ISO/IEC 27001 Certification for our IT Systems

The BSI is Germany’s Federal Office of Information Security (Bundesamt für Sicherheit in der Informationstechnologie), the government agency responsible for IT security. It has certified indevis GmbH according to the international ISO/IEC 27001 norm based on its IT-Grundschutz IT security catalogues. The BSI certifies that the provision and operation of our Managed Services for the IT systems and processes as well as the two datacenters and the network and communication connections fully comply with international and national norms.

ISO/IEC 27001 Certification

indevis GmbH’s certified information network in Munich, with its branch office in Hamburg, handles all the fundamental services that are provided in the area of Managed Security, Managed Network and Managed Data Center Service Providing.

  • indevis Managed Authentication
  • indevis Managed Secure Access
  • indevis Managed E-Mail Security
  • indevis Managed Virtual Platform
  • indevis System Housing
  • indevis Tech Support, Hotline and Support for customers
  • Sales of hardware and software products in IT security
  • indevis Managed Mobile Device Management
  • indevis Managed WLAN

as well as operation of indevis GmbH. In the course of certifying MSSP services, the IT systems and processes required by indevis GmbH are examined as well as both data centers, including the network and communication connections that are made available to the clients.

The BSI is a civil high-level government agency overseen by the BMI, Germany’s Federal Ministry of the Interior (Bundesministerium des Innern). It is the central certification authority for IT systems in Germany and publishes the official IT security catalogues (the IT-Grundschutz), which contain recommendations for standard security measures for typical IT systems. The international ISO/IEC 27001 norm (Information technology – Security techniques – Information security management systems – Requirements) specifies the requirements for producing, introducing, operating, monitoring, maintaining and improving a documented information security management system while taking into account the risks within the entire organization. In particular, large companies and agencies as well as government organizations apply for ISO/IEC certification in order to give their clients, partners and citizens the assurance that their data is protected. ISO/IEC 27001 certification based on the IT-Grundschutz demonstrates that the certified systems in certified companies meet the requirements of ISO/IEC 27001 and also certifies that the requirements of the BSI’s IT-Grundschutz methodology have been successfully implemented. In particular, this ISO/IEC 27001 certification demonstrates that IT security is a very high priority in the certified company and that a specific level of IT security has been attained at the time of certification.

indevis GmbH has the goal of delivering Managed Security Services and outsourcing services at all times at the highest level. In awarding us the certification, the BSI indicates that we are especially good at operating our IT systems. We therefore have proof of effective and efficient IT security management in our company.

The security strategy gives direction select to a company’s IT security through the management. The security organization ensures that an infrastructure for guaranteeing information security exists. Information (data) represents a value that is measured and classified.

  • Personnel security: job descriptions, user training, behavior in security-relevant incidents
  • Physical security: systems, zones, measures
  • Operational security: processes and responsibilities, system planning and approval, network management, intrusion detection, virus and spam protection, etc.
  • Access security: user rights, access controls