Cloud server security has become a paramount concern in the digital age. As organizations increasingly rely on cloud computing for their operations, the need to protect sensitive data and infrastructure from cyber threats has never been more critical. OVH Cloud, a leading cloud provider, offers robust solutions for businesses seeking to enhance their cloud security posture. However, the ever-evolving landscape of cyber threats demands advanced practices to safeguard cloud environments effectively.
This article delves into the intricacies of mastering cloud server security within the OVH Cloud ecosystem. It examines key areas such as identity and access management, network security, and data protection strategies. The discussion also covers security automation, cloud workload protection, and the importance of threat intelligence in maintaining a strong security stance. By exploring these topics, readers will gain insights into best practices to fortify their cloud infrastructure against potential vulnerabilities and ensure compliance with industry standards.
Cloud Security Challenges in OVH Environment
As organizations increasingly adopt cloud computing, they face unique security challenges within the OVH Cloud environment. These challenges stem from the complex nature of shared resources, multi-tenant architectures, and data sovereignty concerns. Understanding and addressing these issues is crucial for maintaining a robust security posture in the cloud.
Shared Responsibility Model
The shared responsibility model is a fundamental concept in cloud computing that defines the security obligations of both the cloud service provider and the customer. In the OVH Cloud ecosystem, this model plays a critical role in ensuring comprehensive security coverage.
Under this model, OVH Cloud typically takes responsibility for securing the underlying infrastructure, including physical security, network security, and the security of the virtualization layer. Customers, on the other hand, are generally responsible for securing their data, access management, and applications deployed on the cloud platform [1].
This division of responsibilities requires a clear understanding and coordination between OVH Cloud and its customers. Organizations must be aware of their security obligations and implement appropriate measures to protect their assets within the cloud environment.
Multi-Tenancy Risks
Multi-tenancy is a core feature of cloud computing that allows multiple customers to share common resources while maintaining logical separation. However, this shared environment introduces several security risks that organizations need to address:
- Data Breaches: In multi-tenant systems, there’s a risk of unauthorized access to an organization’s data through system vulnerabilities. These breaches can occur due to weak passwords, software flaws, or social engineering attacks [1].
- Data Leakage: Inadvertent disclosure of sensitive information can happen due to misconfigurations or poor data handling practices. This risk is heightened in multi-tenant environments where data from multiple customers coexists [1].
- Inadequate Tenant Isolation: Insufficient isolation between tenants can lead to data contamination or unauthorized access. This risk arises from system misconfigurations or vulnerabilities in the underlying infrastructure [1].
- Regulatory Compliance Challenges: Meeting regulatory standards in a multi-tenant setting can be complex due to shared resources and the potential for data co-mingling [1].
- Insecure APIs: Weak or poorly secured application programming interfaces (APIs) can serve as entry points for attackers to exploit vulnerabilities and gain access to data or resources [1].
To mitigate these risks, OVH Cloud implements resource allocation and isolation techniques. However, these methods may not always be sufficient. For instance, while OpenStack community uses smart filtering techniques to segregate resources in Compute nodes, there are still challenges in isolating resources in Cinder nodes, which can be considered a security concern [2].
Data Sovereignty Issues
Data sovereignty has become a critical concern for governments and organizations, particularly in Europe. It refers to the ability of a state or organization to control digital resources and protect data against external interference [3].
In the context of OVH Cloud, data sovereignty challenges include:
- Compliance with European Regulations: OVH Cloud must ensure compliance with European regulations that limit the transfer of personal data outside the European Union [4].
- Protection Against External Interference: As a trusted cloud provider, OVH Cloud implements technical and organizational measures to protect data hosted by EU-based customers against interference from non-EU authorities [4].
- Handling Non-EU Authority Requests: OVH Cloud has policies in place to handle requests from non-EU authorities for data hosted within the European Union, in accordance with Article 48 of the GDPR [4].
To address these challenges, OVH Cloud has taken several steps:
- Obtaining the SecNumCloud Security Visa, which verifies the security and trust level of cloud services [4].
- Implementing an integrated business model that allows full control over the value chain, from datacentre construction to server design and network operation [4].
- Participating in European initiatives like GAIA-X to build a secure and sovereign digital ecosystem [3].
By addressing these challenges head-on, OVH Cloud strives to provide a secure and compliant cloud environment for its customers, balancing the benefits of cloud computing with the necessary safeguards for data protection and sovereignty.
Identity and Access Management (IAM)
Identity and Access Management (IAM) plays a crucial role in securing cloud environments, and OVHcloud offers robust solutions to strengthen organizational security through granular access management. IAM allows organizations to securely manage user access and permissions to applications and information through a single interface for all services [5].
User Authentication Methods
OVHcloud provides several user authentication methods to enhance account security:
- Strong Password Policy: The security of services and data depends on the efficiency of passwords. OVHcloud recommends creating complex, unique passwords that are regularly renewed [6].
- Two-Factor Authentication (2FA): This method adds an extra layer of security to the username/password pair. OVHcloud offers three 2FA options:
- Mobile Application: Users can install an OTP (One-Time Password) application on their Android or iOS device. Popular free options include FreeOTP for Android and OTP Auth for iOS [7].
- SMS: This method sends a code to the user’s registered phone number.
- Security Key: Users can employ a Universal Second Factor (U2F) security key for authentication [7].
- Backup Email Address: Adding a secondary email address helps users retain access to their account in case of issues with the primary email [6].
To enable 2FA, users can follow these steps:
- Access the OVHcloud Control Panel
- Navigate to the Security tab
- Click “Enable two-factor authentication”
- Choose a 2FA method and follow the on-screen instructions [7]
OVHcloud also provides backup codes for account recovery in case of lost or stolen devices [7].
Privileged Access Management
OVHcloud IAM offers robust privilege management for users, groups, and applications across the entire product portfolio, including VMware on OVHcloud, Nutanix on OVHcloud BYOL, and OpenStack [5]. Key features include:
- Granular Access Control: Organizations can set specific conditions to grant users access to mission-critical tools based on roles, responsibilities, and resource types [5].
- Multi-tenancy: This feature helps delegate access to partners while maintaining granular control [5].
- Zero-Trust Framework: OVHcloud’s access management is based on a policy management system where each individual must be identified and authorized by policies that grant access to specific solutions and features [5].
- Resource Separation: Organizations can create stringent policies to establish high levels of security and continuity for production environments while enabling more users to access test/dev environments [5].
Identity Federation
OVHcloud supports identity federation, allowing organizations to seamlessly authenticate users by connecting their corporate directory to the OVHcloud Control Panel [5]. This feature offers several benefits:
- Single Sign-On (SSO): Users can access OVHcloud solutions using a common set of login credentials [5].
- SAML 2.0 Support: OVHcloud leverages the SAML 2.0 federation protocol to connect various Identity Providers [5].
- Compatible Identity Providers: OVHcloud supports integration with popular identity providers such as ADFS, Azure AD, Google Workspace, and Okta [5].
To enable Active Directory Federation Services (AD FS) SSO connections with OVHcloud:
- Establish AD FS trust by adding OVHcloud as a Relying Party Trust
- Map LDAP attributes to SAML attributes
- Configure the connection in the OVHcloud Control Panel by providing the identity provider metadata [8]
By implementing these IAM practices, organizations can significantly enhance their cloud security posture, reduce the risk of identity theft and human error, and streamline access management across their OVHcloud environment.
Network Security in OVH Cloud
OVHcloud prioritizes network security to protect its clients’ infrastructure and data. The company employs various advanced techniques and tools to ensure robust protection against potential threats and vulnerabilities.
Software-Defined Networking
OVHcloud leverages software-defined networking (SDN) to enhance network security and management. The vRack Private Network allows users to build complex private infrastructures on a global multi-datacenter scale [9]. This network spans across all OVHcloud data centers, enabling interconnection of eligible services across different locations. This facilitates global application presence and supports high availability or fault-tolerant architectures [9].
The vRack system offers several features designed to streamline network management and connectivity:
- vRack Services: Expands networking capabilities by offering IP-level (Layer 3) services directly within vRack.
- Service Endpoint: Allows connection of OVHcloud managed services to the vRack of choice, enabling secure infrastructure scaling.
- Additional IP blocks: Enables exposure of applications from the vRack network to the public internet, with support for high availability protocols like VRRP.
It’s worth noting that OVHcloud has introduced dual-stack network routing capabilities with Additional IPv6 blocks, currently in Beta [9].
Network Segmentation
Network segmentation is a crucial aspect of OVHcloud’s security strategy. It involves separating different parts of a computer network or network zones using devices like firewalls, switches, and routers [10]. This approach can be applied both in data centers and on-premises at an organization’s facilities.
OVHcloud recommends segmenting networks based on various factors:
- User departments: Segmentation based on different data access needs.
- DMZ subnet: For externally facing systems accessible via the internet.
- Wi-Fi networks: Separation of guest and corporate Wi-Fi.
- IT workstations: Dedicated segments for testing, development, and management functions.
- Application-specific servers: Isolation of servers with confidential or financial data applications.
- VoIP/Communications systems: Placed on their own network zone for enhanced performance and security.
- Physical security systems: Separate zone for cameras, ID card scanners, etc.
- Industrial control systems: Segmented from each other and the corporate data network.
- Customer databases: Secured more intensely due to compliance requirements like PCI-DSS, HIPAA, GDPR, etc.
DDoS Protection
OVHcloud employs a comprehensive approach to protect against Distributed Denial of Service (DDoS) attacks. These attacks aim to disrupt service operations or extort money from targeted organizations by overloading normal operations of services, servers, or network interconnections [11].
To combat DDoS attacks, OVHcloud utilizes:
- Global presence
- Over-provisioning of network capacity
- Distributed detection logic
- High-performance filtering devices
The DDoS protection system includes:
- Hardware Client Amplitude Policiers (HCAP): Installed in Points-of-Presence where OVHcloud’s network connects to other providers.
- VAC DDoS mitigation nodes: High-performance hardware stack in data centers for local protection and as part of the global system.
- Edge Network Firewall: Automatically activates when a DDoS attack begins, allowing up to 20 customer-side subset rules for precise packet filtering.
- Shield and Armor hardware: Performs advanced threat detection to prevent server resource saturation, intervening against amplification techniques, IP spoofing, and reflection attack vectors.
These measures allow OVHcloud to offer robust protection against various types of DDoS attacks, including volumetric attacks, which are the most common [11]. The system’s distributed nature and high-performance components enable effective mitigation of large-scale attacks, such as the 1.3Tbps attack observed and filtered by OVHcloud in 2018 [11].
Data Protection Strategies
Data protection is a critical aspect of cloud server security, and OVHcloud prioritizes safeguarding customer information. The company implements various strategies to ensure the confidentiality, integrity, and availability of data stored on its infrastructure.
Data Classification
Data classification is a fundamental step in implementing effective protection strategies. OVHcloud recommends organizations catalog and classify their data based on sensitivity levels and shared characteristics [12]. This process enables the application of appropriate security measures to different types of data, such as personally identifiable information (PII), intellectual property (IP), or financial records.
To facilitate this process, OVHcloud offers automated sensitive data discovery and classification tools. These tools can profile BigQuery tables and columns across an entire organization, select folders, or individual projects [13]. With over 150 predefined detectors and the ability to add custom types, organizations can adjust detection thresholds and create rules tailored to their specific needs [13].
Data Loss Prevention (DLP)
Data Loss Prevention is a crucial discipline that shields sensitive data from theft, loss, and misuse through various cybersecurity strategies, processes, and technologies [12]. OVHcloud provides DLP solutions as part of its Sensitive Data Protection suite, which includes data discovery, inspection, de-identification, and data risk analysis capabilities [13].
Key components of OVHcloud’s DLP approach include:
- Monitoring network activities: DLP tools scan the entire network to discover data stored in various locations, including cloud environments and physical endpoint devices [12].
- Identifying and tagging data: The system uses techniques such as content analysis, data matching, and pattern matching to track sensitive data usage [12].
- Enforcing DLP policies: When violations are detected, the system can respond with real-time remediation efforts, such as encrypting data, blocking unauthorized transfers, or enforcing least-privilege access [12].
- Documenting and reporting: DLP tools feature dashboards and reporting functions that enable security teams to monitor sensitive data throughout the network and track program performance over time [12].
Database Security
OVHcloud emphasizes the importance of database security in protecting sensitive information. While customers are responsible for securing their own data and applications, OVHcloud provides tools and guidelines to assist in this process [14].
Some key aspects of database security include:
- Access control: OVHcloud implements strict access rights management, following the principle of “least privilege” and role-based access [14].
- Encryption: Sensitive data should be encrypted both at rest and in transit to prevent unauthorized access [14].
- Monitoring and logging: OVHcloud has implemented a Monitoring & Logging Policy for servers and network equipment, which includes centralized log retention and analysis by authorized personnel [14].
- Backup and recovery: Regular backups are crucial for data protection and business continuity. OVHcloud has implemented a Backup Policy for servers and network equipment used to provide its services [14].
- Compliance: OVHcloud aligns its data protection strategies with various regulatory standards, such as GDPR, CCPA, HIPAA, and PCI DSS, to ensure compliance across different types of sensitive data [12].
By implementing these data protection strategies, organizations can significantly enhance their cloud security posture and mitigate risks associated with data breaches, unauthorized access, and regulatory non-compliance.
Security Automation and Orchestration
Security automation and orchestration have become crucial components in maintaining robust cloud server security. OVHcloud has implemented various strategies and tools to enhance its security posture through automation and orchestration.
Infrastructure as Code (IaC)
Infrastructure as Code (IaC) is a modern approach to managing and provisioning computing infrastructure through machine-readable definition files rather than traditional manual processes [15]. This method involves using code to automate the setup, configuration, and management of servers, networks, storage, and other infrastructure components [15].
By treating infrastructure as software, organizations can leverage the same principles of version control, testing, and continuous integration that have been successful in software development, resulting in faster, more reliable, and more consistent deployments [15]. IaC offers several benefits:
- Increased speed and efficiency by automating provisioning and configuration
- Enhanced consistency and reliability across different environments
- Improved scalability and flexibility for growing organizations
However, IaC also introduces unique security considerations. Misconfigurations in templates or scripts can be replicated across the entire infrastructure, potentially exposing sensitive data or services to attack [15]. Additionally, a compromised IaC template could rapidly deploy malicious resources, leading to widespread compromise [15].
To address these concerns, OVHcloud emphasizes the importance of protecting secrets like API keys and passwords within IaC code and implementing continuous security monitoring to identify and address new vulnerabilities as the infrastructure evolves [15].
Security Orchestration, Automation, and Response (SOAR)
OVHcloud has implemented Security Orchestration, Automation, and Response (SOAR) solutions to enhance its security operations. SOAR tools help automate real-time threat investigation, incident management, and threat response while reducing false positives and analyst fatigue [16].
Key features of OVHcloud’s SOAR implementation include:
- Advanced triage: Automated investigation of indicators of compromise (IoCs) for cyber and non-cyber use cases, saving analysts time and reducing false positives [16].
- Case management: A comprehensive view of incident processes in the War Room, enabling security analysts to work simultaneously on incidents with granular role-based access control [16].
- Orchestration of the security stack: Automation of time-consuming tasks to improve standard operating procedures (SOPs) and minimize response time [16].
- Customizable dashboards and reports: Real-time data on each phase of the incident response life cycle, providing complete insight into incident response performance [16].
- Integration flexibility: Hundreds of out-of-the-box actions and playbooks, with the ability to develop custom connectors without coding experience [16].
Continuous Integration/Continuous Deployment (CI/CD) Security
OVHcloud has implemented a robust Continuous Integration/Continuous Deployment (CI/CD) pipeline to enhance security in its development processes. The company’s CD team focuses on helping developers industrialize and automate their delivery processes while advocating for CI/CD best practices [17].
OVHcloud’s CI/CD solution, CDS, is an open-source software that represents the third generation of CI/CD tools at the company, built on 12 years of experience in the field [17]. Key features of CDS include:
- On-demand resource launching to guarantee low waiting times and prevent over-consumption of idle resources [17].
- High-level plugins for various actions, including Kubernetes and OpenStack deployments, pushing to Kafka, and testing for CVEs [17].
- Complex workflow capabilities, including build, test, deploy, manual or automatic gates, rollback, and conditional branches [17].
- User autonomy within project spaces, allowing customization of pipelines and access rights [17].
The implementation of these security automation and orchestration practices has significantly enhanced OVHcloud’s ability to maintain a secure and efficient cloud environment. By leveraging IaC, SOAR, and CI/CD security measures, OVHcloud continues to strengthen its security posture and provide robust protection for its customers’ data and infrastructure.
Cloud Workload Protection
Cloud workload protection is a critical aspect of maintaining a secure cloud environment. OVHcloud offers comprehensive solutions to safeguard various types of workloads, including containers, serverless functions, and virtual machines.
Container Security
Container security is essential for organizations leveraging containerized applications. OVHcloud provides robust container security measures as part of its Managed Kubernetes service. This solution is built on Knative, offering a simplified and efficient way to create scalable, event-driven applications [18]. By implementing container security best practices, OVHcloud helps customers optimize resource consumption and cost efficiency while maintaining a strong security posture.
Serverless Security
Serverless computing has gained popularity due to its ability to abstract away infrastructure management, allowing developers to focus solely on writing and deploying code [18]. OVHcloud’s serverless solutions are designed to enhance security in this model. The company’s approach includes:
- Event-driven architecture: Applications are built to respond to events in real-time, with code triggered by specific events such as HTTP requests or database changes [18].
- Stateless execution: Functions run in stateless containers, ensuring that no data is retained between invocations, which enhances security by reducing the attack surface [18].
- Automated scaling: The cloud provider automatically allocates necessary resources when an event triggers a function, ensuring optimal performance and security [18].
Virtual Machine Security
Virtual Machine (VM) security is a crucial component of cloud workload protection. OVHcloud’s VMware on OVHcloud solutions offer several security features to protect VM workloads:
- Isolated environments: VMs are deployed in isolated environments, allowing organizations to focus on securing their applications while OVHcloud maintains the underlying infrastructure [19].
- Dedicated resources: Critical applications can be processed securely and quickly using resources dedicated solely to the organization [19].
- Automated security compliance: OVHcloud’s automation helps ensure that infrastructure administration complies with security standards, which are regularly assessed and adapted to address new threats [19].
OVHcloud’s approach to cloud workload protection is underpinned by its comprehensive security strategy. The company maintains complete control over its supply chain, from hardware selection to datacentre construction, ensuring end-to-end security [20]. This approach is further strengthened by OVHcloud’s dark fiber backbone network, which connects its datacentres worldwide and enhances control over in-transit data [20].
To maintain the highest levels of security, OVHcloud employs a dedicated Security Operations Center (SOC) and Computer Security Incident Response Team (CSIRT) [20]. These teams are responsible for monitoring and organizing the company’s security posture, threat detection, incident management, and forensic investigation [20]. Additionally, OVHcloud assigns security advisors to each major department or product unit, ensuring that security integrity is maintained across all aspects of its operations [20].
By implementing these comprehensive cloud workload protection measures, OVHcloud demonstrates its commitment to providing secure, compliant, and resilient cloud infrastructure for its customers.
Threat Intelligence and Incident Response
Future-Proofing Cloud Security
As cloud computing continues to evolve, organizations must stay ahead of emerging threats and technologies to maintain robust security. OVHcloud, a leading cloud provider, is at the forefront of implementing cutting-edge solutions to enhance cloud security and support Europe’s strategic autonomy [21].
Emerging Technologies in Cloud Security
The landscape of cloud security is rapidly changing, with new technologies emerging to address evolving threats. OVHcloud is investing in state-of-the-art solutions to strengthen its security posture and provide customers with advanced protection [21]. One of the key areas of focus is the development of comprehensive European quantum emulator solutions, which are continuously expanding to meet future security challenges [22].
OVHcloud’s approach to future-proofing cloud security involves:
- Maintaining complete control over the supply chain, from hardware selection to datacentre construction
- Utilizing a dark fiber backbone network to connect datacentres worldwide, enhancing control over in-transit data
- Employing a dedicated Security Operations Center (SOC) and Computer Security Incident Response Team (CSIRT) for monitoring and incident management
- Assigning security advisors to major departments and product units to ensure security integrity across all operations [20]
AI and Machine Learning for Security
Artificial Intelligence (AI) and Machine Learning (ML) are playing increasingly important roles in cloud security. OVHcloud recognizes the potential of these technologies and is making them more accessible to businesses of all sizes [23].
Key aspects of OVHcloud’s AI and ML security initiatives include:
- Machine Learning as-a-Service (MLaaS): This cloud service offers machine learning capabilities at a lower cost, enabling companies to leverage AI for various security applications, including risk assessment and fraud detection [23].
- AI Training: OVHcloud provides a platform that allows data scientists to focus on their core business without worrying about orchestrating computing resources. This solution offers:
- Competitive pricing for CPU/GPU resources
- Transparent per-minute billing for better budget management
- Compatibility with industry-leading applications and frameworks such as Scikit-learn, TensorFlow, and PyTorch [24]
- Enhanced data governance: By choosing a European cloud provider like OVHcloud, organizations can ensure GDPR compliance and protection against competitive breaches caused by legislation such as the US Cloud Act [24].
Quantum-Safe Cryptography
As quantum computing advances, it poses potential threats to current cryptographic systems. OVHcloud is actively investing in quantum technologies to address these challenges and ensure long-term data security [22].
OVHcloud’s initiatives in quantum-safe cryptography include:
- Acquisition of MosaiQ: In March 2023, OVHcloud acquired the MosaiQ computer, a photonic quantum computer from the French firm Quandela. This acquisition strengthens Europe’s digital sovereignty and positions OVHcloud as a leader in quantum technology investments [21].
- Research and development: OVHcloud aims to use quantum computing power for internal R&D efforts to advance new security techniques and test new concepts [21].
- Collaboration with academia and research institutions: OVHcloud is actively involved in partnerships to drive innovation in quantum computing and its applications in cloud security [22].
- Addressing quantum threats: OVHcloud recognizes that sufficiently powerful quantum computers could potentially break current public-key cryptographic systems. This has led to increased research into quantum cryptography to provide stronger data security and privacy [22].
By investing in these emerging technologies, OVHcloud is not only enhancing its own security capabilities but also paving the way for European organizations to leverage quantum technology in areas such as optimization, simulation, and security [21]. This forward-thinking approach ensures that OVHcloud remains at the cutting edge of cloud security, ready to face the challenges of tomorrow’s digital landscape.
Conclusion
Mastering cloud server security in the OVH Cloud environment has a significant impact on an organization’s ability to protect sensitive data and infrastructure from cyber threats. The implementation of advanced practices, such as robust identity and access management, network segmentation, and comprehensive data protection strategies, plays a crucial role in fortifying cloud environments against potential vulnerabilities. OVH Cloud’s commitment to enhancing security through automation, workload protection, and investment in emerging technologies like AI and quantum-safe cryptography demonstrates its dedication to staying ahead of evolving security challenges.
To wrap up, the ever-changing landscape of cyber threats calls for a proactive approach to cloud security. By embracing these advanced practices and leveraging OVH Cloud’s cutting-edge solutions, organizations can build a strong security posture, ensure compliance with industry standards, and safeguard their digital assets effectively. This forward-thinking strategy not only addresses current security concerns but also lays the groundwork to tackle future challenges in the fast-paced world of cloud computing.
FAQs
1. What are the recommended practices for maintaining security in the cloud?
To enhance cloud security, it is advisable to employ several strategies including data encryption, strong user authentication, secure APIs, regular monitoring and vulnerability assessments, the implementation of a Zero Trust architecture, the use of a Cloud Access Security Broker (CASB), and regular penetration testing.
2. How secure is OVHcloud?
OVHcloud prioritizes high levels of security and protection, offering solutions that are both labeled and certified. These solutions comply with ongoing regulatory standards, ensuring that OVHcloud’s infrastructures and cloud environments meet necessary regulations and provide reliable security.
3. What are the three critical aspects of cloud security?
Cloud security encompasses several vital areas which include visibility to monitor cloud resources, continuous monitoring for real-time security updates, security by design to integrate security from the initial stages, identity management to control access, and vulnerability management to detect and mitigate threats. It is important to remember that cloud security is an evolving field that requires ongoing attention.
4. What security measures should be in place for cloud data?
For optimal cloud security, it is essential to encrypt data both at rest and in transit. Encryption helps prevent unauthorized access by ensuring that data cannot be read if intercepted. This applies to data moving between the cloud and users, as well as data exchanged across different clouds in multi-cloud or hybrid cloud setups.
References
[1] – https://www.esecurityplanet.com/cloud/multi-tenancy-cloud-security/
[2] – http://kth.diva-portal.org/smash/get/diva2:1412847/FULLTEXT01.pdf
[3] – https://www.ovhcloud.com/en/about-us/sovereign-cloud/
[4] – https://www.ovhcloud.com/en/about-us/data-sovereignty/
[5] – https://us.ovhcloud.com/identity-security/identity-access-management/
[6] – https://support.us.ovhcloud.com/hc/en-us/articles/27649264348947-Securing-My-OVHcloud-Account-and-Managing-My-Personal-Information
[7] – https://support.us.ovhcloud.com/hc/en-us/articles/115001825710-Securing-an-Account-with-Two-Factor-Authentication
[8] – https://support.us.ovhcloud.com/hc/en-us/articles/16487540178195-Enabling-Active-Directory-Federation-Services-AD-FS-SSO-Connections-with-OVHcloud
[9] – https://us.ovhcloud.com/network/vrack/
[10] – https://www.comptia.org/blog/security-awareness-training-network-segmentation
[11] – https://us.ovhcloud.com/security/anti-ddos/ddos-definition/
[12] – https://www.ibm.com/topics/data-loss-prevention
[13] – https://cloud.google.com/security/products/dlp
[14] – https://us.ovhcloud.com/personal-data-protection/security/
[15] – https://www.ovhcloud.com/en/learn/what-is-infrastructure-code/
[16] – https://www.sumologic.com/solutions/cloud-soar/
[17] – https://blog.ovhcloud.com/how-does-ovh-manage-the-ci-cd-at-scale/
[18] – https://www.ovhcloud.com/en-ie/learn/what-is-serverless-computing/
[19] – https://us.ovhcloud.com/hosted-private-cloud/vmware/safety-compliance/
[20] – https://www.ovhcloud.com/en/stories/open-cloud-security-standards/
[21] – https://corporate.ovhcloud.com/en/newsroom/news/inauguration-quantum-computer/
[22] – https://www.ovhcloud.com/en/learn/what-is-quantum-computing/
[23] – https://www.ovhcloud.com/en/public-cloud/ai-machine-learning/
[24] – https://www.ovhcloud.com/en/public-cloud/ai-training/