Upload
mark-nunnikhoven
View
133
Download
2
Tags:
Embed Size (px)
Citation preview
Moving IT infrastructure to AWS creates a shared responsibility model between the customer and AWS.
Amazon Web Services: Overview of Security Processes by AWS, Jun/2014
…a cloud platform like Azure requires shared responsibility between the customer and Microsoﬞ
Microsoﬞ Azure Trust Center by Microsoﬞ, Feb/2015
Cloud security is a shared responsibility between the cloud service provider (CSP) and its clients.
Cloud Special Interest Group by PCI Security Standard Council, Feb/2013
Responsible means daily management of security controls
In the context of a provider/client relationship
6 CRITICAL AREAS OF ResponsibilitYDataApplicationOperating SystemVirtualizationInfrastructurePhysical
6 CRITICAL AREAS OF ResponsibilitYDataApplicationOperating SystemVirtualizationInfrastructurePhysical
IaaS
6 CRITICAL AREAS OF ResponsibilitYDataApplicationOperating SystemVirtualizationInfrastructurePhysical
IaaS
PaaS
6 CRITICAL AREAS OF ResponsibilitYDataApplicationOperating SystemVirtualizationInfrastructurePhysical
IaaS
PaaS
SaaS
% o
f Res
pons
ibili
ty
0
25
50
75
100
Service TypeD.I.Y Co-Location IaaS PaaS SaaS
Science-y CHART
Gap of Discomfort
AWS
More details at hּמp://aws.amazon.com/compliance/
PCI DSS Level 1 SOC 1/ISAE 3402 SOC 2 SOC 3 ISO 9001 IRAP (.au) FIPS 140-2
Current certificationsCJIS CSA FERPA HIPAA FedRAMP (SM) DoD CSM 1-2, 3-5 DIACAP
ISO 27001 MTCS 3 ITAR MPAA G-Cloud Section 508/VPAT FISMA
Azure
More details at hּמp://azure.microsoﬞ.com/en-us/support/trust-center/compliance/
PCI DSS Level 1 SOC 1/ISAE 3402 SOC 2 SOC 3 ISO 9001 IRAP (.au) FIPS 140-2 ISO 27002 CCCPPF
Current certificationsCJIS CSA FERPA HIPAA FedRAMP (SM) DoD CSM 1-2, 3-5 DIACAP EU Model Clauses MLPS (.cn)
ISO 27001 MTCS 1 ITAR MPAA G-Cloud Section 508/VPAT FISMA FDA 21 CFR
6 CRITICAL AREAS OF ResponsibilitYDataApplicationOperating SystemVirtualizationInfrastructurePhysical
6 CRITICAL AREAS OF ResponsibilitYDataApplicationOperating SystemVirtualizationInfrastructurePhysical
IaaS
6 CRITICAL AREAS OF ResponsibilitYDataApplicationOperating SystemVirtualizationInfrastructurePhysical
IaaS
PaaS
6 CRITICAL AREAS OF ResponsibilitYDataApplicationOperating SystemVirtualizationInfrastructurePhysical
IaaS
PaaS
SaaS
% o
f Res
pons
ibili
ty
0
25
50
75
100
Service TypeD.I.Y Co-Location IaaS PaaS SaaS
Science-y CHART
Gap of Discomfort