Security

The bedrock of our services is a state-of-the-art infrastructure and ideal use of it. A highly available system architecture in distributed data centres and leading-edge system management solutions for monitoring and protecting systems mean our IT meets the very highest security requirements. Apart from continuous security checks on systems and data networks, we prevent loss of your data by means of data mirroring and mature backup methods. Our work processes are geared rigorously to the IT Infrastructure Library (ITIL), and our highly qualified team with its many years of experience are on hand to help you around the clock.

IT compliance and certification

We want to improve our services for you permanently and systematically. We have been awarded a number of certifications for our high standards of quality and security.

In order to ensure the security of the data and information we process, as well as a permanent and adequate standard of security in the interests of our customers, we gear our activities towards the requirements of the recognised standard ISO/IEC 27001:2017 relating to establishment of an information security management system (ISMS). To enable that, we have built an information security organisation leveraging the many years of expertise of our own experts from the various key technological fields. We apply the OEDIV risk management methodology to protect the confidentiality, integrity and availability of information at the company.

In addition, auditing firms are commissioned to verify the “adequacy and security of organisational measures and processes in delivery of IT services” on the basis of recognised standards. We document this objective by international audits in compliance with Sarbanes-Oxley (SOX) and the resultant ISAE 3402 Type 2 report. Apart from that, we subject our data centres to further external audits, as a result of which we have gained Secure Data Centre certification.

ISO/IEC 27001:2017 Scope Statement:

The ISMS of OEDIV Oetker Daten- und Informationsverarbeitung KG covers all processes, employees and technologies used to provide IT services to customers of OEDIV, including the associated IT infrastructure, at the data centre locations in Bielefeld.

Data centre security

We run the systems in two active, highly available data centres at separate locations. The same goes for the high-performance storage and backup systems with their redundant design.

The data backups are constantly replicated in the other data centre. Data is channelled over two different routes at our company, meaning that production is maintained if one route fails. We also take further precautions to avoid downtimes due to external influences, such as:

  • Fire-extinguishing systems and fire prevention through oxygen reduction
  • Access control by means of transponder technology and video surveillance
  • Secure power supply thanks to UPS systems and emergency generators to bridge power outages and fluctuations

Our entire data centre infrastructure is protected by a complex monitoring procedure. Apart from a plant security service to guard the perimeter, the infrastructure is also under direct surveillance. Our data centres are subject to German data protection law, which means that investigating authorities can access data only in compliance with national legislation. The infrastructure and technological features of the data centres themselves are separately assessed and audited in detail by a specialist, independent auditing organisation, TÜV Rheinland. As a result of that, we were awarded Secure Data Centre certification. In addition, the effectiveness of the measures we have taken are examined regularly by means of ISAE 3402 and ISO 27001 audits and documented.

We will be pleased to provide you with more details about the setup, monitoring and security precautions as part of a guided tour of the data centres. We look forward to hearing from you!