Skaylink and AWS - the model for success

Security

As an Advanced Consulting Partner of Amazon Web Services (AWS), we have been showing companies the way to the cloud since 2012. Our teams combine technical expertise and experience in compliance, data protection and security. This enables us to build highly secure yet scalable AWS architectures. The permanent exchange with our strategic partner AWS enables us to find suitable cloud solutions for strictly regulated industries and highly sensitive data. We accompany our customers from the first use case to ongoing cloud operations and establish permanent compliance and security checks.

Security and freedom of action

AWS Security Architecture

With a focus on cloud migrations, we started building deep technical knowledge related to AWS in 2011. Already in 2012 we became “AWS Standard Consulting Partner” and in 2014 “AWS Advanced Consulting Partner”. Since then, we have successfully completed a large number of projects in the corporate environment of highly regulated industries and further developed our standardized approach to application migration. This has resulted in AWS best practices and AWS security architectures, which we regularly complete with our security expertise. Our customers want agility and performance of services as well as regulatory compliance for security and compliance. Our standardized approach successfully and reliably reconciles these customer requirements.

This approach includes, but is not limited to:

Scaling and monitored AWS account infrastructure that maps security-related and regulatory requirements
Fully automated provisioning of an application landscape isolated for the service
Necessary centralized infrastructure components, such as AWS KMS infrastructure, AWS Identity Management, Log Management, storage and evaluation of AWS CloudTrail or AWS Config – also fully automatically provisioned.
Service catalogs that provide centrally security-tested templates for application patterns, network architectures, and infrastructure services

Across the AWS infrastructure, a framework applies compliance checks to continuously review proven AWS best practices as well as the latest industry standards and benchmarks. Presentation and reporting are carried out via a central compliance dashboard.
Self-developed and low-maintenance solutions that address known security requirements for which there is no AWS service (e.g., URL filtering of outbound network traffic).

Three times safety as a principle

No manual intervention – ever!

We create and extend all templates and configurations of the infrastructures exclusively in code (“Infrastructure as Code”). We use AWS CloudFormation and other scripts to configure AWS resources and make changes and corresponding deprovisioning in the cloud services lifecycle. In this way, we ensure that the infrastructure complies with agreed and documented best practices and that adequate technical governance is guaranteed. Even individual requirements that you as a customer define yourself or with our help as a suitable framework for your AWS infrastructure can be met in this way.

Encrypt everything – always!

With our AWS architecture and custom configuration of AWS services, you are able to address the issue of encryption head on. Without large investments and preliminary projects, we enable you to easily apply Encryption-at-Rest and Encryption-in-Transit. With our approach, even comprehensive encryption architectures can be easily implemented. All components of the infrastructure are encrypted through the use of certificates (AWS ACM) and key management (AWS KMS). This includes CloudTrail logs, application logs, AWS Config logs, RDS logs, ELB logs, and communication between services and the corresponding storage structures of the platform. When using AWS services, we incorporate applications and infrastructures into the use of AWS KMS keys directly and as comprehensively as possible. User communication with the services involved is also encrypted through the use of certificates.

Security by Design – right from the start!

We develop and implement comprehensive secure environments according to customer requirements and current industry standards. The environments use encryption-at-rest, encryption-in-transit, ingress/egress traffic control, scaling, and system hardening by default. This is done from the very beginning and is called Security by Design. We provide these environments as templates in a centrally provisioned service catalog, making them available to application teams, for example. In addition, applications and services are validated against defined rules and standards in order to detect deviations or even correct them automatically. This enables automated security checks (security controls) and a permanent audit of the infrastructure without manual interaction.

name	Borlabs Cookie
Provider	Owner of this website
Purpose	Stores the settings of the visitors selected in the Cookie Box of Borlabs Cookie.
Cookie name	borlabs-cookie
Cookie expiry date	1 Year

name	HubSpot
Provider	HubSpot Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141, USA
Purpose	HubSpot is used to implement forms on our website.
Privacy policy	https://legal.hubspot.com/privacy-policy
Host(s)	*.hubspot.com, hubspot-avatars.s3.amazonaws.com, hubspot-realtime.ably.io, hubspot-rest.ably.io, js.hs-scripts.com

Accept	Google Analytics
name	Google Analytics
Provider	Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Purpose	Cookie by Google used for website analytics. Generates statistical data on how the visitor uses the website.
Privacy policy	https://policies.google.com/privacy?hl=en
Cookie name	_ga,_gat,_gid
Cookie expiry date	2 Years

Accept	Mouseflow
name	Mouseflow
Provider	Mouseflow ApS, Flaesketorvet 68, 1711 Kopenhagen, Dänemark
Purpose	Die Datenverarbeitung dient dem Zweck der Analyse dieser Website und ihrer Besucher. Dazu werden Daten zu Marketing- und Optimierungszwecken gesammelt und gespeichert. Aus diesen Daten können unter einem Pseudonym Nutzungsprofile erstellt werden. Hierzu können Cookies eingesetzt werden. Bei dem Webanalyse-Tool Mouseflow werden zufällig ausgewählte einzelne Besuche (nur mit anonymisierter IP-Adresse) aufgezeichnet. Hierbei entsteht ein Protokoll der Mausbewegungen und Klicks mit der Absicht einzelne Website-Besuche stichprobenartig abzuspielen und potentielle Verbesserungen für die Website daraus abzuleiten. Die mit Mouseflow erhobenen Daten werden ohne die gesondert erteilte Zustimmung des Betroffenen nicht dazu benutzt, den Besucher dieser Website persönlich zu identifizieren und nicht mit personenbezogenen Daten über den Träger des Pseudonyms zusammengeführt. Die Verarbeitung erfolgt auf Grundlage des Art. 6 (1) f) DSGVO aus dem berechtigten Interesse an direkter Kundenkommunikation und an der bedarfsgerechten Gestaltung der Website. Sie haben das Recht aus Gründen, die sich aus Ihrer besonderen Situation ergeben, jederzeit gegen diese auf Art. 6 (1) f DSGVO beruhende Verarbeitung Sie betreffender personenbezogener Daten zu widersprechen. Dazu können Sie eine Aufzeichnung auf allen Websites, die Mouseflow einsetzen, global für Ihren gerade verwendeten Browser unter folgendem Link deaktivieren: https://mouseflow.de/opt-out/
Privacy policy	https://mouseflow.com/privacy/
Cookie name	gtm.ct.mf

Accept	Google Ads
name	Google Ads
Provider	Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Purpose	Cookie from Google, which is used of Google Ads for Conversion-Tracking
Privacy policy	https://policies.google.com/privacy?hl=de

AWS

Microsoft

Data Center

Skaylink and AWS - the model for success

Security

AWS Security Architecture

This approach includes, but is not limited to:

Three times safety as a principle

No manual intervention – ever!

Encrypt everything – always!

Security by Design – right from the start!

1

No manual interventions

2

Encrypt everything

3

Design by Security

Do you have any questions for an expert?