Cloud Security Shared Responsibility Model

ServiceMax would like to address the misconception that organizations sometimes have when adopting cloud based services, in this case the ServiceMax suite of products and services. The misunderstanding arises when cloud customers believe that they are either more secure in the cloud, because their cloud provider is securing them or that they are completely insecure, because it is impossible to secure the cloud’s large attack surface. But we are here to convey that both of these conclusions are incorrect.

The following models will outline where the responsibilities lie for IaaS, PaaS and SaaS providers (in this case ServiceMax) relative to that of the Customer.

Shared Responsibility Model - AWS Based Products

ServiceMax products that are running on AWS public cloud typically have three layers of shared responsibility – AWS, ServiceMax and the ServiceMax Customer. Each entity is responsible for different layers given the nature of public cloud, visibility and access levels, as well as contractual obligations.

Shared Responsibility Model - SFDC Based Products

ServiceMax Packaged Field Service Management suite of products that run on Customer’s SalesForce Org have a different shared responsibility model than infrastructure provide by public cloud. In this scenario SalesForce provides all the platform services starting with infrastructure and up. The ServiceMax customer then implements FSM within their Org and can configure per their Security requirements.