Microsoft Azure Stack – Secure by Design
Previously I have blogged about the underlying architecture and features which is going to be part of Azure Stack → http://msandbu.org/what-is-azure-stack-and-want-is-the-architecture/ Microsoft recently announced the launch of Azure Stack as well → https://azure.microsoft.com/en-us/blog/microsoft-azure-stack-is-ready-to-order-now/
Responsibility model in Cloud
Now I want to focus a bit on one aspect that was not included in the previous blogpost, and that also has not been highlighted in Microsoft’s blog which is security in the platform.
In a Public Cloud scenario, there is a distinct line between what is the public cloud vendor’s responsibility and what is the customer’s responsibility. The area of responsibility changes when a customer goes from IaaS (Infrastructure as a service) to PaaS or SaaS model. In the shift from IaaS to PaaS more responsibility move to the cloud provider. As it would be if we were to go from a SQL server running inside a virtual machine to a Azure SQL Database where we as a customer have no control of the virtual instances that deliver the service.
Shared responsibility model between customer and cloud provider
In Azure there are numerous of security mechanisms in place to ensure that data is safeguarded, going from the physical aspect up to the different services running on top. So an example from a customer perspective. In public Azure a customer does not have access to the hypervisor layer, as we might be used to in a regular virtualization environment. We as a partner havethe same limitations, so therefore when managing customers we have to consider the same limitation. This means we have to do management and in a different manner.
Read the entire article here, Azure Stack– Secure by design
via Marius Sandbu.