>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

OPS-23Managing Vulnerabilities, Malfunctions and Errors - System Hardening

>Control Description

System components in the production environment used to provide the cloud service under the Cloud Service Provider's responsibility are hardened according to generally accepted industry standards. The hardening requirements for each system component are documented. If non-modifiable ("immutable") images are used, compliance with the hardening specifications as defined in the hardening requirements is checked upon creation of the images. Configuration and log files regarding the continuous availability of the images are retained. Additional criteria: System components in the Cloud Service Provider's area of responsibility are automatically monitored for compliance with hardening specifications. Deviations from the specifications are automatically reported to the appropriate departments of the Cloud Service Provider for immediate assessment and action.

Ask AI

Configure your API key to use AI features.