In July and August 2022, a renowned international auditing firm audited and re-certified SEEBURGER’s Information Security Management System as per DIN EN ISO/IEC 27001:2017.
Information security in the cloud
Digitalization means that companies are dependent on their IT systems running smoothly and being secure. This also applies to companies that have outsourced parts of their IT systems to cloud providers. Clouds may be a mega-trend, but they are only feasible if backed by proven technical and organisational security measures.
Information security at SEEBURGER
ISO/IEC 27001 is widely used to assess the information security processes of companies and cloud providers. It has been regularly carried out at SEEBURGER since 2012.
The existence of an internal control system is also inspected under ISO/IEC 27002. ISO/IEC 27002 is part of the ISO/IEC 27000 series and contains recommendations for various control mechanisms to ensure information security.
In addition, we undergo an annual audit of the effectiveness of our internal control system under International Standard on Assurance Engagements (ISAE) 3402 SOC 1 type 2.
While formal compliance with ISO 27001 and ISO 27002 are not mandatory requirements for complying with current data protection legislation (EU GDPR), they are widely considered the basis of complying with data protection regulations.
Discover how SEEBURGER’s iPaaS integration service can give you maximum flexibility for your cloud integration needs.
The demands on information security are extremely high in today’s digital and globally networked world. Certification according to the internationally recognized ISO/IEC 27001 standard is proof that a company is able to guarantee information security at all levels. An independent organization of an internationally renowned auditing organization has audited and re-certified SEEBURGER’s Information Security Management System according to ISO 27001.
ISO/IEC 27001 – Successfully Audited by External Auditing Organization
Increasingly comprehensive requirements are being placed upon the information security of companies today – resulting from the pressure of the respective markets and industries, comparability with competitors, and the requirements of customers or legislation. Accordingly, companies must increasingly prove they can guarantee the secure and proper operation of their IT systems. This also applies to companies that have outsourced parts of their IT systems to external providers. In these cases, companies require their outsourcing providers to prove that their internal control system is functioning properly and that they can rely on the proper and secure provision of services.
In this context, the ISO/IEC 27001 Compliance Framework has emerged as a proven instrument for evaluating the information security processes of companies and outsourcing providers. The focus of ISO 27001 is on ensuring the availability, confidentiality and integrity of an organization’s information. These principles form the core of all current regulations relating to information. The framework covers the main specific requirements of existing data protection legislation and is widely accepted as a tool for compliance with EU data protection and privacy legislation.
Throughout July and August 2020, the independent auditing firm audited the information technology equipment, processes and solutions utilized to provide SEEBURGER Cloud Services. Particular attention was paid to the information systems that are directly or indirectly linked to the cloud services.
The audits and individual audits carried out on-site revealed:
SEEBURGER’s Information Security Management System fully meets the requirements of ISO/IEC 27001 certification.
ISO/IEC 27001 Certification – Statement of the SEEBURGER Chief Cloud Officer
Board member Dr. Martin Kuntz (Chief Cloud Officer), responsible for the strategically important cloud and web development, is pleased about the renewed certification:
“With the renewal of the ISO/IEC 27001 certificate, our customers receive confirmation from a neutral body that we at SEEBURGER offer the highest level of security.
The ISO/IEC 27001 standard is a normative framework. Although such frameworks define the characteristics of good processes, they do not prescribe how the processes are to be implemented in practice. It is still the responsibility of the company to define these in detail.
We at SEEBURGER therefore additionally orientate ourselves on the requirements of the BhSI (German Federal Office for Information Security) when defining the concrete processes. This is a descriptive framework that provides organizations and authorities with concrete security guidelines and measures to reliably protect their IT systems against human error, technical failure or attacks. We use the so-called BSI ‘Grundschutzkompendium’ to provide IT with appropriate guidelines. With continuing success, as it turns out.
I would therefore like to thank all our employees, who with their excellent know-how and prudence contribute to the secure handling of sensitive customer information on a daily basis. Their knowledge, skills and motivation are more in demand than ever – within the framework of ISO/IEC 27001, this applies especially to our IT staff.
Thanks to special qualification and continuous sensitization measures, we have a team on-board that lives information security entirely in the interest of our customers”.
ISO/IEC 27001- Certification creates trust among SEEBURGER customers
With this certification, SEEBURGER is creating the basis for lasting trust of its customers and business partners. They benefit from highly available, powerful and secure IT in every respect, which forms the basis of the company’s business activities and is the backbone of the employees’ reliable business relationships with customers and business partners. To this end, SEEBURGER invests continuously and with foresight in state-of-the-art hardware and software, communication and network components, and in employee training.
“The successful ISO/IEC 27001 audit is further proof of the high quality of SEEBURGER Cloud Services. It helps our customers to deal efficiently with a large number of compliance requirements. Maximum transparency, maximum security, reduced risks and proof of the maturity of our services create confidence in SEEBURGER’s professionalism and save our customers’ time and resources,” confirms Kuntz.
Get in contact with us:
Please enter details about your project in the message section so we can direct your inquiry to the right consultant.
Written by: Frank StegmuellerFrank Stegmüller is one of the two corporate information security officers at SEEBURGER and has been with the company since 2008. He has over 25 years of experience in service, support and information security for Enterprise Application Integration, EDI, B2B, MFT, API, ITSM and digital transformation - both on in-house systems and from the cloud. He is involved in the ISO/IEC 27001, ISAE 3402 (SOC 1) Type 2 and TISAX certification for SEEBURGER Cloud Services and knows all about the intricacies of compliant data centre operations in international environments.