+PSS-07 Supplementary Information - Complementary Customer Criteria

1. Overview

PSS-07 Supplementary Information - Complementary Customer Criteria

Cloud service customers ensure with suitable controls that they use sufficiently secure passwords (cf. IAM-08) and employ the procedures provided by the cloud service provider to protect the confidentiality of the passwords according to their own assessment, and that the risks of unauthorised access associated with their own choice are borne. If cloud service customers operate virtual machines or containers with the cloud service, they ensure with suitable controls that the confidentiality of the information is also ensured for the allocation of authentication information of the virtual machines or containers.

Summary	Standard

1.1 References

1.2 Identified Requirements

1.2 Related Regulation

2. Identified Requirements

Requirements
Source	Requirement

3. Related Regulations

Regulations
Source	Regulation

Cloud Computing Compliance Criteria Catalogue (C5:2026) -
Copyright by Bundesamt für Sicherheit in der Informationstechnik (https://www.bsi.bund.de/)

https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Informationen-und-Empfehlungen/Empfehlungen-nach-Angriffszielen/Cloud-Computing/Kriterienkatalog-C5/C5_2025/C5_2025_node.html