Skip to content
Home
Cloud computing

Cloud computing

Simple scalability of your IT

Your data. Anytime. Anywhere. Securely available.

Cloud computing is long beyond a technological trend – it is a central building block of modern business strategies. In a dynamic and increasingly digital business world, the cloud enables IT resources to be provided flexibly, scalably and on demand. Companies benefit from greater agility and faster innovation cycles. 

By using cloud solutions, applications, data, and systems can be accessed regardless of location or time. At the same time, investment costs for in-house infrastructure are reduced, while maintenance and operation are increasingly handled by specialised providers. 

We support you in optimally leveraging the potential of cloud computing – from developing a suitable cloud strategy and secure migration to operating and continuously optimising your cloud environment. This way, you create a future-proof IT foundation that grows with your requirements.

Your IT should be as flexible as your business.

The various components of a security strategy that companies must consider – regardless of whether they store data locally or work with a cloud solution.

In addition to the aspects mentioned here, rights management (access control) and a data protection concept are also essential components of a comprehensive security concept. However, as these are conceptual issues where the location of the software and data makes no significant difference, rights management and data protection are not discussed in the following comparison.

1. Object security / Physical protection

Protecting one's own IT infrastructure also includes physical site security – whether against theft, vandalism, or sabotage.

If an attacker gains access to the server room, and therefore gets behind the firewall, it becomes significantly easier to carry out attacks on a company's IT infrastructure, such as deploying malware or intercepting network traffic.

Modern cloud data centres boast a first-class security concept for their server rooms, encompassing access control and intrusion detection. Measures such as mechanical protection, video surveillance, the "four-eyes" principle, 24/7 security personnel, and strict controls at critical access points are exemplarily implemented in large data centres.

Additionally, they ensure:

  • Permanent monitoring of the room temperature in the server rooms
  • Protection of all hardware components from overvoltage
  • Protection against technical damage such as fire, water damage, CO2 etc.

The probability of data centres falling victim to burglary and corporate data being lost in this way is extremely low.

Events such as power outages, network failures, hardware defects or fires can affect a company at any time and should not be underestimated. Security therefore also means being prepared for such scenarios. What happens if a company's ERP system fails on a Monday morning – for example, after a power outage or hardware defect? The webshop is offline, production is at a standstill, and every hour of downtime increases both the financial and image damage.

If a scenario such as a hardware or power failure does not affect ongoing operations, it is referred to as a highly available, fault-tolerant system.

Resilience and High Availability in the Cloud

High availability means that all components, as well as the entire IT infrastructure, must be present at least twice. This includes:

  • Redundant hardware that is spatially separated
  • Two separate power lines on different routes
  • Two independent network connections

Modern data centres are designed to fulfil this principle of highly available IT infrastructure. Here are some of the most important measures:

  • All necessary redundancies are standard.
  • 24/7 administrators for emergency interventions.
  • Division into different fire compartments to ensure high availability even in the event of a fire.
  • Geo-redundancy, providing IT infrastructure at two different, distant locations.

For most businesses, high availability via the cloud is significantly easier and more cost-effective to achieve. The necessary expertise for design and operation is considerable, and implementing geo-redundancy is definitely too complex and expensive.

2. Resilience and High Availability

3. Backup Strategy and Disaster Recovery

If data is corrupted in the production system – for example, by malware, faulty updates, or hardware issues – an IT infrastructure with mirrored architecture alone is not sufficient. This is because faulty or manipulated data is often automatically replicated in such systems as well. This is precisely where a well-thought-out backup strategy becomes crucial.

In an emergency, IT must be able to quickly access a clean backup and restore systems – ideally within 24 to 48 hours. 

The actual time taken for recovery depends heavily on the extent of the damage. In addition to restoring data, it may be necessary to replace defective hardware – which costs time if suitable spare parts are not available. Companies that rely on quick response times often invest in maintenance contracts with guaranteed spare part provision.

The fact is: a full recovery within two days is demanding. This requires not only the right technology but also clear processes, regular testing, and experienced specialists. Only then can a quick and controlled response be made in an emergency.

 

Cloud Backup Strategy and Disaster Recovery

In cloud data centres, the necessary redundancies and specialised system administrators are in place from the outset. Data is synchronised in real-time and geo-redundantly. Therefore, in the event of a failure, it is often just a routine procedure to restore a backup from before the critical event.

Unlike the first three scenarios, which are relatively rare, digital attacks on companies and their IT infrastructure occur several times a day. Effective protection against this threat comprises three main measures:

  • A secure network and firewall
  • Regularly closing security vulnerabilities and updating.
  • Protective measures against social engineering
4.1 Firewall

The correct configuration of a firewall is crucial and requires a lot of experience and expertise, especially when company employees also work remotely or from home via VPN. In cloud data centres, network technicians and system administrators are on hand around the clock. This allows a cloud provider to detect and block unusual data streams more quickly. Access via VPN from external networks is handled more restrictively in data centres, or user-specific firewalls are set up and maintained.

Companies that prefer an on-premise solution can achieve this protection with other service providers, but the likelihood of success for a digital attack on the firewall of a cloud data centre is significantly lower.

4.2 Security updates

It is important to keep your ERP system and IT infrastructure up-to-date for several reasons. Closing security vulnerabilities is a key argument. Companies must be very disciplined and regularly install all updates for all programmes to avoid dangers. In data centres, this happens automatically, which keeps the zero-day vulnerability for cloud applications as low as possible at all times.

4.3 Social Engineering

Social engineering attacks aim to identify and exploit employees as a vulnerability. A classic example is „tradespeople“ who gain temporary access to server rooms. Companies that their Do not continuously raise employee awareness, ..., are particularly susceptible to such attacks. Experiments have shown that a malicious file on a „left lying around“ USB stick can find its way into a company network frighteningly quickly and could cause significant damage. This scenario would be unthinkable in cloud data centres. There, all employees are familiar with the most common social engineering tricks and are regularly trained and made aware.

4. Protection against digital attacks

Conclusion

Based on the four core security aspects, it's clear that security in cloud data centres is exceptionally high. Cloud data centres not only protect their own data, but also that of many companies. This way, all customers benefit from the significant investments in security technology and the necessary redundancies.

Although cloud data centres do not offer 100%percent protection against digital attacks, they significantly reduce the attack surface and can almost completely eliminate the risks shown. To achieve a similarly high security standard, companies would have to expend enormous effort. Therefore, cloud solutions are currently among the safest options available.

YOUR CONTACT PERSON

Connect with our expert.
Non-binding, uncomplicated, but always with
added value for you.

MAX GIESSLER

Managing Director of bitformer GmbH