Shared Responsibility Model
Cloud security is based on a partnership between you and your cloud service provider. The shared responsibility model defines how security tasks are divided. Your provider secures the underlying infrastructure, such as hardware, networking, and physical data centers. You are responsible for managing and protecting what you put in the cloud, like your data, applications, and user access.
How Duties Are Divided: IaaS, PaaS, and SaaS
The shared responsibility model means some security duties belong to the cloud provider, while others are your responsibility. The split depends on the type of cloud service you use: IaaS, PaaS, or SaaS. Here's how these roles break down, with real-life examples for each:
Infrastructure as a Service (IaaS)
- Cloud provider: Secures physical infrastructure, networking, storage, and the virtualization layer;
- You: Manage and secure the operating system, applications, data, and user access.
Example: If you rent a virtual server (like Amazon EC2), the provider locks the data center and maintains hardware. You must install security patches on your server, configure firewalls, and control who can log in.
Platform as a Service (PaaS)
- Cloud provider: Handles the underlying infrastructure, operating system, and platform tools;
- You: Secure your applications, code, and data.
Example: If you use a managed database service (like Azure SQL Database), the provider updates and secures the database software. You are responsible for managing database users, setting strong passwords, and protecting your data.
Software as a Service (SaaS)
- Cloud provider: Manages everything from infrastructure to application, including security updates and backups;
- You: Control user access, manage data, and configure security settings within the application.
Example: If you use a cloud email service (like Microsoft 365), the provider keeps the servers and software safe. You decide who can access your email account and set up security features like multi-factor authentication.
The more control you have, the more security duties you must handle. As you move from IaaS to SaaS, your responsibilities decrease, while the provider's increase.
Thanks for your feedback!
Ask AI
Ask AI
Ask anything or try one of the suggested questions to begin our chat
Awesome!
Completion rate improved to 8.33Shared Responsibility Model
Swipe to show menu
Cloud security is based on a partnership between you and your cloud service provider. The shared responsibility model defines how security tasks are divided. Your provider secures the underlying infrastructure, such as hardware, networking, and physical data centers. You are responsible for managing and protecting what you put in the cloud, like your data, applications, and user access.
How Duties Are Divided: IaaS, PaaS, and SaaS
The shared responsibility model means some security duties belong to the cloud provider, while others are your responsibility. The split depends on the type of cloud service you use: IaaS, PaaS, or SaaS. Here's how these roles break down, with real-life examples for each:
Infrastructure as a Service (IaaS)
- Cloud provider: Secures physical infrastructure, networking, storage, and the virtualization layer;
- You: Manage and secure the operating system, applications, data, and user access.
Example: If you rent a virtual server (like Amazon EC2), the provider locks the data center and maintains hardware. You must install security patches on your server, configure firewalls, and control who can log in.
Platform as a Service (PaaS)
- Cloud provider: Handles the underlying infrastructure, operating system, and platform tools;
- You: Secure your applications, code, and data.
Example: If you use a managed database service (like Azure SQL Database), the provider updates and secures the database software. You are responsible for managing database users, setting strong passwords, and protecting your data.
Software as a Service (SaaS)
- Cloud provider: Manages everything from infrastructure to application, including security updates and backups;
- You: Control user access, manage data, and configure security settings within the application.
Example: If you use a cloud email service (like Microsoft 365), the provider keeps the servers and software safe. You decide who can access your email account and set up security features like multi-factor authentication.
The more control you have, the more security duties you must handle. As you move from IaaS to SaaS, your responsibilities decrease, while the provider's increase.
Thanks for your feedback!
