Cloud service providers, like Microsoft Azure, adhere to a shared security responsibility model, which means your security team maintains some responsibilities for security as you move applications, data, containers, and workloads to the cloud, while the provider takes some responsibility, but not all. Defining the line between your responsibilities and those of your providers is imperative for reducing the risk in your public, hybrid, and multi-cloud environments.
The Azure shared responsibility model can be confusing to some because as you move to the cloud some responsibilities transfer to Microsoft. This transfer means that there are some areas of responsibility between you and Microsoft, according to the type of deployment of your stack, that you’ll need to manage.
For all cloud deployment types, you own your data and identities along with the responsibility of protecting your data and identities. Where some teams get confused is when it comes to the security of their cloud service components (which varies by service type).
Download this eBook and get the complete definition of the Microsoft Azure responsibility model and the full list of considerations for your organization’s areas of responsibility.