Data Centers & Infrastructure

Maximum security you can count on

We have four data centers in Germany: 2x in Frankfurt am Main and 2x in Munich. All data centers are of course equipped with highly secure access systems, redundant power supply, the latest fire protection systems and certified according to ISO/IEC 27001. Of course, we also comply with the current data protection regulations of the GDPR. Since our infrastructure is distributed across Germany, we are also able to implement individual requirements for spatially separated operation of applications or backups in separate data centers.

  • Datacenter Sicherheit
  • Netzwerksicherheit
  • Cloud Monitoring
  • Cloud Sicherheit
12345

More than just physical security for your data

Data security is based not only on technical security solutions, but also on organizational security precautions. These are often crucial, especially for data protection. Our cloud services meet the highest security standards.

In addition to the physical security of our data centers, we meet the organizational and technical requirements of the General Data Protection Regulation (GDPR) and ISO/IEC standard 27001. Our systems are under constant surveillance and security updates and patches are continuously and automatically applied by systems developed in-house. Emergency plans ensure that critical situations are managed professionally and successfully and that appropriate precautions are taken to avoid them. By using state-of-the-art encryption technologies, such as AES, TLS, HTTPS or IPsec, we prevent unauthorized access to the transmitted data. On request, modern web application firewalls and comprehensive protection against distributed denial of service (DDoS) attacks provide further security.

Maximum security for your data

Security according to ISO/IEC 27001

All our data centers are certified according to ISO/IEC 27001. This guarantees the highest level of security.

Availability up to Tier 4

Guaranteed availabilities. Fixed SLA with defined availability depending on the system up to 99.995% (Tier 4).

Data Security & Backups

Managed firewalls, daily backups and continuous monitoring of all systems protect your data.

Data protection according to EU-GDPR

We store important data exclusively in German data centers in compliance with the EU Data Protection Regulation.

Emergency plans

Emergency plans are in place for contingencies and our team acts proactively to resolve the issue.

24/7 emergency hotline

In case of emergency, we are available for you around the clock and respond immediately to malfunctions.

Data center, InfrastrukturWorkflows, DocumentationEncryption, ConfidentialityAccount SecurityData protection, GDPR

Data Center & Infrastructure

We offer products from certified high-security data centers in Germany to provide the best possible protection for your data and systems (except for our Content Delivery Network, which is naturally distributed around the world). With our products, we guarantee you the highest standards in the areas of data protection, data security and damage protection. You can also rely on us in the event of possible access by foreign authorities.

Currently, we are represented in four different data centers. 2x in Frankfurt am Main, 2x in Munich. Of course, after planning your individual infrastructure, you will receive detailed “General Technical and Organizational Measures” (TOM) with the exact locations of your booked infrastructure.

We work exclusively according to German law, including data protection, warranty and liability. So you can rest assured that your rights and interests are fully protected.

The data centers that house cloudshift®’s infrastructure are equipped with a variety of physical security measures to ensure the safety of our data and that of our customers. Here are some of our key security measures:

  • Access controls and singulation facilities: access to the data centers is strictly controlled, and all employees must use an access card and fingerprint recognition to gain entry. Separation systems ensure that only authorized individuals can enter the data center.
  • 24/7 security: There is a round-the-clock security service that monitors access to the data centers and reports suspicious activity.
  • Video surveillance: The data centers are equipped with surveillance cameras that are active around the clock. All activities are recorded and stored.
  • Alarm systems: There is an alarm system that reacts to unauthorized access, smoke development or increased humidity. In the event of an alarm, security personnel are notified immediately.
  • Fire and flood protection: data centers are equipped with special fire alarm systems and fire extinguishing systems to prevent or quickly extinguish fires. They are also protected against water damage.
  • Redundant power supply: The data centers are equipped with a redundant power supply consisting of multiple power supplies and diesel generators. In the event of a power failure, the systems can continue to operate.

For our data centers, cloudshift® has end-to-end certifications according to ISO/IEC 27001 (ISO 27001 for short). ISO 27001 is the best-known international standard for IT security management and defines the requirements for an IT security management system. The goal of implementing the standard is to demonstrate that appropriate and adequate security measures are chosen to protect information assets and build trust with interested parties.

ISO 27001 applies to the development and operation of Internet products and services and associated data centers. Our certification includes a systematic security concept as well as numerous security measures in the IT infrastructure itself, in secondary technology and in the process chain.

Our security concept is based on defined standards and is regularly reviewed. We implement a range of security measures, including data mirroring between multiple data centers on request, uninterruptible power supply through battery-backed UPS systems, emergency diesel power for up to four weeks of autonomous operation, laser fire alarms and extinguishing gas, access and entry rules, employee obligations and training, and regular analyses of new security requirements.

In all our data centers, we perform regular backups to ensure that your data is protected and available at all times. Our backup system is automatically configured to create at least one backup of your data daily on a separate backup storage. Depending on the tariff booked, these backups are also stored at more frequent intervals and at several physically separate locations. We place great importance on the security and integrity of your data, and therefore ensure that we take all necessary steps to protect it. If there is ever an outage or disaster, we can restore your data quickly to resume business operations as soon as possible.

All cloudshift® data centers are protected by firewalls whose rules are set and regularly updated by us. These firewalls are an important protection mechanism to ensure the security of the data and applications in our data centers.

In addition, all our firewalls already have basic DDoS protection to quickly detect and block potential attacks. We place great importance on the security of our customers and have therefore integrated reliable DDoS protection into our infrastructure. DDoS stands for Distributed Denial of Service and refers to an attack on a network or server in which a large number of requests are sent from various sources simultaneously. The goal is to paralyze the system by overloading it and exhausting the resources of the server or network.

For additional protection, we also offer a managed firewall on request, specifically designed to meet your requirements. Our managed firewall allows you to control and customize firewall rules to regulate access to your applications and data. We provide comprehensive firewall management and maintenance to ensure your firewall is always up-to-date and functioning optimally.

Overall, cloudshift® provides a robust firewall strategy to ensure the security and integrity of our customers’ data and applications. We rely on the latest technologies and practices to quickly detect and defend against potential threats, providing a secure environment for your business-critical applications.

With all our Managed Servers and Software as a Service (SaaS) products, system updates are already included and performed on a daily basis. We understand how important it is for our customers to keep their systems up to date and responsive to potential security threats. For this reason, we have developed an automated update routine to ensure that our customers are always using the latest versions of our products.

Our daily system updates include not only the latest security patches, but also the latest features and enhancements for our products. We always keep up with the latest technology and ensure that our customers can benefit from the latest developments in the industry.

We also conduct regular testing to ensure that all updates run smoothly and do not cause any downtime or disruption to our customers. Furthermore, we work hard to ensure that our customers have a secure and reliable system environment to run their business-critical applications at all times.

In summary, we ensure that all of our managed servers and SaaS products are regularly updated to ensure maximum performance, security and reliability. Our customers can rest assured that their systems are always up-to-date and that we continuously strive to provide the best possible experience.

In the context of hosting, “Tier 4” refers to the highest level of data center classification developed by the Uptime Institute, an organization concerned with data center efficiency and availability.

A Tier 4 data center is the highest level assigned by the Uptime Institute. It is a data center that provides the highest levels of availability and resiliency by having dual power supplies, redundant networks, automatic recovery, redundant cooling systems and other state-of-the-art features.

Tier 4 data centers are designed for mission-critical applications where it is absolutely essential that the system is always available and operational. Such data centers offer 99.995% availability and typically have very stringent security and control measures implemented.

It is important to note that “Tier 4” in the context of hosting refers only to the availability and resilience of data centers, and not to the quality or scope of hosting services in general.

Workflows & Documentation

As a technology company, our primary goal is to provide our customers with the highest possible availability and performance. We understand how important it is for companies to have their systems always available and running smoothly. For this reason, we offer separate SLAs (Service Level Agreements) for each service, guaranteeing the required availability, response time and recovery time.

Our SLAs ensure that our customers can access their systems and applications at all times without any downtime or interruptions. We are proud to offer up to 99.995% (Tier 4) availability and are constantly working to further improve our products and services.

When working with partner companies, for example to expand our product portfolio, we take care to monitor and evaluate the product safety of our partners. We are aware that product and service security is an important factor, and have therefore agreed SLAs for both availability and incident handling (confidentiality and integrity) with our partners.

Our OLAs (Operational Level Agreement) ensure that all processes and operations within our organization run smoothly and meet the highest standards. We continuously monitor and optimize our systems and infrastructure to ensure that we can provide the best possible performance and availability at all times.

Overall, our SLAs and OLAs provide comprehensive security and reliability for our customers to ensure that they can always access their systems and applications. We are committed to providing the best possible experience for our customers and will continue to invest in technology and infrastructure to ensure we always meet the highest standards.

General technical and organizational measures (TOM) are an important component of information security. TOM are a combination of technical and organizational safeguards that help ensure the confidentiality, integrity and availability of information in a company or organization.

We have developed our own TOM for all our cloudshift® products to ensure that we meet the highest security standards at all times. Our TOM is continuously updated to reflect the latest developments and threats.

We understand how important it is for our customers that their data and applications are protected at all times. That’s why we provide our customers with a copy of our TOM when they sign a contract, so they can learn about the measures we take to protect their data and applications.

Our TOM includes a variety of protective measures, such as access controls, encryption of data, control of physical access to our data centers, and securing our infrastructure against cyberattacks.

By implementing this TOM, we are able to provide our customers with the security and reliability they need to safely run their mission-critical applications and data. We pride ourselves on creating a secure environment for our customers and continually strive to improve our TOM to meet the ever-increasing demands for information security.

At cloudshift®, we understand how important it is to be able to access our services at any time and that possible disruptions need to be resolved immediately. That’s why we offer our customers a 365/24/7 emergency hotline.

Our emergency hotline is available to our customers around the clock and is the central link between our customers and our support team. Here, customers can report technical problems and receive assistance in troubleshooting.

Our support team specializes in solving technical problems quickly and efficiently while ensuring high customer satisfaction. We work with the latest technologies and processes to ensure that we can respond to our customers’ needs at all times.

We know that every minute of disruption is precious to our customers. That’s why we’ve designed our emergency hotline to respond quickly and effectively to technical issues. Our goal is to support our customers in every way possible and to ensure that they can access our services at any time.

Our emergency hotline is an important part of our customer support and further evidence of our commitment to always provide the best service to our customers.

Ensuring the continuous availability of our products and services is of paramount importance to us. To ensure that we can act again quickly in the event of damage, we have developed emergency plans and emergency management for all our standard products.

Our emergency plans and emergency management are regularly reviewed and updated to ensure that they always meet the highest standards. We are constantly working to optimize our processes and measures to ensure maximum availability and performance for our customers.

Our contingency plans and emergency management include a variety of measures to ensure that we can respond quickly and minimize damage in the event of an emergency. We have developed processes for identifying and rectifying faults, replacing system components, and restoring data and applications.

For individual projects, we offer customized emergency management and contingency plans in cooperation with the customer on request. In doing so, we take into account the customer’s specific requirements and needs and develop tailored solutions to ensure that the company is quickly able to act again in the event of an emergency.

Overall, our contingency plans and emergency management are an important part of our efforts to provide our customers with a secure and reliable system environment. We strive to continuously improve our products and services and to provide our customers with the best possible experience.

Encryption & Confidentiality

One of the most important methods of protecting data during transmission is the use of SSL certificates. SSL (Secure Sockets Layer) is an encryption protocol that establishes a secure connection between a server and a client. It encrypts data during transmission to protect it from unauthorized access and misuse.

Our SSL certificates ensure that your data is transferred securely at all times by establishing a secure connection between our server and your device. We use certificates from trusted certificate authorities to ensure that your data is protected from all types of cyber threats.

In addition to using SSL certificates, we have also implemented a variety of security measures to ensure that your data is safe at all times. These include the use of firewalls, access controls, encryption of data, and much more.

Overall, the security of your data is of the utmost importance to us. We implement all necessary measures to ensure that your data is protected throughout the transfer process.

Data at rest refers to data that is not actively being moved, such as data stored on our infrastructure. By encrypting data at rest, we ensure that even inactive data remains subject to our data security.

Only strong methods such as AES (Advanced Encryption Standard) or RSA should be considered for encryption of data at rest. Even if access controls such as username and password fail, encrypted data should remain encrypted. It is recommended that encryption be increased to multiple levels and that cryptography be implemented on the database where the data resides as well as on the physical storage where the databases are stored.

Personal data, such as names, addresses, payment data and, of course, passwords are stored by us internally in encrypted form only, even at rest.

In addition to technical measures to ensure the security of data and information, confidentiality contracts can be an additional protective measure. These contracts create a legal basis for the confidentiality of information and can play an important role in many industries, especially for sensitive data.

Our administrators are required to comply with the following confidentiality agreements and have been trained accordingly: data secrecy in accordance with the General Data Protection Regulation (GDPR), telecommunications secrecy in accordance with Section 3 of the Telecommunications Services Act (TTDSG), social secrecy in accordance with Section 78 of the German Social Code X (SGB X), and the obligation to maintain confidentiality in accordance with Section 1 of the Obligations Act (VerpG).

Additional confidentiality agreements are an important instrument for ensuring that confidential information is not disclosed to unauthorized third parties. They can be concluded between companies, employees or other parties to ensure that information is not misused or disclosed.

At our company, we understand how important the confidentiality of information is to our customers. Therefore, we offer the option to enter into non-disclosure agreements upon request to ensure that our customers’ confidential information is protected at all times.

Our non-disclosure agreements are specifically tailored to the needs of our clients and can be customized to meet the specific requirements and needs of each client. We also provide legal counsel to ensure that our customers receive the best possible legal support.

Overall, non-disclosure agreements provide an additional measure of protection for the confidentiality of information. Alongside our technical measures, they are an important part of our efforts to provide our customers with the highest level of security.

Account Security

To make the login of our customers to critical cloudshift® customer interfaces as secure as possible, we rely on the proven 2-factor authentication system TOTP (Time-based One-Time-Password).

With this method, a shared secret key is generated by an algorithm. This key can be scanned by an authenticator app on any smartphone or tablet that has a QR scanner. The app combines the secret key with the current timestamp, using a cryptographic hash function to generate a unique value. This value is matched against the hash function generated by the server.

The TOTP system is a standard method published by the Internet Engineering Task Force (IETF). It provides a reliable and secure way to effectively protect our customers’ logins.

At cloudshift®, we rely on security best practices to ensure the safety of our customers and their data. The TOTP system is just one of many security measures we have implemented to ensure that our customer center is as secure as possible.

To best ensure the security of our customers’ user accounts, our company relies on an intelligent anti-brute force system. This system uses a variety of information, such as IP address or geo IP location, to check our customers and detect potential attacks.

By using this data, we can target our security system and detect potential threats early. As soon as suspicious activity occurs, countermeasures can be initiated automatically, such as inserting CAPTCHAs, temporary or permanent account closures, or IP blocking.

Our anti-brute force system is designed to ensure the highest level of security for our customers. We rely on innovative technologies and smart security measures to prevent brute force attacks and protect our customers from cyber threats.

At cloudshift®, we place great importance on the security and protection of our customers’ data. With our anti-brute force system, we can ensure that user accounts are optimally protected at all times and that only authorized persons have access to our services. Our customers can rest assured that their data is in good hands with us and that we do everything we can to ensure their privacy and security.

Data protection & GDPR

Our company attaches great importance to the protection of personal data. Therefore, we store this data exclusively on our cloud infrastructure in Germany to ensure that it meets the strict requirements of German data protection law and the GDPR.

The GDPR (General Data Protection Regulation) is an important data protection regulation in Europe that helps to protect the privacy and rights of individuals. By complying with this regulation, we can ensure that personal data of our customers is protected at the highest level and that we support our customers in their compliance with the GDPR.

Our cloud infrastructure in Germany provides a secure and reliable way to store and protect our customers’ personal data. We rely on state-of-the-art technologies and security measures to ensure that this data is safe and secure at all times.

By storing personal data exclusively on our cloud infrastructure in Germany under German law and in compliance with the GDPR, our customers can rest assured that their data is in good hands with us and that we do everything we can to ensure their privacy and security.

If personal data is processed as part of our services, Article 28 GDPR requires that you and we enter into a commissioned processing agreement. Please check carefully whether you process personal data with our provided services. If this is the case, we ask you to conclude the agreement with us.

By entering into this agreement, you are obligating us to comply with the requirements of the processor under Article 28 GDPR. This agreement can be presented in case of an inspection by your data protection supervisory authority.

You can download the PDF document on commissioned data processing here (only in German language):


Our company attaches great importance to the protection of personal data and compliance with the General Data Protection Regulation (GDPR). Therefore, we have created GDPR-compliant procedure directories for all internal procedures in which personal data is processed.

These procedure directories document all procedures in which personal data is processed, as well as the corresponding measures we take to protect this data. This includes, for example, information on the purposes of the processing, the data subjects and data categories, the recipients of the data, and the storage periods.

By creating these procedure directories, we can ensure that we carry out all internal procedures in accordance with the requirements of the GDPR and that we guarantee the privacy and rights of individuals at all times.

Our procedure directories are an important part of our data protection strategy and are regularly updated and reviewed to ensure they meet current legal requirements.

At cloudshift®, we are aware of our responsibilities and do everything we can to ensure the protection of personal data. With our GDPR-compliant procedure directories, our customers can rest assured that their data is in good hands with us and that we do everything we can to ensure their privacy and security.

When our customers outsource procedures to our cloud, it is important that they create GDPR-compliant procedure directories to ensure that personal data is processed in accordance with GDPR requirements.

For this reason, we offer our customers support in creating their own GDPR-compliant procedure directories upon request. Our experts are available to assist our customers in identifying and documenting all relevant procedures to ensure that all data processing operations comply with the requirements of the GDPR.

Our goal is to help our customers optimize their data protection strategy and ensure compliance with the GDPR. With our experienced experts and our proven processes, we can help our customers create GDPR-compliant procedure directories that meet their individual requirements.

By creating their own procedure directories, our clients can be confident that they are taking all the necessary steps to ensure the protection of personal data and ensure compliance with the GDPR.

We are proud to offer our clients comprehensive support in complying with the GDPR and optimizing their data protection strategy. Contact us today to learn more about how we can help you.

You have questions or need an individual offer?

Our cloud experts will be happy to answer your questions about the design, implementation and operation of your applications in the cloud. We look forward to your inquiry!

Talk to our expertsArrange phone appointment

hello@cloudshift.de

+49 69 17 53 73 46 - 0

Mon. till Fri. 9 a.m. till 5 p.m.

Clients who trust us

client logo
client logo
client logo
client logo
client logo
client logo
client logo
client logo
client logo
client logo