System administration of cloud services brings unique challenges when compared to system administration of on-premises assets. Notably, responsibility for system administration of cloud services is often shared between service providers and their customers. As the system administration processes and procedures implemented by service providers are often opaque to their customers, customers should consider a service provider’s control plane to operate within a different security domain.
Further information on system administration can be found in the Australian Signals Directorate’s (ASD) Secure administration publication.
Further information on change and configuration management plans can be found in the ‘System-specific cyber security documentation’ section of the Guidelines for cyber security documentation.
Further information on the use of privileged user accounts for system administration activities can be found in the ‘Access to systems and their resources’ section of the Guidelines for personnel security.
Further information on network segmentation and segregation can be found in the ‘Network design and configuration’ section of the Guidelines for networking.
13 controls