Security Measures objectives
Policy
Security standards knowledge shall be acquired by the users in order to be able to maintain a secure
environment.
Users shall identify custom preferred approaches to apply while accessing ONDA cloud resources
proportionally to the nature of the activities and associated risks.
Security controls for provisioned systems shall be evaluated in line with these standards, and
responsibilities are to be well understood by users in order to properly apply protection measures.
Users shall ensure that settings are enforced to guarantee:
- CONFIDENTIALITY: any data and information that is available to users shall be protected in a way that
only authorized users have access. - INTEGRITY: any data and information that is available to users shall be protected from alteration and
accuracy and completeness must be guaranteed. - AVAILABILITY: users are to ensure that authorized users can access data and information when
required. - Compliance:
- Regulatory requirements: users shall ensure that any regulatory and legislative requirements
will be met. - Contractual compliance: users shall ensure that the use of provisioned resources are in
compliance with the ONDA DIAS terms and conditions, and that any information sharing is
handled in compliance with specific policies.
- Regulatory requirements: users shall ensure that any regulatory and legislative requirements
In order to support the users in these commitments, ONDA DIAS has developed, implemented and
maintained a management system and a set of processes enabling the protection of users provisioned
environment for the virtual infrastructure.
Users shall therefore adhere to security best practices in order to maintain an efficient level of security
within the cloud resources they have provisioned.