Google Cloud Platform Shared Responsibility Model

[mouakter13]

Understanding your shared responsibility model
When you partner with a cloud service provider and move your systems and data to the cloud, you enter into a shared responsibility partnership for security implementation.

A critical part of best practices involves reviewing and understanding your shared responsibility. Figure out which security tasks will remain with you and which will now be handled by the vendor.

This is a sliding scale depending on whether you opt for Software ei salvador phone number data as a Service ( SaaS ), Platform as a Service ( PaaS ), Infrastructure as a Service ( IaaS ), or an on-premise data center.

Major cloud service providers such as AWS , Azure , Google Cloud Platform , and Alibaba Cloud publish what is known as a shared responsibility model for security. Ensuring transparency and clarity. Be sure to review their cloud service providers’ shared responsibility model.

Review your cloud provider contracts and service level agreements
You may not think about reviewing your cloud contracts and SLAs as part of security best practices, but you should. SLAs and cloud service contracts are just a guarantee of service and recourse in the event of an incident.

There's a lot more included in terms and conditions, addendums, and appendices that can affect your security. A contract can mean the difference between your cloud service provider being responsible for your data and owning it.

According to the McAfee 2019 Cloud Adoption and Risk Report , 62.7% of cloud computing providers do not specify that customer data is owned by the customer. This creates a legal grey area where a provider could claim ownership of all of your uploaded data.

Check who owns the data and what happens to it if you terminate your services. Also, look for clarity on whether the provider is required to offer visibility into any security events and responses.