Shared Responsibility – For Better or Worse

What a month with basketball, baseball, hockey and now the soccer world-cup. Through all of these exciting games we are shown that team responsibility is a shared effort toward a singular goal. Teams come in all shapes and sizes. Whether you have a team great enough to make the play-offs or a team that is still under development, working together and balancing responsibilities is key for success. Everyone has an important role on a team. With the advent of cloud services, IT now gets to join Team Cloud! Like other teams, they have shared responsibilities, especially when it comes to security.

In the big leagues, Amazon Web Services has been able to highly operationalize computing and provide many IaaS options for business. In my opinion, very few businesses could honestly say that they could provide these services better. In professional sports, team players can be egotistical, unpredictable, and downright humanly frustrating. On Team Cloud, partnering with leading IaaS providers is a lot less challenging and stressful. For some companies, adopting cloud services is actually more secure than continuing to provide these operations themselves. In fact, according to a recent survey conducted by Microsoft, 94% of businesses reported that they saw an improvement in security after switching to cloud computing. 

One of the most frustrating parts of playing on a team is if you have a teammate that is not performing to group expectations. Some would say that they are dialing it in or letting the others pick up their slack. It takes a great coach to ensure all members of the team are motivated and share responsibilities. Team Cloud seems to be without a coach these days. There are regulators, standards, and auditors barking at what needs to be accomplished, especially for security, but they do not have the background to understand the nuances or rather the playbook to find the maximum performance level amongst all players. In recent surveys, they show that some businesses continue to believe that all aspects of security will be provided by their cloud service provider and their only responsibility is to pay the bills and run with the service. Recent independent research revealed that 89% of the global information security workforce lacks clarity as to how security applies to the cloud, and 78% of information security professionals lack understanding of cloud security guidelines and reference architectures.

There is detailed documentation on AWS Security Best Practices, describing the shared-responsibility model for security for their services, and the security actions that customers need to take. This is a great place to start when trying to learn about roles and security responsibilities between the cloud provider and the business. However, just knowing what you should do doesn’t provide the training or tools to actually accomplish the job. If best practices were all that was needed, then most of us would trade in our barstools and couches to jump at the chance to participate as a full-fledged active member for our favorite sports team. We will also be attending the AWS New York Summit on July 10th at Javitz Convention Center with our cloud security gurus available in person for a conversation, so please stop buy and learn more about balancing security. If you would rather get a play-by-play of our product in action, every Thursday at 10am PST you can join our live demo and Q&A.

Go Team Cloud!

Related Posts