Encrypt everything
in the cloud!

Achieving GDPR Compliance by implementing a consequent encryption strategy for personal data



Since the cancellation of the EU/US Privacy Shield, there has been great uncertainty for companies regarding the current situation regarding the use of public cloud services from vendors based outside the EU.

Nevertheless, the public cloud’s immense benefits prompt companies to move out of the classic static data centre environments and use public cloud services.

Our customer runs a well-know B2C online shop platform for specific electrical devices very successfully. He wanted to find out how he could use AWS core services in compliance with applicable data protection laws. Additionally, we expected support for the implementation and team empowerment.


Alice&Bob conducted an initial warm-up project with the client to get to know each other and the individual environment better.

Part of the workshop was to analyse the services used so far and the potential analysis for improvements regarding the security of personal data. AWS KMS and the migration to encrypted usage of S3, EBS, EFS, ElastiCache and Cloudfront was the main focus. Also, A&B identified further optimisation potential concerning suitable multi-account structures.

The decision was made fact-driven against a self-built landing zone and favouring the finished AWS service Control Tower.

In the second part of the collaboration, A&B implemented the developed measures and plans in cooperation with the customer.

Security is job zero. AWS offers the broadest security portfolio of all public cloud vendors on the market. The enablement to take advantage of those services and a joined security roadmap were additional key project results.

KMS, EC2, S3, EBS, EFS, CloudFront, ControlTower, Lambda

We saved the customer six months, leveraging the cloud security expertise of Alice&Bob.Company and provided confidence in cloud data privacy.


The client significantly improved their confidence and overall security level of their existing AWS cloud platform within only three months.

Education and enablement helped the client understand the consequences of the US-EU privacy shield termination and the resulting business consequences.

We removed blockers and allowed the customer to continue his cloud journey.

Alice&Bob.Company delivered the translation between regulatory requirements in cloud technology.

A key result was an asset server lightweight microservice implementation, integrating KMS with S3 and Cloudfront, providing high long-term value to the client.

At the beginning of the project, we were able to clarify many fundamental questions about KMS, AWS Organizations, multi-account structures, and IAM integrations with Microsoft AD in a workshop. That was an excellent start.


Get a detailed overview of your cloud architecture, with identified vulnerabilities and misconfigurations. You will also receive defined clear steps to fix and improve you overall security posture.

We’ve been the first AWS partner in DACH, focussing crystal clear on Cloud Security. We’re providing cloud security expert advice to C-level executives, management roles, product teams and engineers. We integrate and enable.