Cloud Security and Compliance

in Multi-Cloud Environments

What is a landing zone? A landing zone describes a securely configured cloud environment. It defines permissible project scopes, e.g. for dev or production environments. Policies for the connected cloud platforms can be set and selected during project creation. The landing zones are implemented using cloud-native tools such as Azure Blueprints or AWS Cloud Formation Templates.

Security by default for all clouds

  • Individual definition of policies
  • Consistent implementation of policies by Landing Zones
  • Best-Practice Landing Zones
  • Continuous Inspection of the Landing Zones
  • Roll-out of Landing Zone Updates
  • Auditable Access Logs (→IAM)
  • Integrated approval workflows, e.g. for role changes (→IAM)
Choosing Cloud Policy Sets (Landing Zones), while creating a Cloud Project

Secure Cloud Configuration: How Landing Zones work in meshcloud

Platform Operator Olivia can define landing zones for different project types.

Cloud Operators define and provide Landing Zones in Self-Service

Selecting appropriate landing zone for projects

When creating a meshProject, Team Lead Tom selects the appropriate landing zone.

The meshcloud platform configures the cloud tenants (→Tenant Management) according to the selected policies and continuously monitors their compliance.

The Landing Zones are applied to the created Cloud Projects, before providing Access to the Cloud Consoles

Reduce complexity with centralized cloud governance

Challenge – Heterogeneous organizational structures and lack of development resources

Cloud providers such as AWS, Azure or GCP pursue different concepts for the administration of accounts, users, access structures and costs. With a multi-cloud strategy, this heterogeneity leads to large administrative overheads: Internal organisational structures must be transferred to the respective concepts and administrative processes adapted accordingly. Often the necessary governance structures and specific platform know-how are lacking, which leads to uncontrollable shadow IT.

Solution – Central definition of organizational structures for all cloud platforms

meshcloud integrates all relevant cloud platforms out-of-the-box and supports the entire cloud project lifecycle: tenant (de-)provisioning, tenant configuration, user (de-)provisioning, resources (de-)provisioning. The organization is set up centrally on the platform and transferred to the connected platforms. New cloud platforms can be integrated easily.


Do you have any questions?

Give us a call. Our team is more than happy to support your cloud journey.

You can contact us here:
+49 69 3487 3587