Sharing the Responsibility for Cloud Security with Your Cloud Provider
If you are using the public cloud, your company is sharing common infrastructure with other companies. This concept of sharing is at the heart of the cloud model – you get access to advanced virtual server environments at a lower cost because you share this infrastructure with others. But in addition to these benefits, you are also sharing security risks. Your cloud provider has the responsibility of securing the physical and logical aspects of the infrastructure and operation system in the cloud environment. You can minimize some of your security risks by choosing the right cloud provider. However, in some cloud environments, you need to share security responsibilities with your cloud provider. For example, if you are using IaaS, you are responsible for the security of your virtual resources once they have been provisioned.
As described in the previous section, the cloud provides your business users with a greater level of control over their IT environment. IT users also have much greater control over provisioning IT assets. Without understanding the risk involved, users have the potential to easily provision images without providing the right level of attention to security. You need to manage resources provisioned in the cloud with the same attention to security as used in your internal data center. All users of cloud virtual machines need to understand that all provisioned instances must adhere to your company ...
Get Hybrid Cloud For Dummies now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
