Security News > 2021 > January > HITRUST, AWS and Microsoft Azure publish Shared Responsibility Matrices for cloud security

Developed with Amazon Web Services and Microsoft Azure, each new HITRUST Shared Responsibility Matrix aligns with the cloud service provider's unique solution offering.

Leading cloud service providers have long supported shared responsibility models, whereby the provider assumes some security responsibility for hosting applications and systems, while the organization deploying its solutions in the cloud assumes partial or shared responsibility for others.

In 2019, HITRUST engaged AWS and Microsoft Azure to begin developing joint Shared Responsibility Matrices.

"HITRUST launched this Program with the goal of providing greater clarity regarding the ownership and operation of security controls between organizations and their cloud service providers," said Becky Swain, Director of Standards and Shared Responsibility Program Lead, HITRUST. "The introduction of the Shared Responsibility Matrix is another HITRUST resource that underscores our ongoing commitment to simplifying and enhancing offerings to address our customers' most pressing risk management challenges."

With more than 2,000 controls available in the HITRUST CSF, the HITRUST Shared Responsibility Matrix documents which HITRUST CSF controls are full, partial, or shared responsibility between cloud service providers and their customers.

The HITRUST Shared Responsibility Matrix for AWS and the HITRUST Shared Responsibility Matrix for Microsoft Azure are now available online.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/Kre-PPolIHs/