In a traditional on-premises data center, the organization that owns it is responsible for managing security incidents, including the mitigation and remediation of any dangerous incident. On the other hand, if the company uses Infrastructure-as-a-Service offerings (Azure, AWS) security for infrastructure is the provider’s responsibility. In the Software-as-a-Service model, specifically in Microsoft 365 suite, Microsoft is responsible for maintaining the infrastructure and making sure data is available and accessible while users are responsible for protecting their Microsoft 365 data. It means the user is responsible for restoring lost, stolen, deleted, or compromised data and it should be quite logical and obvious. In the end, it’s the user’s data, right?
Read more