Open Telekom Cloud for Business Customers

Which are the most trusted cloud certifications?

by Editorial team

In this article, you will find out:

  • which ISO certifications deliver for optimal data protection and IT security.
  • which of these certifications Open Telekom Cloud already has.
  • what effect the new Trusted Cloud seal will have on unified European data security.
Which are the most trusted cloud certifications?
With Trusted Cloud, the confusion around data protection and IT security will come to an end

Trusted Cloud Seal is on its way

When choosing a cloud service, price and performance top the list-- but what else should you consider? Across Europe and especially in Germany,  IT security / data protection is also high on the list of priorities for potential cloud users.

As with any contracted IT service, basic legal requirements must be covered for the cloud and this includes IT security and data protection.

Every company must comply with these requirements for their business-related data. If IT resources are contracted to an external supplier rather than dealt with in-house, these obligations are passed on to the contracted company. The customer (the EU calls them a “controller”) must ensure and monitor that the IT supplier (the “processor”) fulfils the legal regulations.

From an IT security point of view, it isn’t particularly helpful for IT providers to have their customers forming an orderly queue outside their data centres (“The next tour in English starts at 2:45…”). Thanks to independent third-party certification, lawmakers have found a solution to allow controllers and processors to meet their legal obligations.

The mother of all certificates: ISO 27001

ISO 27001 is today’s standard certification. It stipulates the requirements for an information security management system that covers the IT risks within the entire organisation. Even in the age of the cloud, it still has its uses. As a minimum, cloud providers should have achieved this.

When looking for specific cloud certification, companies are confronted with different national, international, and trade association initiatives.

Cloud Security Alliance: Star Certification

The Cloud Security Alliance’s (CSA) Star Certificate is recognised internationally. Many providers use this self-assessment option in which they certify themselves. Open Telekom Cloud commissioned a third-party audit by TÜV Austria and achieved CSA Star Level 2 Gold (the certificate expired on July 22, 2021). Any provider’s certification status can be checked on the CSA website. Furthermore, release management for each cloud is part of the certification. This means whenever new features and services are introduced, the certification is still valid.

Further certification from the ISO family

ISO 27017 and ISO 27018 certificates, offshoots from the ISO family, have become widely recognised for data security and protection in the cloud. These de-facto standards are currently referred to as non-binding certificates with no real substance but they are frequently required. Open Telekom Cloud has also successfully completed this certification process in December 2016.

German initiative: Trusted Cloud

An initiative by the German Federal Ministry for Economic Affairs and Energy (BMWi) is currently making waves in Germany. Deutsche Telekom representatives have also been involved in the Trusted Cloud initiative and testing criteria has been developed. The introduction of the certification was confirmed in September and an accreditation body is currently being chosen so official certifications can start during the course of the next year.

The best thing about this certification is that providers who carry the Trusted Cloud seal have a sort of all-round worry-free service. If German Federal Authorities or German firms use providers with this certification, they are certain to be on the safe side, knowing that providers will (for them) fulfil all the data security and data protection requirements laid down by law in Germany. The Trusted Cloud seal is therefore an entry card to Germany for cloud businesses.

The trend is not confided to Germany, though. Trusted Cloud is as been recognised by the European General Data Protection Regulation (GDPR), passed by the EU in April. GDPR will replace the current Data Protection Directive which has been the standard since 1995. The requirements of the GDPR are already built-in to the Trusted Cloud Seal, making Trusted Cloud certification an entry card for European business.

With Trusted Cloud, the confusion around data protection and IT security will come to an end. In fact, the new seal will significantly simplify cloud agreements, ensuring both sides that they made the right decision.


Book now and claim starting credit of EUR 250

 

Do you have questions?

We answer your questions about testing, booking and use – free of charge and individually. Try it! 
Hotline: 24 hours a day, 7 days a week
0800 3304477 from Germany / 00800 33044770 from abroad

  • Communities

    The Open Telekom Cloud Community

    This is where users, developers and product owners meet to help each other, share knowledge and discuss.

    Discover now

  • Telefon

    Free expert hotline

    Our certified cloud experts provide you with personal service free of charge.

     0800 3304477 (from Germany)

     
    +800 33044770 (from abroad)

     
    24 hours a day, seven days a week

  • E-Mail

    Our customer service is available free of charge via E-Mail

    Write an E-Mail