While we at rhipe have had a long history of supporting our partners with a select set of security solutions, we recently attended a large-scale security conference, RSA Conference 2020, for the first time. One of the key impact discussion points and solution areas that were readily in evidence was Cloud Security.
For those of you in the rhipe channel this probably comes as no surprise since you live it day in and day out. That said, seeing the topic so openly discussed and targeted for solutions, I was struck by the confusion that can still exists around the shared responsibility model for security in the cloud. I thought it might be a helpful to see the shared responsibility model that Microsoft uses with Azure and AWS uses so that you can frame the appropriate version for your services and have some resources if you need them (click on the images below for larger versions).
|Azure Shared Responsibility Model||AWS Shared Responsibility Model|
What jumps off the page for both of these large public offerings is that the customers and by extension services providers acting on behalf of the customers are always responsible for their data, accounts and identities.
From a security perspective, therefore, the data protection and identity management opportunities are essentially the service provider channel’s opportunity to solve on behalf of customers.
While visiting the Netskope booth I was introduced to a research report entitled The Dark Side of the Cloud which helps us put some percentages around the opportunity for cloud and managed service providers:
- 89% of enterprise users are active in managed and unmanaged cloud services and apps
- 44% of threats leverage cloud services across various kill chain stages
- 20% of users move data laterally, including between managed and unmanaged cloud services, plus company and personal instances
- More than 50% of data policy violations come from cloud storage, collaboration, and webmail apps
- 33% of enterprise users work remotely on average
If you haven’t had a conversation with you customers about there security in the cloud, it seems like a good opportunity to do so. More importantly, if you don’t offer services around helping your customers manage their data and user identities in the Cloud you may be leaving money on the table and your customers vulnerable.
Connect with rhipe to open a discussion about the opportunity.
This article is brought to you by Boughty Canton from the New Alliances team.
t: +1 503 887 6004