Depends on the cloud provider. AWS, as an example, have up to three “availability zones” within a single data center. If the customer needs HA, they are encouraged to run their applications in separate availability zones. It means different subnets within the VPC, redundant LBs spread across those zones, and more.
There is also probably DNS-based global load balancing across different data centers.
That’s just the hosting infrastructure. I’m sure Chujo works on the office LAN as well. He might wear the infosec hat also, which means he’s up to his eyeballs in firewall policy.
I don’t envy my brethren in software development orgs. Been there, done that, got that t-shirt long ago.
In 2011 I was aghast when I learned a popular keycard / biometric system used FTP to pull down its cleartext list of acceptable keys from the server.
The username was something like ADMIN and the password was PASS.
And no, that wasn’t the FTP command; that was the password.
So I’m not surprised that there are still problems with these devices.
edit: more complete thought