Shared Responsibility
Public cloud providers are only responsible for operating the underlying infrastructure. Claranet relieves you of the complexity and effort involved in setting up and operating your cloud solution so that you can make the most of the advantages of the public cloud.
Shared responsibility in the public cloud
Anyone who books public cloud services is required to operate them as a self-service. This is because the public cloud provider is not responsible for the entire stack down to application level, but only for the infrastructure, i.e. the hardware, the network and the facilities on which the cloud services run. The customer’s area of responsibility, on the other hand, extends to the operation and security of its own infrastructure environment and the systems, applications, services and data run on it. Examples of this are the installation of the operating systems, the configuration of the virtual network and the firewall settings or the encryption of the data.
Each public cloud provider requires specialist knowledge in order to make the best use of the properties and features of the respective cloud infrastructure. Claranet provides comprehensive managed services for public clouds and supports companies in securely setting up virtual infrastructures and operating applications reliably and with high performance.
Public cloud infrastructure: Who is responsible for what?
Shared responsibility operated as a self-service
Customer
Content & application development
Application management & data services
Platforms & security services
Public cloud provider
Infrastructure services
Shared responsibility with managed service provider
Customer
Content & Application development
Claranet
Application management & data services
Platforms & security services
Public cloud Provider
Infrastructure services
The shared responsibility model
Claranet follows a shared responsibility model, e.g. when it comes to using and managing security and business continuity measures. This model takes most of the work away from our customers, yet you as a customer also have to provide or additionally commission some of the services.
Claranet provides a secure infrastructure, platform and services. Our customers are responsible for secure web applications, data and authorisation management, among other things.
We recommend our customers to establish information security functions, roles and responsibilities for the use of their (cloud) services that form a counterpart to Claranet’s roles and responsibilities. As a minimum, these should be an information security and data protection officer, an emergency officer, an officer responsible for changes and incidents and a system administrator and/or developer.
Examples of the responsibilities of a public cloud provider
- Setting up the physical locations and data centre infrastructure
- Computing power, storage space, network
- Provision of the virtualisation level
- Provision of services and tools
- Installation and security of the operating systems including updates and patches
- Configuration of the firewall
- Encryption of the data and data connections
- Identity and access controls
Claranet also takes care of:
Examples of responsibilities of the customer at Claranet
- Application customising
- Content production and implementation