KoreField
Lessons/Cybersecurity and AI Security/Beginner/Cloud Security Basics

Cloud Security Shared Responsibility Model

25 min Video + Text
Understand the shared responsibility modelIdentify cloud-specific security risksExplain network segmentation with VPCs

AI Avatar Lesson

Video will be available when Cloudflare Stream is configured

25 min
Coming Soon

Security in the Cloud

Cloud computing shifts some security responsibilities to the provider, but not all. The shared responsibility model defines who secures what — the provider secures the infrastructure, and you secure your data, configurations, and applications.

Shared Responsibility Model

  • Cloud provider responsibility — physical security, hypervisor, network infrastructure
  • Customer responsibility — data encryption, IAM policies, application security, OS patching
  • Shared — network controls, logging, compliance

Network Segmentation

Virtual Private Clouds (VPCs) isolate your resources in a private network. Subnets, security groups, and network ACLs control traffic flow. Public subnets face the internet; private subnets are accessible only from within the VPC.

A common misconfiguration: placing databases in public subnets with open security groups. Always put data stores in private subnets with strict ingress rules.

Key Takeaway

Cloud security is a shared responsibility. You own your data, IAM, and application security — the provider owns the physical infrastructure.

Review Questions

1. In the shared responsibility model, who is responsible for encrypting data at rest?

2. Why should databases be placed in private subnets?

Previous LessonNext Lesson