When choosing a cloud service, data security and data protection are business critical.
Cloud services are the drivers for digitalization, flexibility, and scalability in everyday work. This is why, before implementation, these services and their underlying infrastructure require careful checks on their security and the operator’s trustworthiness. In the best case, the manufacturer informs you directly about the security architecture of the cloud service.
This document informs you about data protection and the safeguards against failures, third-party access, and cyberattacks provided by the LANCOM Management Cloud (LMC). So you can be sure to be playing it safe even with your network management based in the cloud.
All information on data protection and data security in the LANCOM Management Cloud at a glance:
Is your company NIS2-compliant and digitally sovereign?
Take control of your network security and Digital Sovereignty. Security requirements are increasing: starting in 2024, the EU NIS2 directive will apply to more companies than ever before and mandate stricter measures for network and information security. Additionally, Digital Sovereignty is becoming an increasingly urgent issue in Europe. It’s worth checking whether your company needs to take action. We provide informational material and practical tips to help:
Learn more about NIS2 and Digital Sovereignty
What is cloud security and why is it so important?
The term “cloud security” refers to all measures that counteract the risks from data loss, service failure, or unauthorized access when using cloud services, while ensuring legal compliance with all data protection requirements. These include technical precautions such as data backups, but also process-related control mechanisms like authentication controls or the fulfillment of legal requirements, e.g. the GDPR and compliance guidelines.
Cloud security is particularly important because cloud services are usually accessed by large numbers of users, access and authorizations are often not clearly defined, and public clouds have increasingly become the target of cyberattacks in recent years. Whoever entrusts their data to a cloud expects it to be inaccessible to outsiders, modified only by authorized persons, and not to go missing. This is why the implementation of cloud-based solutions requires careful consideration of the following.
Risks of using cloud services
- Non-transparent data protection
- Data loss due to unforeseeable events in the data center (power failure, fire, flood)
- External threats such as severe cyberattacks through poorly secured access paths
- Internal threats from human error (e.g. misconfiguration or incorrect permissions)
Do these risk assessments sound familiar? Transparency and certainty give you the advantages of digitalized data and processes in a cloud – without the worry. A high level of cloud security eliminates or minimizes the risks associated with cloud use, e.g. through clear rules on data protection, security mechanisms in the event of a server failure, rigorous and up-to-date protection against cyberattacks, and strict access and rights management.
Cloud security is about more than merely satisfying predefined standards, it is about the highest levels of security and trust. This is why we go the extra mile with data sovereignty and security. Did you know that…
...the LANCOM Management Cloud optionally provides internal cloud interfaces for your own add-ins?
All functions of the LMC are available via a documented REST API. This means you can expand the LMC functionality with your own add-ins and, for example, integrate external “umbrella monitoring” or SIEM systems via a northbound interface.
...the LMC grows with your company without compromising on security?
The internals of the LANCOM Management Cloud are a highly scalable microservice architecture that is suitable for projects with up to over 100,000 devices.
...the LANCOM Management Cloud is German software and strengthens Germany's digital sovereignty?
LANCOM is a wholly owned subsidiary of the German technology group Rohde & Schwarz in Munich and adheres to the strict German legal framework for maximum security and data protection. Software and hardware from LANCOM are developed in Germany. Cloud hosting of the LMC and most of the manufacturing are based in Germany, guaranteeing secure data storage.
...all LANCOM devices use proprietary operating systems and are independent of external software manufacturers?
LANCOM routers, switches, firewalls, all of our Wi-Fi products, the LANCOM Management Cloud, and their interoperability are completely based on the LCOS family of operating systems. This gives you full control over your hardware and allows you to make immediate and individual decisions about configurations, updates, and much more.
...the LMC and all LANCOM products are continually developed with security and feature updates over many years thanks to a consistent and transparent update policy?
The LANCOM Management Cloud is under constant development in sprints, which produce new functions and improvements on a monthly basis. Even after the end of sale, LANCOM hardware benefits from major release updates for a further two years and also security updates for up to five more years. The lifecycle management of the LANCOM software and hardware remains transparent and predictable at all times.
As a manufacturer and supplier of IT network technology, we know all about the challenges that go with setting up, expanding, and managing IT networks – especially where a cloud is concerned. When developing the LANCOM Management Cloud, it was particularly important to us to meet the same high European security standards as our hardware and software. Furthermore, with servers hosted in Germany, the LMC is subject to the GDPR and European law.
The LANCOM Management Cloud prioritizes your data sovereignty and network security, and it meets all the requirements of a high-security cloud. The level of data protection and high availability, as well as the aspects of cybersecurity and access control, make it one of the most secure and trustworthy network management clouds on the market.
Requirements |
LANCOM Management Cloud |
---|---|
Compliance with the strict statutory provisions of the GDPR (General Data Protection Regulation) |
The LANCOM Management Cloud meets all the necessary criteria for GDPR-compliant operation and is not subject to any direct or indirect data transfer regulations such as the US Cloud Act. |
Central and secure hosting in the EU |
The LANCOM Management Cloud is hosted exclusively at ISO 27001-certified data centers in Germany. |
Cloud development with “IT-Security Made in Germany” |
LANCOM bears the trust seal “IT Security Made in Germany” initiated by the German Ministry of Economics, and has security certifications from the German Federal Office for Information Security. |
Requirements |
LANCOM Management Cloud |
---|---|
Geo-redundancy (use of several data centers at different locations) as a backup in the event of a total failure |
The data centers used by the LANCOM Management Cloud are > 400km apart. |
Guaranteed Internet access for working in the cloud |
All LANCOM components are designed for maximum operational reliability and autonomous continued operation even without a connection to the LMC. The devices have comprehensive redundancy and high-availability features as well as redundant interfaces for the highest possible availability of the connection. |
Requirements |
LANCOM Management Cloud |
---|---|
Secure access to the cloud-based solution |
The LANCOM Management Cloud is accessed exclusively via encrypted HTTPS connections. |
Secure network technology without backdoors |
No-spy agreement: Strict avoidance of hidden means of access with all LANCOM software and hardware products. |
Ongoing review of the latest technologies and continuing development of security standards |
Regular penetration tests carried out by external experts simulate attacks on the LANCOM Management Cloud in order to detect and fix security vulnerabilities. This is supplemented with security audits by renowned large corporations and extensive internal security measures. |
Requirements |
LANCOM Management Cloud |
---|---|
Unique identification of cloud users |
The 2-factor authentication when accessing the LANCOM Management Cloud provides unequivocal identification of the user. |
Strict assignment of access rights |
A rigorous assignment of roles and rights within the LANCOM Management Cloud provides a clear definition of who has which authorizations, including user roles and audit logs of limited duration and content. |
Modern network management without security concerns
With the LANCOM Management Cloud, your IT network is in good hands. Cloud security with the LMC ensures that your data is handled diligently and securely, and it provides you with modern and efficient network management.
Are you curious about the added value that the LANCOM Management Cloud delivers for system administration? Then feel free to continue reading on our other topic pages.