What is the Shared Responsibility Model for Data Protection?

‍

Have you ever wondered who was responsible for protecting your data? Did you ever wonder why it was important for you to keep backups and your own personal data storages? This can all be answered by understanding the concept of a shared responsibility model.

‍

Who is Responsible for My Data Protection?

‍

‍

There are many popular platforms nowadays to help you with data storage, including Microsoft 365, Google Workspaces and Dropbox. These popular platforms have strong security systems in place to protect your data but this does not mean that they are invincible. In the event of a data breach with these vendors, your personal data could be compromised - either loss or stolen. This raises the important question of who is responsible for this data loss? Many individuals may assume that it is the responsibility of the vendor to protect your data - in the case of a breach this would be their responsibility right? This is actually a common misconception - in actuality there are terms and conditions in place for these data storage platforms that indicate shared responsibility clauses.

‍

What is the Shared Responsibility Model?

‍

The Shared Responsibility Model is a security framework that outlines the security obligations of both a cloud storage provider and their users to ensure accountability. Each party is responsible for a different aspect of data protection as outlined in the shared responsibility model.

‍

So who is responsible for what? This can vary depending on the platform but typically the provider is responsible for physical security of the data centers and softwares. This means that the provider must protect the users’ data from hardware failures, software failures, natural disasters and power outages to name a few. The user’s responsibility is to protect the data from ransomware, human error, internal and external security threats as well as programmatic issues.

‍

‍

‍

This may come as a shock to many users since it is common for users to believe that their data providers are responsible for all aspects of their data protection. In reality, many individuals are unknowingly signing off on a clause that dictates their own responsibility for their data protection.

Key Takeaways

‍

Many individuals choose to store their back-ups and sensitive data in the cloud, but it is important to remember that the cloud, like any other platform, can be breached. As ransomware and malware attacks are at an all-time high, it is more important than ever to stay alert and implement good cybersecurity practices to keep yourself safe.

If you were shocked or surprised by any of the information in this article, don’t worry, we have some solutions for you to implement today to help keep your data secure.

‍

1. Ensure you're doing regular back-ups for all of your systems

‍

2. Diversify where you store your sensitive data so you're not putting all of your eggs in one basket

‍

3. Secure each of your accounts to the best of your abilities - this means implementing complex & unique passwords for every account, two-factor authentication, avoid sharing accounts, and again backups backups backups!

‍

Need Help?

‍

Our recommendation is to speak with your IT providers to ensure that offsite backups are handled properly for your various third-party systems. If you still have any questions or issues with your systems, or get in touch with us - we are more than happy to help you with all of your cybersecurity needs! Get in touch with us today at https://www.cyberunit.com/contact.

‍