16.01.2020

Internal messages

Technical and organisational measures for data security

If your application is hosted by us, our data centre partner will implement the following technical and organisational measures. These measures ensure that data collected for different purposes is processed separately:

Earmarking and separability

  • physically separate storage on separate systems or data carriers

  • Logical client separation on the software side

  • Authorisation concept

  • Encryption of data records that are processed for the same purpose

  • Providing data records with purpose attributes / data fields and signatures

  • pseudonymised data: Separation of the allocation file and storage in a separate and secure IT system

  • Internal multi-client capability of the system

  • Functional separation of production and test system

Confidentiality and integrity

The following measures ensure the confidentiality and integrity of the processor's systems:

Encryption

The client's data is encrypted in accordance with the order.

Pseudonymisation

Pseudonymisation means that the personal data is processed in such a way that the data subject cannot be identified without additional information (e.g. use of fantasy names that cannot be assigned to a specific person without additional information).

Pseudonymisation is carried out in the following manner:

Personal data is kept strictly separate from customer master data and sales data. Where possible, personal data is encrypted during electronic transport.

Access control

The following measures are taken to prevent unauthorised persons from gaining access to the data processing systems with which personal data is processed or used:

  • Alarm system

  • Camera monitoring and recording with infrared system

  • Automatic access control system with biometric access data via fingerprint reader

  • Logging of all inputs and outputs

  • Subdivision of the areas into 3 access-protected rooms

  • Access is exclusively through locks

  • there is staff on site 24×7

  • Separate and secure rooms for batteries, UPS and power supply

  • Automatic access control system with chip card

Access control

The following measures are taken to prevent unauthorised third parties from using the data systems:

  • Assignment of user rights and creation of a user master record for each user

  • Creation of user profiles

  • Differentiated authorisations (profiles, roles, transactions and objects)

  • Password assignments

  • Password guidelines (regular change, minimum length, complexity, etc.)

  • Automatic locking (e.g. password or pause function)

  • Authentification with user name and password

  • Assignment of user profiles to IT systems

  • Use of VPN technology for data transmission

  • Locking external interfaces (USB etc.)

  • Security locks

  • Key regulation (key issue etc.)

  • Personnel check at the gatekeeper / reception

  • Logging of visitors

  • Careful selection of cleaning staff

  • Careful selection of security personnel

  • Carrying authorisation cards is not permitted

  • Use of intrusion detection systems

  • Use of anti-virus software

  • Encryption of data carriers in laptops / notebooks

  • Use of a hardware firewall

  • Use of a software firewall

Access control

The following measures have been taken to ensure that those authorised to use a data processing system can only access the data subject to their access authorisation and that personal data cannot be read, copied, modified or removed without authorisation during processing, use and after storage:

  • Authorisation concept

  • Management of rights by system administrator

  • Regular review and updating of access rights (especially when employees leave the company or similar)

  • Number of administrators is reduced to the "bare minimum"

  • Password policy incl. password length, password change

  • Logging of access to applications, in particular when entering, changing and deleting data

  • Secure storage of data carriers

  • Physical erasure of data carriers before reuse

  • Proper destruction of data storage media (DIN 66399)

  • Use of document shredders or service providers (if possible with a data protection seal of approval)

  • Logging of the destruction

  • Encryption of data carriers

Input control

The following measures can be used to subsequently check and determine whether and by whom personal data has been entered, changed or removed from data processing systems:

  • Logging the entry, modification and deletion of data

  • Create an overview showing which applications can be used to enter, change and delete which data.

  • Traceability of data entry, modification and deletion through individual user names (not user groups)

  • Storage of forms from which data has been transferred to automated processing Assignment of rights to enter, change and delete data on the basis of an authorisation concept

Order control

The following measures ensure that personal data processed on behalf of the client can only be processed in accordance with the client's instructions:

  • prior review and documentation of the security measures taken by the processor

  • Written instructions to the processor (e.g. through an order processing contract)

  • Obligation of the processor's employees to maintain data secrecy

  • Processor has appointed a data protection officer

  • Ensuring the destruction of data after completion of the order

  • Effective control rights agreed with the processor

  • Ongoing review of the processor and its activities

Transport and transfer control

The following measures ensure that personal data cannot be obtained or accessed by unauthorised persons when it is passed on (physically and/or digitally):

  • Use of VPN tunnels

  • Logging system

  • Interface analysis

  • Encryption of the communication channels

  • Encryption of physical data carriers during transport

  • Transmission with electronic signature

  • Transport lock

Availability, recovery and resilience of the systems

The following measures ensure that the data processing systems used function properly at all times and that personal data is protected against accidental destruction or loss:

  • Redundant uninterruptible power supply (UPS), Green-Power UPS systems from Socomec

  • Two separate power feeds through 2 sub-distribution boards in each rack

  • 10kw power consumption per rack and more possible

  • Emergency power supply from 1000kVA diesel generators

  • Direct neighbour of the transformer station

  • 3-level surge protection - coarse protection in main distribution board, medium / fine protection in sub-distribution boards, optional additional protection via customer's own power connection strips

  • VESDA system for early detection of smoke development

  • CO2 fire extinguisher immediately to hand in all areas

  • VDS alarm systems

  • Direct alerting of technical staff on site and external employees

  • Air conditioning of the server rooms with a mixture of direct and indirect free cooling

  • Cold water supply with energy-saving units from Emerson Networks

  • Air exchange with the latest generation of devices from Weiss Klimatechnik

  • Devices for monitoring temperature and humidity in server rooms

  • Protective socket strips in server rooms

  • Alarm message for unauthorised access to server rooms

  • Creation of a backup & recovery concept

  • Testing data recovery

  • Creating an emergency plan

  • Storage of data backups in a secure, off-site location

  • Robust data backup and recovery concept in place

  • Data backup measures (physical / logical)

  • Backup procedure

  • Mirroring of hard disks using the Raid method

  • Use of a monitoring programme

  • Permanent monitoring of proper functionality

  • Use of CWDM technology for high bandwidth scaling

  • Routing through modern Juniper routers

  • Coreswitching with modern Cisco switches

  • Uplinks optionally in 100Mbit, 1GBit or 10GBit

  • Redundant network supply through numerous carriers such as Tiscali International or Deutsche Telekom

  • Peering connections at various exchange points such as DECiX, AMSiX, KleyReX, ViX and NIX

Special data protection measures

These have been submitted in writing:

  • Internal rules of behaviour

  • Risk analysis

  • Data protection impact assessment

  • Data security concept

  • Restart concept


Review, evaluation and adaptation of existing measures

The Processor shall review, evaluate and, if necessary, adapt the technical and organisational measures set out in this Annex at intervals of one year and as required.

See also

All other contributions