Cloud Security and Compliance

Consistent security across cloud platforms

What is a cloud landing zone?

A cloud landing zone describes a securely configured cloud environment. It defines permissible project scopes, e.g. for dev or production environments. Policies for the connected cloud platforms can be set and selected during project creation. The landing zones are implemented using cloud-native tools such as Azure Blueprints or AWS Cloud Formation Templates.

What are the benefits of using cloud landing zones?

Cloud landing zones enable organizations to establish a preventive cloud security approach. Configuring cloud tenants before handing them out to DevOps teams, has many benefits:

  • It prevents misconfigurations of cloud environments, e.g. missing encryption
  • It relieves DevOps teams from manual set up steps for cloud tenants
  • It unifies the security level of a large number of cloud tenants, leading to more consistency and transparency
  • It enables cloud management teams to ensure a certain level of control on the infrastructure, while providing DevOps teams with autonomy within the clouds

Security by default for all clouds

  • Individual definition of policies
  • Consistent implementation of policies by Landing Zones
  • Best-Practice Landing Zones
  • Continuous Inspection of the Landing Zones
  • Landing Zone Lifecycle (e.g. Edits, Updates, Deletion)
  • Auditable Access Logs (→IAM)
  • Integrated approval workflows, e.g. for role changes (→IAM)
Choosing Cloud Policy Sets (Landing Zones), while creating a Cloud Project

Secure Cloud Configuration:
How Landing Zones work in meshcloud

Platform Operator Olivia can define landing zones for different project types.

Cloud Operators define and provide Landing Zones in Self-Service

Selecting appropriate landing zone for projects

When creating a meshProject, Team Lead Tom selects the appropriate landing zone for each cloud platform.

The meshcloud platform configures the cloud tenants (→Tenant Management) according to the selected policies and continuously monitors their compliance.

The Landing Zones are applied to the created Cloud Projects, before providing Access to the Cloud Consoles

To dive deeper into the spheres of cloud security, have a look at our comprehensive guide on multi-cloud security and compliance in the meshBlog.

Cloud Security and Compliance Guide

Security and compliance for all your cloud projects

Challenge – Lack of know-how to implement compliance guidelines

In most cases, development teams are responsible for the implementation of regulations and policies in consultation with compliance and security teams. As a result, policies are implemented differently and are subject to a complex and resource-intensive review process. This makes it difficult to use new technologies, and valuable development resources are lost. In addition, compliance with policies is difficult to control in the long term, especially in multi-cloud environments.

Solution - Uniform security level for all cloud accounts

With meshcloud, policies can easily be rolled out across clouds via landing zones. This enables a consistent implementation of secure operating concepts. An example: Limit cloud regions by default to ensure data storage in Germany or Europe or exclude non-GDPR-compliant services from use.

Do you have any questions?

Give us a call. Our team is more than happy to support your cloud journey.

You can contact us here:
+49 69 3487 3587