The German Federal Office for Information Security (BSI) has summarized various requirements for cloud providers in the Cloud Computing (C5) requirements catalog. According to these requirements, DRACOON, the market leader in enterprise file sharing in the DACH region, has now also been certified. The certificate was handed over last week at the it-sa, Europe's leading IT security fair.
Especially for public authorities and public institutions the specifications, which are queried by the catalogue, play a major role in the decision making process. In C5, the BSI defines the obligations and requirements that cloud providers must meet with regard to information security. Testing may only be carried out by an auditor as an independent third party. In this context DRACOON was audited by the auditing company PricewaterhouseCoopers (PwC).
"With DRACOON we have audited a German cloud provider according to BSI C5. We are pleased that DRACOON has relied on the know-how of PwC, which we as developers of BSI C5 contribute to the respective projects", Markus Vehlow, Partner at PwC Germany and responsible for Trust & Transparency Solutions, assesses the past audit.
BSI attaches great importance to transparency in its assessment. During the audit, DRACOON had to provide a comprehensive system description and also present so-called environment parameters that provide information on all certifications, disclosure and investigation obligations towards governmental authorities, service provision, data location and court location.
"Every company and every institution faces the challenge of storing, managing and sharing data digitally in a secure manner. With DRACOON we want to give back to the world the sovereignty over its data. For us, the BSI C5 testing is an important step to make decision-making much easier, especially for institutions from the public sector", Marc Schieder, CIO of DRACOON, underlines the importance of the completed test procedure for the SaaS company from Regensburg. "Customers can now quickly and easily determine whether a cloud service complies with legal regulations, especially the DSGVO, their own guidelines or the risk of industrial espionage", Schieder continues.
PwC sees it as its job to build social trust and solve important problems. More than 276,000 employees in 157 countries contribute to this with high-quality, sector-specific services in the areas of auditing, tax and management consulting. The term PwC refers to the PwC network and/or one or more of the legally independent network companies.
Further details are available at www.pwc.com/structure.