*3.1.7 System patches*

*Cloud Computing Security - Concepts and Practice*

• Backup system resources on a regular basis.

• Limit the number of user accounts.

• Build production systems from a known and repeatable process to ensure

• Check systems periodically against snapshots of the original system.

• Use available third-party auditing software to check system integrity.

• Ensure that only a few trusted users have administrative access.

avoid the use of any personal information or dictionary words.

• On a UNIX operating system, activate the shadow password file.

• Provide minimal access rights where necessary, for example, read only.

• Reduce the level of access permissions for network services users.

• Ensure that user accounts that have access to the Web server do not have access

• For UNIX/Linux, ensure that unused services do not exist in the rc files, rc0-

• Ensure that unused services are not running, and that they do not start auto-

• Provide the minimum number of required services.

• Assign the minimum required access permissions for the account that runs an

• Require the use of secure passwords, that is, passwords of sufficient length, using a mix of letters, numbers and symbols. Do not re-use passwords and

• Use automated tools to try and crack any weak passwords and require their

*3.1.2 System integrity*

*3.1.3 User accounts*

application.

*3.1.4 Password policies*

update by users.

*3.1.5 File system*

*3.1.6 Network services*

to shell functions.

rc6, in the /etc. directory.

matically on MS Windows.

• Use two-factor authentication.

• Deny access by default.

system integrity.

**62**

