For organizations on the journey of digital transformation, migrating to the cloud is often high on the list of priorities. This is because legacy tech stacks and systems are often incompatible with newer technologies. Sometimes even completely unstable and considered a single point of failure due to the inability to scale. They lack security support for things as critical as patching vulnerabilities. The elasticity that public/private cloud provides, along with the numerous secure technologies available, can increase the benefits of a cloud migration.
Yet, for many, the move is often fraught with questions about the security of your (and your customers’, users’, citizens’) data in the cloud. You may have heard something along the lines of “the customer is responsible for security and compliance in the cloud, while the cloud service provider (CSP) is responsible for the security and compliance of the cloud.” This is called a shared responsibility model. Let’s take a quick peek into some basics of what this means and how it may apply to your cloud environment.
What’s the Shared Responsibility Model?
We follow the Shared Responsibility Model and believe security is a shared responsibility between Salesforce and its customers.
What’s your responsibility?
As the customer, your responsibilities in the cloud will be based upon the services/products that your organization will use. This is critical because responsibilities will vary between different services and products.
For example, a hospital that has specific regulatory/compliance requirements might also require the ability to scale while remaining secure, and to take on bulk updates while doing so. Not only would they have to select services that are certified to use based on their internal requirements, but they would also have to consider services that would allow them to scale securely, store bulk updates, and access control lists for their network traffic. This is a high-level example of how responsibility can potentially shift more to the customer, given the nature of their specific requirements. The overall cloud deployment strategy will vary amongst customers, allowing some customers to shift more security controls to the CSP side to manage. This will depend on the cloud service model in use by your organization, e.g., Software-as-a-Service, Platform-as-a-Service, or Infrastructure-as-a-Service.
Organizations should also understand what’s inherited from the CSP and what could potentially be a shared control and/or responsibility. For example, if using Amazon Web Services as the CSP, the customer would not be responsible for things such as Edge Locations, Availability Zones (you’re not responsible for physically creating this isolated location or any hardware that’ll run within it), or API servers if using the EKS Control plane, the Network, etc.
The Cloud Service Provider Model
Ultimately, the customer is responsible for their own data. This includes encryption — yes, the customer is responsible for this configuration, along with the integrity, and authentication, and authorization mechanisms that will be used for data access, security, and management.
While not an inclusive list of responsibilities, below are some considerations that organizations must understand when assessing their overall migration and security capabilities.
What’s our responsibility?
Software-as-a-Service providers are responsible for things such as APIs and Middleware, Virtualizations, Network Security, and much more. It’s important to understand that most of the applications that we provide will run via the Internet. Securing our platform is a huge part of how we meet our goal of ensuring security and compliance for the customer. All maintenance and management of applications in use by customers are secure, resilient, and highly available for the end user. The point is, we’re ALL responsible for cloud security.
Will Salesforce help with identifying the customer’s responsibility?
It’s important to note that programmatic approaches, security, compliance, and governance tips will slightly vary, depending on your particular Salesforce security model. However, what will remain the same across all security models is Salesforce’s commitment to assisting your organization with best practices for secure architectural design, negotiating and architecting solutions for complex problems and explicit business requirements, and providing guidance on application and integration development best practices. Just to name a few.
It’s all part of our commitment to customer success. We’re here to help you meet the basic requirements to conduct an internal migration readiness assessment and analyze business and security requirements. Additionally, advise on migration strategy, timeline, security roadblocks, and more.
Once we’ve done that and are in agreement that a successful migration is possible, we would take a deeper dive into identifying the customer’s responsibilities. We offer customizable native security controls such as authentication mechanisms, user permissions, IP allow lists, to name a few. We also offer many out-of-the-box products and core features that can be useful for running your business. Again, as the customer, your responsibility is to ensure your organization is fully prepared and capable of executing its requirements of shared responsibility for each product that your organization selects.
We’re all for building solid partnerships and relationships with our customers, their stakeholders, and other cloud service providers. Which is why every approach to your cloud migration needs will be tailored in a manner that works for YOU! If you’d like to learn a little more about Trust and Security here at Salesforce, check out the Learn About the Shared Responsibility Model module on Salesforce’s free learning and training platform, Trailhead!