Responsibilities in Cloud

Hey Cloudians!!!

This blog gonna make you responsible😉 in "Cloud". There are different responsibilities for the Cloud provider and the user. Let's discuss more about it.

Responsibilities

Imagine running a car workshop; when a car comes to you, there are some precautions you have to take, like assessing the present condition of the car, providing an estimation for repairs, etc. The customer makes sure that your workshop is trustworthy; this is the basic responsibility of the customer.

In the same way, cloud providers have to take care of the security of data, reliable instances, etc., where customers have to focus on data encryption, distribution of access, etc.

Cloud Service Provider Responsibilities

Cloud provider's basic responsibility is to secure infrastructure where all the services run. This is very crucial as failing to secure them leads to security breach, service interruption etc.

The main aspects where CSP takes care of are 

1. Hardware and Infrastructure
2. Network control(Servers)
3. Virtualization(Not in the case of IaaS)

The physical infrastructure where all these services are hosted should be carefully managed; if damaged, it can lead to data breaches and interruptions in service provisioning.

The connectivity medium through which services are provided should be taken care of by CSP. All the network activities, such as network security and data moving out of the cloud to users, etc.

When it comes to virtualization, it seems like it's our responsibility as we create VMs, but the virtualization software is handled by CSP. This virtualization layer's responsibilities include maintenance of virtualization software, isolation, and security of VMs, etc.

In the case of IaaS, the total process of virtualization is taken care of by the user, as only infrastructure is provided to the user by CSP.

User Responsibilities

User responsibilities include:

1. Access Management
2. Network security
3. Data encryption in servers
4. API's
5. Configurations

Access management plays a key role in providing access to specific persons. This is purely in the hands of the user, failing in which leads to data breaches. CSP has nothing to do with those incidents, as the SLA (Service Level Agreement) clearly mentions these things in advance.

Network security includes configuring firewalls, network groups, IP versions, etc. These are crucial in maintaining stable and secure connectivity between CSP and the user.

Data stored by the user should take care of its encryption, as CSP won't access user data.

APIs are used by the user to send and retrieve data by verifying whether the data is coming from the intended source and accessed by the intended user. So, CSP transferred this responsibility to the user.

Configurations include VMs, vCPUs, storage space, RAM, internal storage, security-related aspects, etc.

All these things are clearly explained in a document called "SLA" (Service Level Agreement), which defines each and every service limitation and the responsibilities of the user as well as CSP. These SLAs vary from provider to provider.

That's it for this blog. Hope you understand everything. Will meet you in the next blog.

Until then, Update and Upgrade.

Happy learning😊

Miryala Manideepsai