Part 3 - Who is Responsible for Security in Cloud Models

Video Activity

This lesson covers who is responsible for security in cloud models. Ultimately, responsibility and security comes down to which cloud model you choose to work with. In some models the consumer is responsible, while in others, responsibility falls to the vendor.

Join over 3 million cybersecurity professionals advancing their career

Sign up with

or

Already have an account? Sign In »

ISC2 Certified Cloud Security Professional (CCSP)

Course

Time

5 hours 31 minutes

Difficulty

Advanced

CEU/CPE

6

Video Description

This lesson covers who is responsible for security in cloud models. Ultimately, responsibility and security comes down to which cloud model you choose to work with. In some models the consumer is responsible, while in others, responsibility falls to the vendor.

Video Transcription

00:04

Okay. Now our next piece to look at is the security responsibility across the different models. So obviously which model you choose is gonna drive. Who's responsible now? The traditional I teen model meant you as the client or the customer. You're responsible for everything right, and that's is indicated in blue.

00:22

But as we move from infrastructure to platform

00:26

to software, it's a service.

00:28

We see the responsibility shift to the vendor, and that's very desirable in many cases. So with infrastructure is the system, you know, they're the ones we're the one. They're the ones doing the network to storage servers, the virtual ization and

00:44

partially responsible for the operating systems. Now, on our end,

00:48

we have our applications are data is still I responsibility, the middle environment sort of the access to the vacuum server. So we still have some responsibility now with platforms as a service, our applications in our data, but they're providing us the means on which to run and develop. That code

01:07

software is a service the vendor is responsible for. All elements were just simply accessing ah, front end application that would allow us to use and manipulate the information. But it's stored and it's maintained on virtual servers in their environment, so

01:25

the shifting of responsibility from the client to the vendor

01:29

tends to be one of the very desirable characteristics of

01:34

move into the flour.

Up Next

Part 4 - SDLC in the Cloud

Part 5 - OWASP 1 through 5

Part 6 - OWASP 6 through 10

Part 7 - Defensive Coding

Part 8 - Risks and Controls

ISC2 Certified Cloud Security Professional (CCSP)

This online course will guide you through the contents of the CCSP certification exam. Obtaining your CCSP certification shows that you are a competent, knowledgeable, cloud security specialist who has hands-on experience in the field.

Instructed By

Kelly Handerhan

Kelly Handerhan

Senior Instructor