Guidance for cloud certificates

Jun 9, 2017

When it comes to cloud security and data privacy, many companies are uncertain. Cloud certificates can be clear indicator of a high level of security – and there are many of them. But which ones are relevant?
Deutsche Telekom guides you through the jungle of cloud certificates
There is a virtual jungle of certificates:
More than 400 cloud certificates are currently circulating, each of which focuses on different aspects of data processing in the cloud. But as confusing as this information seems to be at first glance, the fact is: Germany's Federal Data Protection Act affects every company in Germany. For example, certain certificates merely confirm that a cloud provider is capable of ensuring its customers' compliance with the law at all. Companies that breach the Data Protection Act face fines of up to 300,000 euros for each violation. And when the European General Data Protection Regulation comes into force on May 25, 2018, companies will face fines of up to 20 million euros or four percent of their annual revenue.

Clarity through consulting

Scenarios like this are a reason for the uncertainty and reluctance of German companies when it comes to cloud security, compared to other countries. Navigating your way through the thicket of cloud certificates and their significance is not easy. To help matters, Deutsche Telekom has launched an initiative that supports companies in obtaining information about data privacy, cloud security and legal and compliance matters.

High-security Open Telekom Cloud

An overview of the existing cloud certificates for the Open Telekom Cloud and other security-relevant aspects are provided in the Security Special. Cloud certificates such as "Trusted Cloud" attest the Open Telekom Cloud a particularly high level of cloud security and data privacy.
"A key prerequisite for earning the certificate is that the data centers must be located in Germany. The location of the provider is also relevant," says Daniel Fussy, responsible for cloud security, data privacy and certification at T-Systems.
The reason: only German providers such as Deutsche Telekom and T-Systems can ensure full compliance with German data privacy and protection laws. "And with our services, companies are not only compliant with current legal requirements. They also already meet the higher demands of the European General Data Protection Regulation, which comes into force in 2018."