Neckarsulm, 23.01.2024
Sovereign STACKIT Cloud with BSI’s C5, ISAE 3000 (SOC 2) and ISAE 3402 Certified
- STACKIT thus fulfills the minimum set requirements for secure cloud computing of the BSI
- International compliance and security requirements are also met with the additional ISAE 3000 (SOC 2) and ISAE 3402 certifications
Neckarsulm, January 23, 2024 – STACKIT, the sovereign German Cloud of Schwarz Digits, has received the C5 certificate of type 1 according to the criteria catalog “Cloud Computing Compliance Criteria Catalog” (C5) of the German Federal Office for Information Security (BSI) for the infrastructure stack. The C5 criteria catalog specifies the minimum requirements for secure cloud computing and is primarily aimed at professional cloud providers, their auditors and customers. In addition to the C5 certificate, STACKIT also provides the international standards ISAE 3000 (SOC 2) and the ISAE 3402 certificate, both of type 1. Thanks to this addition, European companies working with STACKIT also meet the international compliance and security requirements.
“We thus fulfill all the minimum requirements of the BSI for cloud security,” emphasizes Christian Müller, Co-CEO of Schwarz Digits. “We prove this status with our re-certification of the ISO 27001 certificate, ISAE 3000 and the C5 certificate. In order to satisfy the additional security requests made by customers, we also strive for other cloud certifications. This forms the basis of our vision for an independent digital Europe.“
C5 Certificate is Highest Rating in Cybersecurity
The C5 criteria catalog was published for the first time in 2016 by the German Federal Office for Information Security and has established itself successfully on the market in recent years. The C5 forms the basis for customers to conduct their own risk management, thereby offering cloud users important guidance when selecting a provider. In 2019, the C5 was revised fundamentally and finalized in January 2020 to address the current developments and to increase the quality even further.
International ISAE 3000 (SOC 2) and ISAE 3402 Certification
ISAE 3000 is the international compliance standard according to which companies can check and verify their security, accessibility, processing integrity, trustworthiness and data protection controls.
ISAE 3402 certification of the International Standard on Assurance Engagements (ISAE) is used by service providers as a recognized proof of correctness for the services they provide. It is regarded as a criterion for quality and a quality feature for differentiation in the market.