Reply to post: "Your overall security hygiene dramatically improves if most of your workloads are on a cloud,"

US DOJ probes Google's $5.4b Mandiant acquisition

Anonymous Coward
Anonymous Coward

"Your overall security hygiene dramatically improves if most of your workloads are on a cloud,"

TL;DL - Shared responsibility model for all Public Cloud providers (CSP's):

CSP is responsible for the security OF the cloud

Customer is responsible for the security of workloads WITHIN the cloud.

If the vice president of security for Google Cloud said that, then perhaps the following link (to a PDF) might be essential reading:

https://services.google.com/fh/files/misc/gcp_pci_srm__apr_2019.pdf

From that PDF:

"Customers of GCP bear sole responsibility to meet their own PCI DSS compliance for these requirements"

is in contradiction with

"Your overall security hygiene dramatically improves if most of your workloads are on a cloud,"

Anon as I work for a vendor in public and private cloud infosec.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022