A company is migrating its database containing sensitive customer information to a public cloud using an Infrastructure as a Service (IaaS) model. According to the typical cloud shared responsibility model, which party is primarily responsible for ensuring the sensitive data within the database is encrypted?
A third-party auditor is responsible for implementing encryption controls.
The responsibility is equally shared, with both parties co-managing the encryption keys.
The cloud provider is responsible for encrypting all customer data by default.
The customer is responsible for configuring encryption for their data.
This statement is correct. In the cloud shared responsibility model, particularly for IaaS, the customer retains responsibility for securing their own data. This includes classifying the data, deciding what to encrypt, and managing the encryption configurations and keys. While the cloud provider is responsible for the security of the cloud (the physical infrastructure), the customer is responsible for security in the cloud, which encompasses their data, applications, and guest operating systems. The provider offers encryption tools, but the customer must choose to implement and manage them for their data.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the cloud shared responsibility model?
Open an interactive chat with Bash
How does Infrastructure as a Service (IaaS) differ from other cloud service models in security responsibilities?
Open an interactive chat with Bash
How can customers manage encryption in a public cloud environment?