Fully Managed Technology Services

Organizations with 20–100 employees.

Co-Managed Technology Services

Organizations with 100+ employees with an internal IT team.

About Elevity

Elevity is one of the largest and most capable technology management providers in the Midwest. Our team of technology experts can help you reach a truly elevated level of IT strategy, security, solutions and support.

A division of
A division of

Managed IT Blog

Computer Hacked? How to Know and How to Prevent It

Resources

Comprehensive Guides

Cybersecurity Tips For Employees

FEATURED RESOURCE

Cybersecurity Tips For Employees

Download now →

Contact Elevity

Technical Support

Technical Support

888.733.4060
support@elevityit.com

Headquarters

Headquarters

2675 Research Park Drive
Madison, WI 53711

A division of
A division of
REQUEST A CONSULTATION
REQUEST A CONSULTATION
REQUEST A CONSULTATION
  • There are no suggestions because the search field is empty.
gray wave
1 min read

Cloud Security – Who's Responsible?

Peter Niebler
Written by Peter Niebler
09/19/2016

It’s a ubiquitous question posed to every Cloud Solution Provider – and so are the corollaries that follow:

  • Will you guarantee that my data won’t be hacked?
  • If it’s safe, then why won’t you accept liability for it?

To those considering a seismic shift from on-premise servers to Cloud hosting, these questions are simple, logical and not at all inconsistent which one another. Daily news stories, including the recent DNC Wikileaks hack, heighten awareness and concern.

At the heart of these questions, however, is a fundamental misunderstanding – Customers remain responsible for the security of their own data in the Cloud.

Cloud hosting subscribers typically believe that once data is uploaded to the Cloud, their responsibility for security is absolved and shifted to the provider. Amazon Web Services prepared the graphic above to illustrate that this is not the case. It details the distinction between security “in” the Cloud and security “of” the Cloud.

Security “In” vs “Of” the Cloud

While the specifics between Cloud providers may vary slightly, the concept remains the same:

  • In” the CloudCustomer Responsibilities
    1. Access control to all components, applications and data
    2. Configurations of operating systems, networks, firewalls and remote access
    3. Encryption at rest, in transit, at the client and on the server

In most cases, the Cloud solution provider does not have direct access to the internal applications or operating systems on hosted instances. So these items fall to the customer.

  • “Of” the CloudCloud Provider Responsibilities
    1. Access control to physical facilities, components and connections within their network
    2. Configurations of locations, clustered facilities and website edge resources
    3. Certification audits including SOC, FedRamp, HIPAA, and others
    4. Certified destruction of abandoned storage disks

Security in the Cloud is a partnership. The advice I give customers? Treat your hosted Cloud servers with the same or greater attention to security details as you would for an on-premise server.
Previous Story
← Increasing Operations Efficiency With Managed IT Services
Next Story
Watson for Everyone – Part 1 →

Subscribe by Email

2675 Research Park Drive
Madison, WI 53711

888.733.4060
support@elevityit.com

A Division Of

GFC-2021-Logo_Blue
© 2024 Gordon Flesch Company. All Rights Reserved.
Security Policy | Terms and Conditions