How would you secure AWS, Azure, or GCP environments focusing on IAM, encryption, and network design?