Security News > 2021 > January > HITRUST, AWS and Microsoft Azure publish Shared Responsibility Matrices for cloud security

Developed with Amazon Web Services and Microsoft Azure, each new HITRUST Shared Responsibility Matrix aligns with the cloud service provider's unique solution offering.
Leading cloud service providers have long supported shared responsibility models, whereby the provider assumes some security responsibility for hosting applications and systems, while the organization deploying its solutions in the cloud assumes partial or shared responsibility for others.
In 2019, HITRUST engaged AWS and Microsoft Azure to begin developing joint Shared Responsibility Matrices.
"HITRUST launched this Program with the goal of providing greater clarity regarding the ownership and operation of security controls between organizations and their cloud service providers," said Becky Swain, Director of Standards and Shared Responsibility Program Lead, HITRUST. "The introduction of the Shared Responsibility Matrix is another HITRUST resource that underscores our ongoing commitment to simplifying and enhancing offerings to address our customers' most pressing risk management challenges."
With more than 2,000 controls available in the HITRUST CSF, the HITRUST Shared Responsibility Matrix documents which HITRUST CSF controls are full, partial, or shared responsibility between cloud service providers and their customers.
The HITRUST Shared Responsibility Matrix for AWS and the HITRUST Shared Responsibility Matrix for Microsoft Azure are now available online.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/Kre-PPolIHs/
Related news
- Google Acquires Wiz for $32 Billion in Its Biggest Deal Ever to Boost Cloud Security (source)
- Google to purchase Wiz for $32 billion in cloud security play (source)
- Cloud security explained: What’s left exposed? (source)
- Oracle Cloud security SNAFU latest: IT giant accused of pedantry as evidence scrubbed (source)
- What native cloud security tools won’t catch (source)
- Google's got a hot cloud infosec startup, a new unified platform — and its eye on Microsoft's $20B+ security biz (source)
- URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- Cloud providers aren’t delivering on security promises (source)
- AI agents swarm Microsoft Security Copilot (source)