laptop screen showing security symbol

Data protection in the AWS cloud

Enabling customers to fulfill privacy and confidentiality regulations globally and regionally with data protection as a managed service

Data privacy and security demands in the cloud

Cloud computing services can trigger several data protection risks, mainly a lack of control over personal data, as well as insufficient information about the processing of data. The ability of data to move rapidly within the cloud and the lack of transparency about its residency present new challenges. EU-GDPR and Schrems II are all about keeping data in control. Customers need technical and organizational concepts to meet the EU regulations.

How to meet regulatory requirements?

tablet with hologram of security symbol

Data protection concepts must provide companies with the greatest possible control and transparency over their sensitive data and services in the cloud. Best practices rely on data residency controls i.e. data must be processed and stored within the EU; moving data outside the EU is strictly prohibited. Only EU staff are allowed to handle support. Moreover, security guardrails and encryption methods must make it impossible for unauthorized persons to access data.

Legal requirements are often met with these basic measures.

Data protection as a managed service

Implementing legal requirements involves substantial technical and organizational measures that can result in project delays. With Data Protection as a Managed Service for AWS, these delays can be mitigated or eradicated. 

T-Systems AWS landing zones are proven by a Deutsche Telekom prescribed, additional, stringent Privacy and Security Assessment. Data residency controls are defined and deployed, identity management and encryption are implemented via the AWS landing zone. Highly qualified operational and expert technical support staff based solely in Europe are ready to provide support.    

Fostering data security in the cloud

As a Premier Partner, T-Systems can enable you to have the right balance of transparency and control over your data in the cloud, in compliance with GDPR rules. Learn more about this offering in our video.

External Key Management

T-Systems provides an additional service for AWS Managed Data Protection with External Key Management (EKM). EKM serves as an extension to ensure a high degree of data confidentiality. The EKM system stores and handles encryption keys outside of the AWS platform – on hardware security modules in a T-Systems data center. Thus, AWS does not have access to the customer master keys.

E-Book: Delivering higher level of security and compliance on AWS

How to use AWS also for sensitive data? Our e-book shows a way with a focus on Data Protection as a Managed Service.

Four pillars of data protection as a managed service

AWS Partner Network – Premier Consulting Partner

As AWS' premier partner with German headquarters and EU operations, T-Systems is subject to and compliant with regional regulations. It has meticulously defined four pillars for data protection:

  1. Trusted cloud landing zones built on a well-architected framework using preventive and detective guardrails
  2. Data residency (attested) in the EEA (European Economic Area)
  3. Data confidentiality
  4. Solely European customer support from an MSP delivering partner-led enterprise support

Let us help you to embark on a secure cloud journey and maintain your data protection in a constantly evolving regulatory landscape.

More useful information

Check out more AWS Security topics

Let's work on data compliance

Address data compliance issues by working together with T-Systems. Our managed data protection service on AWS can solve key data challenges. Our experts can guide you further.

Do you visit t-systems.com outside of United Kingdom? Visit the local website for more information and offers for your country.