All Lobster Cloud systems are hosted on Amazon Web Services (AWS) in European data centers. This page provides you with an overview of the available hosting regions, data residency implications, and relevant compliance information.
Available regions
Region | AWS region | Location | Availability |
|---|---|---|---|
Frankfurt, Deutschland | eu-central-1 | EU | Default region for all systems. Used unless otherwise specified. |
Zürich, Schweiz | eu-central-2 | Switzerland | Optional region for customers with Swiss data residency requirements. |
Info
Frankfurt is the default hosting region for all Lobster Cloud systems.
Region restrictions
System Type | Frankfurt (eu-central-1) | Zurich (eu-central-2) |
|---|---|---|
Standard systems | Yes | Yes |
High Availability | Yes | No |
High Availability upgrade | Yes | No |
DEV environments | Yes | Yes |
DMZ servers | Yes | Yes |
Info
Systems with the High Availability architecture are exclusively hosted in Frankfurt. Not all AWS services required for the HA architecture are currently available in Switzerland.
Data residency and sovereignty
Aspect | Details |
|---|---|
Data center locations | AWS Frankfurt (eu-central-1) and AWS Zurich (eu-central-2) |
Data ownership | All data stored in your Lobster Cloud environment remains your property at all times. |
Data isolation | Each customer system runs in a dedicated VPC with complete network separation from all other customers. HA customers also receive a dedicated account, due to the infrastructure differences compared to the standard system. |
Encryption at rest | All data is encrypted using AES-256 via AWS Key Management Service (KMS) |
Encryption in transit | All communication is encrypted using TLS 1.2 or higher |
Compliance
Lobster Cloud operates within a comprehensive compliance framework that covers both the Lobster organization and the underlying AWS infrastructure.
Lobster certifications
Certification | Scope |
|---|---|
ISO 27001:2022 | Information security management system covering the Lobster Cloud hosting environment |
ISO 27018 | Protection of personally identifiable information (PII) in public cloud environments |
ISO 9001 | Quality management system |
Regulatory compliance
Regulation | Status |
|---|---|
European General Data Protection Regulation (GDPR) | Fully compliant. Lobster acts as a data processor in accordance with Art. 28 GDPR. |
Swiss Federal Act on Data Protection (FADP) | Compliant for systems hosted in the Zurich region. |
Third-party service providers
Lobster uses a limited number of third-party providers for specific operational functions. No customer data leaves the EU/EEA/Switzerland.
Provider | Purpose | Data location |
|---|---|---|
AWS | Cloud infrastructure hosting | Frankfurt (eu-central-1) or Zurich (eu-central-2) |
Arctic Wolf | 24/7 Security Operations Center (SOC). Processes security logs and metrics only, no customer data. | EU data centers |
New Relic | Infrastructure monitoring | EU data centers |
PagerDuty | Incident management | EU data centers |
Choosing your region
The region is selected during the sales process and cannot be changed after your system has been provisioned. When choosing your region, consider the following:
Factor | Recommendation |
|---|---|
No specific data residency requirements | Frankfurt (eu-central-1). This is the standard region with the broadest service availability. |
Swiss data residency required by law or internal policy | Zurich (eu-central-2). Note that the High Availability architecture is not available in this region. |
High Availability required | Frankfurt (eu-central-1). High Availability architecture is only available in this region. |
Latency to your on-premise systems | Both regions are located in Central Europe. Latency differences between Frankfurt and Zurich are negligible for most integration workloads. |