Cologne, July 21, 2020 - The Cologne-based cloud company gridscale is now certified according to the strict international security standards ISO 27001 and ISO 27018.
The certifications cover all provisioning and operating aspects of the gridscale technology and range from the IaaS/PaaS platform, network connection and container orchestration up to the marketplace and all managed services.
The official certification was preceded by the company-wide implementation of a comprehensive management system for information security (ISMS) and the subsequent audit by an accredited ISO/IEC auditor, the German Quality Management Academy. This audit included all technical as well as process-oriented aspects in regard to the security and risk management of gridscale GmbH.
Compliance with demanding information security requirements
"Small and medium-sized companies in particular quickly feel hopelessly overburdened when it comes to topics such as DSGVO and data protection. Moving IT operations to the cloud helps companies to significantly improve both their IT security as well as their compliance with all legal requirements", explains gridscale COO Felix Kronlage-Dammers.
"With the new certifications, we clearly prove our expertise and operational excellence in handling customer data and can differentiate ourselves even more clearly from less qualified providers on the market. At the same time, our customers benefit from a significantly simplified verification process when their own information security measures are reviewed e.g. by public authorities or auditing associations.“
For clients, the ISO certifications ensure reliable compliance with high demanding, clearly defined quality standards. New insights are continuously integrated into the management system in order to continuously adapt the security measures to the latest developments and modified requirements.
Critical examination of certifications ahead of time
In this regard, Felix Kronlage-Dammers advises those interested in cloud computing to take a very close look during the selection process of their future cloud partner:
"Some IT service providers advertise with similar-sounding certificates or shy away from the high effort involved in introducing a comprehensive ISMS and therefore have only a very small part of their solution officially certified. Cloud customers should therefore always examine certifications critically in advance“
Further informationen: DIN ISO/IEC 27001
The DIN ISO/IEC 27001 standard defines an information security management system (ISMS). It is the most important cybersecurity certification for enterprises. The standard provides clear guidelines for the planning, implementation and control of information security. As ISO 27001 follows a holistic approach, it guarantees that the standard is applied across all hierarchical levels of the organization. It thus also helps to comply with the central requirements of financial auditors and various directives such as Basel II.
Further informationen: DIN ISO/IEC 27018
The ISO/IEC 27018 standard is based on the protective and monitoring obligations of the General Data Protection Regulation (GDPR) and defines monitoring mechanisms and measures to ensure the protection of personal data in a cloud environment in order to ensure GDPR-compliant contractual relationships. The standard also considers data protection requirements that already exist in other areas and adapts them specifically to information security risks in the area of cloud computing.
gridscale, IaaS and PaaS provider headquartered in Cologne, stands for easy-to-use and flexible cloud technologies. Via an intuitive interface, the IT infrastructure can be managed by people without in-depth IT know-how and a Kubernetes environment even facilitates the management of cloud-native workloads. Thousands of companies, agencies and managed service providers already rely on gridscale to implement and operate their digital projects – from high-traffic web shops to complex SaaS or enterprise IT solutions. White label options are available to resellers and with the gridscale software ‘Hybrid Core’ data center operators themselves can become cloud providers. gridscale with its about 100 employees is led by Henrik Hasenkamp and Felix Kronlage-Dammers.