Darkreading.com reported that most businesses do not realize that when using the Cloud that “the enterprise remains responsible for application, account, and data security.” The July 11, 2019 article entitled “There’s a Security Incident in the Cloud: Who’s Responsible?” included these comments from
Ali Golshan (CTO and co-founder at StackRox):
Providers are monitoring for compromises that are specific to infrastructure and the platform layer, with some services around the network edge,…
But with accounts and credentials spanning across the infrastructure, the waters of responsibility can get a bit muddied.
These days, logging into your infrastructure is the same as logging into a SaaS app,
So it can feel like the line is blurry.
But the shared responsibility model still holds, with enterprises responsible for their apps and data.
I guess it pays to read the Click Agreement & Terms of Service!
Leave a Reply