Malfunctions and Security Incidents
This Reporting Guideline will provide information and recommendations on reporting a malfunction and information security incident to IONOS Cloud.
What is a malfunction?
A malfunction refers to an operational failure, disruption, or issue within the cloud computing services offered by IONOS that impacts the security of the data and systems hosted on the cloud. Network connectivity issues, server failures, storage problems, and performance degradation are common examples of malfunctions. As malfunctions can lead to information security incidents, they should be reported to prevent them.
What is an information security incident?
An information security incident involves any event or occurrence compromising the security of IONOS cloud infrastructure, services, or data within its environment. These incidents can impact the confidentiality, integrity, and availability of data and systems hosted on the IONOS platform. Here are some examples of information security incidents:
Denial of Service (DoS) attacks: Malicious attempts to overload cloud services, making them unavailable to legitimate users.
Data Breaches: Unauthorised access to sensitive data stored on the cloud, leading to the exposure or theft of confidential information.
Malware Infections: Introduction of malware into the cloud environment, which can lead to data loss, system compromise, or unauthorized access.
Ransomware Attacks: Malware that encrypts a user's files and demands a ransom for their release, often resulting in data loss or financial impact.
Insider Threats: Malicious actions by individuals with legitimate access to the cloud environment, resulting in security breaches or data exfiltration.
How to report?
If you have identified a malfunction or security incident that may affect IONOS, report it to IONOS Cloud Support.
Please provide as much information about the security event as possible, but at least:
Type of the event.
Date and time (also timezone) of the event.
Provide a description and any other information relevant to the event, like log messages, if available.
Contact information where we can reach you for follow-up.
Note: Do not include sensitive data, such as your password, in your description.
What to expect?
Our system administrators are available 24 hours a day, 365 days a year. Upon receipt of a support request, you will be contacted by a trained system administrator. The following response times apply to incoming support requests:
Reporting a malfunction or security incident related to IONOS Cloud (without Cubes) < 1 hour
Reporting a malfunction or security incident related to IONOS Cloud Cubes < 6 hours
Info: IONOS will not seek prosecution of any security researcher who reports, in good faith and in accordance with this policy, any security event on an in-scope IONOS service.
Last updated