How the shared responsibility model works

1. How the shared responsibility model works

If you look at the various cloud computing models together, you can see where the cloud provider’s responsibility ends and where the customer’s responsibility begins. A general guideline for shared responsibility is that “if you configure or store it, you’re responsible for securing it.” This means the cloud provider is responsible for securing the parts of the cloud it directly controls, such as hardware, networking, and physical security. At the same time, the customer is responsible for securing anything they create in the cloud, such as configurations, access policies, and user data. No matter which cloud provider you use, there is always shared responsibility. Let’s examine how responsibility is divided between Google Cloud as the service provider and its customers. For on-premises environments, when an organization runs its own data centers, security for the infrastructure is entirely the responsibility of the organization’s internal teams. They are responsible for securing servers and the data stored on them. With Infrastructure as a Service (IaaS), some IT security responsibilities shift to Google Cloud. Google Cloud is responsible for the physical resources and shares responsibility for aspects of infrastructure and network security. The customer remains responsible for securing the operating system, the software stack required to run applications, and their data. This model gives customers the most freedom and control but also places significant responsibility on them. With Platform as a Service (PaaS), more responsibility shifts to Google Cloud. Google Cloud takes full responsibility for the physical infrastructure, access and authentication mechanisms, network security, and guest operating systems. The customer is still responsible for securing the content they create on the platform, such as application code and data. With Software as a Service (SaaS), Google Cloud is responsible for nearly every aspect of security, from the underlying infrastructure to the application itself. Customers still retain responsibility for certain areas, such as how the application is used, access policies and authentication settings to prevent threats like phishing attacks, and protecting user content. An important aspect of the shared responsibility model is that customers are always responsible for the security of their data, whether they operate on-premises data centers or use a cloud-based subscription service. Customers control who or what has access to their data. Google Cloud is committed to keeping customer data secure, but security is a shared responsibility that requires collaboration.

2. Let's practice!

Create Your Free Account

By continuing, you accept our Terms of Use, our Privacy Policy and that your data is stored in the USA.

Digital Transformation with Google Cloud

BeginnerSkill Level

5.0+

4 reviews

The course closes with a summary of the key points covered in each section and next steps to continue learning.

Exercise 1: Course summary