IT security with aixzellent
As awareness of secure IT continues to grow, we are also receiving more and more inquiries regarding the security of our systems. We have now summarized the most important information.
Servers that we set up on behalf of our customers are hosted exclusively in Germany in compliance with the EU-GDPR, unless the customer requests otherwise. Hetzner has long been the data center we trust and it is certified according to DIN ISO/IEC 27001. The certificate proves adequate security management, data security, confidentiality of information and availability of IT systems. It also confirms that security standards are continuously improved and monitored on a sustained basis.
Physically, Hetzner's data center parks are broadly protected. The security systems include a high-security fence, video surveillance, visitor badges, access authorizations, transponder chips and an early fire detection system.
The networks, systems and data are also broadly secured on the part of Hetzner. DDOS protection, firewalls, security updates and backup servers make this possible. More information about security at Hetzner is available [here].
Our systems are all configured and operated with special attention to information security (CIA: Confidentiality, Integrity, Availability). We make sure that only really necessary accesses are directly accessible from the Internet. Everything else is only accessible from our management network to minimize attack surfaces from outside. Automatic provisioning and 2-factor authentication are also standard for the management services set up.
The security of your data and communications is our top priority. Your systems are therefore monitored on an ongoing basis. For their part, the systems and procedures used are subject to constant maintenance and updating, so that your systems and data are also protected against the latest methods of attack. In addition to the "classic" passive security measures, we also rely on procedures such as "Active Defense".
Communication always encrypted
In addition, we support the highest possible security standards and always transmit data exclusively via an encrypted SSL/TLS connection. We generally use validated certificates for this, which are set up on your systems. This ensures the highest standards. We usually only allow exceptions to encrypted communication for your websites and as a fallback solution, e.g. for the mail server (server-to-server communication), as unfortunately there are still mail servers on the Internet that cannot handle secure encryption.
Regular backups, which are also stored encrypted on separate hard disk storage (RAID5), form the basis for your long-term data security.
The employees responsible for setting up and managing your servers are certified as BS basic protection practitioners.
More security (e.g. through HA, VPN, additional encryption etc.) can of course always be added in individual cases!
Do you have further questions? Please feel free to contact us at any time!