What are the components of AWS shared responsibility model? And what exactly are you responsible for in AWS?
One of the biggest cloud security challenges in security teams today is the confusion over the division of security responsibilities between AWS and the organization. Not knowing who owns which area of security and compliance in a cloud environment can quickly lead to blind spots in an organization’s overall cloud security posture.
As a general rule, AWS is responsible for the security ‘of‘ the cloud and the consumer is responsible for security ‘in’ the cloud. Below is a diagram that shows at a basic level the distribution of security responsibilities.
To help clarify the division of responsibilities and ease the burden of cloud security, AWS has established the AWS Shared Responsibility Model. It is designed to explain the division of security responsibilities between Amazon and its cloud users. While the above diagram provides a quick glance overview of responsibilities, it can get more nuanced depending on the types of AWS services you’re using in your environment. Defining the line between your responsibilities and those of your providers is imperative for reducing the risk in your public, hybrid, and multi-cloud environments, but it is not always easy to understand. We’ve outlined the division of security responsibilities in the cloud between AWS and the customer as it applies to the AWS Shared Responsibility Model.
Understanding your responsibility is important
To reduce the risk of cloud breaches and data leaks, it’s important that organizations understand their role in ensuring cloud security. Understand the balance of security responsibilities of AWS and your organizations quickly with our ebook.