Digitization is currently occupying companies like no other topic. However, it is also increasing the risks of attacks on digital data. Companies are increasingly becoming targets of cyberwarfare and need to protect themselves against it
doubleSlash—is itself an expert when it comes to the digitalization of company processes—has therefore undergone the certification process. The aim is to protect the company's own sensitive information, such as project and development data, customer data and personal data in accordance with the German Federal Data Protection Act .
The basis for this certification was the introduction of an information security management system (ISMS). This is based on a risk analysis involving all stakeholders such as customers or internal departments such as Human Resources, Occupational Health and Safety or IT. The resulting measures to avoid risks are then implemented as part of the introduction of an ISMS. Similar to other management systems, a control cycle is run through which continuously assesses risks in the area of information security and initiates appropriate countermeasures.
Certification creates trust and security
The ISMS strengthens and standardizes the security of information throughout the company. Whether theft, Trojans or system errors—the measures keep the risk of damage to or loss of information as low as possible
Certification also creates trust among existing and new customers, applicants and employees. This is because we also consistently protect their sensitive information, which we process as part of various processes, to a very high standard. Some companies even require certification from service providers—it creates international comparability and is a sign of reliability and delivery capability
Information security as a holistic process: from inventory to management style
The introduction of an ISMS requires that all measures required by the standard are evaluated and implemented accordingly. This ranges from the inventory of all company assets and the classification of information to the adaptation of organizational processes and management style. "This process is not completed with the establishment of the system—it must be lived and continuously improved," says Information Security Officer Elias Freitag, who accompanied the certification on the part of doubleSlash. "The ISO 9001:2008 quality management system (QMS) that we have had in place for several years has helped us a lot, because we were able to build on it."
Well positioned for the future in terms of security
The introduction of the ISMS not only reduces risks in the area of information security. Companies are also forced to establish or sharpen new processes that ensure more effective collaboration—whether it be time savings or the binding definition of responsibilities. In addition to the legal requirements relating to data and information security, an increase in efficiency can also be expected in some company processes
Certification in record time
"We already had a very good starting level before the certification, as we have been dealing with these issues for a very long time as a digitalizer. Our IT team did a very good job here and implemented additional measures and improved processes in a very short space of time. I am convinced that the ISO/IEC 27001:2013 certification will give us decisive competitive advantages in the future," says Managing Director Konrad Krafft.
"Thanks to the good cooperation with all employees and staff departments, we were able to complete the certification in a fairly short time," says Elias Freitag. With a benchmark of 12 to 16 months, doubleSlash was able to achieve certification within nine months.
+49 7541 70078-708
