Shared Responsibility Model
The shared responsibility model defines the division of security responsibilities between DanubeData and its customers for each cloud infrastructure service.
1. Introduction
Security and compliance in the cloud is a shared responsibility between DanubeData (the cloud infrastructure service provider) and the customer. This document defines the clear division of responsibilities to ensure that both parties understand their obligations and that no security gap exists between provider-managed and customer-managed domains.
DanubeData is responsible for "Security OF the Cloud" — the infrastructure, platform components, physical security, and foundational services that underpin all DanubeData offerings. This includes the hardware, networking, hypervisors, container orchestration, and the management plane that customers interact with through the DanubeData dashboard and API.
Customers are responsible for "Security IN the Cloud" — the data they store, the applications they deploy, the access controls they configure, and the operating systems and software they manage within the services they consume. The extent of customer responsibility varies by service type: fully managed services shift more responsibility to DanubeData, while infrastructure services such as VPS place more responsibility on the customer.
This shared responsibility model is established in accordance with Section 5.1 of the CISPE Code of Conduct for Cloud Infrastructure Service Providers. It applies to all DanubeData services, including VPS Instances, Managed Databases, Cache Instances, Object Storage, Serverless Containers, Static Sites, Managed Applications, and Storage Share (Nextcloud).
Customers should review this document carefully and ensure that they fulfil their portion of the shared responsibility model. DanubeData provides documentation, tooling, and support to assist customers in meeting their security obligations.
2. Responsibility Matrix per Service
The following tables define the division of responsibilities between DanubeData and the customer for each service. The scope of customer responsibility decreases as services become more managed, but customers always retain responsibility for their data, access decisions, and application-level security.
2.1 Virtual Private Servers (VPS)
VPS instances provide customers with KubeVirt-based virtual machines. As an infrastructure service, VPS places the greatest share of responsibility on the customer, who controls the guest operating system, applications, and data within the virtual machine.
| Responsibility Area | DanubeData | Customer |
|---|---|---|
| Physical Infrastructure | Data center security, power, cooling, hardware procurement and maintenance | N/A |
| Hypervisor & Host OS | KubeVirt hypervisor security, host OS patching, kernel updates, container runtime security | N/A |
| Network Infrastructure | Physical network, DDoS protection, platform-level firewalls, tenant network isolation | Firewall rule configuration, application-level network security |
| Guest Operating System | N/A | OS patching, security hardening, configuration management, system updates |
| Applications & Data | N/A | Application security, data encryption, data classification, access management within the VM |
| Backups & Snapshots | Snapshot infrastructure, automated snapshot scheduling, snapshot storage | Snapshot retention configuration, restore testing, application-level backup strategy |
| Access Management | Platform RBAC, VNC console security, API authentication | SSH key management, root passwords, OS user accounts, sudo policies |
2.2 Managed Databases (MySQL, PostgreSQL, MariaDB)
Managed database services handle engine provisioning, patching, replication, and connection security. Customers retain responsibility for schema design, data management, and application-level access control within their databases.
| Responsibility Area | DanubeData | Customer |
|---|---|---|
| Physical Infrastructure | Data center security, power, cooling, hardware procurement and maintenance | N/A |
| Database Engine | Engine provisioning, patching, minor and major version upgrades, runtime security | N/A |
| Replication | Replica provisioning, replication health monitoring, failover management | Read replica usage decisions, read/write splitting in application code |
| Connection Security | TLS certificate provisioning, encrypted connections, CA certificate management | Enforcing TLS in client connections, client certificate configuration |
| Database Users & Roles | Admin credentials management, initial user provisioning | Application user management, role-based access within the database, privilege assignment |
| Schema & Data | N/A | Schema design, query optimisation, data classification, data retention policies |
| Backups | Automated backups, snapshot infrastructure, backup storage and retention | Backup schedule preferences, restore testing, logical backup strategy |
| Performance | Parameter groups infrastructure, resource allocation, storage performance | Parameter tuning, query optimisation, indexing strategy, connection pooling |
2.3 Cache Instances (Redis, Valkey, Dragonfly)
Cache services provide managed in-memory data stores with optional replication. DanubeData manages the cache engine lifecycle and infrastructure, while customers are responsible for data design, eviction strategies, and connection security configuration.
| Responsibility Area | DanubeData | Customer |
|---|---|---|
| Physical Infrastructure | Data center security, power, cooling, hardware procurement and maintenance | N/A |
| Cache Engine | Engine provisioning, patching, version management, maintenance windows | N/A |
| Replication | Replica provisioning, replication health monitoring, failover management | Read replica usage decisions, replica routing in application code |
| Connection Security | Network isolation between tenants, TLS infrastructure | Password management, enforcing TLS in client connections, credential rotation |
| Data Management | N/A | Key design, eviction policies, data sensitivity classification, memory usage planning |
| Backups | Snapshot infrastructure, snapshot storage and retention | Snapshot scheduling configuration, data persistence decisions, restore testing |
2.4 Object Storage (S3-compatible)
Object storage provides S3-compatible storage with high durability and availability. DanubeData manages the storage engine, encryption at rest, and tenant isolation. Customers are responsible for access control policies, data lifecycle management, and client-side encryption decisions.
| Responsibility Area | DanubeData | Customer |
|---|---|---|
| Physical Infrastructure | Storage hardware, data durability (99.999999999%), power, cooling, hardware maintenance | N/A |
| Storage Engine | Ceph RGW provisioning, availability management, engine patching and upgrades | N/A |
| Encryption | Server-side encryption at rest (AES-256), KMS infrastructure (HashiCorp Vault) | Client-side encryption decisions, KMS key management, encryption policy configuration |
| Access Control | IAM infrastructure, tenant isolation, bucket namespace separation | Bucket policies, access key management, CORS configuration, presigned URL policies |
| Data Management | N/A | Lifecycle rules, versioning configuration, object retention, data classification |
| Network Security | API endpoint security, TLS for all connections, DDoS protection | Presigned URL management, access key rotation, secure credential storage |
2.5 Serverless Containers (Rapids)
Serverless containers provide Knative-based deployments with automatic scaling and scale-to-zero capabilities. DanubeData manages the container runtime, build pipeline, and networking infrastructure. Customers are responsible for application code security, container image management, and authentication implementation.
| Responsibility Area | DanubeData | Customer |
|---|---|---|
| Physical Infrastructure | Container runtime, Knative infrastructure, compute node management | N/A |
| Build Pipeline | Kaniko build infrastructure, container registry security, build isolation | Dockerfile/Buildpack configuration, dependency security, build-time secrets |
| Auto-scaling | Scale-to-zero infrastructure, request routing, load balancing | Concurrency and scaling configuration, resource limit decisions |
| Container Images | Base image availability, registry infrastructure | Image security, vulnerability scanning, dependency updates, base image selection |
| Application Code | N/A | Code security, secret management, environment variable configuration, input validation |
| Custom Domains | TLS certificate provisioning, DNS infrastructure, automatic certificate renewal | DNS configuration, domain ownership verification |
| Network Security | Ingress security, DDoS protection, tenant network isolation | Authentication implementation, rate limiting within the application, IP whitelisting |
2.6 Static Sites
Static site hosting provides Git-integrated build pipelines and managed hosting with automatic TLS. DanubeData manages the entire build and hosting infrastructure, while customers retain responsibility for source code security and content management.
| Responsibility Area | DanubeData | Customer |
|---|---|---|
| Build Infrastructure | Build pipeline, deployment infrastructure, build isolation, registry management | N/A |
| Hosting & CDN | Hosting infrastructure, TLS certificates, availability management, DDoS protection | N/A |
| Source Code | N/A | Code security, dependency management, vulnerability remediation in dependencies |
| Custom Domains | TLS certificate provisioning, automatic certificate renewal | DNS configuration, domain ownership verification |
| Content Security | N/A | Content management, password protection configuration, compliance of published content |
2.7 Managed Applications (WordPress, n8n, Ghost)
Managed applications provide pre-configured application instances with automated provisioning and runtime management. DanubeData handles server provisioning and base image updates, while customers manage plugins, users, and application-level content and security.
| Responsibility Area | DanubeData | Customer |
|---|---|---|
| Physical Infrastructure | Server provisioning, resource allocation, compute and storage infrastructure | N/A |
| Application Runtime | Base image updates, runtime patching, application engine maintenance | N/A |
| Plugins / Extensions | N/A | Plugin security vetting, plugin updates, extension configuration |
| User Management | N/A | Application users, roles, permissions, password policies within the application |
| Data & Content | N/A | Content management, data classification, compliance of published content |
| Backups | Automated backup infrastructure, backup storage and retention | Backup schedule preferences, restore testing, data export verification |
| Custom Domains | TLS certificate provisioning, automatic certificate renewal | DNS configuration, domain ownership verification |
2.8 Storage Share (Managed Nextcloud)
Storage Share provides managed Nextcloud instances for file storage and collaboration. DanubeData handles instance provisioning, updates, and the underlying S3 storage backend. Customers are responsible for user management, sharing policies, and application-level configuration.
| Responsibility Area | DanubeData | Customer |
|---|---|---|
| Physical Infrastructure | Server provisioning, S3 storage backend, compute and network infrastructure | N/A |
| Nextcloud Runtime | Instance provisioning, Nextcloud updates and patching, PHP runtime maintenance | N/A |
| User Management | N/A | User accounts, sharing permissions, group management, password policies |
| File Sharing Policies | N/A | Sharing links, expiration settings, password protection, public share decisions |
| Apps & Integration | N/A | Nextcloud app configuration, third-party integration decisions, external storage mounts |
| Backups | Automated backups, backup storage and retention | Backup verification, data export testing, critical file versioning |
3. Cross-Cutting Responsibilities
In addition to the per-service responsibilities described above, the following cross-cutting areas apply to all DanubeData services. These represent shared domains where both DanubeData and the customer must fulfil complementary obligations to maintain a complete security posture.
| Area | DanubeData Responsibility | Customer Responsibility |
|---|---|---|
| Identity & Access Management | Platform RBAC, MFA infrastructure (TOTP and Passkeys), OAuth provider integration, API token system, session management | Team member management, API key rotation, SSH key management, password policies, enabling MFA for all team members |
| Encryption | TLS in transit for all services (TLS 1.2+), encryption at rest for managed services (AES-256), KMS infrastructure (HashiCorp Vault) | Application-level encryption, client-side encryption decisions, KMS key management, enforcing TLS in client connections |
| Logging & Monitoring | Infrastructure monitoring (Prometheus/Grafana), platform audit logs (90-day retention), health checks, alerting infrastructure, centralised log aggregation (Loki) | Application logging, business metrics, alert threshold configuration, log review and analysis |
| Compliance | GDPR compliance as data processor, CISPE Code of Conduct adherence, Data Processing Agreement (DPA) maintenance, sub-processor transparency | GDPR compliance as data controller, data classification, Data Protection Impact Assessments (DPIAs), lawful basis for processing, data subject rights fulfilment |
| Backup & Recovery | Automated infrastructure backups per SLA commitments, snapshot infrastructure, offsite backup via Velero to self-hosted S3-compatible storage (Ceph RGW) | Application data backup strategy, restore testing, backup schedule configuration, business continuity planning |
| Network Security | Platform-level firewalls (Cilium network policies), DDoS mitigation, network isolation between tenants, ingress security | Firewall rule configuration, application-level security, IP whitelisting decisions, VPN configuration where applicable |
4. Getting Help
If you have questions about this shared responsibility model, your specific obligations, or need guidance on implementing security best practices for your DanubeData services, please contact us through the following channels:
- Documentation: docs.danubedata.ro — comprehensive guides for each service, including security best practices and configuration recommendations
- Security questions: security@danubedata.ro — for questions about security architecture, compliance, and responsible disclosure
- General support: support@danubedata.ro — for technical assistance with service configuration and operations
- Data Protection Officer: dpo@danubedata.ro — for data protection inquiries, GDPR-related questions, and DPA requests
Questions about this policy?
If you have any questions or concerns, please contact our legal team.
Contact Us