Experts in innovation strategies
English
  • Localized Websites

Technical Organization Measures

Technical Organization Measures

Technical Organization Measures

Each customer data is encrypted plus extra measures (During transmission and at rest). Passwords are secured in a comprehensive manner. The user password follows industrial secured standards.

Encrypt data at rest & Transmission:

  • Data is encrypted at rest and during transmission. No plain text is processed.

Password Hashing:

  • The password is hashed using state-of-the-art technology.

Monitoring and Protocols:

Overview of activities on resources:

  1. Asset Management and Configuration
  2. Audits and security analyze
  3. Detailed information on network processes
  4. Rule-based checks and actions for configuration
  5. Filtering and monitoring HTTP access to applications
  6. Data is transmitted via TLS

Access Control:

  1. Allow only authorized administrators, users, and applications
  2. Multi-Factor Authentication (MFA)
  3. Individually defined access to objects
  4. Authentication of API requests
  5. Geographical restrictions
  6. Temporary Access Tokens with Security Token Service

Data privacy:

  1. We provide our customers with the transparency of knowing where their data is stored, including the storage type and geographic storage region.
  2. We determine the security status of our customers' content and provide robust encryption of customer content during transmission and storage.
  3. We manage access to our customers' content, services and resources through users, groups, permissions and credentials controlled by the customers.

Security by Design:

  1. Forcing functions are to be created which cannot be overwritten by users without corresponding modification authorization.
  2. Establish reliable execution of controls
  3. Enable continuous real-time inspection
  4. The technical scripting of governance policies is performed

Our data centre provider holds recognised certifications and accreditations that demonstrate compliance with strict international standards. These include: ISO 27001 for technical measures, ISO 27017 for cloud security, ISO 27018 for cloud data protection, SOC 1, SOC 2 and SOC 3, PCI DSS Level 1, and certain EU-specific certifications such as the Catalogue for Cloud Computing (C5) and ENS High Requirements. Our data centre operator has also recently announced compliance with the CISPE Code of Conduct.