The rise of both multi-cloud and hybrid environments means that enterprise workloads and the data that goes with them are increasingly becoming distributed among varying environments in order to improve business agility and reduce costs.
The traditional perimeters are disappearing and attack surfaces are growing as organizations use a combination of public and private cloud services.
Who’s responsible for what?
Working out who’s responsible for what across these various environments as well as managing how security teams stay on top of securing their cloud environments in the shared responsibilities model, is a growing business problem.
We’ll broach the consequences of this situation in the second part of our series, “The Impact of Cloud Security Gaps and How Managed Security Services can help”.
Microsoft, one of the largest cloud providers in the business environment, has laid out the responsibilities between the customer and the cloud provider as they see it. In the shared responsibility model, the cloud provider is responsible for “security of the cloud” and the customer is responsible for “security in the cloud”.