Security News > 2021 > January > HITRUST, AWS and Microsoft Azure publish Shared Responsibility Matrices for cloud security
Developed with Amazon Web Services and Microsoft Azure, each new HITRUST Shared Responsibility Matrix aligns with the cloud service provider's unique solution offering.
Leading cloud service providers have long supported shared responsibility models, whereby the provider assumes some security responsibility for hosting applications and systems, while the organization deploying its solutions in the cloud assumes partial or shared responsibility for others.
In 2019, HITRUST engaged AWS and Microsoft Azure to begin developing joint Shared Responsibility Matrices.
"HITRUST launched this Program with the goal of providing greater clarity regarding the ownership and operation of security controls between organizations and their cloud service providers," said Becky Swain, Director of Standards and Shared Responsibility Program Lead, HITRUST. "The introduction of the Shared Responsibility Matrix is another HITRUST resource that underscores our ongoing commitment to simplifying and enhancing offerings to address our customers' most pressing risk management challenges."
With more than 2,000 controls available in the HITRUST CSF, the HITRUST Shared Responsibility Matrix documents which HITRUST CSF controls are full, partial, or shared responsibility between cloud service providers and their customers.
The HITRUST Shared Responsibility Matrix for AWS and the HITRUST Shared Responsibility Matrix for Microsoft Azure are now available online.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/Kre-PPolIHs/
Related news
- Microsoft lost some customers’ cloud security logs (source)
- Cloud Security Policy (source)
- Whitepaper: Reach higher in your career with cloud security (source)
- Transforming cloud security with real-time visibility (source)
- Top 5 Cloud Security Automations for SecOps Teams (source)
- How AI Is Changing the Cloud Security and Risk Equation (source)
- Microsoft Is Disabling Default ActiveX Controls in Office 2024 to Improve Security (source)
- Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes (source)
- Cloud Access Security Broker Policy (source)
- Ransomware gangs now abuse Microsoft Azure tool for data theft (source)