Skip to content
cyber-security.eu
DEEN

Cloud security

Cloud security combines safe configuration, strong identities, good logging and clear responsibility. This page outlines the core building blocks.

Who this page is for

IT and security leaders, cloud engineers, architects and anyone making an honest assessment of cloud risk.

What is cloud security?

Cloud security covers all measures that protect identities, configuration, workloads, data and logging in cloud platforms. It extends classic security to the specifics of shared platforms.

Shared responsibility

Providers secure infrastructure and platform. Customers own configuration, identities, data and applications. The exact line depends on the service model and should be made explicit.

Key building blocks

Identity and access: strong identities, MFA, least privilege, clear role models.

Configuration: defaults, baselines and posture management.

Logging: traceable activity at platform, workload and identity level.

Data: classification, encryption, access.

Workloads: hardening, patching, container and serverless security.

Common mistakes

Open storage buckets, overly broad roles, missing MFA on admin accounts, missing or unused logging, stale keys without rotation, unchecked app permissions.

Link to zero trust and Microsoft 365

Cloud security benefits strongly from zero trust principles: continuous verification of identity, device and context. For many organisations Microsoft 365 security is the concrete entry point.

Checklist

  • Shared responsibility documented per service
  • Strong admin identities with phishing-resistant MFA
  • Least privilege on roles and service accounts
  • Logging and auditing active and reviewed
  • Posture management or regular config review
  • Classification and protection of sensitive data

Frequently asked questions

+Are default cloud settings enough?

Rarely. Defaults are a start; responsibility and tuning to your risk remain with you.

+Do I need my own logging in the cloud?

Yes. Platform and identity logs are the foundation for detection and incident response.

Related topics

Microsoft 365 security

Microsoft 365 is the central workspace and identity ecosystem for many organisations. This page outlines the key security building blocks without admin step-by-step instructions.

Identity security

Identities are a primary target today. Clean handling of accounts, roles and permissions reduces the risk of many incidents significantly.

Zero trust

Zero trust is an architectural principle, not a product. It means: trust nothing automatically, verify every access based on identity, device and context.

Multi-factor authentication

MFA significantly reduces the risk of compromised accounts. This page explains which methods actually work, where the weak points are and how to prioritise rollout in practice.

Cybersecurity for business

Effective enterprise security combines governance with concrete technical and organisational controls. This page shows what decision makers and IT leaders should focus on first - calm, practical and clearly prioritised.

SIEM

A SIEM aggregates log and telemetry data, correlates it and provides the foundation for detection and incident response. This page covers function, important data sources and common mistakes.