A shared security model (SSM) helps clarify everyone’s roles and responsibilities when it comes to securing your web application. Here’s how it works.
At Unqork, we take enterprise application security very seriously—and for good reason. Nine out of every 10 web applications contain vulnerabilities that hackers can exploit and use to launch an attack. In fact, web applications were the most common attack vector in 2019, compromising over 32% of all cybersecurity threats that year.
43% of organizations worldwide say they don’t have the in-house resources, infrastructures, or capabilities to keep up with known and unknown threats.
Despite the lurking danger, 43% of organizations worldwide say they don’t have the in-house resources, infrastructures, or capabilities to keep up with known and unknown threats. You don’t have to secure your web application entirely on your own, especially when you build on Unqork! All of our security features and protocols fit into something known as the shared security model. What is the shared security model, and how does it work? Why is using a shared security model important? Let’s break it down.
What is the shared security model?
The shared security model (often abbreviated as SSM) is based on the idea of shared responsibility—that is, the shared responsibility of securing your web application. SSM is also referred to as SRM, or the “shared responsibility model,” for this reason.
Unqork’s shared security model splits application security between three entities—the platform, the cloud provider, and, uniquely, the customer. Traditionally, SSMs have two layers; since Unqork is a platform delivered as a SaaS, this third level (customer) is distinct. Each entity acts as a layer and is responsible for a certain set of operations. No one is responsible for everything in this model, but it is possible for layers to overlap on particular responsibilities. Here are some more examples of how responsibilities are broken down in Unqork’s shared security model:
The Customer is responsible for the configuration and management of tasks, including security and business requirements. The customer is also responsible for enacting role-based access control (RBAC) and configuring application programming interfaces (APIs).
The Platform is responsible for the infrastructure and platform deployment. This includes adhering to all compliance and regulatory requirements, as well as providing network traffic protection like encryption. The platform is also responsible for the software development life cycle (SDLC).
The Cloud Provider is responsible for the networking facilities, including the hardware and software of your application. Handling the physical aspects of storage, high availability, and the ongoing maintenance of the global infrastructure leveraged by Unqork falls within the cloud service provider (CSP) layer of a shared security model.
Benefits of the shared security model
The biggest benefit of using a shared security model is that you don’t have to do everything by yourself. This saves you time, effort, and resources when it comes to keeping your web application secure. In addition, if your organization lacks a dedicated security function or security expertise, by using a platform like Unqork you are able to inherit costly and complex security controls that you may not be able to benefit from otherwise.
Shared security models also help everyone on your team understand their responsibilities. By clearly differentiating between what you have control over, what your platform can accomplish, and what your cloud provider manages, everyone can stay focused on what they need to achieve.
While you have to relinquish some control to your SaaS/cloud provider and trust them with your web application, you can rest assured that this isn’t a problem when you build with Unqork! Our audit program, SOC 2 compliance capabilities, and overall dedication to enterprise-grade security will help you keep your application safe.
The Unqork shared security model
The shared security model helps everyone zero in on individual responsibilities, and come together to uphold and improve application security. By letting the customer, the platform, and the cloud provider control specific parts of securing an application, a shared security model enables everyone to thoroughly understand and focus on their roles. This helps you mitigate threats from all sides, even as your application grows and develops.
With Unqork’s team of experts by your side, you can trust that your application will be as secure as possible. On the customer level, Unqork enables you to set granular RBAC, implement the customized password policies, and integrate your own IdP or authentication mechanisms for your user base. On the platform end, Unqork is responsible for encrypting data at-rest and in-transit, running ongoing threat investigation and detection, and deploying and managing a resilient cloud infrastructure.
For even more protection, we regularly assess the Unqork platform’s security capabilities with various forms of security tests. This includes in-house and client-driven testing, network and application penetration testing, and manual application review. Unqork is also responsible for performing security scans of the underlying platform code, the cloud infrastructure, and the network. Build with Unqork for safer, faster, and more efficient application development today!
This webinar takes a deep dive into how no-code application development can be applied across your entire SDLC (securely).