Security above all
Certified information security and data protection at KISTERS
Information security is our top priority. We understand the importance of cybersecurity. We take pride in using the best practices, processes and technologies to keep data – both yours and ours – of the highest quality.
As a data-driven company, we heavily depend on the availability and quality of information. Data storage, access and processing by appropriate individuals is an important part of success and resilience for any organization.
To this end, KISTERS has adopted and maintains a policy on information security and data protection as a pillar of our corporate strategy. The Chief Information Security Officer (CISO) and information security teams are responsible for upholding the scope of the policy across our enterprise.
The goals of our policy support the protection of
- our customers’ trust by upholding the integrity of our IT-based systems, programs and data, as well as products and services
- our clients’ and partners’ interests through the secure and continuous availability of our software, systems and services as well as our confidential treatment of their data
- our software users’ interests by complying with data protection and information security regulations in our software solutions, consistently applying best practices and principles of certified software development and securing our development environments
- all personal data in our IT systems and processes to uphold informational autonomy and privacy of all data subjects
- our company, our customers, partners and employees through compliance with statutory regulations and other legally binding provisions.
Highlights
Third-party certifications
We have high standards & welcome independent audits to assurance our customers and partners.
Third-party certifications
We have high standards and seek accredited third-party auditors to hold us accountable to the latest industry standards, especially as we are present on 5 continents and serve organizations around the globe.
Our data-driven certification means robust information security and software for our customers and partners.
Certifications we hold:- ISO 27001 Information Security Management Systems certification recognizes our mission to bring information security under explicit management control. The systematic audit covers personnel, processes and technologies (for example, software development and data centers) within a well-defined scope to establish, implement, monitor, review and improve on cybersecurity.
- ISO 9001 Quality Management Systems certification recognizes the consistent and good quality of our IT services for energy, hydromet, and environmental, health & safety (EHS) industries. The standard is based on principles including a strong customer focus, the process approach and continual improvement.
- ISO 50001 Energy Management Systems certification recognizes our commitment to energy efficiency, conservation and lessening our resource impact. The systematic approach benchmarks and identifies operational improvements based on fixed targets.
Certified software development & products
We write code, perform code reviews, and stress test to provide reliable and safe IT.
Certified software development & products
Our software development is guided by the secure software development lifecycle (S-SDLC) framework and relevant best practices advocated by BSI, NIST, and OWASP among other well-respected organizations.
The security of our IT products is considered from their conception to delivery and well into ongoing support and maintenance. Renewed ISO 27001 certification confirms our commitment to our customers and partners.Diligently writing secure code, avoiding typical vulnerabilities during coding and performing code reviews and stress tests on our software provides reliable and safe software.
Secure cloud services, on premise, or hybrid
We work with you & your IT team to site the solution & meet cybersecurity policies.
Secure cloud services, on premise, or hybrid
Guided by your company’s IT security policies, we work with you to identify a secure site for our solutions to meet your needs.
We work with commercial clouds like Amazon Web Services (AWS) and Azure as well as private clouds. We also offers our own private cloud, if you prefer that we host the solution.
Whatever site is selected, we consider maximum security and accessibility for approved users.
We implement a comprehensive security concept consisting of, among other things:
- Physical security in the KISTERS Data Center
- Secure, high-performance access via the internet
- Modern storage and high availability concept