Cloud

When the grid is deployed in the cloud, all SSL certificates should be signed by a Public Certificate Authority to enable automatic trust in browsers and other devices.

To reduce risk to the confidentiality and integrity, only the HTTPS ports should be used on the Grid routers.

To further reduce the risk of intrusions it is suggested to use some web filtering mechanism and intrusion detection/prevention system.

User repositories must be protected and not directly accessible from the Internet. It is recommended to require some kind of VPN connection for user management.