Shared responsibility security model indicates that AWS and the AWS Customer has a role to play in Securing the cloud. AWS is responsible for security of the cloud while the customer is responsible for security in the cloud.
Customer responsibility “Security in the Cloud”
Customer responsibility will be determined by the AWS Cloud services that a customer selects. This determines the amount of configuration work the customer must perform as part of their security responsibilities. As shown in the chart above, this differentiation of responsibility is commonly referred to as Security “of” the Cloud versus Security “in” the Cloud.
Examples of AWS and Customer Responsibilities:
ISG Grizzly Shield Security Services
We take an easy three step approach to helping organizations Secure their AWS environment:
Pinpoint – Understand the level of maturity your security program has achieved and the possible gaps that may be present.
Jump Start – Develop Project plan/Roadmap for initiatives required to bring your Organization to the point where 24 X 7 monitoring can be leveraged, and data consumed by an MSP or internal staff or a combination of the two.
Monitoring, Training, and Ongoing Management – 24 X 7 monitoring and alerting based on defined SLAs.