Press release – January 30, 2025
Proven data security: CONTACT Software achieves ISO 27001 certification
The internationally recognized standard for information security management assures customers that their data is in safe hands with CONTACT.
Companies increasingly rely on software from the cloud. This proves beneficial in terms of high data availability and low infrastructure costs – but also entails an important security consideration: Can businesses trust that their data is just as well protected in external data centers as on their own servers? The international ISO 27001 standard provides guidance on this matter by establishing standards for information security management systems (ISMS). Following a multi-stage auditing process, CONTACT has demonstrated that its cloud products meet the highest security standards and received the ISO certification.
To ensure the confidentiality, integrity, and availability of data in its cloud products, CONTACT has implemented a comprehensive ISMS. A wide range of security mechanisms has been seamlessly integrated into development and operating processes, including monitoring tools, automations, and Infrastructure as Code (IaC). CONTACT continuously identifies, analyzes, and mitigates risks, even factoring in the impact of extreme weather events on IT infrastructure.
“This certification is a clear signal to our customers that we protect their data according to the highest security standards,” says Tim Petersen, Head of Cloud Operations. CONTACT’s partners also benefit from standardized processes and clearly defined security requirements, which simplify collaboration, increase efficiency, and create a trusted basis for future projects. This represents a decisive competitive advantage in a dynamic environment like the cloud industry.
The ISO 27001 certification applies to the “Development and Operation of CONTACT Elements-Based Cloud Products”. For CONTACT, it marks an important milestone on the path to comprehensive data security, but by no means the endpoint. The company will continue to advance its ISMS and plans, for instance, to enhance monitoring systems in order to detect potential risks even more quickly and address them effectively.
