Become a Member My Atlas
Insights
Training
Advisory & Negotiation
Free Resources
About
Contact Us
Search
Become a Member

Updated: July 15, 2020 (July 11, 2016)

  Charts & Illustrations

Security Responsibility Matrix

My Atlas / Charts & Illustrations

488 wordsTime to read: 3 min
Michael Cherry by
Michael Cherry

Michael analyzed and wrote about Microsoft's operating systems, including the Windows client OS, as well as compliance and governance. Michael... more

Source: Microsoft

The Security Responsibility Matrix can be used to understand the division of compliance responsibility between Microsoft and its hosted services customers. In this illustration, rows with key security responsibilities (left) are aligned with columns (top) for on-premises systems and three types of Microsoft’s hosted services: Infrastructure as a Service (IaaS, such as Azure Virtual Machines [VMs]), Platform as a Service (PaaS, such as machine learning), and Software as a Service (SaaS, such as Office 365 and Dynamics CRM). The rows and columns form a matrix of security responsibilities (center).

This matrix includes the following general responsibilities (from the bottom up):

Physical security of the data center, network, and hosts. Responsibility for securing the actual data centers where the applications and services run, including responsibility for controlling and monitoring access to the physical servers or hosts, the physical network equipment and cables, and the actual data center facility.

Atlas Members have full access

Get access to this and thousands of other unbiased analyses, roadmaps, decision kits, infographics, reference guides, and more, all included with membership. Comprehensive access to the most in-depth and unbiased expertise for Microsoft enterprise decision-making is waiting.

Membership Options

Already have an account? Login Now