Security controls are designed to ensure technology solutions are built and maintained in ways that ensure function and security successfully coexist. This ideal holds strong in Azure where Microsoft is constantly vetting and monitoring the implementation of their security controls, as well as watching their service teams continue to innovate new functionality in the cloud environment. With that said, the cloud presents a spectrum of responsibilities based on what types of services and/or features a customer may be consuming. This is unlike more traditional on-premises information systems where most, if not all, security is implemented by the same owner.
As organizations move from IaaS, to PaaS and then to SaaS, you’ll find that they are responsible for less and the cloud service provider is responsible for more.
The figure below describes how shared responsibility works across the cloud service models.
Make sure you understand you role in this complex paradigm that is cloud computing and don’t assume the Cloud provider will manage all security aspects of your environment!