How to secure IaaS/PaaS effectively: customer responsibilities in the shared security model