SimpleRisk Shared Responsibility Model (Hosted Deployment)

When a customer uses SimpleRisk as a hosted service in SimpleRisk’s AWS cloud environment, security responsibilities are shared between SimpleRisk and the customer. SimpleRisk manages and secures the infrastructure, operating system, and application, ensuring that the underlying technology is both robust and compliant with industry standards. This includes implementing regular security updates, monitoring for potential vulnerabilities, and maintaining high levels of data protection through advanced encryption methods. On the other hand, customers remain responsible for user management, which entails establishing and managing user accounts, roles, and permissions to ensure that only authorized personnel have access to sensitive data and features. Additionally, customers must develop and enforce data access policies that govern how data can be accessed, shared, and stored within their organization. This is crucial for maintaining data integrity and confidentiality. Furthermore, compliance with industry regulations is a key area where customers must take an active role. This means staying informed about relevant laws and guidelines that apply to their specific industry, and ensuring that their usage of SimpleRisk aligns with those standards. By clearly understanding these shared responsibilities, both SimpleRisk and the customer can work together to create a secure and compliant environment that protects sensitive information while maximizing the effectiveness of the SimpleRisk platform.