By Ben Brauer
Security is paramount at every layer of the infrastructure stack, from the underlying hardware to the application itself. The advent of cloud and hybrid IT models has extended this conversation off-premise when creating cloud-enabled applications.
This is the first post in a cloud security series on topics ranging from the shared responsibility model to the intricacies associated with identity and access management, just to name a few. These posts build on cloud security best practices covered in our recently released ebook, 5 Best Practices for Cloud Security, and our detailed look at security in the CenturyLink Cloud Security Overview.
Today’s blog discusses the shared responsibility model and the least privilege principle. These two lay the foundation for most security decisions when adopting and leveraging cloud-based infrastructure resources. Without them, businesses using cloud may not know when or how to secure their environments or what actions authenticated users can take.
Shared Responsibility Model
The shared responsibility model describes an understanding between the cloud provider and its users, where the provider manages security of the cloud and users managesecurity in the cloud. Security of the cloud normally constitutes physical assets, underlying network and IT infrastructures, and foundational...