As a managed service provider, T-Systems helps companies get the most out of all AWS services - with security services playing a key role. Thanks to AWS's shared responsibility model, a large part of the responsibility for security and data protection can be assumed by users. However, inexperienced users could be overwhelmed with the implementation of security concepts due to lack of time and personnel. In these cases, T-Systems makes a "small but subtle difference". The company provides comprehensive security services for AWS operating environments and ensures that critical security gaps are closed.
T-Systems uses various security components to protect companies' AWS accounts and comply with password guidelines, for example. For more complex solutions and environments with multiple applications, what is known as a ‘landing zone’ is used. This includes a structured AWS organization which consists of several accounts with different functions. A central user administration account ensures that individual users with specific IAM (Identity Access Management) roles can log on to all subaccounts and receive the necessary authorizations.
If development or production environments are operated independently, a separate compliance check is performed for one or more accounts. This determines how error-free the infrastructure is, which components or configurations should be checked, and which measures are required to eliminate non-compliant components. T-Systems can also train company employees to improve their potential to assess and manage security incidents.
T-Systems offers a complete 360° view of the network, operating system, and AWS API layers and is able to detect attacks almost in real time and initiate countermeasures. This is supported by “Well-Architected Reviews” – with the help of AWS Security Services, complex functions and their implementation become a breeze.