An organization’s cloud workload is the total of all its computational work currently being done in the cloud. The focus of cloud workload security is to keep that workload secure, whether it relies on infrastructure as a service (IaaS) or platform as a service (PaaS).
With on-premises IT infrastructure, securing workloads involves putting barriers between an organization’s network and the outside world. However, in a cloud environment, the goal is to have the workloads and applications accessible to users from anywhere and from any device. This requires a different approach. Good cloud workload security will provide visibility into the workloads, often via a single dashboard or interface that allows users to control and address any security-related issues and deploy needed security measures.
Security measures the cloud provider is responsible for versus security measures the user is responsible for varies depending on the type of cloud service and the provider in question.
- With Infrastructure as a Service (IaaS), the cloud vendor usually provides the physical IT infrastructure; hence the user is responsible for network administration, operating systems, applications, data, and access.
- With Platform as a Service (PaaS), the cloud provider offers a platform with a secure infrastructure, though users may still be responsible for the security of applications they run on that platform as well as data and access.
However, users should always check if their cloud providers outline a shared security responsibility model before making any final decisions regarding cloud security. This will detail exactly what security options your specific cloud provider will offer.