Cloud computing services can trigger several data protection risks, mainly a lack of control over personal data, as well as insufficient information about the processing of data. The ability of data to move rapidly within the cloud and the lack of transparency about its residency present new challenges. EU-GDPR and Schrems II are all about keeping data in control. Customers need technical and organizational concepts to meet the EU regulations.
Data protection concepts must provide companies with the greatest possible control and transparency over their sensitive data and services in the cloud. Best practices rely on data residency controls i.e. data must be processed and stored within the EU; moving data outside the EU is strictly prohibited. Only EU staff are allowed to handle support. Moreover, security guardrails and encryption methods must make it impossible for unauthorized persons to access data.
Legal requirements are often met with these basic measures.
Implementing legal requirements involves substantial technical and organizational measures that can result in project delays. With Data Protection as a Managed Service for AWS, these delays can be mitigated or eradicated.
T-Systems AWS landing zones are proven by a Deutsche Telekom prescribed, additional, stringent Privacy and Security Assessment. Data residency controls are defined and deployed, identity management and encryption are implemented via the AWS landing zone. Highly qualified operational and expert technical support staff based solely in Europe are ready to provide support.
As a Premier Partner, T-Systems can enable you to have the right balance of transparency and control over your data in the cloud, in compliance with GDPR rules. Learn more about this offering in our video.
T-Systems provides an additional service for AWS Managed Data Protection with External Key Management (EKM). EKM serves as an extension to ensure a high degree of data confidentiality. The EKM system stores and handles encryption keys outside of the AWS platform – on hardware security modules in a T-Systems data center. Thus, AWS does not have access to the customer master keys.
As AWS' premier partner with German headquarters and EU operations, T-Systems is subject to and compliant with regional regulations. It has meticulously defined four pillars for data protection:
Let us help you to embark on a secure cloud journey and maintain your data protection in a constantly evolving regulatory landscape.