ISO 27001 Conform Data Center - Certification by BSI 27001
What is ISO 27001 in compliance of IT Grundschutz?
The Certification according to BSI 2700 examines the Data Center in Hannover and its Management. Hierin sind alle Systeme und Prozesse enthalten, die zum Betrieb der Rechenzentrums-Infrastruktur, der Kundenverwaltung sowie der Leistungserbringung für die Co-Location notwendig sind. Die Anwendung von ISO 27001 The certification scope encompasses all systems and process Hostway Deutschland requires for the management and provision of data center services, including data center infrastructure operation, customer management, and service delivery.
The certification in accordance with ISO 27001 in compliance with IT-Grundschutz includes the control objectives and controls included in the Annex A of ISO/IEC 27001 and the corresponding implementation advice and guidance on the best practices from ISO/IEC 27002.
In preparation for the certification, Hostway Deutschland has undergone a multistage assessment process encompassing its Data Center and all related organizational procedures. This process is repeated periodically to maintain the certification status.
Essentially, this process includes the assessment of the following areas:
Advantages of an ISO 27001 certified Data Center in compliance to IT-Grundschutz
IT Security is gaining increased public attention. Due to the growing threat level, consumers and the public have become more sensitized to the need of adherence to data privacy and data security.
The ISO 27001 certification is a comprehensive security concept, which mirrors a company’s own business self-interest. Hostway Deutschland evaluates potential threat scenarios, and develops appropriate worst-case response actions. It is therefore reasonable to assume, that such certifications will play an increasingly important role in the assignment of security related projects, as a prerequisite for service providers.
Hostway Deutschland also prepares the customers concerning their own security requirements in relation to IT security regulation. The data privacy requirements and liabilities will become more demanding starting May 2018, due to the EU General Data Protection Regulation. This Regulation applies even more drastic violation penalties than the current German Federal Data Protection Act.
The certification does not only provide a legal safeguard. It also yields a security improvement with many entrepreneurial advantages: