Topic :- Security in the cloud and the shared

security model
Submitted:- Shubh Agarwal(QID-22030295)
By Manish Raj Pandey(QID-22030266)

Submitted To:-
Mrs.Madhulika Mittal
Security in the Cloud &
the Shared Security
Model
Welcome to this exploration of cloud security. Today, we'll dive into the
fundamental concepts of cloud security and explore the shared security
model that governs responsibility between cloud providers and customers.
Introduction to Cloud Computing
Shared Resources
Cloud computing offers on-demand access to computing
resources like servers, storage, and software over the internet,
enabling scalability and flexibility. This model leverages
shared resources, reducing costs and increasing efficiency for
users.
Pay-as-you-go
Cloud services follow a pay-as-you-go model, where users
pay only for the resources they consume, eliminating upfront
capital expenditure and ensuring cost-effective solutions.
This makes cloud computing accessible to businesses of all
sizes.
Defining the Shared
Security Model
Shared Responsibility
The shared security model
underscores the collaborative
nature of cloud security, where
both cloud providers and
customers share responsibility
for securing the cloud
environment.
Distinct Roles
Cloud providers are responsible
for securing the underlying
infrastructure, while customers
are responsible for securing
data, applications, and user
identities within their cloud
environment.
Cloud Provider
Responsibilities
Physical Security
Secure data centers with 24/7
monitoring, access control, and
disaster recovery.
Network Security
Secure network connectivity using
firewalls, IDS/IPS, VPNs, and
penetration testing.
Logical Security
Implement MFA, RBAC, data
encryption, and regular security audits.
Monitoring and
Maintenance
Continuous monitoring, vulnerability
scanning, automated patching, and
incident response plans.
Customer Responsibilities
Data Security
• Encrypt data at rest and in
transit.
• Use RBAC for access control.
• Manage the data lifecycle.
Identity and Access
Management (IAM)
• Use strong authentication
(MFA).
• Implement least privilege
access.
• Regularly review user access.
Application Security
• Use secure coding practices.
• Conduct regular vulnerability
assessments.
• Deploy WAFs.
Threat Management
• Implement a SIEM system.
• Establish incident response
plans.
• Conduct security awareness
training.
Identity and Access
Management in the Cloud
1 Multi-factor authentication (MFA) provides an additional layer
of security by requiring users to provide multiple forms of
authentication, such as a password and a one-time code.

2 Least privilege access restricts user permissions to only the

resources they need to perform their job duties, minimizing
the impact of potential security breaches.

3 Regularly review and update user access privileges to ensure

they remain aligned with current roles and responsibilities.
Remove access for inactive users or those who have changed
roles.
Encryption and Key Management
Data at Rest
1 Encrypting data stored on servers, databases, and other storage devices to protect it from unauthorized
access.

Data in Transit
2 Encrypting data transmitted over the network using protocols like HTTPS or TLS
to secure communication.

Key Management
Securely managing encryption keys, including their
3
generation, storage, and rotation, to protect data from
unauthorized decryption.
Threat Monitoring and
Incident Response
Threat Monitoring
Continuous monitoring of security events, logs, and system
activities to detect potential threats and security breaches.

Incident Response
Having a plan to respond to security incidents, including steps for
containment, remediation, and recovery.

Security Automation
Automating security tasks like vulnerability scanning, patch
management, and incident response to improve efficiency and
reduce the risk of human error.
Compliance and Regulatory Considerations

1 2 3
Regulations Audits Reporting
Adhere to relevant regulations (HIPAA, Regular security audits (internal and Maintain detailed records of security
GDPR, PCI DSS). Non-compliance leads external) identify vulnerabilities and controls and compliance activities for
to penalties and reputational harm. improve your security posture. auditable trails.
Best Practices for Securing the Cloud

Strengthen cloud security by adopting a shared responsibility model, implementing strong IAM practices, and employing
comprehensive data encryption. Proactive threat monitoring, regular security assessments, and swift incident response are vital.
Maintain detailed compliance records to meet regulatory standards.
Conclusion
As we've discussed, securing the cloud requires a shared responsibility
between the cloud provider and the customer. By implementing strong
identity and access management, comprehensive data encryption,
proactive threat monitoring, and robust incident response, organizations
can effectively mitigate security risks in the cloud.
THANK YOU