This white paper examines the shared responsibility model for securing cloud infrastructure and operations and the separation of duties for cloud providers, customers, and Beacon Platform. Another paper describes Beacon’s software development lifecycle (SDLC) processes and the DevSecOps methodologies on which they are based.
Beacon is a private or hosted cloud-based platform-as-a-service (PaaS) offering that benefits from the scalability and flexibility of cloud computing. Cloud security follows a shared responsibility model between cloud provider, Beacon, and customer. This model leverages the capabilities and resources of each participant to deliver broad and effective security coverage. Cloud infrastructure has been certified by major organizations around the world, including for data and workloads covered by stringent privacy and confidentiality regulations.