In the Usage Engine Cloud Edition environment, security is a shared responsibility between the customer and DigitalRoute. This model helps both parties understand their respective security obligations.
Customer Responsibilities
Security in Usage Engine Cloud Edition:
Customer Data, Data Governance, Data Classification: Control the lifecycle of data, including data protection.
User Account Management, Application Management: Secure user and IAM (Identity and Access Management) access policy.
Stream Management, Stream Configuration Management: Configure streams and resources for secure transmission and processing.
Client-Side Encryption: Manage encryption keys and policies in external vaults.
DigitalRoute Responsibilities:
Security of Usage Engine Cloud Edition:
Application Security, Access Controls, Data Encryption (At-Rest): Responsible for securing the application, including application-level security features and data encryption methodologies.
Compute, Network, and Storage Isolation; IAM Framework: Ensure proper isolation technologies are utilised to protect against unauthorised access and ensure data integrity across the infrastructure.
Infrastructure Security, High Availability (Load Balancer, WAF, DDoS Protection): Maintain and secure the infrastructure to ensure high availability and resilience against DDoS attacks and other potential security threats.
This model outlines the division of security responsibilities between the customers and DigitalRoute to ensure that both parties understand their obligations in maintaining the security and integrity of the Usage Engine Cloud Edition. This collaborative approach helps in creating a strengthened security posture for the cloud environment.