Source: INCIBE – National Institute of Security

[[email protected]]

Perimeter control is carried out by installing and configuring a firewall . This is the computer application responsible for monitoring all communications made to or from the computer or the network and decides whether to allow them depending on the rules established by the system administrator. To achieve a higher level of security, it is recommended to install and configure an Intrusion Detection System (or IDS). This is a computer application that allows and blocks connections, analyzing them to detect whether they carry dangerous content for the entire network. In addition, it is capable of categorizing the different threats and informing the system administrator following a list of rules.


Cryptography is another protection mechanism that consists of encoding data to prevent it from being understood when the encryption mechanism is not known. There are different levels of encryption depending united kingdom telegram database on the type of communication established: between the network and the application users, the connections between the cloud administrators themselves and the protection of data in storage. If an unauthorized user intercepts the data or has access to the cloud file system, they will not be able to interpret the hosted content without knowing the encryption key.


Log management ( event log files) is the only way to check computer activity, detect incidents and formulate an action plan to prevent them from happening again. The client must store and review all logs under his responsibility. For example: the log of users accessing an application, the manipulation of data and files on the virtual machine, or the log of potentially dangerous connections detected by the IDS and the firewall. It is also recommended to make backup copies of these logs and even store them on a different machine, since if an attacker takes control of the cloud system, he could destroy the log files and all traces of them.