Open Telekom Cloud for Business Customers

Safety First! New Cloud Security Services

by Redaktion
Cloud security: Host Security Service protects servers and containers
Cloud security: Host Security Service protects servers and containers

In this article you will read

  • how the Host Security Service increases the security of your workloads in the cloud,
  • which specific security functions run automatically in the background,
  • and how you can eliminate complexity, open ports, weak passwords and risky authorization settings with the help of AI.

Cloud security is a key issue when using the cloud. With the Host Security Service (HSS), the Open Telekom Cloud is introducing a new suite of security services that enables comprehensive, automated security management of complete application landscapes.

Cloud security remains a focus topic

Just a few years ago, there was still a lively debate about cloud security – some declared that clouds were insecure per se, while others pointed out that clouds can even be more secure than on-premises operation in your own data center. The truth lies somewhere in between.

Security in the cloud is different from traditional IT security. The shared responsibility concept divides the responsibility for security between the cloud provider and the cloud user. The cloud provider ensures the security of the platform, while the user ensures secure components right down to the application level.

The fact is and remains: Anyone who surfs the web is vulnerable per se. But with professional cloud security, companies can easily defend themselves. To support users in this, many cloud providers offer suitable security services – including comprehensive security suites.

More vulnerabilities means more effort for security management

The problem with cloud security is that many applications and environments in the cloud are highly dynamic. They are subject to constant change. Server configurations and basic settings, for example, change constantly – and this provides a source of security vulnerabilities. In 2022, internet users worldwide discovered over 25,000 new common IT security vulnerabilities (CVEs), the highest annual number reported to date. Given the developments, it is hard to imagine that the number will have fallen by 2024.

Along with the many vulnerabilities, the number of patches for security gaps is also rapidly increasing. Managing patches is often a headache for operational staff (especially in larger landscapes). How do you deal with too many processes, complex open ports, weak passwords and risky authorization settings? Those responsible simply cannot avoid intelligent security services once cloud workloads reach a certain size. These must automatically maintain a high level of security in the background.

Host Security Service (HSS)

With the HSS, the Open Telekom Cloud is introducing a new type of security service for the management of cloud servers and containers. HSS uses artificial intelligence (AI), machine learning, user behavior analytics (UEBA), and more to quantify and analyze threats.  

The following basic functionalities are included in HSS:

  • A central security dashboard that provides a security score, reports events, and shows recommendations for action
  • Asset management manages servers, containers, images and groups the assets
  • The baseline check detects insecure basic settings, e.g., weak passwords
  • Vulnerability management identifies weaknesses in the operating system, images, and web content management system and helps to rectify them
  • Intrusion Detection identifies complex threats (e.g., unauthorized rights extensions, unauthorized access) and responds by blocking IP addresses, for example
  • Security Response creates alarms and produces security reports and security notifications: The notifications are sent via Simple Message Notification (SMN) and can reach users via email or text message, for example
  • If malicious software is found on the servers, it is automatically isolated and deleted (a kind of advanced anti-virus functionality). Ransomware prevention creates copies of the content at regular intervals and allows it to be restored even in the event of a successful attack
  • Unified multi-cloud gives users the option of extending security management to the operation of servers and containers in other clouds as well
  • Multi-factor authentication (MFA) increases account security for resource access

The premium version offers additional functionalities. It includes Asset Fingerprints, Ransomware Prevention, Application Protection, File Integrity Monitoring, and advanced Intrusion Detection (Port Scan, Host Scan & Suspicious Task Scan). HSS also offers additional packages for container security and web page tamper protection. These also protect users against account cracking, key file manipulation and website backdoors.

HSS is used via the console or API. To use the functionality of HSS, an agent is installed on each server or container. This agent monitors the security of the respective resource. The agent delivers its findings to a central, customer-specific dashboard, from which it also generates reports. HSS is operated natively on the Open Telekom Cloud; all data remains within the Open Telekom Cloud – meaning it also meets all data protection compliance requirements.

This content might also interest you

Digital padlocks symbolize cloud security through the Host Security Service

Host Security Service (HSS)

Combat attacks such as ransomware, mining, infiltration, and container escapes and minimize cyber risks with the Host Security Service (HSS).

Security made in Germany: maximum security in the data centers of the Open Telekom Cloud

Security made in Germany

Open Telekom Cloud – the first choice for EU-focused companies. Cloud computing with uncompromising quality in IT.

Digital cloud symbolizes IT security thanks to BSI C5 certification

BSI minimum requirements for external cloud deployment

IT security for public institutions: The Open Telekom Cloud meets the minimum requirements of the BSI for external cloud providers in public administration.

  • Communities

    The Open Telekom Cloud Community

    This is where users, developers and product owners meet to help each other, share knowledge and discuss.

    Discover now

  • Telefon

    Free expert hotline

    Our certified cloud experts provide you with personal service free of charge.

     0800 3304477 (from Germany)

    +800 33044770 (from abroad)

    24 hours a day, seven days a week

  • E-Mail

    Our customer service is available free of charge via E-Mail

    Write an E-Mail

  • AI Chat


    Our AI-powered search helps with your cloud needs.

    Register now in advance and test the new Open Telekom Cloud AI chatbot soon.

    Experience the future