User Rating: 0 / 5

Star InactiveStar InactiveStar InactiveStar InactiveStar Inactive
 

When companies move to the cloud, it’s paramount that they know where the provider’s security role ends and where the customer’s begins. The shared-responsibility model is one of the fundamental underpinnings of a successful public cloud deployment. It requires vigilance by the cloud provider and customer—but in different ways. Amazon Web Services (AWS), which developed the philosophy...

The post Awareness of shared-responsibility model is critical to cloud success appeared first on The Troposphere.


When companies move to the cloud, it’s paramount that they know where the provider’s security role ends and where the customer’s begins.

The shared-responsibility model is one of the fundamental underpinnings of a successful public cloud deployment. It requires vigilance by the cloud provider and customer—but in different ways. Amazon Web Services (AWS), which developed the philosophy as it ushered in public cloud, describes it succinctly as knowing the difference between security in the cloud versus the security of the cloud.

And that model, which can be radically different from how organizations are used to securing their own data centers, often creates a disconnect for newer cloud customers.

“Many organizations are not asking the right question,” said Ananda Rajagopal, vice president of products at Gigamon, a network-monitoring company based in Santa Clara, Calif. “The right question is not, ‘Is the cloud secure?’ It’s, ‘Is the cloud being used securely?'”

And that’s a change from how enterprises are used to operating behind the firewall, said Abhi Dugar, research director at IDC. The security of the cloud refers to all the underlying hardware and software:

  • compute, storage and networking
  • AWS global infrastructure

That leaves everything else—including the configuration of those foundational services—in the hands of the customer:

  • customer data
  • apps and identify and access management
  • operating system patches
  • network and firewall configuration
  • data and network encryption

Public cloud vendors and third-party vendors offer services to assist in these areas, but it’s ultimately up to the customers to set policies and track things.

The result is a balancing act, said Jason Cradit, senior director of technology at TRC Companies, an engineering and consulting firm for the oil and gas industry. TRC, which uses AWS as its primary public cloud provider, turns to companies like Sumo Logic and Trend Micro to help segregate duties and fill the gaps. And it also does its part to ensure it and its partners are operating securely.

“Even though it’s a shared responsibility, I still feel like with all my workloads I have to be aware and checking [that they] do their part, which I’m sure they are,” Cradit said. “If we’re going to put our critical infrastructure out there, we have to live up to standards on our side as much as we can.”

Trevor Jones is a news writer with SearchCloudComputing and SearchAWS. Contact him at This email address is being protected from spambots. You need JavaScript enabled to view it..

The post Awareness of shared-responsibility model is critical to cloud success appeared first on The Troposphere.


Read full article on Cloud Computing from IT knowledge exchange


Powered by Preisvergleich


My Tweets

Last Articles

Which office suite should you use? Consider these 5 options

Business users aren't just limited to Microsoft Office anymore.

Top 5: Office suites for business users

This list includes Microsoft Office, but it's definitely not the only option anymore.

Installing the Windows 10 April 2018 Update could wipe your entire desktop

User forums have been flooded with calls for help after recently updated PCs are rendered useless.

How to transition from using Google Hangouts to Hangouts Meet

As G Suite conferencing upgrades to Hangouts Meet, participants gain phone call-in and call-out...

How to turn on two-factor authentication in Mozilla Firefox

Using the TOTP standard, codes can be created to add an extra layer of security to your account.

How to use the Linux watch command for easier output tracking

Jack Wallen introduces you to a Linux command that can automatically execute a program repeatedly,...

Brain Food botnet infected 5,000+ websites with malicious PHP scripts in past 4 months

The botnet tries to trick users into buying fake diet and brain-boosting pills in order to steal...

Slack's new Actions tool turns messages into tasks

The tool is designed to close the loop between Slack, third party platforms and resulting action...

How to easily route Android contacts to voicemail

If you've ever wanted an easy means of routing contacts directly to voicemail, that want has...

Windows 10 April Update causing some Microsoft Surface devices to freeze

A bug in the Windows 10 April Update is also forcing some peripherals to disconnect, creating...

  • Which office suite should you use? Consider these 5 options

    Thursday, 24 May 2018 16:30
  • Top 5: Office suites for business users

    Thursday, 24 May 2018 16:30
  • Installing the Windows 10 April 2018 Update could wipe your entire desktop

    Wednesday, 23 May 2018 22:30
  • How to transition from using Google Hangouts to Hangouts Meet

    Wednesday, 23 May 2018 17:30
  • How to turn on two-factor authentication in Mozilla Firefox

    Wednesday, 23 May 2018 17:30
  • How to use the Linux watch command for easier output tracking

    Wednesday, 23 May 2018 17:30
  • Brain Food botnet infected 5,000+ websites with malicious PHP scripts in past 4 months

    Wednesday, 23 May 2018 16:30
  • Slack's new Actions tool turns messages into tasks

    Tuesday, 22 May 2018 22:30
  • How to easily route Android contacts to voicemail

    Tuesday, 22 May 2018 22:30
  • Windows 10 April Update causing some Microsoft Surface devices to freeze

    Tuesday, 22 May 2018 17:30