With the SINA Cloud, Essen-based Secunet Security Networks AG is introducing the first cloud infrastructure solution in Germany whose security architecture is approved for classified information up to and including the SECRET classification level. A milestone has now been reached that proves that IT security in a cloud can also meet the high standards of a VS approval: The German Federal Office for Information Security (BSI) has already approved two of the three components of the SINA-Cloud Security Layer. According to Secunet, authorities that work with VS, as well as companies and organizations with increased security needs, will be able to benefit significantly from cloud transformation for the first time with the SINA-Cloud and make their IT infrastructure future-proof. The new solution can be seamlessly integrated into existing SINA installations. As Germany's leading cybersecurity company, Secunet is thus further expanding its ecosystem of sovereign cloud solutions.

Flexibly scalable

In contrast to cloud platforms that have been retrospectively hardened, the SINA cloud is flexibly scalable: the IT security architecture is designed in such a way that compliance with the security classification instructions (VSA) is maintained when extensions and updates are made to the cloud stack. At the same time, the high level of security does not result in any restrictions in terms of functionality for cloud services and applications. The technological basis of the SINA Cloud is formed by open-source components such as the proven OpenStack platform. This ensures transparency and avoids vendor lock-in. The security architecture of the new cloud offering uses the same encryption technology as Secunet's SINA high-security IT solution. SINA has been the de facto standard for handling digital VS in public authorities for many years.

Strict separation of information and processes

The multi-client capability of the SINA cloud makes it possible to process classified data and applications from several end customers or even different levels of secrecy (for open and VS-NfD) in accordance with the requirements of the VSA on one infrastructure. This is possible because the SINA Cloud keeps this information strictly separate thanks to its security architecture. This can benefit, for example, authorities or companies that work with several security domains or act as IT service providers for various departments, authorities or external bodies. The solution eliminates the need for physical separation, which considerably reduces administrative effort and IT costs.

IaaS solution in planning

The SINA Cloud will initially be available as an on-premises solution and operated directly in the customer's data center. In addition, Secunet plans to offer a SINA Cloud operated by Secunet as an IaaS (Infrastructure as a Service) solution from the second half of 2025. This will enable customers to save on the resources required for operation. In this variant, the solution will run in the sovereign, certified data center infrastructure of Secunet and its wholly-owned subsidiary SysEleven.

Turnkey solution

“Secunet is investing heavily in the cloud, and the SINA cloud is the latest result of these efforts,” says Axel Deininger, CEO of Secunet. “Now we can offer our customers in the public sector and companies that handle classified information a turnkey solution that once again revolutionizes the way they handle classified information while creating added value. Like all our cloud solutions, the SINA cloud is completely 'made in Germany' and thus strengthens digital sovereignty. The upcoming political upheaval in the US once again demonstrates the importance of this aspect. In addition, value creation, taxes, jobs and know-how remain in Germany. We will continue to pursue this path consistently and continuously expand our ecosystem.”