Cloud Data-Protection: Oxymoron or Reality

Datum: 23.06.2018

In the context of digitization, the step into the Cloud is obvious

Digitization is high on the strategic agenda of many companies, and according to Exact 41% of German SMEs give it high priority. This is understandable. The many cloud offerings make it possible for companies to access the latest and most up-to-date technologies, gain enormous flexibility (in the case of cloud infrastructures, the server landscape can be scaled simply and in line with requirements) and thus be much more agile.

Projects can be implemented quickly without having to bear the high investment risk for your own infrastructure. With regard to the infrastructure, there is also the advantage of optimal data backup, e.g. due to redundant data storage in different areas of a data center or across different data centers (geo-redundancy). According to our partner interxion, cloud projects already account for 50-100% of total IT expenditure for a third of all respondents.

The question of data protection and data security

Especially when it comes to data security, there is often more demand. According to the Initiative for Information and Internet Security (NIFIS), 91% consider data protection to be the most important IT security topic. Even though this seems obvious at first, especially after various secret service scandals, as recently seen in Sweden, we notice curiously that the issue of data protection is clarified very late in the digitisation process. This is often due to the fact that many cloud solutions are first checked for their technical suitability.

It often takes some time (and resources) before the solution is checked by the company for compliance in the process. The compliance issue can be clarified quite quickly: “The German economy only sees providers who store and process their data in Germany as guaranteeing the high German level of data protection,” says Thomas Lapp, Chairman of NIFIS. Only with purely German providers – i.e. providers without a non-European parent company – it is guaranteed that even in the case of an investigation by foreign secret services, access to stored data can only take place if the high hurdles of the judge’s reservation according to democratic and constitutional standards in Germany are met.

Datacenter Security

gridscale enables a high degree of security

gridscale’s cloud infrastructure solution enables companies to address security and privacy issues early in the process.

High security data centers

Our cloud infrastructure solution was not only developed in Germany by the gridscale founders Michael Balser, Henrik Hasenkamp and Torsten Urbas, but is also completely hosted in Germany. We work closely with our partners for high-security data centers, interxion and e-shelter in Frankfurt. The data centers are monitored 24 hours a day by security personnel and are protected with multi-level access control systems, as is common for high-security data centers.

Storage & Encryption

As gridscale we address data security not only from the point of view of German data protection. Every cloud storage and every private network is individually secured with industry-standard encryption. This makes data leakage impossible even if data carriers have to be provided to the manufacturer for warranty purposes or if the manufacturer of our network hardware has to gain insight into our networks for analysis purposes. Even the demand for maximum availability of all stored data is uncompromising: data is stored three times redundantly and regular analyses identify even the smallest deviation from the operational optimum.

The clean separation of network segments and the regular exchange with leading experts in the field of IT security also create a high degree of trust. In addition, all events are stored on gridscale in an audit-proof manner and assigned to an originator. Thus, the audit log can be used at any time to prove in detail when a change took place and who initiated it.

Technical suitability

Once the security question has been clarified, we also support the technical analysis: Which delivery model (hybrid, multi, or public) is the right one? What should the infrastructure setup look like? Do our users benefit more from a managed public cloud, where our experts take complete responsibility for the user’s infrastructure, or is it more sensible for the user to manage his infrastructure himself? The intuitive and efficient user interface of gridscale reduces the hurdles that users are often confronted with.

Summary

We were able to clarify that cloud data protection does not necessarily have to be an oxymoron (Greek; rhetorical figure in which a formulation is formed from two opposing, contradictory or mutually exclusive terms [Wikipedia]). Rather, it is the selection of the cloud provider that is decisive, in which a multitude of factors should be taken into account: Location, legal regulations, technological suitability, the interaction of the solution with the own business model, as well as the willingness of the provider to support the user with his experience during the transformation into an agile IT infrastructure.

Back to overview