ABSTRACT
This chapter outlines the basic security measures for locking down cloud servers in such an infrastructure as a service cloud provider environment. The security aspects of cloud servers are very similar to the security measures that are traditionally applied to servers in an untrusted environment or within a virtualization farm. Cloud servers are in general created and started from preconfigured virtual machine images, snapshots, or cloned from existing virtual servers. Cloud servers can be hosted in multiple locations worldwide. Most providers differentiate between regions and/or availability zones that can be chosen to store and operate the cloud servers. The cloud server administrator should also check if logging is enabled on the hypervisor level for these security groups and if those logs are accessible by the customer. Encryption maybe one of the most important answers to the security questions in the cloud and should be used by all cloud customers whenever possible.
