Cloud security is more than technology: Secure transformation is only possible with strong, experienced partners
What is merely a business idea today can be big business in a year's time. The Internet makes it possible. However, the provider's ICT resources must be capable of growing along with the influx of customers and users. Otherwise, success can quickly become an excessive burden. With cloud computing, enterprises and other institutions can obtain infrastructures up to software-as-a-service as required. However, transferring data and processes to the cloud requires trust. Moreover, a lot of experience is needed to migrate legacy IT to the cloud without interrupting operations. Data protection, data security, and compliance requirements must be carefully observed. In other words: Cloud computing must also be cloud security.
"Ultimately, success depends on whether cloud service providers can assuage the concerns of users."
Markus Vehlow, PwC.
According to the 2013 BMP report, 81 percent of German enterprises find cloud computing to be indispensable for process optimization. Nevertheless, many issues must be considered before going ahead. A strong partner helps enterprises to analyze the opportunities and risks of cloud services. A strong partner ensures that, within the scope of their cloud transformation, customers comply with data protection laws, tax regulations, and audit requirements. A strong partner can tell his customers exactly in which country and in which data centers their data are located. Secure access and identity management are vital to control access to the data center and to the data stored there. This is imperative for establishing cloud security at this level.
Cloud Security end-to-end
T-Systems Cloud Security is based on an complete approach with cryptographic data transfer and redundantly designed datacenters.
Guaranteed performance features for business-critical applications
Another important factor for cloud security is the transfer of data between the device and the data center: All data must be encrypted. Business-critical applications sometimes also necessitate guaranteed performance features. Cloud providers should therefore be able to comply with certain bandwidths or latencies. As a company of Deutsche Telekom AG,T-Systems has its own network and can therefore guarantee quality of service (QoS) to its customers – including prioritization, load balancing, service levels, and data compression.
Cloud security also means examining the availability of applications and data under the aspect of security: Individual systems should be redundant, and data centers should be mirrored. With such a twin-core strategy, it is possible to ensure at least 99.99 percent availability.
With the experience of an end-to-end provider
Generally, only a provider who has long-standing experience in cloud computing and who applies a comprehensive end-to-end approach has an overview of the requirements for a cloud security concept. This approach must stretch from the customer's desktop, through its connecting line and all the way to the cloud service. A service management system is employed in order to ensure that customer requirements regarding cloud security are fulfilled. Certifications, e.g. by the Federal Office for Information Security (BSI), provide important cues in this context. In short, cloud services must meet very high security standards.