T-Systems will offer External Key Management for customers using AWS Cloud. The new service will see T-Systems authorize and manage access to data on behalf of its customers. T-Systems is an AWS Premier Consulting and Security Competency Partner.
The Deutsche Telekom business customer subsidiary will create and store the encryption keys in its EU-based data centers, outside of AWS infrastructure.
External Key Management offers customers an added level of control over their data. This is especially relevant for organizations based in the EU that wish to run sensitive workloads in the cloud. Encryption keys are created and stored on modern certified hardware that is solely owned and hosted by T-Systems in its own data centers.
T-Systems ensures end-to-end performance, confidentiality, availability and integrity of the external encryption keys for its customers’ data in the AWS Cloud. Customers have full control and visibility over key creation, location and distribution. These processes are seamless and can be used with over 100 different AWS Services.
The solution was trialled amongst a select group of clients. “The results of these tests were positive,” explains Martin Hignett, Chief Technical Officer at SaaS provider ITONICS. “The External Key Management solution enables us to encrypt our data with encryption keys managed inside the EU, in compliance with Schrems II.”
“The External Key Management solution underscores T-Systems’ commitment to delivering high standards of compliance and privacy for European industry and the public sector,” explains Telekom Board of Management member and T-Systems CEO Adel Al-Saleh. “This valuable addition to our cloud portfolio strengthens our collaboration with AWS and our customers’ access to a multi-cloud landscape tailored to their needs.”
With External Key Management by T-Systems, organisations in the EU will continue to benefit from the security, speed, innovation and breadth of services AWS offers, combined with the confidence that best practices for data protection in the cloud are adequately implemented. The service is a new addition to Data Protection as a Managed Service, which T-Systems announced in March 2022.