Menu Close

FAQ

Digital Defence Dashboard

Cloud Security

The importance of cloud security

The emergence of cloud technology has fundamentally changed the cyber security landscape. Data and applications are no longer stored exclusively on local systems, but are often distributed across a combination of local and remote cloud systems. This configuration makes them accessible via the internet at any time, increasing the need to implement new security strategies to effectively protect data and applications in the cloud.

Cloud security involves the use of procedures and technologies aimed at combating both external and internal threats to corporate security. For organisations looking to drive their digital transformation and integrate cloud-based tools and services into their infrastructure, cloud security is essential. It ensures that the organisation's digital infrastructure is protected against cyber threats while enabling the efficient and secure use of cloud technologies.

It is important to note that personal data, such as copies of driving licences, ID cards or health cards, should not be stored in cloud storage. Creating and storing password lists in the cloud is just as risky. Such sensitive information is a potential target for cyberattacks and, if compromised, could lead to significant security and data protection issues. It is therefore advisable to store particularly sensitive data on more secure, less accessible platforms and always follow robust security practices for all types of digitally stored information.

With cloud backup, there is a risk that attacks on the cloud provider can have a direct impact on your organisation's data. Such security incidents can lead to the loss of sensitive data. In addition, the use of cloud backup services harbours the risk that contractual conditions may restrict quick access to data backups. This can be particularly critical if data needs to be restored at short notice. It is therefore important to carefully check the security measures and contractual terms of the cloud provider in order to minimise the risk of data loss or delayed data recovery.

Managed SOC

Managed SOC (managed security operations centre) means that you receive round-the-clock monitoring of your IT infrastructure without having to invest in security software, hardware, specialist staff, training and other resources yourself. This service allows you to benefit from advanced security technology and expertise while you can focus your resources and attention on other aspects of your business.

A Security Operations Centre (SOC) increases a company's effectiveness in detecting, responding to and preventing threats. This is achieved by centralising and coordinating all cyber security technologies and processes. A SOC ensures that all security measures work together seamlessly, enabling a more comprehensive and efficient security strategy.

A Security Operations Centre (SOC) acts as a central unit for cyber security within a company. In this SOC, specialised teams work continuously, i.e. around the clock, with the aim of protecting the company's systems, applications and services holistically and proactively. These teams focus on monitoring and analysing all aspects of IT security and responding to threats to ensure a comprehensive security strategy.

Managed security services offer numerous advantages. By placing risk management in the hands of a professional IT service provider, you benefit from their expertise and resources. The core services include regular software updates and effective patch management. In addition, an IT service provider ensures compliance with security standards in a professional and cost-effective manner. These services allow your company to concentrate on its core business while IT security is ensured by experts.

Security Services

The measures used in the area of IT security include access controls, cryptography, rights management, firewalls, proxies, virus scanners and vulnerability management. These tools and strategies are crucial to protect against threats from the Internet. The term "Internet security" refers specifically to protection against threats that come via the Internet. It encompasses a wide range of techniques and technologies aimed at securing data, networks and systems against unauthorised access and cyber attacks.

IT security refers to the protection of information and, in particular, its processing. The main objective of information security is to prevent the manipulation of data and systems by unauthorised third parties. These security measures are intended to ensure that information and IT systems are protected against unauthorised access, changes, destruction or other forms of compromise in order to guarantee the integrity, confidentiality and availability of data.

The three main protection goals of information security are "confidentiality", "integrity" and "availability":

  1. ConfidentialityThis objective ensures that information is only accessible to authorised persons and is protected against unauthorised access.

  2. IntegrityIntegrity is about ensuring the accuracy and completeness of data. Integrity means that information is not altered or manipulated without authorisation.

  3. AvailabilityThis objective ensures that information and systems are always accessible and usable for authorised users, especially when they are needed.

These three objectives form the foundation for a robust and effective information security strategy.

There are various IT security standards and laws that are relevant for organisations and companies. Here is an overview of some key standards and laws:

  1. IT-SiG (IT Security Act 1.0 and 2.0)These laws in Germany regulate the security requirements for operators of critical infrastructures and certain digital services.

  2. GDPR (General Data Protection Regulation) and BDSG (Federal Data Protection Act)These regulations concern data protection and the processing of personal data in the European Union and Germany.

  3. eIDAS Regulation (Regulation on electronic identification and trust services for electronic transactions)This EU regulation governs electronic identification and trust services.

  4. PSD2 (Second Payment Services Directive)An EU directive that defines the rules for payment services and payment service providers.

  5. ISO 27001An international standard for information security management systems (ISMS) that specifies requirements for the establishment, implementation, maintenance and continuous improvement of an ISMS.

  6. TISAX (Trusted Information Security Assessment Exchange)A standard for information security, specially developed for the automotive industry.

  7. IT baseline protectionMethodology developed by the Federal Office for Information Security (BSI), which offers comprehensive recommendations for information security.

These standards and laws provide frameworks and guidelines for various aspects of IT security and data protection practices.

The human factor poses the greatest risk to IT security. In around 46 % of cases, security incidents are triggered by the carelessness of employees. Frequent sources of error are weak passwords, careless opening of email attachments or the use of public internet access. These human errors can lead to serious security breaches and emphasise the need for regular training and awareness-raising on IT security among employees. An effective IT security strategy must therefore include both technical measures and training and sensitisation of employees.

 

Cloud Solutions

Cloud Connectors

The Cloud Connector is an important component that acts as a communication bridge between the cloud environment and your local resource locations. This component enables simple management of the cloud without the need for extensive network or infrastructure configurations. Using a Cloud Connector significantly reduces the effort otherwise required to manage and configure the provisioning infrastructure. This facilitates the integration of cloud services into existing systems and enables more efficient and user-friendly utilisation of cloud technology.

Application and mail in the cloud

Cloud email is a form of email hosting in which email services are provided via the internet by an external provider. Unlike traditional email systems, which are hosted on local servers, cloud email servers are located in the cloud. This offers several advantages:

  1. AccessibilityYou can access your e-mails from anywhere as long as you have an Internet connection.

  2. Maintenance and administrationThe provider takes care of the maintenance of the email server, including updates and security measures. This relieves your company of the need to use its own IT resources for these tasks.

  3. ScalabilityCloud email services can be easily scaled to meet the growing needs of your organisation.

  4. Robust toolsMany cloud email providers offer advanced email features, such as advanced security measures, anti-spam filters and integration with other cloud services.

Cloud email is considered like any other cloud-based service you may already be using, offering a flexible, scalable and often cost-effective solution for email communication and management.

With cloud email services, your emails are stored on an external server in the cloud, which means that any changes you make to your emails are synchronised across devices. For example, if you mark an email as unread on your smartphone, organise a folder on your laptop or delete an email on your tablet, these changes are automatically updated on all your devices. This type of synchronisation provides a seamless experience and ensures that your email communication is up to date and consistent across all your devices. This increases efficiency and convenience as you can access your emails from anywhere on any device without having to worry about inconsistencies.

A cloud application is a software programme whose main access is via the internet. Unlike conventional applications, which are installed and run on the user's local computer, a cloud application is hosted and managed, at least in part, on an external server. This means that important components of the application, such as data processing and storage, take place on these servers in the cloud. Users can access this application via the internet, which enables flexibility and mobility in use as they are not tied to a specific computer or location. Cloud applications often also offer advantages such as automatic updates, scalability and reduced maintenance for users.

Cloud-based software, also known as "Software as a Service" (SaaS), refers to a form of software delivery in which the software is provided and used via the internet. Unlike traditional software, which is installed on the user's local computer or a server, SaaS software is located on remote servers that are managed by the provider. Users access the software via their web browser or special apps, with data processing and storage taking place on the provider's servers.

The advantages of SaaS include:

  1. No need for extensive hardwareSince the software runs in the cloud, no powerful computers are required for local data processing.

  2. Maintenance and updatesThese are carried out by the provider, which eliminates the maintenance effort for the user.

  3. Scalability and flexibilitySaaS solutions can be easily adapted to the changing needs of a company.

  4. Access from anywhereUsers can access the software from any location with Internet access, which facilitates remote and mobile working.

  5. Cost efficiencySaaS products are often offered on a subscription basis, which means that high initial investments can be avoided.

Cloud backup solutions

Cloud backups offer a secure and reliable way to store your data with a trustworthy provider. With an internet connection, you can access this data at any time. Providers store your data - which can include confidential documents, company records, photos and other important files - on their own servers, which are professionally managed and secured. This type of data storage not only provides an additional layer of security, but also allows for easy on-site data recovery in the event of data loss.

In addition to software services such as the cloud, there are also other media that are suitable for backups. For example, you can create backups on a USB stick or an external hard drive. These physical storage media offer an additional layer of security as they are independent of online services and can be easily transported if necessary. For backups of mobile devices, you can also use your computer's internal hard drive. This method allows you to back up a local copy of your data, which can be particularly useful if you need quick access to this data or if you are looking for an alternative to cloud storage.

The duration of backups and downloads depends heavily on the speed of the internet connection. Here are some examples of different amounts of data and how long it would take to transfer them at different speeds:

  1. At a speed of 56 kBit/s:

    • 100 MB: approx. 4 hours
    • 500 MB: approx. 21 hours
    • 1 GB: approx. 2 days
    • 5 GB: approx. 9 days
  2. At a speed of 10 MBit/s:

    • 100 MB: approx. 2 minutes
    • 500 MB: approx. 7 minutes
    • 1 GB: approx. 15 minutes
    • 5 GB: approx. 1 hour

These times are approximate estimates and may vary depending on network utilisation and other factors. With slower connections, such as 56 kBit/s, downloads and backups take significantly longer than with faster connections such as 10 MBit/s.

Cloud Tenant

A tenant cloud, also known as a single-tenant cloud, is a specific form of cloud computing architecture in which the cloud infrastructure is used exclusively by a single customer. In contrast to a multi-tenant environment, in which several customers share the same infrastructure, a single-tenant environment is entirely dedicated to a single customer.

The main advantages of a single-tenant cloud are:

  1. Increased controlThe user or company has full control over the environment, including configuration and personalisation according to their own requirements.

  2. Greater operational safetyBecause the resources are not shared with others, there is less risk of security breaches caused by other users of the platform.

  3. Optimised performanceBecause resources are not shared with others, performance can be optimised and tailored to the specific needs of the user.

  4. AdaptabilityA single-tenant environment can often be customised more individually than a multi-tenant environment.

This architecture is particularly suitable for organisations that place high demands on the security, control and adaptability of their IT infrastructure.

Digitalisation & Transformation

Infrastructure consolidation

The term "IT infrastructure consolidation" refers to the process of standardising and merging different IT components and systems within a company. This can include the merging of server or desktop systems, applications, databases or strategies. The aim of consolidation is to increase the efficiency and effectiveness of the IT infrastructure by reducing redundancies, simplifying administration and lowering the total cost of ownership.

Important aspects of IT consolidation include

  1. Server consolidationReducing the number of physical servers through virtualisation or other technologies.

  2. Desktop virtualisationMerging multiple desktop systems into a centrally managed and easier to maintain environment.

  3. Application consolidationStandardisation of different applications and software solutions to avoid overlaps and inefficiencies.

  4. Data consolidationThe consolidation of databases into standardised and centrally managed databases or storage systems.

  5. Strategic consolidationThe harmonisation of IT strategies and plans in order to achieve a uniform approach and better alignment with corporate goals.

By consolidating their IT infrastructure, companies can utilise their IT resources more efficiently, improve system performance and increase IT security.

 

The IT infrastructure, also known as information technology infrastructure, comprises all physical and virtual resources required for information processing in a company. This includes

  1. Buildings and physical facilitiesThis includes data centres, server rooms and other specific physical structures required to house and operate IT equipment.

  2. Communication servicesThese include networks such as LAN (Local Area Network), WAN (Wide Area Network), Internet connections and other communication systems that enable data to be exchanged within the company and with the outside world.

  3. Machines and electronic devicesThis includes servers, computers, laptops, mobile devices and other hardware used for the processing, storage and transmission of data.

  4. Programmes for automated information processingThis includes operating systems, application software, database management systems and other software required for processing and managing information.

The IT infrastructure forms the backbone of a company's information and communication technologies and is crucial for the smooth operation and efficiency of business processes. It comprises both the technological components and the organisational structures required to support the IT systems and services.

The successful design and implementation of an IT infrastructure depends largely on how well certain key challenges are overcome. These challenges include

  1. ScalabilityThe IT infrastructure must be designed in such a way that it can keep pace with the growth and changing requirements of the company. This means that it must be expandable to cope with increased data traffic, more users, additional applications or services without losing performance.

  2. SecurityIn view of the increasing threats posed by cyber attacks, the security of the IT infrastructure is of crucial importance. This includes protecting data, networks and systems from unauthorised access, theft, damage and other security risks.

  3. IntegrationThe various components of the IT infrastructure - including legacy systems and newer technologies - must be efficiently integrated to ensure seamless functionality and communication between systems.

  4. CostsDesigning a cost-efficient IT infrastructure is crucial to avoid overburdening the budget. This includes taking into account the total cost of ownership as well as investment and maintenance costs.

  5. Qualification deficitsThe availability of qualified personnel who can effectively manage and maintain the IT infrastructure is essential. Organisations need to ensure that their IT teams have the necessary skills and knowledge to deal with the latest technologies.

Mastering these challenges is crucial to creating a robust, efficient and future-proof IT infrastructure.

IP Network & SD WAN

SD-WAN, short for Software-Defined Wide Area Network, is an advanced network solution that has established itself among communication providers. This technology enables highly available, demand-orientated and secure connectivity between two or more locations within a network. Unlike traditional WAN technologies, which are often hardware-based and less flexible, SD-WAN utilises software to control and manage network connections.

The main features of SD-WAN are

  1. FlexibilityIt enables rapid adaptation to changing network requirements and traffic patterns.

  2. SecurityIntegrated encryption and security protocols ensure secure data exchange over the network.

  3. Cost efficiencySD-WAN can reduce the need for expensive private line connections and enable the use of more cost-effective Internet connections.

  4. Centralised controlIt simplifies network management through centralised control, allowing network resources to be used and managed more efficiently.

  5. Improved performanceSD-WAN technology optimises data transmission over the network, resulting in improved application performance.

SD-WAN is ideal for organisations that need a reliable and efficient network solution, especially those with multiple sites or those that require high network performance and availability.

The use of an SD-WAN (Software-Defined Wide Area Network) is becoming increasingly attractive for companies, especially with regard to networking different locations. This trend is driven by several factors that have changed the requirements for corporate WANs (wide area networks):

  1. Increase in cloud computingWith more and more services and applications moving to the cloud, organisations need network solutions that enable a fast and secure connection to these cloud resources.

  2. Mobile workingThe increase in mobile working requires networks that can be accessed securely and efficiently from different locations, including employees' home offices.

  3. Web-based applicationsThe increasing use of web-based applications requires networks that offer high bandwidth and low latency to ensure optimum performance.

  4. Internet of Things (IoT)As the IoT grows, the number of connected devices increases exponentially, which in turn requires powerful and flexible network solutions.

In this context, SD-WAN offers a modern network solution that fulfils all these requirements. Its flexibility, scalability and enhanced security features make it an ideal choice for organisations facing the challenges of the modern business environment and digital transformation.

A Wide Area Network (WAN) is an extensive computer network that is used to connect groups of computers across large geographical distances. This type of network is particularly important for large companies as it allows them to connect their office networks, which may be located in different cities, countries or even continents.

The main features of a WAN are

  1. Large rangeIn contrast to local area networks (LANs) or metropolitan area networks (MANs), a WAN often covers very large geographical areas.

  2. Connection of different locationsWANs enable communication and data exchange between different locations of a company or between different companies.

  3. Use of public and private data transmission channelsWANs can be operated via public networks such as the Internet or via private data lines.

  4. Centralised data managementCompanies can centralise and manage their data, which increases efficiency and security.

WANs play a critical role in the modern business world by enabling seamless communication and data transmission over long distances, providing the foundation for global business operations.

A WLAN (Wireless Local Area Network) is typically restricted to a limited area such as a building or campus and is based on Wi-Fi technology that follows the 802.11 standard. This allows devices within this area to communicate wirelessly with the internet or with each other via a router.

A WWAN (Wireless Wide Area Network), on the other hand, has a much greater range and can include various wireless technologies. These include

  1. Mobile phone technologiesThey enable a connection via mobile networks such as 4G and 5G.

  2. Mesh networksThese connect different nodes with each other wirelessly, whereby data is forwarded from one point to another.

  3. Bridge technologiesThese technologies create connections over longer distances, often as part of a larger network.

  4. Satellite connectionsSatellite connections can be used for special applications, especially in remote or difficult to access areas.

Some WANs can even be global, connecting countries and continents. This enables comprehensive and flexible network connectivity over long distances, which is very important for globally operating companies and organisations.

en_GBEnglish (UK)