Shared Responsibility Model
DeltaBlue
Shared Responsibility Model
Shared Responsibility Model
DeltaBlue
Version 1.1
Last updated from: 25 September 2025
Overview
DeltaBlue offers two main service models:
- App Developer Platform - A self-service, cloud-native platform for application developers.
- Managed Services Platform - A fully managed, enterprise-grade infrastructure solution providing virtual and bare-metal capacity in various forms (Public Cloud, (Virtual) Private Cloud (VPC), Hybrid & Multi-Cloud, Edge Compute and On-Premise).
In each model, responsibilities between DeltaBlue and the customer vary depending on service layer, customization, and infrastructure control.
1. Shared Responsibility Matrix
| Responsibility Domain | App Developer Platform | Managed Services Platform |
|---|---|---|
| Infrastructure (Compute, Storage, Network) | DeltaBlue managed (abstracted from customer) | DeltaBlue manages infrastructure or integrates with customer-owned resources |
| Container / Virtual Machine Orchestration | DeltaBlue LXC-native platform with Docker / K8s /VM support | Via Managed Kubernetes (customer) or DeltaBlue Containers and VM's |
| Operating System Updates | Handled by DeltaBlue via platform updates | DeltaBlue (on hosted infra) or jointly with client (BYO infrastructure) |
| Application Code | Customer responsible | Customer responsible |
| App Deployment & CI/CD | Customer responsibility via GitHub/GitLab/Scenario's | Customer responsibility; supported via hooks/API |
| Monitoring & Logging | DeltaBlue provided via Platform | DeltaBlue provided or integrates with client tools |
| Security - Platform | DeltaBlue (network segregation, updates, patching) | DeltaBlue (on hosted infra) or shared (BYO) |
| Security - Applications | Customer (code, auth logic, secrets management) | Customer (code, auth logic, secrets management) |
| Backups & Disaster Recovery | Included (SLA-defined RPO/RTO, replicated) | SLA-governed, configurable per environment |
| Compliance & Data Privacy | Customer (data usage), DeltaBlue (platform-level GDPR, DPA) | Customer (data policies), DeltaBlue supports DPA/ISO/SOC compliance |
| Patch Management | DeltaBlue (platform patches < 24h for critical) | DeltaBlue or joint effort (depends on infra ownership / SLA) |
| Cloud Provider Management | DeltaBlue managed, multi-cloud abstraction | Customer can select providers; DeltaBlue orchestrates |
| Support | Included based on tier (Free/Pro/Business/Enterprise) | Defined per Service Agreement |
| Service Level Agreements | Included per environment in tiers (Basic, Advanced, ...) | Defined per project |
2. Model Differentiation
App Developer Platform (LXC / Docker / K8s)
-
Audience: DevOps teams, product teams, SaaS builders.
-
Delivery: PaaS-style abstraction; no infrastructure management.
-
Highlights:
- Native scaling (horizontal + vertical).
- Real-time cost monitoring.
- 1-click service deployment, API-driven infrastructure.
- Ideal for fast, flexible cloud-native development.
Managed Services Platform (VPC, Hybrid, Multi-Cloud, On-Premise)
-
Audience: Enterprises, Regulated Industries, Custom Architectures.
-
Delivery: IaaS or hybrid model, customer-owned or co-managed.
-
Highlights:
- Custom cloud stack provisioning across AWS, Azure, Google, OVH, etc..
- BYO infrastructure support (private cloud, datacenter).
- Defined SLAs per workload (RTO, RPO, MTTR).
- Supports critical compliance requirements (DPA, EULA, GDPR, DORA).
3. Security Responsibilities
| Security Domain | DeltaBlue (All Models) | Customer Responsibility (Both Models) |
|---|---|---|
| Physical Infrastructure | ✅ Data center access controls, audits | ❌ |
| Hypervisor & OS Security | ✅ Patching, monitoring, access controls | ❌ |
| Network Isolation & Firewall | ✅ Default hardened layers per environment | 🔁 Optional custom rules |
| Application-Level Security | ❌ | ✅ Auth, encryption, vulnerability handling |
| Data Encryption at Rest | ✅ Included | 🔁 Optional custom KMS |
| Identity and Access Management | ✅ Team profiles, RBAC | ✅ User-level access, secrets, credentials |
4. Compliance Considerations
DeltaBlue enables GDPR, DPA, ISO27001 readiness via:
- Data processing agreements (DPA)
- Data hosting in non-US jurisdictions if required
- Auditable backups, access logs, history tracing
- Option for full non-US infrastructure
5. Transition & Portability
- Cloud-agnostic blueprinting.
- Live migration support between providers with minimal/no downtime.
- Full exit strategy support with self-service or managed export of VMs, containers, and backups.
- KVM based virtual machines or OCI based containers.