Introduction to Shared Responsibility

Complete the full lesson to earn 25 points

Work through each section, then tap “Mark as Complete” on the last one.

Section 1 of 9

✦ Skip the page breaks and see fewer ads — read each lesson on a single page with Pro

Introduction to the Shared Responsibility Model

In the early days of computing, an organization owned every piece of the stack. You bought the physical servers, you bolted them into a rack, you ran the power cables, you installed the operating system, and you managed the application code on top. If something broke, you knew exactly who was responsible for fixing it—it was always you. Today, the landscape has shifted dramatically toward cloud computing. When you move your workloads to a provider like Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform (GCP), you are no longer managing the physical data center. However, this transition creates a complex ambiguity: if your data is leaked, is it the cloud provider's fault for having a weak data center, or is it your fault for having a weak password policy?

The Shared Responsibility Model is the framework designed to answer that exact question. It defines the security obligations of the cloud service provider (CSP) and the customer. Understanding this model is the most critical step in cloud security because it prevents the "gap of responsibility." Many organizations suffer data breaches not because the cloud provider was insecure, but because the customer assumed the provider was handling a security task that, in reality, remained the customer's burden. This lesson will dissect this model, explain how it changes based on service types, and provide actionable strategies to ensure your organization does not leave its digital front door wide open.


Section 1 of 9
PrevNext