Best Practices for IONOS Cloud Security Products

Secure user access management

User access management is crucial for a secure cloud environment. It prevents unauthorized access, mitigates data breaches, and ensures regulatory compliance. This topic explores practical examples and best practices for securing user access in a public cloud environment.

Implement strong authentication mechanisms

For enhanced user access security, it is vital to use secure and strong authentication mechanisms that apply to any user, independent of whether it is the owner of an account or users added to the account with roles of administrators or read-only access. You need to use:

1. The service login credentials are confidential information and must be handled accordingly. Usually, they consist of a user identifier, such as an email address and a strong password.

2. The service login credentials require a strong user identifier and password. For example, an email address and a strong password. Common and weak passwords, such as the following, are frequently found in breach lists:

123456
password
qwerty
abc123
letmein

Warning: Using any of the above-mentioned passwords or easily guessable patterns is strongly discouraged, as they are highly vulnerable to brute-force attacks.

The source of this information is based on an analysis of various data breaches and password dumps that have occurred over the years. Websites and services such as Have I Been Pwned and data security reports often compile and analyze this data to raise awareness about the importance of strong passwords and security practices.

3. Complex passwords are difficult for humans to remember, so use safe password vaults to store data across multiple services securely. It also helps to use different complex passwords across multiple services and allows the introduction of password retention periods. This protects you if one service gets compromised; other services might not be affected. In any case, passwords do not belong in easy-to-access places like post-its stuck to your monitor.

4. The essential step of strong authentication is using unique, complex, and lengthy passwords. To make it secure, it is recommended that all user accounts utilize Multi-Factor Authentication (MFA). MFA requires multiple verification forms, such as passwords and a unique code, to reduce unauthorized access risks.

The IONOS Cloud platform supports Multi-Factor Authentication, which users can enable for their accounts. Contract owners and users with administrative privileges can manage users within the User Management module, and enforce MFA on additional users, requiring them to complete the activation process before using granted services or resources.

Applying the Principle of Least Privilege (PoLP)

Adhering to the principle of least privilege is crucial for minimizing the risk of unauthorized or unintended actions by users. In the IONOS Cloud platform, the owner of a contract and users with administrative privileges will receive maximum access to the platform, which also includes the right to manage the privileges and permissions of other users.

It is recommended to adhere to the following practices to mitigate the impact of compromised accounts or insider threats:

assess which users must have administrative privileges.
evaluate granting users the minimum level of access necessary to perform their job functions.
regularly review and only update access permissions as roles and responsibilities change.

Within the IONOS Cloud platform, you can create custom group profiles with fine-grained privileges, limiting access to only the necessary resources and actions. By assigning roles based on job responsibilities and regularly reviewing access permissions, you can ensure users have the appropriate level of access without unnecessary privileges.

IONOS role and permission concept

The IONOS role and permission concept is explained in detail:

The first user who creates an account at IONOS becomes the respective account owner and the user:

receives all privileges and permissions.
cannot be revoked from this role.
will be the recipient of all legal communications. For example, changes in contract conditions like updates of terms and conditions, as well as invoices.
will always be allowed to access all resources within the account—independent of who created the resource/is the owner of the resource.
has the right to add or remove additional users to or from the account, respectively.

Perform regular access reviews and audits to identify and address security vulnerabilities or excessive user privileges:

Periodically review user accounts, permissions, and activity logs to ensure compliance with security policies
Promptly revoke access for users who no longer require it, for instance, when a user's role within your organization has changed and no longer requires access.
Establish routines to revoke access in a timely manner from users who have resigned.

Users in an Administrator role

The user can be promoted to the "Administrator" role, which automatically grants the user all privileges and permissions to all resources. The user in an administrator role:

has the same privileges as the account owner, except for changing the the payment method.
is authorized to add or remove users from the account except the owner's user account.

Users with explicit privileges and permissions

A "User" can be given explicit privileges and permissions.

Privilege

A "privilege" is a grant for specific actions. For example, create a new Data Center, create Snapshots, use S3 Object Storage, and Access Activity Logs.

Privileges are associated with actions that either:

create additional costs to the account. For example, the user will receive the privilege to create resources or use services on behalf of the account owner that will add charges to the account
allow access to services with sensitive data. For example, the user could access Activity Log and retrieves usage profiles of his organization.

The list of privileges keeps growing as new services are subject to be reflected within the privilege management.

When new services get added, they are not granted to users by default. It must be shared by the "owner" or "administrators" explicitly.

When a user has the "privilege" to create a resource—for example, a new virtual data center—the user becomes the owner of this resource. Even when the "privilege" is revoked, the user still has access to the resources created as the user owns them.

Permissions

In addition to privileges, a "User" can retrieve permissions to access certain resources that other users have created, such as a virtual data center, backups, etc. Compared to "privileges," the user cannot create a new resource but can access existing ones.

However, the user may receive explicit permissions: read-only or write.

In the read-only mode, users can open or retrieve resources and read the configuration. It could include sensitive information like a VM's IP address. IONOS does not persist VM root passwords, so the information cannot be retrieved. The user cannot change resources, configuration, or other parameters.

The write permissions allow users to add, change, and delete elements— for example, add VMs to a virtual data center, start or stop a VM within a virtual data center, and delete a VM from a virtual data center. IONOS does not offer granular access management to individual devices within an infrastructure setup. In other words, a "write" permission allows all operations to the resource itself and elements within the resource, such as servers within a shared virtual data center.

It does not support the exclusion of delete operations. Delete operations are included in "write" permissions as it is considered an intended change to the shared resource.

In addition, users can receive the share permission to share a resource with other groups they are members of. Once they share it with another group, they can only grant permissions they also have on this resource.

In this context, sensitive resources, such as, images, snapshots, and backups contain confidential data and all these resources are explicitly shareable resources. Again, "Administrators" will always have access to these confidential resources and can create, use, update, and delete them. They can also share these resources with other account members who are in the role of "Users."

"Users" must receive explicit share permission to access these resources. For example, when a "User" has access to backups, they are allowed to use the backup to restore the data on a new instance and access the data. You must be aware if the user has the qualifications as well as the permission to do so. You may need to decide per individual user and the sensitivity of data included in the data source, such as customer data, confidential data, etc. The same applies to images as well as snapshots.

IONOS Cloud allows creating custom group profiles, limiting access to resources and actions, assigning roles based on job responsibilities, and reviewing access permissions to ensure appropriate user access without unnecessary privileges. For more information, see Assign privileges to a group.

Performing regular access reviews and audits is crucial for identifying and addressing any security vulnerabilities or excessive user privileges. Periodically review user accounts, permissions, and activity logs to ensure compliance with security policies and promptly revoke access for users who no longer require it. For instance, when a user's role within your organization has changed and no longer requires access, establish routines to revoke access in a timely manner from users who have resigned.

Review and audit user access regularly

Regular access reviews and audits are essential for identifying security vulnerabilities and excessive user privileges. Use the IONOS Activity Log Service API to monitor user activity and generate access reports. Review the reports to identify anomalies, such as unusual login patterns, and take appropriate action to mitigate risks. The reports contain the following:

User login data that indicates when did the user log in.
Data on device indicates the device information and the IP address.
Resource actions indicate what action was executed. Example: reading, creating, updating, or deleting resources.

User awareness is crucial for securing cloud environments. Educate users about best practices for password management, phishing awareness, and recognizing social engineering attempts. Encourage the use of strong, unique passwords and regular password updates.

Conclusion

Secure user access management is crucial for maintaining resource integrity and confidentiality in public cloud environments. Implementing strong authentication, PoLP, regular access review, and user education enhances security posture. In the next topic, we will explore best practices for securing Virtual Machines (VM) within the public cloud.

PreviousBest Practice Guidelines NextBest Practices for IONOS Cloud Server Security Products

Last updated 20 days ago