Magento Commerce Cloud shared responsibility security model
Magento Commerce Cloud relies on a shared responsibility security model. In this model, different parties have different areas of responsibility for maintaining the security of the system. This approach allows for both flexibility and use of best-of-breed cloud technologies. Customers have the ability to customize the Magento Commerce application in any deployment model. At the same time, managed services are provided by Magento Commerce Cloud as part of the offering. The offering is built on top of Amazon’s industry leading cloud services. This is intended to help provide the greatest flexibility for customization and innovation while helping to reduce the operational responsibilities of the merchant.
Magento is responsible for the security and availability of the Magento Commerce Cloud environment, the core Magento Commerce application code, and internal Magento systems. This includes, but is not limited to, server-level patching, operating the necessary services to deliver Magento Commerce, vulnerability testing, security event logging and monitoring, incident management, operational monitoring, 24/7 support, and helping to ensure that the customer’s infrastructure is available in accordance with SLA. Magento is also responsible for managing server firewall configurations (IPTables) and perimeter firewall configurations (security groups). Magento may also release security updates to the core Magento Commerce application on a periodic basis (the application of these patches is the responsibility of the customer). These areas are all covered by the PCI Certification of the Magento Commerce Cloud system.
The customer is responsible for the security of their customized instance of the Magento Commerce application running on the Magento Commerce cloud environment. This includes helping to ensure a secure configuration and coding of the application, and security monitoring activities including penetration testing and regular vulnerability scans. The customer is responsible for the security of any customization, extensions, other applications, or integrations used in their system. Customers are also responsible for the security of their users and the granting of access to their configuration and application. The customer controls all code deployments to their environments. This control also comes with the responsibility to apply application security patches to the core Magento Commerce application, extensions, or any custom code. The customer should perform penetration tests of their customized application.
These responsibilities can be addressed by technical resources by the customer, implementation partners, or Magento professional services. Customers are responsible for the PCI requirements of their customized application and their own processes. The customer’s PCI compliance builds upon the PCI certifications of Amazon Web Services and Magento Commerce Cloud in order to minimize the areas that must be reviewed.
Magento Commerce uses Amazon Web Services (AWS) for cloud server infrastructure. AWS is responsible for security of the network including routing, switching, and perimeter network security via firewall systems and intrusion detection systems (IDS). AWS is responsible for physical security to the data centers hosting the Magento Commerce cloud environment, and environmental security to ensure proper power, cooling, and mechanism controls are in place. Magento Commerce Cloud uses Amazon’s Elastic Compute Cloud (EC2), Amazon Simple Storage Service (S3), Elastic Block Store (EBS), Amazon Virtual Private Cloud (VPC), Amazon Elastic Load Balancer (ELB), and Amazon Cloud trail services. Amazon has an extensive compliance program which includes PCI DSS, SOC 2, and ISO 27001 certifications.