Cloud security is the cybersecurity section dedicated to securing cloud computing systems. This includes protecting privacy and data across all network infrastructures, online applications and platforms. Both cloud service providers and users, whether individuals, small and medium-sized enterprises or corporations, should be involved.

Cloud services are hosted on servers with a permanent Internet connection. Vendors rely on the trust of users, so it is in their best interest to protect the privacy of the personal data stored in the cloud. However, cloud security is partly in the hands of the users themselves. For reliable protection, it is important that both parties understand their responsibilities.

Cloud security is the next collection of categories.

Data security
Identity and Access Management (IAM)
Administrative control (policy of prevention, detection and remediation of threats)
Data storage and business continuity planning
Compliance with Regulatory Requirements
At first glance, it might seem that the same methods are suitable for securing in the cloud as in traditional IT environments, but this is not the case. Before diving into the topic, let's understand what cloud security is.

What is cloud security?
Cloud security is a collection of technologies, protocols, and best practices for securing cloud environments, applications, and data. First, you need to understand what exactly needs to be protected and what aspects of the systems need to be managed.

In general, the fight against vulnerabilities occurs predominantly on the server side: it is the responsibility of the cloud service provider. But clients also have responsibilities, besides choosing a reliable supplier. Customers must use security settings correctly, be able to use services securely, and take care of protecting all end-user devices and networks.

Regardless of the level of responsibility, all cloud security measures are aimed at protecting the following components.

Physical networks - routers, power grids, cables, air conditioning systems, etc.
Storage media - hard drives, etc.
Data servers - backbone hardware and software
Virtualization Networks - Virtual Machine Software, Host Computers, Guest Virtual Machines
Operating systems (OS) - the software on which all other programs are installed
Bonding programs - software for managing application programming interfaces (API)
Runtime environments - tools for launching and maintaining programs
Data - all information that is stored, changed and provided to users
Applications - Traditional software services (email, tax software, office applications, etc.)
End-user equipment - computers, mobile devices, the Internet of things devices , etc...
In the case of the cloud, it is not always easy to determine who is responsible for each of these components, thus blurring the respective responsibilities of customers. Since the process of securing a cloud depends on who is responsible for which components, it is important to understand how these components are categorized.

For simplicity, let's divide the components of cloud systems into two main groups.

Different types of cloud services are provided by third-party providers as modules that make up the cloud. Depending on the type of service, you may need to manage the different components that make up a particular service.
In any third-party cloud service, the provider manages the physical network, storage, servers, and virtualization systems. The service is hosted on the vendor's servers and exposed to clients for remote access through virtualization. Thus, the supplier saves on equipment and infrastructure, and users gain access to the necessary computing capabilities via the Internet.
Software-as-a-Service (SaaS) cloud services give users access to applications that are simply stored and run on the vendor's servers. The provider manages the applications, data, runtime, middleware, and operating system. Customers only need to get access to their applications. SaaS examples: Google Drive, Slack, Salesforce, Microsoft 365, Cisco WebEx, Evernote.
Platform-as-a-Service (PaaS) cloud services allow the customer to develop their applications that run in their own sandbox on the vendor's server. The provider manages the runtime, middleware, and operating system. Customers independently manage their applications, data, user access, devices and end-user networks. PaaS examples: Google App Engine, Windows Azure.
Infrastructure-as-a-Service (IaaS) cloud services are hardware and remote connectivity that enables customers to host all of their computing resources in the cloud, right down to the operating system. The provider only manages the core cloud services. Clients are responsible for the operating system and everything that installs on it, including applications, data, runtimes, and middleware. They also manage user access, devices, and end-user networks. Examples of IaaS: Microsoft Azure, Google Compute Engine (GCE), Amazon Web Services (AWS).
Cloud environments are deployment models that build a system for end users and organizations using one or more cloud services. In this way, management responsibilities (including security) are shared between customers and suppliers.
Currently, the following cloud environments are in use.

Public clouds are made up of cloud services for multiple tenants. In these environments, multiple customers share the same vendor's servers, much like renting an office building in a business center. These vendor-managed third-party services are accessed through a web interface.
In private third-party cloud environments, the vendor provides the customer with their own cloud for exclusive use. These are single tenant environments that are typically owned, controlled, and remotely managed by an external vendor.
Private internal clouds also consist of single tenant cloud servers, but are managed from their own data center. In this case, the company itself manages the cloud environment, controlling all settings and installation of each element.
Multi- cloud environments involve the use of two or more cloud services from different vendors, and clouds can be public, private, or mixed.
Hybrid clouds are a combination of a private third-party cloud and / or an on-premises private cloud data center with one or more public cloud services.
As we can see, cloud security can differ depending on the type of cloud environment, but it is equally important for individuals and organizations.

For more information about: end user services