22. Cloud
Provider
Responsibility
Your
responsibility
Foundation Services
Global Infrastructure
Endpoints
Compute Storage Database Netw orking
Regions
Availability
Zones
Edge Locations
Operating System & Network Configuration at Rest
Platform & Application Management
CustomerData
Optional –
Opaque Data
OS (in transit
/ at rest)
Client-side Data Encryption & Data Integrity
Authentication
Server-side Encryption Provided by the
Platform / Protection of Data at Rest
Network Traffic Protection Provided by the
Platform / Protection of Data in Transit
Identity&AccessManagement
Unmanaged Shared Responsibility Model
23. Cloud Provider
Responsibility
Your
Responsibility
Foundation Services
Global Infrastructure
Endpoints
Compute Storage Database Netw orking
Regions
Availability
Zones
Edge Locations
Operating System & Network Configuration at Rest
Platform & Application Management
CustomerData
Client-side Data Encryption & Data Integrity
Authentication
Server-side Encryption Provided by the
Platform / Protection of Data at Rest
Network Traffic Protection Provided by the
Platform / Protection of Data in Transit
Optional –
Opaque
Data OS (in
transit / at
rest)
Identity&AccessManagement
Managed Shared Responsibility Model
26. Getting Started
1. Ensure effective governance, risk, and compliance processes exist
2. Audit operational & business processes
3. Manage, people, roles and identities
4. Ensure proper protection of data
5. Enforce privacy policies
6. Assess security provisions for cloud applications
7. Ensure secure cloud networks and connections
8. Evaluate security of physical infrastructure and facilities
9. Manage security terms in the service agreement
10. Understand the security requirements of the exit process
- 26
-