Who’s Responsible? Amazon’s AWS EC2 and Salesforce.com Compared Cloud Computing

The security responsibilities of both the provider and the services consumer need to be clearly understood and greatly differ among cloud service models. The Cloud Security Alliances’ Security Guidance states:

Amazon’s AWS EC2 infrastructure as a service offering, as an example, includes vendor responsibility for security up to the hypervisor, meaning they can only address security controls such as physical security, environmental security, and virtualization security. The consumer, in turn, is responsible for security controls that relate to the IT system (instance), including the operating system, applications, and data. Quite the inverse is true for Salesforce.com’s customer resource management (CRM) SaaS offering. Because the entire ‘stack’ is provided by Salesforce.com, the provider is not only responsible for the physical and environmental security controls, but it must also address the security controls on the infrastructure, the applications, and the data. This alleviates much of the consumer’s direct operational responsibility.


Face Book Twitter Google Plus Instagram Youtube Linkedin Myspace Pinterest Soundcloud Wikipedia

All rights reserved © 2018 Wisdom IT Services India Pvt. Ltd DMCA.com Protection Status

Cloud Computing Topics