Security groups let you control network access to instances by applying network rules to instances associated with a group/project. These are just like firewall rules. The CCR cloud (Lake Effect) is NOT protected by the UB firewall; therefore, it's important that you setup secure access to your instances. Only open ports for the services you require and only open those ports to the IP addresses that you want to provide access to. At minimum, a linux instance would require port 22 (ssh) to connect to via the command line. It is absolutely crucial that you do NOT open all ports to the world!
If you need assistance figuring out what ports to open and how to configure the appropriate IP rules, contact CCR help. We're here to help!
NOTE: CCR and UBIT reserve the right to scan all cloud instances for security vulnerabilities. If a major compromise were to be detected, CCR would shut down the instance(s) and contact the account owner.