Silhouettes of business people standing together in a group.

How the Cloud Protects Employees

Setting up a Threat Management Assistant (TMA) System according to AWS best practices

Scalable solution on AWS Cloud

Today, threat management is an integral part of Telekom security in Germany. In fact, Deutsche Telekom AG is the first company in Europe with a professional and firmly established Threat Management Assistant system. The TMA allows clear communication and collaboration beyond different units which is important for a successful threat management within the company. Thus, the cloud solution improves the efficiency of the process. Furthermore, the solution fulfils all the various business demands of the personnel security team: flexibility, security, scalability as well as improved business continuity.

Customer benefit:

  • Fast setup
  • Better transparency
  • High security and privacy level

With the AWS-based solution our threat management process receives a new level of efficiency. Furthermore, we are able to convert the TMA into a market offer in the medium term.

Claudia Brandkamp, Threat Management, Deutsche Telekom

The challenge

 Two hands are typing on a laptop keyboard with different icons in the foreground.

An effective collaboration with different experts such as labor law, compliance, HR, etc. is essential for the threat management. Currently, all steps are monitored with Word documents and e-mails, which is manual and cumbersome making it very difficult to manage. In order to enhance the collaboration and the documentation, a digital process-supporting system, the Threat Management Assistant (TMA), should be implemented. The new system should also incorporate scientific models to help to evaluate the respective monitored employee situation. Those scientific models will be continuously developed so the new system needs to support continuous development/continuous integration (CI/CD). As the team plans to offer the TMA to other companies, they opted for a platform that could easily scale up according to market demands: AWS Cloud. Additionally, due to the nature of the project, the new system should be built in a secure environment to store and share documents.

We look forward to your project!

We would be happy to provide you with the right expert and answer your questions on the right public cloud strategy. Get in touch!

The solution

A security icon hovers above the outstretched hand of a businessman.

The T-Systems team built up the system based on the business demands and according to AWS best practice of the well-architected framework. This ensures not only scalability and CI/CD, but as well a high level of security for an efficient and sophisticated system. AWS CloudFormation provides the necessary infrastructures as code. After setting up the infrastructures, the T-Systems team introduced the security features using Key Management Service, AWS Certificate Manager and SSM parameter store for passwords and parameters. Data at rest (in Elastic Block Store and the PostgreSQL database) and in transit are encrypted accordingly. The cloud-native TMA application was established in the AWS Cloud in Frankfurt. Ruby on Rails was used as web application framework. It also introduced containerization (Docker) based on Amazon Elastic Container Service as a fully managed container orchestration service. It allows easy running of applications on a managed cluster of Amazon EC2 instances. Deployments are done with Code Pipeline. PostgreSQL is used as database. A multi-AZ setup realizes high availability and failover support. WordPress is operated for the documentation process. Monitoring is done via Amazon Cloud Watch. The future-oriented method to have an effective solution easily passed an AWS well-architected review.

Do you visit t-systems.com outside of United Kingdom? Visit the local website for more information and offers for your country.