🚀 Launch Special: $29/mo for life --d --h --m --s Claim Your Price →
Coming Soon
Expected availability announced soon

This course is in active development. Preview the scope below and create a free account to be notified the moment it goes live.

Notify me
Security Awareness Coming Soon

SA Cloud Security

The Cloud Security Awareness course teaches employees how to safely use SaaS tools, share files, and classify data, highlighting approved services, shadow IT risks, and data sovereignty to prevent exposure.

Who Should Take This

It is intended for staff members who regularly work with cloud applications but do not manage the underlying infrastructure. Typical learners include marketing, sales, finance, and project teams seeking to recognize insecure sharing practices, avoid shadow‑IT pitfalls, and ensure compliance with corporate data policies.

What's Included in AccelaStudy® AI

Adaptive Knowledge Graph
Practice Questions
Lesson Modules
Console Simulator Labs
Exam Tips & Strategy
20 Activity Formats

Course Outline

62 learning goals
1 Approved Cloud Services and Shadow IT
2 topics

Shadow IT recognition

  • Recognize what shadow IT is and identify common examples, including personal Dropbox, unauthorized Trello boards, unapproved AI tools, and free-tier cloud services used for work data.
  • Describe the security risks of shadow IT, including lack of encryption, absence of audit trails, no data loss prevention coverage, and uncontrolled data proliferation.
  • Explain how shadow IT creates compliance violations, particularly for organizations subject to GDPR, HIPAA, SOX, or industry-specific data handling regulations.
  • Identify the process for requesting approval of a new cloud service and explain why IT security review is required before storing corporate data in any new platform.
  • Analyze a scenario where an employee discovers a colleague using an unapproved cloud service for project files and determine the correct steps to report and remediate the shadow IT risk.

Approved service identification

  • Recognize the organization's categories of approved cloud services and where to find the current approved software list.
  • Describe the difference between IT-managed cloud services with enterprise security controls and consumer-grade free services without organizational oversight.
  • Analyze a scenario where a team wants to use a new cloud collaboration tool and evaluate whether it meets the organization's security requirements.
  • Describe the criteria IT security uses to evaluate new cloud services, including data encryption, compliance certifications, data residency, and vendor security posture.
  • Identify the risks of free-tier cloud service accounts that lack enterprise security features such as audit logging, admin controls, and data loss prevention.
2 File Sharing and Permissions
2 topics

Sharing permissions and access control

  • Recognize the different sharing levels in cloud platforms (anyone with the link, organization-wide, specific people) and identify which levels are appropriate for sensitive data.
  • Describe how 'anyone with the link' sharing effectively makes files public and explain why this setting should never be used for confidential or internal documents.
  • Explain the difference between view, comment, and edit permissions and why granting edit access should follow the principle of least privilege.
  • Identify the risks of inherited permissions in shared folders where new files automatically receive the parent folder's sharing settings, potentially over-sharing sensitive documents.
  • Analyze a file sharing configuration to determine whether permissions follow the principle of least privilege and recommend corrections for over-shared resources.
  • Describe the difference between organization-wide sharing and specific-people sharing and explain when each is appropriate based on data sensitivity.

External sharing and collaboration

  • Recognize when external file sharing with vendors, partners, or clients requires additional security measures such as expiration dates, download restrictions, and watermarking.
  • Describe the importance of regularly reviewing and revoking external sharing permissions, especially after projects end or vendor relationships terminate.
  • Explain how shared drives and SharePoint sites can accumulate excessive external access over time and why periodic access reviews prevent data exposure.
  • Analyze a file sharing configuration to identify over-permissioned access, unnecessary external sharing, and recommend corrections to align with data classification requirements.
  • Describe best practices for setting expiration dates on shared links and how time-limited sharing reduces long-term data exposure risk.
3 Cloud Storage and Data Classification
2 topics

Data classification in the cloud

  • Recognize the organization's data classification levels and which cloud storage locations are approved for each level (public, internal, confidential, restricted).
  • Describe why certain data types (trade secrets, unannounced financial results, customer PII) must not be stored in general-purpose cloud storage even if the platform is approved.
  • Explain the concept of data lifecycle in cloud storage, including creation, sharing, archiving, and deletion, and how classification requirements change at each stage.
  • Identify the process for requesting reclassification of data when business circumstances change, such as a product launch making previously confidential information public.
  • Analyze a data storage scenario to determine whether the chosen cloud location is appropriate for the data's classification level and recommend corrections.

Preventing accidental exposure

  • Recognize common causes of accidental data exposure in cloud storage, including misconfigured sharing links, public folders, and synced personal devices.
  • Describe how cloud storage sync clients can inadvertently copy corporate data to personal devices and what settings prevent this.
  • Explain the risks of uploading sensitive data to cloud-based format converters, translation tools, or OCR services that may retain uploaded content.
  • Analyze a scenario where an employee discovers that a shared folder containing confidential data has been set to public and determine the correct remediation and reporting steps.
  • Describe how automatic file versioning and recovery features in cloud storage help protect against accidental deletion but do not substitute for proper access controls.
4 SaaS Application Security
2 topics

Account security for SaaS applications

  • Recognize why strong, unique passwords are essential for every SaaS application and why password reuse across services creates cascading breach risk.
  • Describe the benefits of using the organization's single sign-on (SSO) system for SaaS applications and why creating separate local accounts bypasses security controls.
  • Explain why MFA enrollment is mandatory for cloud applications and how compromised cloud credentials without MFA give attackers full access to corporate data.
  • Identify the risks of over-permissioned SaaS accounts, including admin access that is no longer needed, and explain why regular access reviews reduce the blast radius of compromised accounts.
  • Describe the risks of using personal accounts to sign up for SaaS applications used for work and why corporate-managed accounts provide better security governance.
  • Analyze a scenario where an employee's SaaS account credentials are compromised to determine the blast radius and recommend immediate containment actions.

Third-party app integrations

  • Recognize the risks of granting third-party apps access to corporate cloud accounts through OAuth consent flows, including data access that persists even after the app is no longer used.
  • Describe how to review and revoke third-party app permissions in Google Workspace, Microsoft 365, and other SaaS platforms.
  • Explain why browser extensions and add-ons that request access to corporate cloud data should be treated with the same scrutiny as third-party app integrations.
  • Analyze an OAuth consent prompt to determine whether the requested permissions are appropriate and identify red flags that suggest a malicious application.
  • Describe the risks of granting broad permissions to marketplace apps and plugins in SaaS platforms and why each integration should be reviewed for data access scope.
5 Data Sovereignty and AI Tool Risks
2 topics

Data sovereignty and residency

  • Recognize what data sovereignty and data residency mean and why the physical location of cloud-stored data matters for regulatory compliance.
  • Describe how regulations like GDPR restrict cross-border data transfers and why employees must use approved cloud regions for storing regulated data.
  • Explain the practical impact of data residency requirements on employees, including which cloud services to use for international projects and how to verify data storage location.
  • Analyze a scenario where an employee stores customer data in a cloud region that violates data residency requirements and determine the correct remediation steps.
  • Identify the types of data that are most commonly subject to data sovereignty restrictions, including customer PII, financial records, and health information.

AI and generative AI tool risks

  • Recognize the data security risks of entering corporate information into public AI tools like ChatGPT, Google Gemini, and other generative AI services.
  • Describe how data submitted to AI services may be used for model training, retained in logs, or exposed to other users through the service's responses.
  • Identify the types of corporate data that must never be entered into AI tools, including source code, customer data, financial projections, and strategic plans.
  • Explain the difference between approved enterprise AI tools with data protection agreements and consumer AI services without organizational controls.
  • Analyze a scenario where an employee wants to use an AI tool to summarize confidential meeting notes and evaluate the risks and recommend approved alternatives.
  • Describe the organization's acceptable use policy for AI tools and identify which AI services are approved for different types of work tasks.
6 Cloud Security Best Practices
2 topics

Personal responsibility in the cloud

  • Describe the shared responsibility model at the employee level: the organization secures the platform, but employees are responsible for how they use it and what data they share.
  • Recognize the importance of logging out of cloud applications on shared or public computers and not saving credentials in browser password stores on non-managed devices.
  • Explain how to verify that cloud-based backups, synced folders, and auto-upload features are configured to use approved storage locations rather than personal accounts.
  • Synthesize cloud security awareness concepts to create a personal checklist for secure cloud usage covering account security, file sharing, data classification, and tool approval.
  • Analyze a scenario where an employee's automatic cloud backup syncs corporate files to a personal account and determine the security implications and corrective actions.

Reporting cloud security concerns

  • Recognize cloud security events that should be reported, including unauthorized access notifications, suspicious sharing activity, and compromised account indicators.
  • Describe the reporting channels for cloud security incidents and explain what information to include (affected service, data involved, timeline, actions taken).
  • Analyze a scenario where an employee receives a notification that their cloud account was accessed from an unfamiliar location and determine the correct immediate response.
  • Synthesize a team-level cloud security improvement plan addressing common violations in file sharing, shadow IT usage, and AI tool adoption.

Scope

Included Topics

  • Cloud security awareness for general corporate employees, covering approved versus unapproved cloud services and shadow IT risks.
  • File sharing permissions and access controls in Google Drive, OneDrive, SharePoint, and Dropbox for Business.
  • Cloud storage data classification, preventing accidental public sharing, and link sharing security settings.
  • SaaS application security including strong passwords, MFA enrollment, over-permissioned accounts, and third-party app integrations.
  • Data sovereignty, residency awareness, and understanding where corporate data is physically stored in cloud services.
  • AI and generative AI tool risks, including data entered into ChatGPT, Copilot, and other AI services becoming training data.
  • Practical scenario-driven training focused on secure cloud usage decisions employees encounter daily.

Not Covered

  • Cloud infrastructure administration, IaaS/PaaS deployment, server configuration, or Kubernetes orchestration.
  • Cloud security engineering including WAF rules, CASB policy configuration, cloud workload protection platform deployment.
  • Cloud architecture design, multi-region failover, or disaster recovery planning at the infrastructure level.
  • Cloud cost optimization, reserved instance planning, or FinOps practices.
  • Vendor security assessment, SOC 2 audit review, or cloud service provider contract negotiation.

SA Cloud Security is coming soon

Adaptive learning that maps your knowledge and closes your gaps.

Create Free Account to Be Notified