In the shared responsibility model, the customers are responsible for security configurations, enforcing security measures, internal data governance, and compliance. The exact responsibilities will differ depending on the specific cloud services, such as storage, running applications, databases, etc.

However, the cloud provider has little to no control over how its services are used by the customer. It cannot control the implementation, usage, or security of the cloud workload of its customers. This is where it relies on the customer to share the burden of security.

Misconfiguration of cloud components is arguably the most significant cloud risk that businesses face. Mistakes in configurations can have several causes, including lack of knowledge, lack of training, and complexity of the cloud environment. Whatever the reason, misconfigurations leave security gaps, which can be leveraged by attackers to gain access and steal, encrypt, or destroy your cloud resources.

Insecure APIs expose sensitive data and critical services to attackers, who can exploit them to extract or manipulate data. Insecure APIs are those that are publicly available, are unencrypted, lack authentication, and are not monitored. Attackers can use such APIs to gain access even if they don’t have the exact username and password for your cloud account.

More info: Windows 10 Office 365 Migration Services