In our modern society, we depend on critical infrastructure every day. Whether it's energy, water, transport or healthcare – if these sectors fail, it's not just businesses that are affected, but entire societies. For the operators of these infrastructures, known as KRITIS companies, the smooth functioning of their IT systems is of central importance. Storage, the memory of every IT landscape, requires a strategic approach. A standard approach is not sufficient here.

What are KRITIS companies?

KRITIS stands for ‘critical infrastructures’. This refers to organisations and institutions that are essential to the functioning of society. The Federal Office for Information Security (BSI) has defined several sectors that are considered critical in its IT Security Act. These include, among others:

• Energy: electricity, gas and oil supply
• Health: hospitals and the supply of medicines
• Finance and insurance: banks and stock exchanges
• IT and telecommunications: Internet providers and data centres
• Transport and traffic: rail, aviation and logistics

A failure or disruption in any of these areas can have far-reaching consequences for public safety and supply. For this reason, KRITIS companies must take special measures to secure their IT infrastructure and make it resilient.

The heart of IT: why storage is so critical

The importance of storage systems is often underestimated. But without reliable data storage, even the most modern applications and networks are worthless. A storage failure can have far-reaching and sometimes dramatic consequences: patient data cannot be accessed in hospitals, control systems for power grids fail, or the entire payment system collapses.

What's more, the amount of data in these sectors is growing exponentially. Sensors, IoT devices, AI analyses – all of these require not only more storage space, but also intelligent architectures that are highly scalable, fail-safe and flexible.

Why professional support is essential

Operating storage systems in-house may be possible for small businesses, but for KRITIS operators, this approach involves enormous risk. Modern storage systems are complex, and a single error can have fatal consequences. This is where internal IT teams quickly reach their limits:

• Complexity: Solutions such as Ceph or software-defined storage are powerful, but also demanding in terms of configuration and maintenance.
• High availability: KRITIS systems must be available around the clock. 24/7 support is mandatory and can hardly be guaranteed by internal teams.
• Regulatory requirements: The IT Security Act 2.0 sets strict requirements. Without external expert know-how, these requirements are often difficult to meet.
• Emergency management: In the event of a failure, every minute counts. Those who do not have immediate access to specialised experts risk long downtimes with far-reaching consequences for society.

Professional support is therefore not a simple service, but a strategic necessity to ensure business continuity.

The pitfalls of proprietary solutions

Many KRITIS companies rely on proprietary systems from large manufacturers because, at first glance, they promise convenience and security. However, this approach has significant disadvantages that pose a high risk in the long term:

• Vendor lock-in: Companies become dependent on a single provider, which leaves them at the mercy of its pricing models and technological decisions.
• Cost explosion: The costs for licences and support contracts are often opaque and can rise sharply over time.
• Less flexibility: Proprietary systems are difficult to adapt to individual and often very specific requirements.
• Geopolitical risks: Dependencies on international providers can become a critical issue in times of sanctions or trade conflicts.

The strategic advantage of open source and vendor agnosticism

Open source solutions offer a compelling alternative. Not only are they more transparent and flexible, they also eliminate dependence on a single provider.

• Vendor agnosticism: An open source solution is not tied to the hardware of a specific manufacturer. This enables KRITIS companies to use the best hardware on the market and thus retain the freedom to obtain support from a specialised partner.
• Transparency and security: The open source code can be reviewed by experts worldwide. This increases trust and security, as potential vulnerabilities are found and fixed faster than with proprietary systems.
• Scalability and flexibility: Solutions such as Ceph are virtually unlimited in their scalability and can adapt to growing data volumes in critical environments.
• Cost control: The absence of expensive licence fees reduces the total cost of ownership (TCO). The budget freed up can be invested in highly qualified support.