Home ci 17. security: shared responsibility

17. security: shared responsibility

Last updated on Aug 05, 2025

Shared Responsibility Model

Table of Contents

A shared responsibility model is a framework designed to split tasks and obligations between two groups in cloud computing.

The model divides duties to ensure security, maintenance, and service functionality.

Customer Responsibilities

Security Requirements Assessment

Customers are responsible for evaluating and deciding whether Epycbyte's platform and the security protection provided meet the specific needs and requirements for their application.

Handling Malicious Traffic

Customers are responsible for addressing any costs and resource consumption related to malicious traffic.

Payment Transactions

Customers subject to PCI DSS compliance are responsible for choosing an appropriate payment gateway provider to integrate an iframe into their application .

Client-side Data

Customers are responsible for the security and management of data on their clients' devices

Source Code

Customers are responsible for securely storing, and maintaining their source code at all times

Server-side Encryption

Customers are responsible for encrypting their server-side data, whether it's stored in the file system or in a database

Identity & Access Management (IAM)

Customers choose and implement their desired level of access control regarding their IAM configuration with tools provided by Epycbyte

Region Selection for Compute

Customers are responsible for selecting the appropriate regions for their compute resources based on their requirements and compliance needs

Production Checklist

Customers are responsible for implementing and adhering to recommended best practices provided in Epycbyte's production checklist .

Spend Management

Customers are responsible for enabling Spend Management to set spend a reasonable spend amount and configure actions based on the amount as needed

Shared Responsibilities

Information and Data

Customers control and own their data. By design, customers determine the access to their data and are responsible for securing and protecting it while in their possession.

Integrations

Customers are responsible for deciding which Epycbyte services to use and the data that is collected or needed to provide those services.

Epycbyte Responsibilities

Infrastructure

Epycbyte is responsible for the security and availability of the underlying infrastructure used to provide our services.

Encryption & Data Integrity

Epycbyte is responsible for encryption and data integrity for data in transit (when in motion between systems or locations) and at rest for the services Epycbyte controls.