> For the complete documentation index, see [llms.txt](https://cybersecurity-cloud-and-it-notes.gitbook.io/kyles-cybersecurity-cloud-and-it-gitbook/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://cybersecurity-cloud-and-it-notes.gitbook.io/kyles-cybersecurity-cloud-and-it-gitbook/google-cybersecurity-professional-cert/3.-connect-and-protect-networks-and-network-security/module-4/cloud-hardening/network-security-in-the-cloud.md).

# Network Security in the Cloud

#### 🌥️ Cloud Network Security: ADHD-Friendly Notes 🌥️

***

#### **1. What is a Cloud Network?** ☁️

* A **cloud network** is like a giant online warehouse where companies store their data, apps, and more. Instead of keeping everything in your office, you rent space in this remote warehouse (also known as a **data center**) and access it via the **internet**.
* Think of cloud networks as **virtual servers** that provide **on-demand** storage, processing power, and data analytics. It’s super flexible, but you still need to keep them secure!

***

#### **2. Why Cloud Networks Need Security** 🔐

* Just because a **cloud service provider** (CSP) hosts your data doesn’t mean they block all intrusions. They take care of **some** security, but **you** (the company) are still responsible for protecting your own data!
* **Threats** can come from **inside** (disgruntled employees) or **outside** (hackers), and both can target cloud networks. You still need to **harden** your cloud setup!

***

#### **3. Key Cloud Security Trick: Baseline Image** 🖼️

* A **baseline image** is like a **snapshot** of what your cloud servers should look like when they’re clean and secure. You can compare what’s currently in the cloud to the **baseline image** to catch any **unverified changes** (which could mean someone has tampered with your system).
* If anything looks different from the baseline, it might be a sign of an **intrusion**!

***

#### **4. Cloud Security is Like OS Hardening** 🛠️

* Just like you keep parts of your **operating system** (OS) separated, you also separate your cloud apps and data.
  * **Example**: Keep **old apps** away from **new ones**, and make sure sensitive software for internal use stays away from **front-end applications** that users interact with. This way, an issue in one part won’t spread to the others!

***

#### **5. Shared Responsibility in the Cloud** 🤝

* **You + Cloud Provider = Shared Responsibility**:
  * The cloud provider will handle **some security** tasks, but they won’t do **everything**.
  * **Your job**: Make sure operations in the cloud are **secured**, just like you would with a traditional on-premises network.

***

#### **6. The Big Takeaway** 🌟

* Cloud networks need **constant hardening** to stay safe from threats. Use tools like the **baseline image** and **separate your apps/data** to keep everything secure.
* **You’re still responsible** for securing your slice of the cloud, even if the cloud provider is taking care of the infrastructure!

Keep your head in the cloud (in a good way!) and make sure those servers are locked down! 😎
