![]() One key difference, though, across the platforms is privileged access management (PAM), which is used to manage privileged accounts for users or resources deployed based on IaaS, PaaS, or SaaS. There are some shared user and IAM features across all three platforms, including multi-factor authentication (MFA), single sign-on (SSO), built-in role-based access control (RBAC), and custom role-based access control. We’ll do a quick overview of IAM here, but for a deeper dive check out our separate post comparing AWS, Azure, and Google Cloud IAM services. IAM is a term used for defining user access with a privileged role, also known as role-based access control. This forms part of what is called identity and access management, or IAM for short. Identity and Access Management (IAM)Īs we saw under the different shared responsibility models, organizations are responsible for user accounts. It’s called the Shared Responsibility Matrix. Google’s approach to the shared responsibility model is a bit more complex as they specify in detail, in each instance, who is responsible for security. Google Cloud’s shared responsibility model While AWS is responsible for the security of the cloud - including underlying hardware within the data centers such as physical hosts, storage, and networking. An example of this would be the physical infrastructure in the data centers hosting these services.įor the AWS Shared Responsibility Model, AWS takes a more simplistic approach.Ĭustomers are responsible for security in the cloud - meaning their own data, user accounts, applications, and so forth. This is when the cloud provider is solely responsible for security, whether the service is SaaS, PaaS, or IaaS. Lastly, we have the category called cloud provider responsibility.The second category is less black and white and more of a gray area, as this differs based on the cloud model used, such as software as a service, or SaaS, platform as a service, or PaaS, or infrastructure as a service, or IaaS.This is relevant to information data and devices such as mobile and PCs, as well as user accounts, which are also called identities. The first, the customer is always responsible.Azure’s shared responsibility modelĪzure’s shared responsibility model splits responsibility into three main categories. In general, all three cloud providers follow the same principles for shared responsibility they just have slightly different approaches. Now, let’s take a look at the three cloud platforms’ way of handling the shared responsibility model. ![]()
0 Comments
Leave a Reply. |