External Cloud security is typically addressed by most cloud providers.While Cloud providers tempt to address security issues with various services, it is up to the customer to determine how cloud security tools can be utilized to protect their data. Cloud security configuration is still subject to a human error or lack of best practice, affecting a customer’s security posture in the cloud. Customers and cloud providers have different responsibilities that differentiate based on the cloud service.

• Software-as-a-service (SaaS)— Customers are responsible for securing their data and user environment as well as data integrity and data protection.
• Platform-as-a-service (PaaS)— Customers are responsible for securing their data, user access, and applications as well as data integrity and data protection.
• Infrastructure-as-a-service (IaaS)— Customers are responsible for securing their complete environment including data, applications, user access, operating systems, virtual network traffic, and communication from their premises to the cloud.

As a result, within public and private cloud, customers are responsible for securing their data and controlling who can access that data. Data security in cloud computing is essential to successfully adopting and gaining public and private cloud benefits. Whether you are considering Microsoft Office 365, Teams, or other SaaS types, you need to plan how the data will be accessed and protected within the environment. For cloud services such as Microsoft Azure or AWS, customers need to have a more comprehensive plan, including operating systems, micros segmentation, virtual network traffic, security policy management and compliance.