The cloud is convenient — and convenience is exactly what makes it a target. This chapter explains the security ideas every cloud user and manager must know: who is responsible for what, how access is controlled, how data is protected, what the common mistakes look like, and why some industries must also meet written rules about where data lives.
6 topics
When a company moves to the cloud, it does not hand all security to the provider. Security is always a shared job — the provider covers the physical buildings, hardware, and the core network infrastructure; you cover everything built on top: your accounts, your access rules, your configuration, and your data. Understanding exactly where one side's job ends and the other's begins is the foundation for every other decision in this chapter.
Six topics cover the essential ideas: the shared-responsibility split, identity and access management, encryption and secret storage, the classic mistakes behind most real breaches, compliance and data-residency rules, and a side-by-side comparison of how all three major clouds name and structure these services.
Security is a shared job — provider's side and your side
Your accounts, access rules, configuration, and data
passwords, who can do what, how services are set up, what you store
Provider: physical buildings, hardware, and core network
data center locks, machine maintenance, the virtualization layer beneath it all