It is time for ‘shared responsibility’ to evolve. Here’s why.
“Shared responsibility” for security has emerged from the early days of cloud computing as a useful model for assigning responsibilities between cloud providers and their customers. While it made sense at first, the rapidly changing security landscape means we can reimagine the shared responsibility model to better capture the full spirit of the relationship needed for a true partnership to transform security in the cloud. This may seem trivial, but not having the right conceptual model in cybersecurity can lead to real-world problems. It’s time for cloud service providers (CSPs) to elevate their shared responsibility to a more resilient model. We call this “shared destiny”.
Shared responsibility grew out of questions about whether the cloud was secure and how to best secure it. We now know that the answers to these questions are often yes. This makes some areas of security very clear – the CSP has the physical security of the servers, the security of multiple layers of operating systems and other software depending on the nature of the service. The customer typically owns the configuration, identity and access management, and security of the application software running in the cloud. (It is worth noting that some compliance mandates, such as PCI DSS, include their own versions of shared responsibility models.)
But shared responsibility can sometimes set a very difficult boundary between the cloud provider and the customer. The result of this hard limit can, paradoxically, be uncertainty about who handles which aspects of threat detection, configuration best practices, and alerts for security breaches and anomalous activities.
When security issues arise, many cloud customers question the usefulness of the shared responsibility model. Shared Destiny is the next evolutionary step towards creating a closer partnership between cloud service providers and their customers so that everyone can better meet today’s and growing security challenges – while still delivering on the promise of digital transformation.
Shared Destiny: What It Is, Why It Matters
Introduced to IT operations in 2016, shared destiny happens when a cloud provider and customer “work together as a team towards a common goal and share a destiny greater than the dollars that pass between them”..” It’s a broader version of shared responsibility that encompasses it but also transcends it. It’s not quite the Force, but thinking of it as a security model that ties the cloud together isn’t a bad place to start either.
The shared security destination is to prepare a safe landing zone for a customer, guiding them while they are there, being clear and transparent about the security controls they can set up, offering protections and helping them with cyber insurance. We want to build on shared responsibility to better protect our customers, and part of the challenge of adopting a shared destination mindset is that it’s less of a checklist and more of a perpetual iteration to continually improve security.
In practical terms, the multi-ingredient foundation of shared destiny is stronger than its component parts, which we are always working to improve for ourselves and our customers. These resources are:
- Secure settings by default. Our default settings can ensure that security fundamentals have been enabled and that customers start from a high security baseline, even if some customers change it later.
- Safe plans. Recommended by default secure configurations for products and services, with configuration code, so customers can more easily boot into a secure cloud environment.
- Secure policy hierarchies. Setting policy intent at one level in an application environment should be automatically configured in the stack, so there are no surprises or additional work in the lower-level security settings.
- Consistent availability of advanced security features. We provide advanced capabilities to customers for new products at launch and then build security consistency across the platform and tools.
- Availability of security solutions. Our security solutions unite security products and security features with customer cloud experiences that can enable them not only to use our secure cloud, but also to use our cloud securely.
- Attestation of high assurance of controls. We provide independent review of our cloud services through compliance certifications, audit content, regulatory compliance support, and configuration transparency.
- insurance partnerships. Through our Risk Protection program (currently in preview), we connect cloud customers with insurers that offer specialized insurance for Google Cloud workloads that reduce security risk. Google works with Allianz Global Corporate and Specialty (AGCS) and Munich Re to offer a unique risk management solution to Google Cloud customers.
Why the future depends on shared fate
The shared-target approach may be better for cloud customers precisely because it centralizes customer needs when deploying resources and applying knowledge of the cloud environment to security tasks. Rather than shifting responsibility to customers who may not have the expertise to properly manage it, CSP uses its considerable expertise to help the customer truly stay safe in the cloud.
Since the shared target model originated in IT operations, it can improve defense-in-depth against misconfigurations and defense-in-depth against attacks. In other words, the cloud provider can help you in terms of security rather than just providing a secure platform. And by participating in the insurance ecosystem, we help bridge the gap between technical controls in the cloud environment and risk coverage.
Shared destination does not mean “no customer responsibility” for security. No cloud provider can do 100% of the work ensuring the customer’s use of the cloud, and the customer remains responsible for its risks. There will always be a set of security-focused tasks and activities that cloud customers will need to perform. Instead, we believe that CSPs can and should do more to build the shared security destination with customers and use their substantial cloud and security expertise to help reduce risk for customers as they transition to the cloud.
The shared destination model can more accurately represent the journey to the cloud, helping to manage and reduce risk as organizations and their leaders transform their business, IT and cybersecurity for the modern era. The sooner we adopt it as standard practice, the safer we can all become.
To learn more about shared fate and its role in the changing cloud security landscape, read Phil Venables’ post on 8 megatrends driving cybersecurity today.