Zürich, Friday 17 September 2010 CloudSigma AG, a leading European provider of cloud servers, is pleased to announce the launch of the cloud security suite in conjunction with its cloud computing platform. Designed to work in conjunction with its existing innovative web console interface, the new security suite offers enterprise level security options for public cloud servers.
Patrick Baillie, CEO commented ‘This latest announcement brings our cloud into the lead in terms of user controlled security options in the public cloud arena. Features such as two-stage authentication, IP white lists and more mean adding a public cloud to your infrastructure doesn’t mean taking a step down in terms of security.’
By adopting best practices from other areas of the IT industry (such as banking), CloudSigma is leading the way in delivering public cloud servers that meet or exceed the level of security offered by traditional dedicated server hosting.
Control Access to your Cloud Servers
A growing number of CloudSigma’s customers come from the enterprise space. Enterprise customers are looking for solutions that offers secure access from within their corporate environment. Unfortunately traditional VNC access is often not possible due to restrictions on software installation and/or firewall rules within an enterprise environment. The in-browser VNC solution allows enterprises to access their cloud servers securely over the HTTPS port without having to modify their firewall settings or potentially compromise the security of their in-house desktop machines by allowing installation of third party software.
- enable/disable FTP gateway functionality
- control web console inactivity timeout periods
- allow two stage login authentication using SMS
In this way customers can dial in the level of restriction they wish to achieve with their web console access. The two stage authentication combines the usual initial username/password combination with a second stage SMS code verification step. This system is similar to the latest generation systems employed by banks to secure retail access to their online banking. All failed attempts are logged and the account owner is alerted instantly informing customers when a password has become compromised as well as providing a comprehensive audit trail.
Customised API Access
API access represents a double-edged sword for those looking to use public Infrastructure-as-a-Service clouds. On the one hand it allows full automation of cloud infrastructure allowing automatic scaling, load balancing and more. At the same time however such powerful tools represent a significant threat to a company’s infrastructure if not secured correctly. Detailed access control to the API is an essential part of maintaining the integrity of a company’s infrastructure. The following new settings allow customers to secure and limit access:
- switch off API access completely
- create an IP white list for API access
- allow http/https or only https API access
- choose between plain or digest authentication
- choose between username/password or UUID/API key authentication
These critical settings allow customers to tightly control the access and authentication to the API. The combination of secured web console access and secured API access present a robust answer to the concerns that have been raised with regards to securing infrastructure in a public cloud environment.
Hybrid Cloud Ready
Increasingly companies are using a combination of existing infrastructure with public clouds to benefit from the advantages of both models. A critical part of integrating a public cloud with existing corporate infrastructure is the ability to secure and control API and web console access.
Patrick Baillie, CEO continued ‘We are seeing more and more demand from our customers for very fine grain security controls and audit trails from their cloud computing. New features such as our API white list and improved authentication options allow companies to bolt-on our public cloud to their existing infrastructure. Our customers are deploying VPNs then carefully restricting access to cloud infrastructure management tools using this security suite.’
For More Information
Main website: https://blog.cloudsigma.com
Twitter: http://www.twitter.com/CloudSigma
About CloudSigma AG
CloudSigma AG, based in Zürich, Switzerland provides a pure Infrastructure-as-a-Service (IaaS) platform offering high security, flexible cloud servers. Our innovative web console as well as API are designed to make cloud computing and cloud hosting straightforward. High availability redundant infrastructure is backed up by a generous Service Level Agreement that covers not only availability but also performance.
Share this Post
- Is PaaS Platform Lock-In a Hidden Threat to Your Business? - December 20, 2021
- Are We Stealing from You? Understanding CPU Steal Time in the Cloud - November 17, 2016
- Our CEO Discusses Hybrid Cloud - October 19, 2016
- Share Cloud Infrastructure Securely - August 10, 2016
- Win a OnePlus2 Phone - October 25, 2015