First Filesharing Solution Received ISAE 3000 Certification

The Enterprise File Sync and Share (EFSS) storage solution is a joint development by ownCloud GmbH and the Austrian cyminds GmbH and the first platform to meet the ISAE 3000 standard, making it suitable for customers in the financial and insurance industry, where sensitive data is frequently stored and processed.

The ISAE 3000 is an internationally standard that the German Bundesamt für Sicherheit in der Informationstechnik (BSI) has included in the series of minimum standards for testing information security when using cloud services.

The platform can be used to selectively display data on desktop computers or mobile devices. Companies and institutions working with sensitive data can use the file sync, file share and storage solution to securely store and synchronize all data, metadata and call records in a central data center.

The certification ensures that the data can be backed up effortlessly in accordance with legal requirements.

For the day-to-day operation of a bank, outsourcing means more flexibility and security for employees, customers and partners.

Low barriers to entry
“With this development, we are responding to growing customer demands and stricter legal requirements. Not only the upcoming DSGVO increases the data protection hurdles in the choice of cloud provider, but also the European financial supervisory authorities are aware of the risks and react with stricter regulations “, said Tobias Gerlinger, CEO, ownCloud, commenting on the cooperation.

For companies that want to use the new ISAE 3000 certified solution, the hurdles are rather small. cyminds takes over the implementation of the ownCloud application into the existing data management as well as the integration of security tools and processes. The advantage is that employees, customers and business partners can access, synchronize or share their files via a single interface – anytime, anywhere and from any device.

There are currently various security guarantees for cloud providers. The ISO/IEC 27001 and ISO/IEC 27018 standards are generally regarded as standardised security certifications for the cloud in Europe, but experts have criticized for some time that ISO 27001 does not allow statements on the level of data protection and data security, but merely states that the certified organisation takes the topic of information security seriously. In addition, there is widespread doubt that cloud certification to ISO/IEC 27018 is possible at all. This gap is closed by ownCloud and cyminds with their certified storage solution.