All blog posts
Category
5 min read

Secure and sustainable cloud transformation

Published:
18.03.2026
Last edited:
27.04.2026
Hannah Sandhaus, PCO and Tanja Kiellisch
Published on
11 Jan 2022
Abonniere jetzt unseren Newsletter
Artikel teilen

“Cloud services are a booster for digitization. ”

Cloud expert Tim Gravemann from IT service provider pco explains why a cloud is in parts more secure than an on-premise solution, what constitutes a secure and sustainable cloud transformation and how companies benefit from the cloud.

Tim, numerous companies are already using cloud services, others are still hesitating. Why should companies take the step into the cloud?

I am of the opinion that medium-sized companies in particular must continue to digitally transform themselves in the future and position themselves in a modern way. From our point of view, the path to the cloud is unavoidable. Medium-sized companies are currently operating more and more in dynamic and unpredictable markets. In order to remain fit for the future, companies today must engage with digital business models more quickly and be more adaptable in their processes.

What is different from, say, five years ago?

Examples of companies such as Uber or AirBnB, which have made long-established competitors look old with their concept, show how quickly new and digital business models can change industries. These are extreme examples. But during Corona, we saw what environmental influences can have on companies, for example. Without the use of cloud services, many companies would not have been able to continue working at this speed.

Compared to large companies, SMEs seem to be particularly under pressure when it comes to digitization.

Yes As a result of various influences, medium-sized companies in particular are quickly exposed to completely new competitive pressure that can disruptively change industries. Companies must therefore think more flexibly without sacrificing security.

We can even go a step further. In addition, from my point of view, the use of cloud technologies shows how innovative a company is. Especially in times of a widespread shortage of skilled workers — especially in IT — modern services and infrastructures provide a huge plus in recruiting “young professionals” who have completely different demands on their jobs.

The cloud is also at the forefront when it comes to sustainability. Companies currently have to comply with numerous political requirements. All cloud providers will rely on 100 percent renewable energy by 2025. In addition, cloud computing should become CO2-neutral by 2030 in accordance with EU requirements.

You see cloud transformation as an important step towards the future for your customers. How do you assess the current situation on the market?

Our current experience is that customer meetings are not about the question “whether the cloud is on,” but “when and with which services.” In doing so, we often find that our customers lack an overview of all relevant IT services and the underlying IT architecture. Because only when we know which IT services are involved can we provide a needs-based Sourcing or cloud strategy develop.

Cloud wird immer wichtiger

Jedes zweite Unternehmen investiert in diesem Jahr in die Cloud. 69 % der befragten Unternehmen planen 2024 oder später zu investieren.

Quelle: Bitkom Cloud Report 2023

Nevertheless, cloud transformation is still progressing very slowly overall.

Development is actually hampered by a number of obstacles that make it difficult to use new technologies. These include in particular the shortage of skilled workers, an insufficient technological basis, and compliance and governance requirements. In order to counteract these challenges, it is all the more important to relieve IT and to have the right partner or managed service provider by your side to assist with these projects.

Security concerns are also slowing down the transformation process. How secure is the cloud?

This is a big issue and our customers also have concerns from time to time. Customer meetings focus primarily on the topic of trust, including with regard to entrusting data to an American company, for example. It is particularly important that companies themselves also approach the issue of data security responsibly. After all, an important factor for the security of company data is how employees handle it. In addition to appropriate employee training and a clear security policy, a solution-oriented data protection specialist is also very important.

Top-Themen IT-Investitionen 2023

1. Cloud-Technologien und Services

2. Künstliche Intelligenz und Machine Learning

3. Cybersecurity

Quelle: Computerwoche IT-Trendmonitor

It is therefore not easy for many to choose the right cloud. Do you have any tips?

Choosing the right cloud is a very important aspect of data security. Die Microsoft cloud solution Azure is one of the leading solutions on the market and is also very popular with our customers. Microsoft's commitment and investments in data security speak for themselves and clearly show how Microsoft is making the cloud secure. I've brought a few numbers with me, should I throw them into the room or does that blow up the interview?

“Choosing the right cloud is a very important aspect of data security. ”

We're curious. Go ahead!

Microsoft has invested a total of 20 billion US dollars in data security over five years and employed around 8500 experts from 77 countries in the area of cyber security alone. In the age of a shortage of skilled workers, many experts are drawn to major manufacturers and service providers. As a result, companies are reliant on handing over topics and buying security services.

Every day, around 24 trillion security signals are processed by a team of analysts, which make predictions based on artificial intelligence, with impressive results: 9 billion endpoint threads, 31 billion identity threads and 32 billion email threads were blocked — the Microsoft platform is used, among other things, to collect telemetry data and detect anomalies worldwide. It's not just about cloud security. With the tools, there are also many on-premises and others cloud infrastructures supervised. Signals that Microsoft uses to make the IT world a bit more secure include IoT, Defender, but also AWS or other clouds.

Impressive figures, but how do I translate that now? Which mechanisms actually work in the cloud?

Should security problems actually arise, there are numerous security systems from the manufacturers to react quickly and restore protection. In addition, many mechanisms ensure access to company data: default protection, integrated two-factor solutions or conditional access solutions. This allows granular control over which users have access to corresponding data in the cloud and on-premises.

And especially when it comes to Microsoft technologies?

In the Microsoft cloud, for example, there are various mechanisms that encrypt data such as credit card information, passwords or other sensitive data. This data is automatically encrypted as soon as it leaves the company. There are also various warnings here that the corresponding users receive. Some of these mechanisms are included as standard in Microsoft plans and do not require complex configuration.

There are also quick and easy solutions for service resilience: SQL services, virtual machines that are provided in the cloud and ensure failures. In the on-prem sector, this will be significantly more expensive. In the cloud, a failure scenario can be easily built via a data center and the resources from the data center can be mirrored and duplicated from the data center to the cloud.

Let's complement these technical options with the growing progress of cloud-based AI technologies, it only seems to make sense for companies to address the issue of cloud and cloud security in order to free up resources for their core business.

In addition to technical options, regulatory challenges will also often play a role. Is there any news here that might make the journey to the cloud easier?

A significant innovation is the EU-US Data Privacy Framework (DPF for short), which has allowed data export to the USA since 10.07.23. This new data protection agreement with the USA enables easy use of M365. Companies and cloud providers must consider the following here: The DPF must be used as the basis for export, companies whose cloud services must be used, must be certified accordingly and it must be checked by the service that its data protection information and order data processing are also based on the DPF.

Of course, the principle of data economy should continue to be observed and, if possible, everything that is not required should be switched off and appropriate security measures should be established. In order to get an overview of which data flows where, you also need a data classification that can be implemented very well with the on-board tools of Microsoft 365 Business Premium, E3 and E5 as well as the corresponding Education and FrontlineWorker licenses.

“Responsibility for data security cannot lie solely with the cloud provider.”

You have just mentioned that your own employees can also pose a potential security risk. What do you mean by that?

Responsibility for data security cannot lie solely with the cloud provider, because it is often users who store data incorrectly or disregard security guidelines. In this regard, there is the shared responsibility model, which clearly regulates the responsibilities for the data and information to be stored.

You need to explain that in more detail.

In short: The cloud provider provides a secure location, i.e. the cloud — Users, or customers, are responsible for keeping the data and applications secure and organizing. Customers must therefore also be sensitized and guided as to how to handle their data. However, IT ensures that no data can be stored unencrypted and may add procedures such as “Bring your own key” or “hold your own key.” Here, the customer's IT can decide where the “key” to the data is: on-premise or in the cloud. This minimizes risk, or rather, increases cloud security.

Companies are therefore specifically facing the transformation into digital business models. Markets are becoming more complex and IT personnel are becoming ever fewer. Will there still be a way around cloud services in the future in order to be able to digitize securely?

In my opinion, the solution of the future is clearly: Cloud! Cloud services are a booster for digitization and create a secure basis in many areas. However, this does not necessarily mean migrating everything to the cloud, but finding the right middle ground or the right sourcing mix based on the IT and corporate strategy. Managed service providers such as pco can use their experience and expertise in this area to help companies operate these infrastructures. Because the most important thing now is to digitize securely and create trust. One of the slogans of our division is: If you don't move with the times, you move with the times. That's pretty straight to the point.

Thank you Tim.

The interview was published for the first time in issue 02/23 of our magazine data! You can find all issues and articles here:

Data! Magazine: Cloud Services, Data Analytics & AI | taod

Auf in die Cloud!

Mehr über Cloud-Sicherheit und nachhaltige Cloud-Migration erzählt dir das Team von pco gerne persönlich:

Zur pco-Website

Would you like to switch to cloud solutions?

Get in touch

Similar blog posts

To the article overview
Data Management, Tech & Tools

What can Microsoft Fabric do?

Microsoft Fabric — One year on: Our experiences with the all-in-one data analysis platform. From flexible data transformation to intuitive orchestration to practical insights from projects — we highlight the strengths, weaknesses, and possible uses of Fabric. Fabric offers exciting opportunities to efficiently map the entire data journey, especially for companies that rely on Microsoft technologies.

FMCG, Business Intelligence, Data Warehousing

FMCG data challenge

The FMCG market is fast, complex, and data-intensive. Manufacturers and retailers have enormous amounts of data. But only those who connect, analyze and translate them into intelligent decisions create real added value. Modern BI and data warehousing solutions turn raw data into actionable insights, improve category management, sales management and out-of-stock management, and thus ensure long-term growth.

Self-Service BI, Power BI, Tableau

Analyze easily, manage securely

How can the balancing act between data control by IT and the independence of specialist departments be achieved? Managed self-service BI combines the best of both worlds — with clear roles, technical structure and user training. This makes business intelligence scalable in the company.

taod Consulting GmbH logo
Stay up to date with our monthly newsletter. All new white papers, blog articles and information included.
Subscribe to newsletter
Get exclusive knowledge for your data projects. In our print magazine data! Experienced data experts report directly from the world of data.
Data! subscribe
Technologies
Power BItableauSnowflakeDatabricksAzureFabricdbt Labs
Ressources
blogwhite paperEventsData! magazine
More from taod
taod AI ServicesTaod Academy
Follow us
linkedin
instagram
Headquarter Cologne

taod Consulting GmbH
Oskar-Jaeger-Strasse 173, K4
50825 Cologne
Hamburg location

taod Consulting GmbH
Alter Wall 32
20457 Hamburg
Stuttgart location

taod Consulting GmbH
Schelmenwasenstrasse 32
70567 Stuttgart
Your contact with us

contact form
+49 221 97584970
info@taod.de
ImprintPrivacy statementTerms and conditionsAI guidelineAccessibility
A part of E113 group with Key point and RunHR
A part of the E113 Group
© 2026 all rights reserved