Back to glossary

Shared Responsibility Model

A security framework that defines which security tasks are handled by the cloud provider and which are the responsibility of the customer.

Categorycloud

Overview

The Shared Responsibility Model is a fundamental concept in cloud security. It clarifies that while the cloud provider is responsible for the security of the cloud (the physical infrastructure, hardware, and global network), the customer is responsible for security in the cloud (their data, applications, and configurations).

Provider Responsibilities

  • Physical security of data centers.
  • Patching and maintaining the underlying host operating systems and virtualization layer.
  • Ensuring the availability of core services.

Customer Responsibilities

  • Managing user identities and access (IAM).
  • Encrypting data at rest and in transit.
  • Patching the guest operating systems and applications.
  • Configuring network security (firewalls, VPCs).

Related Terms

Cloud-Native SecurityCompliance FrameworkCloud Identity and Access Management