Professional Documents
Culture Documents
Understanding the Shared Responsibility Model for Cloud Security _ Tufin
Understanding the Shared Responsibility Model for Cloud Security _ Tufin
Home » Blog » Cloud » Understanding the Shared Responsibility Model for Cloud Security
Cloud computing has become a vital component of our digital lives, powering everything from
our personal emails to the applications we use at work. This paradigm shift from on-premises data
centers to the cloud has made understanding the shared responsibility model crucial. This model
delineates the security responsibilities of cloud service providers (CSPs), such as Microsoft
Azure, and their customers in maintaining cloud security and safeguarding against vulnerabilities.
Let’s consider an example. In the AWS shared responsibility model, Amazon Web Services
provides a secure cloud infrastructure and services, while the customer is responsible for securing
their data, applications, and operating system within that environment. This includes patching,
lifecycle management, and alerting for security risks within their cloud-native applications.
• Platform as a Service (PaaS): In PaaS models such as Azure, the CSP manages the underlying
infrastructure and runtime environment, including serverless components and the security of
the cloud. The customer is responsible for securing the applications they develop and deploy,
as well as their data.
• Infrastructure as a Service (IaaS): In IaaS models like AWS or Google Cloud, the customer
has more responsibilities, including securing their data, applications, operating system, and
certain aspects of the network controls.
• Clarifies Responsibilities: It demarcates what aspects of security are handled by the CSP and
what falls under the customer’s purview, such as IAM and authentication. This clarity helps
avoid gaps in security coverage.
• Facilitates Compliance: Many industries require compliance with specific data protection and
cybersecurity regulations. Understanding who is responsible for what helps organizations
maintain compliance and acquire necessary certifications.
• Promotes Security: By sharing the responsibility, both the CSP and the customer play active
roles in ensuring a secure cloud environment, reducing the risks of data breaches.
Conclusion
The shared responsibility model is a fundamental aspect of cloud security. While CSPs secure the
cloud infrastructure, customers must ensure the security of their workloads, applications, and
data. Tools like Tufin can help manage these responsibilities effectively, ensuring a robust
security posture in the cloud.
FAQs
1. How does the AWS shared responsibility model work?
In the AWS shared responsibility model, AWS is responsible for the security “of” the cloud,
which includes the hardware, software, networking, and facilities. The customer, on the other
hand, is in charge of security “in” the cloud, which encompasses customer data, applications,
and other elements. Read more about how Tufin automates change management for
AWS third party firewalls and Security Groups.
An example of a shared responsibility model is the SaaS model, where the cloud service
provider manages most of the security aspects, and the customer is mostly responsible for
managing their data and access controls. Here’s an example of a large company managing
their firewall policy and responsibilities.
Customers are primarily responsible for securing their data, managing user access, securing the
applications they develop and deploy in the cloud, and sometimes, managing certain aspects of
network controls. Learn more about managing cloud security policies with shared
responsibilities.
Wrapping Up
Regardless of whether you’re using AWS, Azure, or any other public cloud service, a robust
understanding of this model ensures that no aspect of your cloud security is neglected. Click
here for a demo to learn more about how Tufin can manage network security in your multi-
cloud environment.
First Name
SUBSCRIBE NOW
Related Posts
Session Recordings Now Available from Tufinnovate 2024 North America and Europe
& Middle East
Top Posts
English
SUBSCRIBE
connect with us
Products
Solutions
Services
Resources
Partners
Company
© Tufin 2024 All rights reserved.
ABC Handbook
Privacy Center
Export policy