We developed our cloud service completely with the customer in mind. Nevertheless, it’s important to us that we not only impress you with our own detailed descriptions of our solution and our outstanding team, but that external institutions also evaluate and certify our successful product DRACOON. This is how we ensure that our customers always enjoy maximum data security.
The BSI’s catalog of requirements for cloud computing (C5) defines requirements and obligations that a cloud provider must meet in order to certified as having implemented a high standard of information security. The catalog of requirements takes the recognized ISO 27001 standard and adds further aspects to it that are relevant to a cloud provider and establish a baseline level of security. An audit on the basis of this catalog of requirements can only be carried out by an independent, third-party auditor. This auditor produces a detailed audit report covering all aspects of information security at the organization. As a result, customers receive confirmation that information security at an accredited cloud provider has been thoroughly tested and is extremely high.
In this context, DRACOON was audited and successfully certified by the auditing firm PricewaterhouseCoopers (PwC).
Here can be found additional information about the BSI's C5 catalog.
ISO/IEC 27001 is an internationally recognized standard that certifies a company’s successful implementation and operation of an information security management system (ISMS). An ISMS manages and monitors all of a company’s information and specifies instructions on how to handle information worthy of protection. This ISO certification helps customers identify service providers that comply with information security regulations and therefore protect the customer’s information.
ISO/IEC 27017 extends ISO 27001 to include information security requirements for cloud service providers. This certification demonstrates that DRACOON also meets these additional requirements.
ISO/IEC 27018 extends ISO 27001 to include requirements for the protection of personally identifiable information (PII) by cloud service providers acting as PII processors. With this certification, DRACOON demonstrates that it meets all of the ISO requirements as a processor of customers’ PII in this field as well.
Here can be found additional information about ISO/IEC 27001.
Through outsourcing and cloud computing, companies today have the opportunity to outsource processes and in doing so, streamline their organizational structures. Nevertheless, the companies still remain ultimately responsible for these processes. For this purpose, an auditor can carry out its own extensive audit activities or simply rely on an audit report in accordance with IDW PS 951 (“Audit of a service provider’s internal control system for processes outsourced to the service provider”). This is because IDW PS 951 serves to document the internal control system’s suitability and effectiveness. The benefit of this for customers is that it eliminates or limits the scope of recurring audits, reduces liability risks, and increases efficiency during an audit.
In this context, DRACOON was audited and successfully certified by HKKG GmbH Wirtschaftsprüfungsgesellschaft.
We will gladly provide you a copy of the audit report upon request.
IT Security made in Germany" ("ITSMIG") was founded in 2005 on the initiative of the Federal Ministry of the Interior, of the Federal Ministry of Economics and Technology as well as representatives of the German IT security industry. Public authorities in particular should emphasize technical and political trustworthiness as award criteria in IT contract awarding procedures. In this context, TeleTrusT refers to the existing uniform identification mark "IT Security made in Germany", which is based on the following criteria:
DRACOON meets these criteria and is officially listed as a trademark holder.
Here you can find further information about the initiative IT Security made in Germany.
On the occasion of the debate on European digital sovereignty, the IT Security Association Germany (TeleTrusT) established the declaration of conformity "IT Security made in EU" for its members. To be allowed to use the trust mark, the following criteria must be met:
DRACOON meets these criteria and is officially listed as a trademark holder.
Here you can find further information about the initiative IT Security made in EU.
The “Software Made in Germany” seal is an initiative by the Federal Association of IT SMEs (BITMi e.V.) and is awarded to German companies that combine first-class service with outstanding quality and future viability, based on the following criteria:
The “Software Hosted in Germany” seal is an initiative by the Federal Association of IT SMEs (BITMi e.V.) and recognizes software that can be used online that complies with German privacy law and other criteria, including:
Through its studies, the Information Services Group (formerly Experton Group) offers valuable assistance to companies when it comes to selecting the right business partners. For example, in its latest Public Cloud – Services & Solutions ISG Provider Lens Quadrant Report 2022, the firm analyzed providers in the filesharing environment for the German market. Its recent Secure Enterprise Cloud File Sharing Quadrant report gives users a comprehensive and detailed overview of the market. Within the framework of the independent study, 17 companies were classified as relevant and positioned within the quadrant. DRACOON was named the leader in this segment.
Additional information about the study by ISG can be found here.
© 2023 DRACOON GmbH
Made in Germany
Phone. +49 (941) 7 83 85-0