Is a misunderstanding of shared responsibility leaving gaps in your cloud security?
Cloud services can be a cost-efficient, flexible way to manage IT and software in your home or business. Cyber security responsibilities are shared between a cloud service provider (CSP) and its customer, and the division of responsibility depends on the specific cloud service you plan to use.
Responsibilities often overlap, and if you and the CSP assume that each other is fulfilling a specific aspect of a responsibility, it can leave gaps in your security. By entering a contract with a CSP, you expect them to do their part, but you also need to understand what your part is and how to fulfil it. A shared responsibility model (SRM) helps outline the division of responsibilities between you and your CSP.
As a customer, you will always have some responsibilities – you can’t outsource risk. Aspects like the risk of your data being stolen, changed without your approval, or you losing access to it, cannot be outsourced to a CSP.
We’ve released two new publications to help you better understand the SRM. Learn more about the Cloud Shared Responsibility Model by reading our new resources tailored for: