Cloud-Based Cyber Security: Understanding the Shared Responsibility Model

Cloud Vendors and Shared Cyber Security Responsibility

While cloud vendors usually have their own stringent cyber-security measures in place, organisations are still responsible for protecting their networks. If sensitive customer data is leaked or an organisation falls victim to a phishing or ransomware attack, it is the organisation that is ultimately culpable.

Furthermore, while data may be protected within the cloud, organisations are still vulnerable to endpoint attacks. This is because many of these endpoint devices do not have adequate levels of security protection, offering threat actors a multitude of entry points to attack.

The security threats related to cloud services are usually related to authentication and public APIs. While a strength of cloud services is their ability to make data sharing easy across organisations, this has simultaneously made it harder to identify unauthorised third parties.

Cloud Service Models and Responsibility Allocation

There is often confusion surrounding how much responsibility cloud service providers have for their customer’s cyber security. Below is a breakdown of the different types of cloud service provider and the associated allocation of responsibility for cyber security.

Infrastructure as a Service (IaaS)

IaaS is a form of cloud computing where the provider manages IT infrastructures such as storage, server and networking resources, providing virtualized computing resources via the internet. IaaS services usually allocate the least amount of responsibility onto vendors compared to other cloud service models.

The responsibility between customer and provider tends to vary but can be summarised by the following:

Cloud Vendor Security Responsibility: All infrastructure components

User Security Responsibility: Endpoints, user and network security, workloads and data, any application installed on the infrastructure.

Platform as a Service (PaaS)

PaaS is a form of cloud computing where the customer has access to the complete cloud platform, including hardware, software, and infrastructure. This allows customers to develop, run and manage applications. This allows customers to avoid investing in expensive IT infrastructure and software licenses.

Similar to IaaS, the responsibility between customer and provider tends to vary but can be summarised by the following:

Cloud Vendor Security Responsibility: Platform security (hardware and software)

User Security Responsibility: Endpoints, user and network security, workloads, applications developed on the platform.

Software as a Service (SaaS)

SaaS is a form of cloud computing that provides customers with applications over the internet, allowing organisations to use an application without the cost of investing in the infrastructure.

While SaaS usually attributes more security responsibility on the vendor compared to IaaS and PaaS, organisations are still responsible in securing multiple areas as summarised below:

Cloud Vendor Security Responsibility: Application Security

User Security Responsibility: Endpoints, user and network security, misconfigurations, workloads, and data.

Summary

With the threat of cyber-attacks continuing to grow exponentially, cyber security should be a top priority for organisations of all sizes. While cloud vendors do secure and protect data to an extent, they should not be relied upon entirely as a means of ensuring organisations are protected. Therefore, it is vital that organisations firstly understand the level of protection that their cloud vendors offer and, secondly, that they secure those areas of cyber security that are not included in their cloud service.

How we can help

With responsibility for cyber security ultimately still lying on the organisation, it is vital that a comprehensive security solution is adopted to mitigate the risk of cyber threats. Our Managed Detection and Response (MDR) for Cloud service provides complete visibility across public clouds, SaaS, and hybrid IT infrastructures. The service is run from our UK-based Security Operations Center (SOC) and manned 24/7 by our team of highly skilled Cyber Analysts. By utilising our service, we can help protect your organisation from:

Unauthorised Access
Misconfigurations
Suspicious User, Account and Application Activity
Unauthorised Data Sharing
Unpatched Vulnerabilities
Unusual Administrative Actions
File Access Monitoring
Phishing Detection

Our analysts can threat hunt across multiple cloud vendors including, but not excluded to, Amazon AWS, Microsoft, and Google.

Our service offers:

24/7 Human-Led Threat Hunting
Rapid Alerting – in as little as 15 minutes
Threat Containment and Response
Recovery and Remediation Support
Secure Configuration Auditing
Government / Telco Grade Technology

By adopting our unique MDR service, you can feel reassured that your network is being monitored 24/7 by our highly skilled Cyber Analysts. While many cyber security services tend to rely on automation, our service combines technological intelligence with human expertise and intuition, leading to the ultimate cyber security solution that leaves no stone unturned.

Secure your network today with Telesoft by contacting us at: sales@telesoft-technologies.com