Shared Responsibility Model in  Cloud Backup and Disaster Recovery

What does that even mean?

The Shared Responsibility Model is a security and compliance framework outlining the responsibilities of cloud service providers (CSPs) and customers to secure every aspect of the cloud environment. The model is based on the principle that CSPs and customers share responsibility for security, but the specific responsibilities of each party vary depending on the cloud service being used.

In general, CSPs are responsible for the security of the cloud infrastructure, including the physical security of the data centers, the network security, and the system security. CSPs are also responsible for monitoring and responding to security threats related to the cloud itself and its underlying infrastructure.

Customers are responsible for the security of the data and applications that are stored in the cloud. This includes security practices like data encryption, access control, and security configurations. Customers are also responsible for ensuring that the data and applications they store in the cloud comply with applicable laws and regulations.

It is important to carefully read the terms of service for any cloud service you use to ensure you understand your responsibilities. By understanding your responsibilities, you can help to ensure the security of your data and applications in the cloud.

What Shared Responsibility Means for MSPs

When an enterprise company runs and manages its own IT infrastructure, it is responsible for the security of that infrastructure, as well as the applications and data that run on it. This includes core tasks such as configuring security settings, encrypting data, monitoring for threats, and responding to incidents.

When an SMB organization outsources its IT infrastructure to an MSP, the MSP assumes responsibility for many or all of these security tasks.

In the context of business continuity and disaster recovery (BCDR), the Shared Responsibility Model means that the MSP is responsible for backing up the organization’s public cloud data and ensuring that it can be restored in the event of an outage.

Microsoft Azure’s Directive to Share the Responsibility

Consider Microsoft’s own division of responsibility in their Microsoft Azure shared responsibility documentation:

“As you consider and evaluate public cloud services, it’s critical to understand the shared responsibility model and which security tasks are handled by the cloud provider and which tasks are handled by you.”

The Importance of Third-Party Backup

Ultimately, an MSP cannot rely solely on its public cloud provider for backup and disaster recovery, and the MSP must shoulder the responsibility of delivering on business continuity promises. MSPs must use a third-party backup solution to ensure that their clients’ data is fully protected and virtualizable in the event of a disaster. This solution should be designed to meet the organization’s specific needs and tested regularly to ensure that it will help an MSP deliver on SLAs and meet compliance and cyber insurance requirements.

By using a third-party backup solution, MSPs can help ensure that their clients’ data is protected in an outage or an attack. This proactive approach will help to protect the client’s reputation, avoid downtime financial losses, and ensure that it can continue to operate during a crisis.

The Risks of Using Native Azure Backup

Native Azure Backup is a popular choice for backing up Azure cloud environments. However, there are some risks associated with using this service.

  • Single point of failure: If there is an Azure incident, outage, or cyberattack, both your production infrastructure and your backups could be unavailable. This could lead to complete downtime for your organization.
  • Complexity: File restores from native Azure backups are often more complicated than other backup solutions because you need to use additional services for disaster recovery and testing.
  • Cost: Native Azure Backup is not an all-in-one solution. You need to use Azure Backup for backups and Azure Site Recovery for business continuity. This can add complexity and cost to your stack.

The Benefits of Separating Backups

There are several benefits to separating backups from production infrastructure.

  • Increased availability: If there is an Azure incident, outage, or cyberattack, your backups will still be available in a separate location. This can help to prevent complete downtime for your organization.
  • Simplified restores: File restores from a separate backup location are typically simpler than from native Azure backups. This is because you do not need additional disaster recovery and testing services.
  • Reduced complexity and cost: Using a separate backup solution can reduce the complexity and cost of your backup stack because you do not need to use multiple Azure services, which often don’t deliver a good profit margin for an MSP.

There are risks associated with using native Azure Backup that could give an MSP heartburn. Sleep more soundly at night by separating backups from production infrastructure to increase availability, simplify restores, and reduce complexity and cost.

Securing Data in the Public Cloud

Nearly a quarter of small to medium-sized businesses have their data in the public cloud, and MSPs need a solution to protect that data. Microsoft Azure is a popular choice for companies that want to reduce costs and complexity. However, should MSPs allow a client’s “eggs to be all in one basket?” No, and that means MSPs are responsible for protecting their clients’ workloads and data within Azure.

x360Recover Direct-to-Cloud for Microsoft Azure is a comprehensive solution that can help MSPs protect their clients’ data in the public cloud. The solution fully virtualizes Azure backups, leveraging the automation of Axcient’s Virtual Office and customizable Runbooks for exceptional ease of use. Plus, always-on AirGap is a last line of defense against accidental or malicious data deletion.

The solution also unifies client protection across on-premises and Azure workloads and is priced at a flat fee per server or device, which includes pooled storage. This means that MSPs can easily scale their protection as their clients’ needs grow.

In addition, the solution provides a third-party cloud where full disaster recovery (DR) testing and live VMs can be virtualized in minutes with near-instant RTO for DR. This ensures that MSPs can quickly recover their clients’ data in the event of a disaster.

With these capabilities, x360Recover Direct-to-Cloud for Microsoft Azure is a comprehensive solution that can help MSPs protect their clients’ data in the public cloud. The solution is easy to use, affordable, and scalable, making it a great choice for MSPs of all sizes.

Ready to leverage Axcient to shoulder the load of your shared responsibility for securing your clients’ Microsoft Azure data? Get a 1:1 demo of x360Recover Direct-to-Cloud for Microsoft Azure today.

About the Author: Carissa Johnson // Product Marketing Manager, Axcient

Carissa Kohn Johnson AxcientCarissa Kohn-Johnson has a background in healthcare technology and information technology, and is now the Product Marketing Manager for Axcient. She has a lot of MSP Channel experience from planning and attending hundreds of conferences and tradeshows, and found her passion in IT. Carissa is also an elected official in Cary NC, a town chock full of technology-forward people. Connect with her on LinkedIn – perhaps you can contribute to the Axcient blog?

How well could you sleep with reliable cloud-based backups and recovery?

Take a deep dive into Axcient’s proprietary, automated security features to see how we’re ensuring uninterrupted business continuity — no matter what:

Axcient Solutions


Protect Everything.
Access Axcient Now!

Axcient Logo
Gartner Peer Insights Reviews