Global Tech Solutions Blog
Demystifying the Shared Responsibility Cloud Security Model
The promise of cloud platforms, where the provider handles most of the work, is incredibly enticing. After all, why wouldn’t you want to move your data to the cloud, where you don’t have to worry about backups, security, or server crashes? This perspective also makes it sound like your business is off the hook, but this is not necessarily the case.
This is why you need to review the terms and conditions of your cloud provider’s services before you make any assumptions as to what’s covered and what’s not by your service level agreement. Today, we want to cover some of the misconceptions that frequently pop up with cloud services so you can make better decisions moving forward.
The Uptime vs Backup Confusion
The biggest misunderstanding with modern business backup solutions is the difference between availability and recoverability.
Most cloud providers will offer high availability, or uptime, to ensure their data centers are running so you can access your account just about all the time. They replicate your data across multiple servers so that if a lightning strike hits a data center, your files instantly load from a different facility. What they might not guarantee, however, is that the data you’re accessing is accurate, uncorrupted, or even still there. If an end user accidentally deletes a folder, that deletion gets replicated across all data centers.
So yes, the data is gone, even when “high availability” is the promise.
The Recycle Bin is Not a Backup Plan
You know how sometimes you can find a deleted file in the Recycle Bin? From there, it’s an easy restore. If the cloud rep you’re speaking to makes this claim, run in the opposite direction.
The Recycle Bin is far from a temporary trash can for a corporate data backup strategy. The average cyber breach goes undetected for over 200 days, meaning that if a rogue actor sneaks into your cloud-based infrastructure and deletes files or financial records, you won’t find out until the files are long gone. For attacks leveraging ransomware, the files aren’t just deleted; they’re encrypted, meaning they are still there, but locked down to prevent access.
You need an external, independent backup so you can roll back to the moment just before these kinds of incidents. Otherwise, you’re playing with fire and you’re going to get burned.
Shared Cloud Responsibility
Cloud providers operate on a strict division of labor. The framework splits security into two distinct categories: security of the cloud vs security in the cloud.
The cloud provider controls physical data center security, its power and hardware infrastructure, operating system virtualization, and global network routing. That said, you also play a part in the security of your infrastructure to an extent. You control and own the intellectual property and files in the cloud, your user accounts and passwords, employee access controls and permissions, and third-party app integrations.
If a hacker breaks into a physical data center, that’s the provider’s fault. If a hacker phishes your admin’s password because you didn’t turn on MFA, that’s your problem.
Moving to the cloud is an excellent strategic choice for collaboration and scalability, but it doesn’t absolve you of the responsibility to protect your digital assets. If all this sounds like a lot to handle, don’t worry. We’ve got you covered.
Learn more about how you can do so by calling Global Tech Solutions at (800) 484-0195 today.

Comments