Understanding the cloud shared responsibility model

2021-06-16 05:00

In a cloud-first environment, organizations now operate under a shared responsibility model with cloud providers, which lays out what responsibilities belong to the cloud provider and what responsibilities belong to the user.

In many instances, a shared responsibility model dictates that cloud providers are responsible for the security "Of" the cloud, and organizations are responsible for security "In" the cloud.

As companies rely more heavily than ever on the cloud, organizations must create an environment that addresses their responsibilities under a shared responsibility model.

Research the cloud provider's security qualifications: Like any service, cloud service providers should have quantifiable evidence that demonstrates a commitment to cloud security.

Organizations should always be asking, "Can the cloud service provider see my data?" Or "Can someone impersonating my cloud service provider's administrator see my data?" Bring Your Own Key is an increasingly standard technology solution that helps organizations maintain control of their data on infrastructure that they do not own.

Understanding the shared responsibility model outlined by a cloud provider and taking the necessary steps to protect data throughout its lifecycle, in transit, at rest, and in use, should be top priorities before any cloud migration.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/6qsio-_GGSk/

#cloud