Every year, there is a rise in the number of businesses moving the cloud. At the same time, the number of cyberattacks is also on the rise. A 2021 survey shows that in 12 months, the average cost of compromised cloud accounts reached $6.2 million. As the number of devices and access to the new technology grows, most organizations find it challenging to monitor them, leaving them prone to cyberattacks.
Although cloud vendors invest heavily to secure their products, ensuring security and compliance is a shared responsibility between the cloud service provider and the customer. The Shared Responsibility Model is one such security framework that dictates the shared accountability between cloud service providers and their users.
Check out this infographic on Shared Responsibility Model to learn more about how you can keep your applications and workloads secure when migrating to the cloud.
What is the Shared Responsibility Model?
- The Shared Responsibility Model defines the responsibilities of both the cloud service provider, or CSP, and the client company in securing data, applications, and infrastructure hosted on the cloud.
- A report by Gartner predicts that 99% of cloud security failures will be on the client-side through 2025. At the same time, according to Jay Heiser of Gartner says, “ Exaggerated fears can result in lost opportunity and inappropriate spending.”
- The rate can be tackled with policies on cloud ownership, responsibility, and risk acceptance. Security practitioners for the company must understand what they are responsible for in the SRM.
The Two Aspects of Cloud Security
- “Security of the Cloud”: the responsibility of the service provider to protect the infrastructure offered as part of the service, including physical facilities, utilities, cables, hardware, etc.
- “Security in the Cloud”: the security at the client end that includes network controls, access management, application configurations, and data.
Shared Responsibility Across the Three Service Models of Cloud
- Infrastructure as a service (IaaS): CSP is responsible for the physical data center, networking, and servers/hosting.
- Platform as a service (Paas): CSP is further responsible for maintaining operating systems.
- Software as a service (SaaS): The CSP controls everything and shares control of the application’s configuration settings with the client.
Key Considerations
- Inventorying service usage: Keep track of who is accessing what information or applications
- Compliance with regulatory frameworks: You must ensure that the services you are using comply with the applicable regulatory frameworks
- Understanding contractual/legal aspects: You must thoroughly understand contractual agreements such as CSP service level agreements.
Takeaways
- Cloud security is a shared responsibility.
- The various responsibilities are distributed according to the service models.
- The shared responsibility model implies pro-active documentation and practices to avoid incidents of cyber-attacks
- You can employ third-party security tools on top of the CSP’s native security tools to enhance the protection.
Conclusion
While migrating to the cloud brings significant cost savings, businesses must also ensure that their sensitive data on the cloud is secure. Despite the fact that cloud vendors take every step to keep their infrastructure secure, ensuring that the cloud environment remains secure is a shared responsibility with customers.
SOURCES
https://docs.microsoft.com/en-us/azure/security/fundamentals/shared-responsibility
https://www.paloaltonetworks.com/cyberpedia/cloud-security-is-a-shared-responsibility
https://aws.amazon.com/compliance/shared-responsibility-model/
https://www.cisecurity.org/insights/blog/shared-responsibility-cloud-security-what-you-need-to-know
Recent Posts
Let's Talk
Our GoDgtl team is ready to help you!
We appreciate your interest in GoDgtl. Please select which team of experts you wish to engage: