Not only classical attack scenarios are relevant for cloud servers. In addition to that there are specific characteristics, such as the fact that several users share a common IT infrastructure and, as a result, systems in the cloud are often particularly exposed.

To keep cloud-specific risks to a possible minimum, Swisscom recommends that the topic of ICT security be tackled in a comprehensive manner, all possible sources of danger be examined and protective measures be structurally introduced. This includes both technical and organisational actions, such as the following security aspects:

  • Secure connection to the cloud
  • Secure communication within the cloud and to other cloud services
  • Identity and Access Management (IAM): Managing identities with roles, rights and access controls
  • Auditing and logging
  • Security and vulnerability management
  • Requirements management and compliance

results matching ""

    No results matching ""