Hello dear readers,
In the iX issue 10/2013 an interesting article with the name “Cloud provider selection in view of the NSA affair” appeared this week.
This article describes in particular how difficult it is for American companies to deal with this affair and to pacify or reassure customers when it comes to data protection. The reader is also asked to what extent “German Cloud” is really German, whether a German infrastructure alone is sufficient and, above all, what the legal situation is like if data is not stored on German servers.
Kiel-based analyst and cloud expert René Büst has thought about the precautionary measures for cloud customers and has written around 300 questions on legal, technical and contractual aspects that customers should internalize. The iX then created a question box with the "10 most important questions for the cloud provider" to make it easier for the customer to sort the offers.
Auch webtropia.com has taken on these questions and does not want to withhold the answers from you. Here are our answers to the 10 most important questions:1.) iX question: In which country are the data centers used for cloud computing located? webtropia.com response: Our servers are located exclusively in a data center in Germany, Düsseldorf. 2.) iX question: In which countries does the cloud operator itself or a subsidiary or parent company do business? webtropia.com response: We are only active in North Rhine-Westphalia. 3.) iX question: Where is the company headquarters of the provider? webtropia.com response: Our head office is at Am Gatherhof 44 in 40472 Düsseldorf - Germany. 4.) iX question: Where is the place of jurisdiction? webtropia.com response: The place of jurisdiction is Düsseldorf. 5.) iX question: Does the cloud operator notify the customer when the authorities have or is accessing the data? webtropia.com response: Due to the legal situation, the customer concerned is notified after approval by the requesting authority. 6.) iX question: Is it disclosed whether and, if so, which third-party providers are used for the service? webtropia.com response: We disclose which third party providers are used for this service. 7.) iX question: To what extent is information about violations of third party providers against German data protection law? webtropia.com response: If such violations occur, those affected will be informed. 8.) iX question: As a customer, does one receive a complete, up-to-date and detailed list of the hardware and software used for the cloud service? webtropia.com response: Yes it is. 9.) iX question: Are all contracts concluded according to German law? webtropia.com response: All our contracts are concluded exclusively according to German law. 10.) iX question: How high is the contractual penalty for a breach of German data protection law or the agreed confidentiality provisions? webtropia.com response: There are no lump-sum contractual penalties; these are agreed with the respective business customer on a case-by-case basis.
webtropia.com has entrusted itself with answering these questions very precisely in order to convey our attitude to the subject of data protection to you.
You can find more information at: http://www.webtropia.com
Many greetings and have a nice weekend
the blog team at webtropia.com
Sources used: iX - Edition 10/2013 - report: “Cloud provider selection in view of the NSA affair” by: Monika Ermert - freelance journalists
Confidential data only belong in the cloud in encrypted form, if the encryption is good, it doesn't matter where it is stored.