What You Need to Know About the Cloud Shared Responsibility Model

The cloud has so many strategic advantages for business. The key advantages, especially during the COVID-19 pandemic, is that employees can work remotely from anywhere, as data in the cloud can be accessed from any Internet connected device. The reasons that make cloud so appealing have also introduced a host of new cyber security threats and challenges. Many businesses that rushed to cloud to deal with the pandemic may not be aware of what their security responsibilities may be under the shared responsibility model.

The cloud shared responsibility model defines what you, the cloud customer, is responsible for, and what your cloud service provider (CSP) is responsible for. Generally, the CSP is responsible for security “of” the cloud (physical facilities, utilities, cables, hardware, etc.). The customer (you) is responsible for security “in” the cloud, meaning your network controls, identity and access management, your application configurations, and your data.

So, what does this mean for you? Despite what you might think, the main responsibility for protecting corporate data in the cloud lies not with the service provider but with the cloud customer. If you are simply relying on your cloud provider to secure your data, then that data is not as secured as you thought. This is where having a partner who is an expert in Cloud Security is important for your business. 

Before you rethink your efforts to move to the cloud, it is good to remember the strategical advantages of why you want to use cloud in the first place. Jay Heiser, Vice President Analyst, Gartner, says that “CIOs need to ensure that their security teams are not holding back cloud initiatives with unsubstantiated cloud security worries. Exaggerated fears can result in lost opportunity and inappropriate spending.” Rather, he recommends that CIO’s change their thinking from “Is the cloud secure?” to “Am I using the cloud securely?”

Every action in a cloud environment increases the potential for threats, and cloud customers must have a solution that not only identifies changes but understands the security context of them. To help you answer the question of “am I using the cloud securely” you need a comprehensive, continuous end-to-end security and configuration support for workloads and accounts running in the cloud. Uzado’s cloud security solutions can do this for your business.  If you want to learn more about protecting your cloud environment, contact Uzado today.