Microsoft® Azure™ provides services that can help customers meet the security, privacy, and compliance needs. This white paper helps explain the relationship between cloud service providers (CSPs) and their customers, and notes their roles and responsibilities. Standards such as National Institute of Standards and Technology (NIST) (Special Publication 500-292) and the PCI Standards Council (Information Supplement: PCI DSS Cloud Computing Guidelines) provide considerations for shared responsibilities. This document also examines the relationships between CSPs and their customers in more detail.
In addition, this white paper helps explain the shared roles and responsibilities an organization needs to consider when selecting a cloud model, such as IaaS, PaaS, and SaaS. The document also explores the compliance requirements that need consideration based on the selection of the service model.