Understanding the shared responsibility model for security in the hybrid cloud

clock • 2 min read

If the responsibilities of CSP and customers are not well understood, the risks to security are obvious

One of the greatest draws of cloud computing is the promise of greater security. Cloud service providers typically have greater expertise and budget to dedicate to securing their services than customers.

However, contrary to the expectations of many, the burden of securing cloud environments does not lie solely with your cloud providers. Responsibility for the user access, data and application layers typically remain with the customer. The shared responsibilities model outlined in terms of service not only reveal the customer's obligation to share the load, but also reflect the modern cloud security strategy we should all be following.

The proliferation of remote working and the growth of cloud have meant the gradual and inevitable erosion of the traditional security perimeter. With that, we've had to pivot to more holistic approaches to securing our organisations - better cyber hygiene, cloud-based security tools, and MFA.

Where the buck stops: Why a shared responsibility model will help you own your cloud security flaws

However, one often neglected aspect of cloud security strategy is the shared responsibility model. To be effective, cyber security must be multi-layered, with each layer covering possible gaps in the others. If the shared responsibilities are not well understood, the potential consequences are obvious.

Join us for a Computing webinar on 27 January during which we will be considering research into the shared responsibility model for cloud security today and the degree to which IT leaders are aware of what they should be doing to ensure the secure use of their multi- and hybrid-cloud environments. This includes the configuration of access permissions (at the user access, data, and application levels), cloud governance, and the use of automated administration and security. We will address all this within the complex and challenging security context organisations are operating under, including increasing IT workloads and tool sprawl hurdles.

Register today.



 

You may also like
Oracle's controversial stewardship of Java: The good and the bad

Open Source

Oracle is doing a good job in keeping Java relevant. But that's pretty much where it ends, says Azul CTO

clock 15 February 2024 • 5 min read
Broadcom shifts VMware to subscription model, ends perpetual license sales

Corporate

The chipmaker aims to double VMware's earnings within three years

clock 13 December 2023 • 3 min read
Life after Oracle: Redefining Java in the enterprise in 2024

Developer

Ignore the cool kids. 2024 will see Java redefine its value to enterprise

clock 08 December 2023 • 5 min read
Most read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Cloud and Infrastructure

Vinted's stylish security: Navigating fashion-tech fusion

Vinted's stylish security: Navigating fashion-tech fusion

Turning to open source to address containers and microservices

Tom Allen
clock 07 December 2023 • 4 min read
SAP enters vector database fray with new AI capabilities for HANA Cloud

SAP enters vector database fray with new AI capabilities for HANA Cloud

Another 'AI everywhere' announcement

John Leonard
clock 02 November 2023 • 2 min read
The CMA's investigation into the UK cloud services market comes at crucial time

The CMA's investigation into the UK cloud services market comes at crucial time

Ofcom's referral to the CMA underscores the gravity of competition concerns in the cloud services sector

Josh Boer
clock 31 October 2023 • 4 min read