What is the Shared Responsibility Model?
With the growing cloud adoption, there is a good chance that by now you’ve run across the “Shared Responsibility Model”.
The SRM “Shared Responsibility Model” gives you a clear guideline for Infrastructure as a Service (IaaS) responsibilities. So today we will focus on public cloud vendors like AWS and Azure.
The SRM for SaaS and Paas looks different and is usually visualized as the Pizza as a Service model, have a look here.
The SRM is really no rocket science, but you will have to be careful when working in the public cloud to be aware of what your part is.
You are responsible for the security in the cloud, your provider for the security of the cloud.
You can easily visualize like this:
Cloud providers responsibilities
Your cloud provider is responsible for the infrastructure they supply you with. So when you use virtual servers like EC2 or networking, you can be sure that they provide a stable and secure environment. If you need to know specifically what is your responsibility at a specific vendor have a look at their SLAs.
So what are your responsibilities?
Your main responsibility in the cloud is to keep your data safe. You don’t have to take care of all the infrastructure you have been working on in the old on-premise days so double down on securing your data.
Here is how the full picture looks like from AWS:
Where to go from here?
Human error is the no. 1 risk in the public cloud and I would recommend you to read here on how to build a strategy to secure your data.