A few years ago, an executive shared a story with us. He was talking about how he had transported his company’s data via armored truck from one corporate site to another to ensure there were no data leaks. There was no mode of electronic data transfer deemed safe enough. But perhaps the more interesting point is how commonplace those kinds of security practices are here in Germany.
As the founder and head of product management of a German data cloud company, GTS, we could not do business without security being top of mind. And with the growing adoption of AI, we have heard many concerns about data protection and infrastructure security across the MLOps lifecycle, especially when cloud data centers are located in other countries and continents.
That’s one reason we launched the GTS DSready Cloud, hosted at our data center in Germany. By meeting the strict standards here at home, we can fulfill an unmet need in Germany for safe cloud services and build trust across Europe and beyond.
Our DSready Cloud platform brings together the tools, technologies, compute, and collaboration capabilities in the cloud to address the many hurdles organizations must jump over to deploy data science capabilities at scale. We’ve bundled Domino Data Lab’s enterprise MLOps platform as a core component of the DSready Cloud, helping clients accelerate model velocity and bring innovative AI-driven products and applications to market much more quickly.
We looked at many data science platforms—Kubeflow, H20.ai, Anaconda, and Dataiku—before choosing Domino to underpin DSready. None of the other tools matched Domino’s enterprise capabilities, its ease-of-use, and, importantly, its security.
Beyond using only German data centers for our hardware, DSready addresses three critical areas of cloud security that companies struggle with: data ownership, server security, and encryption. With the DSready Cloud and Domino:
- Companies retain full control of their data. Many cloud solutions need their clients to store data on a local drive in the cloud, in essence relinquishing control of their data to the cloud provider. But countries like Germany or Switzerland are very protective about their data and can’t use such services. Using the S3-connection feature in Domino gives us the capability to connect their S3 bucket with our system without having ownership of the data. They can use our infrastructure. They can use our machines. They can use the Domino environment. The data travels from their data center into ours and back, but it is never actually stored within our compute nodes. That is a massive advantage that Domino brings.
- Companies gain the highest level of access protections. Domino’s authentication service offers two crucial capabilities. First, its Keycloak integration enables companies to set up a chain of security criteria that must be met to access the platform. This capability allows organizations with fine-grained controls on their authentication and authorization to match even the strictest requirements for passwords, multi-factor authentication and more. Many organizations would not feel comfortable using a cloud-based platform without this level of security. The second is the SSL/TLS connection, which of course is common, but in this instance Domino has taken it to a deeper level. With Domino, companies can secure the interconnection within the Kubernetes cluster via mutual TLS so that not even us at GTS, who have administrative rights over the Kubernetes cluster, can look into the data traffic or their Domino platform within our systems without our actions being detected. It’s a feature we haven’t seen from other data science platform providers, and it helps make the platform more complete from our perspective. On top of this, we integrate Domino’s logging and monitoring capabilities within our internal cloud monitoring systems, and provide clients with reports to validate these security mechanisms are working.
- Companies get super strong encryption. Within Domino, data is encrypted both “at rest”, during transit between users’ machines, and between all parts of the Domino platform using industry-standard cryptography. We’ve also secured our servers with several layers of encryption, using a 4,000-bit key for some of those layers. Many people might think a 4,000-bit key is a bit overboard. But anyone who knows us knows we’re a bit nuts about encryption, and we feel it’s important to show our clients that we take the security of their data seriously.
Domino’s enterprise-grade security is one of the many reasons we love the Domino platform (and we don’t use the word love lightly around here). Domino is not only as obsessed about security as we are, they are also as obsessed as we are about helping companies solve their data science challenges. Domino has put a lot of thought into both the front-end of their platform, to make it easy and intuitive for teams to use, and the back-end, providing the full suite of capabilities that data scientists, IT, and business users need to accelerate development and deployment of models. Regardless of what tools and capabilities we add to our DSready ecosystem, we know we have a safe and robust platform with Domino for teams to work in so they can spend their time on solving business challenges rather than on overcoming technical challenges.
- Tune into the webinar: Next Generation Data Science in a Secure Cloud.
- To learn more about Domino’s enterprise-grade security, read the blog “Domino 4.3 Reflects our Dedication to Enterprise-Grade Security.”
- To learn more about the GTS DSready Cloud, visit: dsready.cloud