Sensitive data in the cloud? We can lead the way
"On our Journey to the Cloud, it is especially important to us that we take all security and compliance requirements into account."
As a health insurance company, Sympany processes highly sensitive data. Because of this data, a cautious and clarified approach is essential. Sympany is at the beginning of its Journey to the Cloud and was primarily concerned with clarifying whether workloads can or should be operated on a hyperscaler such as Azure and, secondly, what technical measures should be taken to enable this step from a security perspective, among other things. This is where Swisscom's experience and know-how come into play. In addition to security, complexity and costs were also important points for clarification.
An assessment leads the way
In the four-day Microsoft Azure (Cyber) Security Assessment - one of Swisscom's Microsoft Solution Assessments - all the possibilities in Azure were demonstrated in order to be able to securely process and store data of the criticality described above. ln the first part, Azure and its opportunities were presented in general. The second part dealt in depth with the topics of compliance and Swiss legislation. Furthermore, the security technical possibilities of Azure were examined in detail - such as Azure Key Vault; Security Center; Azure AD with Conditional Access; lntune. Sympany gained insight into concepts and approaches (Azure Security Compass; Shared Responsability; Hub and Spoke Arch.), which can pave the way to Azure and thus simplify it. " Now we know how to get into the cloud securely and be in compliance with the applicable regulations, as well as how to stay there securely," says Aleksander Baumann, Head of lT Operations Sympany.
Continuing the journey to the cloud
Sympany's Journey to the Cloud now involves evaluating its existing applications and investigating which applications can be migrated to the cloud, when and with which accompanying security mechanisms. It is important to build up an understanding of different migration approaches and to weigh up the advantages and disadvantages of the different procedural variants - especially in the context of business impact. Finally, the right conclusions and decisions must be made in order to implement the Journey to the Cloud securely, sustainably and resulting in a business benefit.
Microsoft Solution Assessments by Swisscom - for every cloud-related requirement
Depending on the initial situation and digital maturity level, we conduct Microsoft Solution Assessments to examine numerous areas of Microsoft 365 and Azure. Essentially, we demonstrate how the path to the Microsoft Cloud or Azure can look best for your company in order to be ready now and in the future. From cloud beginners to cloud optimisers, our Microsoft Solution Assessments cover every cloud-related need.
Next Steps for Sympany
Possible next steps from the Swisscom Solution Assessment Portfolio would be
- The execution of a Starter Kit Assessment to analyse the use cases to be migrated,
- the Azure ROI Assessment for a clear analysis of the costs and benefits of migration in the cloud or
- The Azure Infrastructure Assessment to estimate migration costs.
If Sympany chooses a direct migration to Azure after the Microsoft Azure (Cyber) Security Assessment, the definition of Azure Governance and a Landing Zone in Azure would be the next step. Here, too, Swisscom can provide support with standard packages. A final step would be to move the applications to Azure via lift and shift or rather to approach the applications in an Application Modernisation approach, with which all the possibilities of the public clouds can be exploited.
Sympany Insurances Ltd.
Aleksander Baumann I Linkedin
Head of IT Operations
An article by:
Andreas Schmid
Principal Product Manager
More getIT articles
Ready  for  Swisscom 
Find the job or career to suit you. A career where you can make a difference and continue your personal development.
What you do is who we are.
