Storagepipe Is Now Thrive

GridWay Is Now Thrive

Microsoft 365

What is a Shared Responsibility Model in Software as a Service?

What is a Shared Responsibility Model in Software as a Service?

Software as a service (SaaS), sometimes called on-demand software, is one of the many benefits of migration to the cloud. SaaS offerings follow a subscription-based model, and allow IT staff to remain focused on high-value tasks for the business, executing strategies quickly and more effectively. However, an often-overlooked aspect of utilizing SaaS, is who is responsible when an issue arises.

Typically, the SaaS provider will publish an SLA with roles and responsibilities as it relates to the service, and in most cases, the roles and responsibilities will follow a shared responsibility model. In a shared responsibility model, the SaaS provider and the customer will each be responsible for various components that make up the service. The SaaS provider will be responsible for things under their control, such as physical infrastructure, environmental, and compute infrastructure, and the client is responsible for transporting and securing the data that is part of the SaaS offering.

One of the largest SaaS offerings on the market is Microsoft Office 365, and they do a great job of showing shared responsibility (see below).

As depicted in the Microsoft Office 365 shared responsibility diagram, the customer is responsible for the information and data that is stored in Microsoft Office 365. For example, without any additional backup protection, Microsoft can only retrieve data deleted within th