artegic to receive company-wide data security certification according to ISO/IEC 27001

artegic AG, pro­vi­der of tech­no­lo­gy and con­sul­ting for online CRM, recei­ve cer­ti­fi­ca­ti­on for their com­pa­ny-wide infor­ma­ti­on secu­ri­ty manage­ment sys­tem accord­ing to ISO/IEC 27001 through TÜV Rhein­land. This makes artegic one of the first inter­na­tio­nal pro­vi­ders in the email mar­ke­ting sec­tor, who has been awar­ded this inter­na­tio­nal stan­dard for IT secu­ri­ty. The cer­ti­fi­ca­ti­on docu­ments the ful­fil­ment of the hig­hest deman­ds on avai­la­bi­li­ty, con­fi­den­tia­li­ty and inte­gri­ty of infor­ma­ti­on pro­ces­sing in all com­pa­ny pro­ces­ses of artegic.

Growing international demand on IT security

The num­ber of collec­ted data and data pro­ces­sing app­li­ca­ti­ons is drasti­cal­ly increa­sing in online mar­ke­ting. This trend was con­fir­med by cur­rent stu­dies, e.g. by IBM. Infor­ma­ti­on often inclu­des high­ly sen­si­ti­ve data, e.g. per­so­nal user data, which com­mits com­pa­nies to a par­ti­cu­lar­ly respon­si­ble hand­ling. Fur­ther­mo­re, the users’ trust in the secu­ri­ty of their data, as well as the legal secu­ri­ty in data pro­ces­sing tasks have beco­me cen­tral com­pe­ti­ti­ve fac­tors for com­pa­nies. The signi­fi­can­ce of data pri­va­cy does not only beco­me evi­dent in the gro­wing inte­rest of the public and legis­la­ti­on, com­pa­nies reco­gnise data pri­va­cy as an important and cen­tral task. Accord­ing to a cur­r­ent­ly held stu­dy by Deut­sche Tele­kom, 84%  of IT experts view the signi­fi­can­ce of data pri­va­cy as important or very important for the eco­no­my and socie­ty.

ISO/IEC 27001 is the international standard for information and data security

ISO/IEC 27001 is the inter­na­tio­nal norm to eva­lua­te and cer­ti­fy the manage­ment of infor­ma­ti­on secu­ri­ty pro­ces­ses in com­pa­nies. Apart from the infor­ma­ti­on tech­no­lo­gy, ISO/IEC 27001 obser­ves the rele­vant busi­ness pro­ces­ses and descri­bes the requi­re­ments on the orga­ni­sa­ti­on and on tech­ni­cal sys­tems, as well as activi­ties, which are sui­ta­ble to gua­ran­tee the secu­ri­ty level iden­ti­fied on the base of a risk ana­ly­sis, in the long term.

The infor­ma­ti­on secu­ri­ty inclu­des the fol­lo­wing aspects: con­fi­den­tia­li­ty (ensu­ring that only aut­ho­ri­sed access is pos­si­ble), inte­gri­ty (ensu­ring that data is com­ple­te and cor­rect and data pro­ces­sing works relia­b­ly), avai­la­bi­li­ty (ensu­ring that the aut­ho­ri­sed access to infor­ma­ti­on and the com­pa­ny values lin­ked to this, are gua­ran­teed).

artegic certified company-wide for integrated IT security management

Online CRM pro­vi­der artegic AG has now been cer­ti­fied accord­ing the to the inter­na­tio­nal stan­dard for infor­ma­ti­on and data secu­ri­ty ISO/IEC 27001 in a com­pre­hen­si­ve audit through TÜV Rhein­land. During this cer­ti­fi­ca­ti­on accord­ing to ISO/IEC 27001, the infor­ma­ti­on secu­ri­ty manage­ment sys­tem was exami­ned. This exami­na­ti­on inclu­ded the hand­ling of infor­ma­ti­on risks, phy­si­cal and envi­ron­ment-rela­ted secu­ri­ty mea­su­res, deve­lop­ment and main­ten­an­ce of infor­ma­ti­on sys­tems, as well as the manage­ment of secu­ri­ty rele­vant events and the orga­ni­sa­ti­on of com­mu­ni­ca­ti­on wit­hin the com­pa­ny.

The pro­cess-ori­en­ted approach of ISO/IEC 27001 metho­di­cal­ly crea­tes the com­pa­ti­bi­li­ty with the DIN EN ISO 9000 fami­ly.

“The demand on data pri­va­cy and data secu­ri­ty in com­pa­nies is con­ti­nu­al­ly gro­wing. Inter­na­tio­nal norms, such as ISO/IEC 27001, help to com­pre­hen­si­ve­ly ana­ly­se and imple­ment infor­ma­ti­on secu­ri­ty manage­ment sys­tems. The cer­ti­fi­ca­ti­on docu­ments the suc­cess­ful and las­ting imple­men­ta­ti­on of a high ISMS stan­dard and pro­vi­des for secu­ri­ty and con­fi­den­tia­li­ty through the inde­pen­dent and well-esta­blished check car­ri­ed out by TÜV Rhein­land. We are exci­ted that more and more medi­um-sized com­pa­nies, such as artegic AG, take this important step,” says Tho­mas Koner­mann, Exe­cu­ti­ve Board Mem­ber of TÜV Rhein­land Cert GmbH.

“artegic has been ori­en­ta­ting its­elf on the stan­dards of the Ger­man Federal Office for Infor­ma­ti­on Secu­ri­ty (Manu­al for Basic IT Secu­ri­ty) and the ISO/IEC 27001 for soft­ware, IT ope­ra­ti­on, com­pa­ny pro­ces­ses and infor­ma­ti­on pro­ces­sing. We are delight­ed that we have now been awar­ded the cer­ti­fi­ca­ti­on through the TÜV Rhein­land for our inte­gra­ted IT secu­ri­ty manage­ment,” exp­lains Jörg Sayn, CTO, artegic AG
“With the cer­ti­fi­ca­ti­on through the TÜV Rhein­land, we docu­ment our suc­cess­ful prac­tice and our high deman­ds in regard to secu­ri­ty of data and infor­ma­ti­on pro­ces­sing. Our custo­mers bene­fit from the evi­dence of a spe­cial qua­li­fi­ca­ti­on in the con­text of custo­mer data pro­ces­sing, as well as the ful­fil­ment of inter­na­tio­nal com­pli­an­ce requi­re­ments,” adds Ste­fan von Lie­ven, CEO, artegic AG.