Core network computing hardware and software
Computer Virtualization Frameworks
Virtual machine software, Host machines, and guest machines
Operating Systems (Os)
Software that Houses
Middleware
Application programming interface (API) management,
Runtime Environments
Execution and upkeep of a running program
Data
All the information stored, modified, and accessed
Applications
Traditional software services (email, tax software, productivity suites, etc.)
End-User Hardware
Computers, mobile devices, Internet of Things (IoT) devices, etc.
With cloud computing, ownership over these components can vary widely. This can make the scope of client security responsibilities unclear. Since securing the cloud can look different based on who has authority over each component, it’s important to understand how these are commonly grouped.