When preparing for cloud certification exams like Microsoft Azure Fundamentals, one concept you’re almost guaranteed to come across is the shared responsibility model. It sounds straightforward, but many people misunderstand what it actually means and how it applies to real-world cloud environments.
Let’s break it down in simple terms — and then we’ll bring in a real-world analogy to help the idea stick.
What Is the Shared Responsibility Model?
In a traditional on-premises setup, your organisation is in charge of everything. You own the servers, you maintain the physical building, you handle security, and your IT team is responsible for installing updates, managing data, and keeping everything secure and online.
Cloud computing shifts this. When you move to the cloud, some of that responsibility is taken on by the cloud provider. Others stay with you. That’s why it’s called a shared responsibility model.
Here’s how the responsibilities break down:
The cloud provider is always responsible for:
- The physical datacentre
- Power, cooling, and networking
- The physical servers and infrastructure
You, the customer, are always responsible for:
- Your organisation’s data
- The devices that connect to your cloud environment
- Identities, roles, and account access
The grey area comes in between — things like operating systems, firewalls, and apps. Who manages those depends on the type of cloud service you’re using: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), or Software as a Service (SaaS). We’ll cover those service models in more depth in a future post.
A Simple Analogy: Driving, Taking a Taxi, or Riding the Bus
Still not quite clicking? Here’s a simple analogy that makes the shared responsibility model much easier to grasp.
Imagine you need to travel from point A to point B. You’ve got three options:
1. Driving your own car
This is like running your own datacentre. You’re responsible for buying the car, fuelling it, maintaining it, fixing it, and making sure it follows the law. Everything’s on you.
This is your on-premises setup.
2. Taking a taxi
This is like Infrastructure as a Service (IaaS). The car and driver are provided. You don’t worry about maintenance or fuel, but you still tell the driver where to go, secure your own belongings, and ensure your destination is correct.
The provider gives you the basics, but you’re still managing a lot.
3. Riding a bus
This is like Software as a Service (SaaS). You don’t drive, you don’t worry about the route, and you don’t handle maintenance. You just get on, ride, and get off.
You still need to protect your belongings and choose when to get off, but most of the work is handled for you.
| Model | Travel Analogy | Who’s Responsible for What |
|---|---|---|
| On-Premises | Driving Your Own Car | You handle everything: maintenance, fuel, driving, security, route. |
| Infrastructure (IaaS) | Infrastructure (IaaS) | You handle direction and belongings. Provider manages the car, fuel, and maintenance. |
| Software (SaaS) | Riding the Bus | You just get on and off. Provider handles route, vehicle, and driver. You manage your data. |
The further you go toward SaaS, the more the cloud provider takes off your plate. The closer you are to IaaS, the more you still manage.
Why It Matters for Certification and the Real World
Understanding this model is critical not just for passing your certification exams, but for working in cloud environments confidently. Many cloud security mistakes come down to confusion over who was supposed to handle what.
Whether you’re deploying a virtual machine or using a fully managed SaaS platform, always ask yourself: What am I responsible for? What is the provider handling?
Get that clear, and you’ll make smarter, safer decisions in the cloud — and ace those exam questions too.
