• about reply
Storm Reply Logo
Menu
    Choose language:
    • about Reply
    Storm Reply Logo
    Data Security

    Article

    Security in the Cloud

    28 July 2020

    FOCUS ON: Amazon Web Services, Amazon, Data Security, Cloud, Storm Reply, Cloud Computing, consulting,

    Because of the clear advantages of the cloud, many companies are prepared to deal with the implementation of compliance requirements. Storm Reply supports its customers with the implementation of the best possible security standards under consideration of all compliance requirements.

    The expertise offered by Storm Reply in the fields of Identity & Access Management (IAM), hardening of instances, encryption of instances and data (Data in Transit, Data at Rest und Data in Process), Next Generation Firewalls (NGFW) etc. make us a partner of first choice for customers with high data security and data protection requirements.

    Shared Responsibility

    Security in public cloud computing is characterized by the model of shared responsibility. Here, the public cloud provider is responsible for the security of the infrastructure on which the services are operated. This infrastructure includes the hardware, software, networks and buildings that are used to operate the cloud. The customer, on the other hand, is responsible for the security of the applications operated on the infrastructure; this includes access management, encryption and firewalls.

    Cloud Computing shared responsibility

    Security Measures for AWS

    There is an entire range of possible security measures for the basic AWS Infrastructure Services such as Amazon Elastic Compute Cloud (EC2) and Amazon Simple Storage Service (S3). At EC2 you have complete control of which patches are used and which software runs on the systems. This infrastructure behaves very similarly to classic servers. This makes it possible to ensure the highest degree of security with active security management.

    For the more complex AWS Services such as Amazon RDS, Redshift or WorkSpaces, considerably less expense is needed to guarantee the security of the applications. Here, however, the responsibility for security lies entirely with the cloud provider. AWS provides various tools that make it easier for the user to ensure data security.

    AWS Identity and Access Management (IAM)

    AWS Identity and Access Management (IAM) enables secure management of access to AWS services and resources for your users. With the help of IAM, you can set up and manage AWS users as well as use access rights to enable or block their access to AWS resources.

    AWS IAM enables:

    • Administration of the IAM User and the User Access

      In IAM you can create user accounts, assign them individual logon information (i.e. access key, passwords and multi-factor authentication devices) or request temporary log on information to grant users access to AWS services and resources. You can manage user rights to determine which processes a user may perform.

    • IAM Roles and Administration of your Access Rights

      In IAM, you can create roles and manage access rights to control which processes the entity, the user or the AWS service assigned to the role is allowed to execute. You can also determine to which entity the role can be assigned.

    • Access for Network Users  and Administration of your Access Rights

      You can activate the federated identity to enable existing identities in your company (such as users, groups and roles) to access the AWS Management Console, to call up AWS-APIs and to access resources without having to create an IAM user for each identity. More information on AWS IAM can be found here.

    AWS also offers encryption possibilities for Data at Rest and Data at Transit.

    AWS Key Management Service (KMS)

    This is a managed service that makes it easier for you to create and monitor the encryption key used for the data encryption and is used to protect the security of your hardware security module (HSM) keys. The AWS Key Management Service is integrated into several other AWS services to support you in protecting your data saved with these services. AWS Key Management Service is also integrated into AWS CloudTrail and provides you with protocols of the entire key usage; this supports you in adhering to your legal and compliance requirements.

    Data protection with the help of an encryption layer

    In particular, the German data privacy policy regarding personal data is very critical and often limits the efficient use of the cloud. To this end, Storm Reply has created an efficient solution together with their partner eperi eine effiziente Lösung geschaffen: We implement and operate an encryption layer on the basis of the eperi Gateway for Cloud Apps, which is a reverse proxy that encrypts all sensitive data before it can be processed in the cloud. Thus only encrypted and therefore non-critical data are processed in the cloud – sensitive data does not leave the company. This means all of the benefits of cloud computing can be used without limit. The high degree of security offered by the encryption means that personal data and data particularly in need of protection according to the federal data protection act (Bundesdatenschutzgesetz - BDSG) can be converted to non-critical data that ultimately no longer falls under order data processing requirements. An enormous advantage – also for cloud providers. In addition, there is a possibility to have the individual solutions on this basis certified by the federal office for security in information technology (Bundesamt für Sicherheit in der Informationstechnik - BSI). You can find out more about the eperi Gateway for Cloud Apps here.

    Furthermore, Storm Reply provides extensive specialist knowledge about data security at the corporate level in all areas thanks to the sister companies Spike Reply and Communication Valley Reply.

    RELATED CONTENTS

    IIOT

    Case Study

    An Industrial IOT platform for Schenck Process

    Schenck Process teamed up with Storm Reply to build a flexible, scalable, serverless, and modular IoT platform enabled by AWS technology. With CONiQ® Cloud Schenck Process now sells its customers digital process solutions that enable them to save valuable production time and gain critical insights fast, providing for longer reaction times.

    09.06.2021 - 10.06.2021 / Digital Event

    Event

    AWS Summit Online EMEA 2021

    Reply is a Gold Sponsor of the AWS Summit Online EMEA digital event. This event is intended for anyone who wants to promote change and accelerate innovation within their company.

    Cloud migration

    Case Study

    Storm Reply Refactored STMicroelectronics eDesignSuite to AWS Cloud

    STMicroelectronics is a leading independent semiconductor device manufacturer. Its customers use an online design app that was built in Adobe Flash, which was approaching end of life. A move to newer technology was essential. ST and AWS Partner Storm Reply refactored the app to the cloud using AWS.

     ​
     
     
     
    Reply ©​​ 2023 - Company Information -
     PrivacyCookie Settings​
    • Abou​t Reply​​​​
    • Investors​​​
    • Newsroom
    • Follow Reply on
    ​
    • ​About Storm ​Reply​
    • Privacy & Cookies Policy
    • Information (Client)
    • Information (Supplier)