who is responsible for the security of hardware on which a public cloud runs?

In a public cloud, the cloud provider is responsible for the security of the underlying hardware on which the cloud runs.

Who Secures The Hardware?

In a public cloud model, the provider owns and operates the physical data centers, servers, storage devices, and networking gear. Because customers cannot physically access or manage this equipment, the provider is responsible for protecting it against theft, tampering, environmental damage, and hardware-level attacks.

Put simply:

• The cloud provider secures:
  • Data center buildings and physical access controls.

* Racks, servers, storage arrays, and networking hardware.

* The physical infrastructure used to deliver compute, storage, and network services.

Where Customer Responsibility Starts

Although the provider secures the hardware, cloud security overall follows a shared-responsibility model.

• The customer is typically responsible for:
  • Configuring security for virtual machines, containers, applications, and data in the cloud.

* Managing identities, access controls, and encryption within their cloud tenancy.

• A common rule of thumb:
  • “Security of the cloud” (including hardware) = provider.

* “Security **in** the cloud” (your OS, apps, data, IAM) = customer.

Quick Forum-Style Takeaway

Q: Who is responsible for the security of hardware on which a public cloud runs?
A: The cloud provider, as part of its duty to secure the physical infrastructure and facilities underlying the service.

TL;DR: In a public cloud, the provider is responsible for securing the hardware and physical infrastructure; customers are responsible for securing what they deploy and configure on top of it.

Information gathered from public forums or data available on the internet and portrayed here.