Know your role in the cloud shared responsibility model

Proper cloud security requires a customer-provider alliance

The concept of shared responsibility should be the formula that makes cloud computing a safe and satisfying way for a modern business to perform key IT functions.

The widely implemented cloud shared responsibility model calls for an organization to entrust its workloads to a public cloud provider, which, in an IaaS scenario, secures the infrastructure, networks, VMs and related systems. The customer, in turn, takes responsibility for the protection of its cloud-based data and applications. This combination should provide the protections necessary to thwart hackers and safeguard data.

So why are cloud users still routinely plagued by embarrassing and costly breaches?

Maybe the problem is that there isn't enough sharing in the shared responsibility model? Too often a business doesn't understand where a cloud provider's security ends and where its own responsibilities begin. Or, even if they know where the lines are, organizations sometimes rush to the cloud without providing their staffs with the training and tools needed to hold up their end of the deal. Cloud providers, too, could probably do more to improve shared responsibility by not leaving their customers to figure most of this out on their own.

This handbook delves into these matters, beginning with an article about the most common weaknesses in the cloud shared responsibility model and how those can create the sorts of cracks that hackers find so appealing. A misconfigured firewall, for example, might seem like a minor problem -- until it suddenly blows a hole in your cloud defenses. While the shared responsibility model presents challenges, the right precautions can help ensure those difficulties don't sabotage a cloud initiative.

Assumptions about what shared responsibility means and how it works can put a business at risk. Be sure you know exactly what your team's role is so that the public cloud works for you instead of against you.