Mr. Ross, local managed services providers usually offer local hosting and managed cloud services. For data security and data protection, 60 percent of the companies surveyed preferred an MSP from Germany or the EU to one of the international hyperscalers. What is the truth of this assessment?
Thomas Ross: Most companies are rightly very sensitive about data protection and data security in the cloud. Some attach importance to their IT being operated exclusively in Germany – or at least within the EU. In this respect, the figures in the survey match our perception. There is a justified desire to protect one’s own data against all eventualities, for example in terms of personal rights and against industrial espionage.
How this goal is best achieved, however, must be evaluated on a case-by-case basis. For example, legal and regulatory requirements are often open to interpretation: Company A concludes that it may work with one of the major hyperscalers. After all, Microsoft Azure, Google Cloud Platform (GCP), and Amazon Web Services (AWS) have data centers in the EU – with certifications that prove they meet the required compliance specifications. So Company A outsources significant parts of its IT to the Azure cloud in Ireland. Company B has the same requirements, but rejects the Azure cloud because their own data protection requirements are not clearly applicable. In such cases, we are happy to advise and, if desired, can deliver our managed services exclusively from Germany. And if we work from abroad, we are still EU-DSGVO compliant.