LIS Logistische Informationssysteme AG is certified in accordance with the DIN EN 50600 and ISO 27001:2017 standards and is thus committed to the highest level of information security for its customers. After a comprehensive audit, the software company was awarded the official certificates in August. While the ISO audit certifies a functioning and standard-compliant information security management system (ISMS), the DIN characterises the requirements for the construction of a secure data centre.
“With the certification, we thought first and foremost about our customers. They entrust us with their sensitive business information and trust that it is safe with us,” says Erik Roguschke, Information Security Officer at LIS Logistische Informationssysteme AG. “As an internationally active company, it is important for us to meet the requirements of a European standard. In this way, it is also immediately apparent to our foreign customers that their data is in good hands with us.”
For certification according to DIN EN 50600, the software company from the Münsterland region had to fulfil specifications for the planning, new construction and operation of the data centre, such as power supply, air conditioning or fire protection. ISO/IEC 27001 enables LIS AG to demonstrate that the operation of the data centre with its processes and interfaces conforms to standards.
“It was a big project with a lot of effort, but also an opportunity to stand out from the direct competition,” says Johannes Willenberg, Head of IT at LIS AG. The requirements were high – many processes in the company were assessed and, if necessary, adapted. “Literally every stone was turned over to meet the demands of certification,” Willenberg says.
In addition to process optimisations across all departments – starting with the IT department, which is at the heart of the certification, to the human resources department, software development, purchasing and the legal department, all the way to the secretariat and accounting – structural adjustments were also made, such as the installation of a separation system for the building. The largest physical measure is the new construction of the data centre in 2020. This has already been planned and built according to the DIN EN 50600 standard.
Already 120 customers use the LIS Cloud Services with their high security standards. Backup and update services, for example, are installed automatically. In addition, the use of the LIS servers does not incur any costs for the acquisition and maintenance of the necessary hardware. At the same time, this eliminates the additional effort for implementation as well as for the personnel who look after the data backup in the IT departments of customer companies. The connection of further devices and workstations is also possible without any problems.
“Even though the biggest step has now been taken, we must and will continue to work on our safety processes. This is the only way we can pass the annual audits. And that is an absolute must for us, so that our customers know their data is securely hosted with us,” says Roguschke.