Understanding Shared Responsibility Is Essential for Cloud Security
These strategic and tactical considerations can help you better protect data and workloads in a cloud environment.
As many organizations shift elements of their IT infrastructures to the public cloud, they must be aware of the new risks this move carries. Often, organizations make the false assumption that, in outsourcing the ownership of hardware and data center operations, they have also outsourced security to the cloud service provider.
While this is partially true because the organization is no longer required to deal with physical and infrastructure security, stakeholders are still responsible for compliance, data security, application security and possibly platform security if they are managing their own virtual machines or containers. A CSP’s documentation of the shared responsibility model will explain in more detail where it delineates responsibility.