# Security in Next generation Resilience Hub Cloud security at AWS is the highest priority. As an AWS customer, you benefit from data centers and network architectures that are built to meet the requirements of the most security-sensitive organizations. Security is a shared responsibility between AWS and you. The shared responsibility model describes this as security *of* the cloud and security *in* the cloud. This topic describes security features and best practices for Next generation Resilience Hub, including IAM permissions, data encryption, network security, and audit logging. **Topics** + [IAM roles and permissions reference](next-gen-iam-reference.md) + [Data encryption](next-gen-data-encryption.md) + [VPC endpoints](next-gen-vpc-endpoints.md) + [CloudTrail integration](next-gen-cloudtrail.md) + [Compliance considerations](next-gen-compliance.md)