Skip to main content

Shared Responsibility Model (SRM)

The Ionburst Cloud Shared Responsibility Model (SRM), illustrates the shared responsibility for security and compliance between the ⚪ Customer, 🟠 Ionburst Cloud, and the underlying 🟣 Cloud Provider(s).

Who is responsible for what?

⚪ Customer Responsibility

Security IN the cloud

Customers are responsible for securely connecting and understanding the specific regulatory requirements for their organisational data and workloads. In the Ionburst Cloud SRM this is further segmented into:

  • Integration
    • The Customer is responsible for secure integration with Ionburst Cloud.
    • The Customer is responsible for choosing the appropriate region to meet their data sovereignty and residency requirements.
    • The Customer is responsible for informing Ionburst Cloud if they are securing data inline with HIPAA or Protected Health Information (PHI) privacy requirements.
  • Customer Data
    • The Customer always owns their data.
  • Access Management
    • The Customer is responsible for the handling and management of Ionburst Cloud access credentials.

🟠 Ionburst Cloud Responsibility

Introducing security ON and OF the cloud

Ionburst Cloud are responsible for protecting data that is stored on the cloud, and securing the underlying services that protect customer data. In the Ionburst Cloud SRM this is further segmented into:

  • Data Privacy Transformation
    • Ionburst Cloud is responsible for the security, privacy and resilience of all customer data.
    • Ionburst Cloud is responsible for ensuring data privacy when processing and storing all customer data.
    • Ionburst Cloud is responsible for ensuring the use of compliance eligible services.
    • Ionburst Cloud is responsible for ensuring all customer data is resident and sovereign within the region chosen by the customer.
  • Automatic Configuration and Ransomware Protection
    • Ionburst Cloud is responsible for the configuration, security, resilience and availability of the storage services.
  • Underlying Data Security
    • Ionburst Cloud is responsible for the data security on the cloud provider.
  • Data Resilience
    • Ionburst Cloud is responsible for the data resilience and availability on the cloud provider.

🟣 Cloud Provider Responsibility

Security OF the cloud

Cloud providers are responsible for protecting the infrastructure that runs the cloud. This infrastructure is comprised of the hardware, software, networking, and underlying storage services. In the Ionburst Cloud SRM this is further segmented into:

  • Underlying Security
    • The Cloud Provider is responsible for the security, resilience and availability of the storage services.
  • Global reach / Infrastructure / Availability
    • The Cloud Provider is responsible for the security, scale and reach of the underlying infrastructure.

Applying the Ionburst Cloud SRM in practice

Ionburst Cloud resources, documentation and tutorials will set out the shared responsibility at the start of each example to clearly define where security responsibility lies. This is done to ensure customers fully understand their security responsibilities when using Ionburst Cloud for different examples, use cases and scenarios.