info@itnetx.ch

+41 848 99 00 00

[gtranslate]
To the initial consultation

Working securely from the cloud

It's no secret that cloud computing is no longer hype, but reality. Advantages such as low costs or flexible and scalable IT services are convincing in today's world and allow companies to work simply, efficiently and securely.

Working securely from the cloud

It's no secret that cloud computing is no longer hype, but reality. Advantages such as low costs or flexible and scalable IT services are convincing in today's world and allow companies to work simply, efficiently and securely.
Created on:
Created on:
Cloud services are practical and give even small companies access to expensive software solutions. But are they secure? We list the most important facts about cloud security and show what is important when using cloud services securely. 

What is the cloud?

The cloud is a service that can be used to store data. Data is transferred via the internet or another network to an off-site system that is managed by a third party. In practice, a distinction is made between three basic application variants for cloud computing. In the public cloud, a freely accessible provider makes the cloud available and several customers share the infrastructure without taking any notice of each other. The private cloud is exclusively accessible to one company and is operated by the company itself or by the IT service provider. In the hybrid cloud, certain services are run by the public provider, while others are operated and processed within the company. It is a mixture of public and private cloud. Although more and more companies are turning to cloud services, security concerns remain one of the biggest obstacles to switching to the cloud. However, if companies take all the necessary measures to protect their data, the cloud is one of the most secure storage media. Cloud providers are doing everything they can to meet both the EU General Data Protection Regulation (GDPR) and compliance requirements while applying the highest security standards. 

Cloud security

Cloud security comprises a large number of individual measures to secure cloud services and cloud environments. Cloud security minimizes the risk of outages, data loss and unauthorized access. It is an increasingly important, if not the most important, component of cloud computing. To ensure compliance, infrastructure protection and data processing and storage, rules, processes and technical specifications must be defined. 

#The five most important safety criteria

  • The server and network security that guarantees a secure barrier between the outside world and data, but also between the various cloud customers. 
  • Identity and access management that protects every single data access and clearly defines the individual access authorizations. 
  • Information security that ensures that sensitive data is always confidential, honest and available and that data protection guidelines are compliant. 
  • Application and platform security, by means of which the applications are secure and which are regularly checked for vulnerabilities.  
  • Physical security ensures that the hardware is located in a secure environment with controlled access authorizations. 

Security and compliance through standards and certificates

If a cloud provider meets certain standards, customers know that their data is being processed and stored properly. Basically, standards can be divided into three types: 
#Cross-industry international standards result from customer demands for a consistent approach to operations, security, data protection, risk management and governance. 
# standards, which cover vertical and regional areas, have introduced their own standards. These include healthcare, financial services and government. In many cases, a company cannot offer online services to its customers in these industries unless it complies with the regulations applicable to that industry (regional standards, such as FISC, PDPA, MLPS / vertical standards, such as PCI-DSS (financial industry), FedRAMP (U.S. Federal Government), HIPAA (healthcare industry). Standards that cover vertical and regional areas have introduced their own standards. These include the healthcare and financial services industries as well as government agencies. In many cases, a company cannot offer online services to its customers in these industries unless it complies with the regulations applicable to that industry (regional standards, such as FISC, PDPA, MLPS / vertical standards, such as PCI-DSS (financial industry), FedRAMP (U.S. Federal Government), HIPAA (healthcare industry). 
#Standards based on national needs or data protection laws include regulations and standards based on national needs or data protection laws (standards such as EU GDPR, Privacy Shield). 
In addition to the above-mentioned standards, certifications also offer a uniform method for assessing the ability of a cloud provider to meet these standards. Even if the data is stored by the cloud provider, the customer is obliged under data protection law to ensure that the agreed technical and organizational measures for the protection of personal data are implemented. Users can also use various security labels awarded by independent institutions to check whether a cloud provider meets defined security standards or complies with the relevant national legal regulations.  

Location of the cloud provider

The "location of the cloud provider" is also an important criterion for many companies. Information about the location of the cloud provider and the servers provides the user with information about which data protection law their data is subject to after storage. With many cloud offerings, it is not immediately clear in which country the provider is based or where its data centers are located. Company location and data storage in the legal territory of Switzerland create trust in the cloud provider - even beyond our national borders.  

Advantages of cloud services for companies

The data can be accessed flexibly anywhere and with any device. This offers simple and flexible access to data during business trips or from the home office. Cloud storage via a public cloud also means that companies do not need their own infrastructure. Cloud services also have other clear advantages for companies:  
#High scalability and needs-based use  The flexible scalability of virtual IT resources is one of the most obvious advantages. Storage space, RAM, CPU power or software licenses can be added or switched off as required. The resources are freely available at any time. 
#Fast deployment Providing resources in your own data center can take several working hours. Services from the cloud are available within minutes. 
1TP7Variable fixed costs Thanks to pay-per-use models, companies only pay for the services they actually use. No resources are wasted and fixed costs become variable costs. 
#Reduced administration effort Companies that look for a service provider such as itnetX (Switzerland) AG to implement and operate the cloud significantly reduce their administration costs. This reduces costs. 
#Growing technologies in growing markets Sales markets are constantly changing and product cycles in the software sector are becoming ever shorter. Very few companies are able to keep pace. If services from the cloud are used, the pressure to innovate is shifted to the IT service provider. The cloud service provider is now responsible for updating existing software, purchasing new hardware and further developing the quality and quantity of existing resources. And last but not least: 
#Clouds can increase data security and data protection Established cloud providers deal with regulatory compliance on a daily basis. As they deal with a large number of customers and data in almost every industry and country, their experience of standards and regulatory requirements is more extensive than that of an individual company. This has the advantage that many regulatory and data protection obligations and requirements for compliance with recognized standards can be passed on to or shared with the cloud provider. However, you can only increase data security and protection if you commission a qualified IT service provider like us. You can protect yourself accordingly with a service contract. 

The most frequently used cloud infrastructures

According to IDG's 2019 Cloud Security Study, 52% of infrastructures run on Microsoft Azure, 37% on Google Cloud Platform and 32% on Amazon Web Services. When asked about satisfaction with the infrastructure, Microsoft Azure takes first place in the ranking. 
We also use the Microsoft Azure cloud infrastructure. Microsoft complies with all current certifications and the BSI's Cloud Computing Requirements Catalog (C5) for more than 100 of its global data centers. The C5 catalog consists of a total of 114 requirements in 17 areas, including the organization of information security and physical security and additional requirements for the processing of highly confidential data and for situations that require high availability. 
Want to know how you can work with your company easily, securely and efficiently from the cloud? Then take a look at our Azure solutions. We are happy to advise you. 

Cloud services are practical and give even small companies access to expensive software solutions. But are they secure? We list the most important facts about cloud security and show what is important when using cloud services securely.

What is the cloud?

The cloud is a service that can be used to store data. Data is transferred via the internet or another network to an off-site system that is managed by a third party. In practice, a distinction is made between three basic application variants for cloud computing. In the public cloud, a freely accessible provider makes the cloud available and several customers share the infrastructure without taking any notice of each other. The private cloud is exclusively accessible to one company and is operated by the company itself or by the IT service provider. In the hybrid cloud, certain services are run by the public provider, while others are operated and processed within the company. It is a mixture of public and private cloud. Although more and more companies are turning to cloud services, security concerns remain one of the biggest obstacles to switching to the cloud. However, if companies take all the necessary measures to protect their data, the cloud is one of the most secure storage media. Cloud providers are doing everything they can to meet both the EU General Data Protection Regulation (GDPR) and compliance requirements by applying the highest security standards.

Cloud security

Cloud security comprises a large number of individual measures to secure cloud services and cloud environments. Cloud security minimizes the risk of outages, data loss and unauthorized access. It is an increasingly important, if not the most important, component of cloud computing. To ensure compliance, infrastructure protection and data processing and storage, rules, processes and technical specifications must be defined.

#The five most important safety criteria

  • The server and network security that guarantees a secure barrier between the outside world and data, but also between the various cloud customers.
  • Identity and access management that protects every single data access and clearly defines the individual access authorizations.
  • Information security that ensures that sensitive data is always confidential, honest and available and that data protection guidelines are compliant.
  • Application and platform security, by means of which the applications are secure and which are regularly checked for vulnerabilities.
  • Physical security ensures that the hardware is located in a secure environment with controlled access authorizations.

Security and compliance through standards and certificates

If a cloud provider meets certain standards, customers know that their data is being processed and stored properly. Basically, standards can be divided into three types:
#Cross-industry international standards result from customer demands for a consistent approach to operations, security, data protection, risk management and governance.
# standards, which cover vertical and regional areas, have introduced their own standards. These include healthcare, financial services and government. In many cases, a company cannot offer online services to its customers in these industries unless it complies with the regulations applicable to that industry (regional standards, such as FISC, PDPA, MLPS / vertical standards, such as PCI-DSS (financial industry), FedRAMP (U.S. Federal Government), HIPAA (healthcare industry). Standards that cover vertical and regional areas have introduced their own standards. These include the healthcare and financial services industries as well as government agencies. In many cases, a company cannot offer online services to its customers in these industries unless it complies with the regulations applicable to that industry (regional standards, such as FISC, PDPA, MLPS / vertical standards, such as PCI-DSS (financial industry), FedRAMP (U.S. Federal Government), HIPAA (healthcare industry).
#Standards based on national needs or data protection laws include regulations and standards based on national needs or data protection laws (standards such as EU GDPR, Privacy Shield).
In addition to the above-mentioned standards, certifications also offer a uniform method for assessing the ability of a cloud provider to meet these standards. Even if the data is stored by the cloud provider, the customer is obliged under data protection law to ensure that the agreed technical and organizational measures for the protection of personal data are implemented. Users can also use various security labels awarded by independent institutions to check whether a cloud provider meets defined security standards or complies with the relevant national legal regulations.

Location of the cloud provider

The "location of the cloud provider" is also an important criterion for many companies. Information about the location of the cloud provider and the servers provides the user with information about which data protection law their data is subject to after storage. With many cloud offerings, it is not immediately clear in which country the provider is based or where its data centers are located. Company location and data storage in the legal territory of Switzerland create trust in the cloud provider - even beyond our national borders.

Advantages of cloud services for companies

The data can be accessed flexibly anywhere and with any device. This offers simple and flexible access to data during business trips or from the home office. Cloud storage via a public cloud also means that companies do not need their own infrastructure. Cloud services also have other clear advantages for companies:

#High scalability and needs-based use  The flexible scalability of virtual IT resources is one of the most obvious advantages. Storage space, RAM, CPU power or software licenses can be added or switched off as required. The resources are freely available at any time.
#Fast deployment Providing resources in your own data center can take several working hours. Services from the cloud are available within minutes.
1TP7Variable fixed costs Thanks to pay-per-use models, companies only pay for the services they actually use. No resources are wasted and fixed costs become variable costs.
#Reduced administration effort Companies that look for a service provider such as itnetX (Switzerland) AG to implement and operate the cloud significantly reduce their administration costs. This reduces costs.
#Growing technologies in growing markets Sales markets are constantly changing and product cycles in the software sector are becoming ever shorter. Very few companies are able to keep pace. If services from the cloud are used, the pressure to innovate is shifted to the IT service provider. The cloud service provider is now responsible for updating existing software, purchasing new hardware and further developing the quality and quantity of existing resources. And last but not least:
#Clouds can increase data security and data protection Established cloud providers deal with regulatory compliance on a daily basis. As they deal with a large number of customers and data in almost every industry and country, their experience of standards and regulatory requirements is more extensive than that of an individual company. This has the advantage that many regulatory and data protection obligations and requirements for compliance with recognized standards can be passed on to or shared with the cloud provider. However, you can only increase data security and protection if you commission a qualified IT service provider like us. You can protect yourself accordingly with a service contract.

The most frequently used cloud infrastructures

According to IDG's 2019 Cloud Security Study, 52% of infrastructures run on Microsoft Azure, 37% on Google Cloud Platform and 32% on Amazon Web Services. When asked about satisfaction with the infrastructure, Microsoft Azure takes first place in the ranking.
We also use the Microsoft Azure cloud infrastructure. Microsoft complies with all current certifications and the BSI's Cloud Computing Requirements Catalog (C5) for more than 100 of its global data centers. The C5 catalog consists of a total of 114 requirements in 17 areas, including the organization of information security and physical security and additional requirements for the processing of highly confidential data and for situations that require high availability.
Want to know how you can work with your company easily, securely and efficiently from the cloud? Then take a look at our Azure solutions. We are happy to advise you.

Zurich

Industriestrasse 46

8152 Glattbrugg

Bern

Belpstrasse 37

3007 Berne 

Lausanne

Avenue des Bergières 42

1004 Lausanne

© 2025 by itnetX (Switzerland) AG

+41 848 99 00 00

info@itnetx.ch

en_USEnglish
de_DEGerman fr_FRFrench en_USEnglish