In the cloud shared responsibility model, the cloud provider is primarily responsible for the security of the cloud: the physical facilities, host servers, storage hardware, networking equipment, and foundational infrastructure used to deliver services. Therefore, securing underlying physical servers and network infrastructure is the provider responsibility. Customers are responsible for security in the cloud, which includes how they configure services, protect data, manage identities, and secure applications. Application-level settings are usually controlled by the customer or application owner. User access and permissions are identity-layer responsibilities and normally remain with the customer, even if the provider supplies IAM tools. End-user training is an organizational governance responsibility, not a provider obligation. The exact division changes by service model: SaaS shifts more operational responsibility to the provider, while IaaS leaves more configuration and workload security responsibility with the customer. Reference/topics: Cloud Security 5.3, cloud shared responsibility model; Cloud Security 5.2, SaaS, PaaS, IaaS, NaaS.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit