Shared responsibility
Most cloud providers take security very seriously. They have to in order to exist and keep existing.
However there is only so much cloud providers can do for your security. E.g. if you are careless with your credentials for a SaaS solution, somebody else may steal them and hyou data may be compromised. Keeping your credentials security is your task.
AWS and Azure have named this the “Shared Responsibility” model. In short it means that the provider is responsible for the security of the cloud and the customer is responsibile for the security in the cloud.
Cloud Checkr has an excellent article on this subject.
Mutual intrest
Like the providers, the users of cloud technologies have a fested interest in a secure, effective and efficient use of cloud technolgies
As stated before, the provider is responsible for the cloud, the user in the cloud. So the provider is responsible for providing services that can be used effectively, efficiently and securely, but it is up to the user tomake sure that they are used effectively, efficiently and securly.
Because both are in the providers interest, they often supply a lot of material to explain how to achieve this in the form of best practices and tooling. We can find links to both best practices and tooling on the ‘Standing on the shoulders of Gients’ chapter.
