top of page

Responsibilities in the Cloud

I've seen that there has always been some confusion or difference of opinion when it comes to who has what responsibility in the cloud.

I'm not here to state anything official, but to just go through what I've observed while studying, and helping others study for the CISSP.

It doesn't matter which source you use to learn about the cloud - if you just know the general concept of why a cloud exists, and how it is utilized, you will be good for the exam.

Hope the video and the PDF helps in your studies, and if you want to add something, leave me a comment!

Some extra notes about the cloud:

  • One major distinction to note is that you are fully RESPONSIBLE for security in IaaS. The IaaS environment is similar to building your own infrastructure in your office BUT without physical access

  • When you use SaaS or PaaS, the infrastructure security of your systems is maintained by the cloud service provider

  • Security is also dependent on the service level agreements, contracts and policies that you put in place before on-boarding. Proper revision of terms of services is critical in SaaS or Paas

  • Types of Cloud Deployment Models

  • ​Public

  • Private

  • Hybrid

  • Community

  • Types of Cloud Service Models

  • IaaS - Infrastructure as a Service

  • PaaS - Platform as a Service

  • SaaS - Software as a Service


bottom of page