Lifting the lid on cloud security responsibilities
June 8, 2022
|
4
min read
Highlights
Matt Dinham, Director of Network Operations, highlights where the lines of responsibility are drawn when it comes to cloud security.
Welcome to the first in a series of blogs covering topics about cloud migration I think many readers will benefit from. This first one is about cloud and the security issues surrounding it. Many organisations we provide services to have adopted a strategy to migrate their compute workloads to cloud. I often hear the motivation for this strategy is the misconception that cloud is inherently more secure than selfhosting - just because it’s “cloud”. But, is it?
There is no doubt that cloud providers take their own responsibilities for security and compliance very seriously but were you aware that securing your data in the cloud is actually your responsibility.
AWS And Microsoft Azure have made it very clear where their responsibility for security and compliance stops and where the customers responsibility begins. This is referred to as the shared responsibility model as shown below.
AWS Shared Responsibility Model
Azure Shared Responsibility Model
Ever heard the saying the cloud is just someone else’s computer? The cloud provider is responsible for the security of the cloud, i.e. the underlying infrastructure, physical facilities, etc. The customer of the cloud provider is responsible for the security of the data in the cloud and the security of any virtual machines, OS patches and applications, etc in it.
So, what does this mean? Without the appropriate controls in place, it could be the user of the cloud services, not the cloud provider, who fails to manage the controls necessary to protect their data that’s hosted in the cloud - Gartner estimates that by 2022, at least 95% of cloud security failures will be the customer’s fault. As the responsibility for your data lies with you, you’ll need to ensure that any controls and policies you have in place for a locally hosted solution, extends to the cloud too.
The cloud is only as secure as you make it, and with security “threat actors” becoming more and more advanced, it is more important now than ever to not only choose a secure cloud provider, but also to ensure data you host in the cloud is secure.
If you are developing a cloud strategy or considering moving additional workloads to the cloud, then come and talk to us about how to develop your own security strategy, to make your move to the cloud as safe as everyone thinks it should be.
Tell us about yourself so we can serve you best.
Got a question?
More articles
For many landlords and building managers, the word “wayleave” feels like the responsible route whenever a fibre circuit is being installed on their property. It sounds formal and safe – a neat legal box to tick.
In many cases, however, a wayleave adds unnecessary complexity and delays, frustrates tenants, and can expose landlords to long-term legal risks.
At Vorboss, we’ve connected thousands of office spaces across London without a wayleave, keeping landlords in full control and getting tenants online faster.
What is a wayleave?
A wayleave is a written agreement between a landowner and a telecoms operator. It gives the operator permission to install and keep equipment on private property.
What many people don’t realise is that signing a wayleave also activates “Code rights” under the Electronic Communications Code. These rights go beyond simple permission, they give the operator legal powers to stay on the property indefinitely, access it when needed, and even refuse removal of their equipment in certain situations.
For a typical connection into a commercial building in London, a wayleave can make the fibre installation process slower, more expensive, and limit the landlord’s flexibility long term.
Why a wayleave isn’t required for standard in-building fibre connections
For a standard in-building fibre connection serving a tenant, a wayleave isn’t a legal requirement. Important protections, like building access, fire safety, repairing any damage, and removing equipment, are already covered by the tenant’s lease and usual building rules.
If no wayleave is signed, no Code rights are triggered, meaning the landlord retains full control and the installation exists under a simple, fully revocable licence.
In practice, this gives landlords far more protection and flexibility:
- No legal lock-in – the telecoms operator has no long-term rights to stay or refuse removal.
- Landlords keep full control – equipment can be moved or removed when the building changes.
- Faster fibre installation – no time lost in drafting contracts or solicitor reviews.
- Happier tenants – connections go live quicker; tenants get to move in faster.
By contrast, signing a wayleave and granting Code rights introduces a complex and expensive legal process for any fibre removal or relocation. This can take at least 18 months, plus potential court or tribunal proceedings, making it slower, and far less flexible for the landlord.
Public services across central London are evolving, and the City of London Corporation is leading the way.
Whether you work, live or study in the Square Mile, you’ll soon feel the difference that faster, more dependable connectivity brings.
What is the Future Network Programme?
The City of London Corporation is rolling out the Future Network Programme, a major project to modernise its entire digital infrastructure and bring everything under one unified network.
From offices and schools to iconic green spaces like Hampstead Heath, cultural destinations like the Barbican, and historic markets such as Leadenhall and Old Spitalfields, this upgrade will mean more reliable connectivity across the City’s buildings and public spaces.
It also extends to essential services, including critical sites run by the City of London Police. This enhanced connectivity will support everything from secure communication systems to faster, more resilient networks for emergency operations.
Leading this transformation is Roc Technologies, supported by Juniper Networks and Palo Alto Networks; all powered by the Vorboss fibre network. Together, we’re bringing the City onto a modern digital foundation that’s ready to support its future.
Who the Future Network Programme benefits and how?
The programme is designed for everyone who depends on public services in the Square Mile:
- Students in City-run schools will have fast, reliable connectivity to fully access digital learning tools.
- Public-sector teams will experience smoother hybrid working, better access to online platforms, and more efficient collaboration across locations.
- Residents and visitors will see improvements in public Wi-Fi, digital services, and online access in libraries, community hubs, and other shared spaces.
- The City of London Police will gain a more secure, faster and resilient network that enhances CCTV reliability and enables more effective frontline operations.
.avif)
.avif)
