Security at CELUM

CELUM’s highly scalable cloud-based Content Supply Chain Management platform ensures the comprehensive security of your digital assets, general information security, data protection and governance.

How does CELUM protect your data?

The protection of your data is of the utmost importance to CELUM.

Icon_safety

Security

With the ever-increasing amount of content and the diverse types of content, the challenge of securely creating, releasing, and managing it is also growing. However, with CELUM, these challenges can be met effectively.

Icon_GDPRGDPR

Data protection

The internal and external user base of CELUM customers is constantly growing. Therefore, we support our customers with enhanced access control features, seamless integration with familiar tools, simplified collaboration, and a more effective search function.

Icon_licence

Certifications

As a leading global software-as-a-service provider in the field of content supply chain management platforms, CELUM places great importance on being ISO/IEC 27001:2023 certified.

Secure and reliable hosting

CELUM uses Microsoft Azure hosting services. The hosting services are provided in a member state of the European Union (EU West / Amsterdam by default) and are therefore subject to the European level of data protection. Other cloud locations – for example Switzerland – can be requested and will be evaluated individually.

The cloud service partner is certified according to ISO 20000-1:2011, ISO 22301, ISO 27001, ISO 27017, ISO 27018, ISO 9001, among others.

For details regarding Microsoft Azure compliance, visit:

MS Azure compliance

Secure access

All data traffic to and from CELUM is transferred via a secure HTTPS connection.

The system supports role-based authentication and authorisation using SAML (Security Assertion Markup Language), MFA (Multi-Factor Authentication) and OAuth (Open Authorisation).

The platform enables secure collaboration and data exchange with internal and external stakeholders thanks to granular user roles and portals.

System security

The following security standards are applied, among others:

  • Network monitoring and network protection (e.g. using state-of-the-art firewalls)
  • Application monitoring and application protection using Microsoft Defender Security Platform with threat intelligence
  • Transmission encryption (TLS 1.2, TLS 1.3)
  • Encrypted storage with 256-bit AES encryption
  • Daily backup for data recovery

Testing & security awareness

  • Regular external penetration tests
  • Continuous security and threat analyses
  • Ongoing security training and security awareness training for CELUM staff

Data backup and disaster recovery

Your assets are securely available to you at all times.

CELUM uses a system for data backup and for maintaining the operation of the CELUM platform. This ensures that the processed information is backed up in such a way that the service and data can be restored at any time in accordance with the service levels. CELUM guarantees the integrity of your saved data and regularly performs the necessary backup and recovery tests.

CELUM’s disaster recovery backup includes preparation for and elimination of interruptions or disruptions in the event of a disaster.

ISO/IEC 27001:2023 certified

The certification according to the internationally recognised ISO/IEC 27001:2023 standard confirms CELUM’s first-class performance in the area of data and IT security. This gives our customers the certainty that business processes and information security fulfil the high international standards.

ISO 27001 is the most relevant and leading global standard in the field of information security. Certification confirms that the certified company’s security measures and ISMS fully fulfil the high requirements of the ISO standard.

Why ISO 27001?

This certificate covers the areas of development, operation, support, maintenance and customising of software products, including provision as a cloud solution (SaaS). We naturally want to maintain this high standard in the future.

The ISO 27001 certification emphasises our commitment to high-quality services and strict measures to ensure the confidentiality, integrity and availability of customer data.”

Robert Hoeller, Chief Information Security Officer, CELUM

FAQ

Where is the system hosted?

CELUM uses Microsoft Azure hosting services. The hosting services are provided in the European Union and are therefore subject to the European level of data protection. Other cloud locations – for example Switzerland, USA, Australia) will be offered as well.

CELUM uses locally redundant (LRS) storage (three backups are created and stored within the same data centres in same region (EU) and zone-redundant storage (ZRS) for Productive Data, which synchronously replicates data among three Azure availability zones in the primary region (EU). Our single tenant hosting option ensures that client data is stored securely and privately and will be completely isolated from other client/tenant instances.

CELUM’s backup strategy is based on backing up customers’ storage accounts and databases using the Point in Time Restore (PITR) and Long-Term-Retention (LTR) methods. CELUM shall ensure data recovery using the previous day’s backup.

An external security penetration test is carried out by an independent agency at least once a year. Individual audits can be requested by clients at their own expense, subject to CELUM’S approval.

Your Active Directory (AD) structure can be integrated with the CELUM platform to allow your users to login with SSO. CELUM can assist your IT team in setting up SSO with your IdP (typically MS EntraID, Okta, etc.), if required.

As long as the IdP is capable of SAML & OpenID connect (OIDC), there is no problem when connecting to CELUM. On top of that, automatic provisioning via SCIM 2.0 supported IdPs can be configured.

You will find more information here.

Data within the storage server (Azure Storage) is encrypted and decrypted transparently using 256-bit AES encryption, and is FIPS 140-2 compliant. These encryption standards are subject to periodic review and depreciated standards are removed, accordingly. More information about the CELUM security can be found here.

All CELUM Cloud customers’ instances are monitored continously for malicious activities or system issues by the CELUM Cloud Ops Team. CELUM provides different audit, history, statistic and logging functionalities with the possibility to integrate existing client BI-Tools. An additional Prometheus endpoint is available to monitor the system. The CELUM app tracks all modifications on assets and structures in the UI and in respective log files (such as activity.log) on the server. The administrator can access specific logs via the Admin UI.

Malfunctions in the hosting infrastructure or software service will automatically be registered as an incident, which will be reported to and handled by the Helpdesk experts and the Critical Incident Response Team

An overview of the incidents including the cause and resolution information will be available through standard support & information channels but can also be forwarded to unaffected clients, on request.

The potential for incidences are continuously monitored and may result in a CELUM-generated helpdesk ticket or a direct internal support call to our helpdesk team.

Yes, please visit status.celum.com

An availability of 99,5% will be guaranteed per SLA.

From our experience, we see de facto a much higher availability rate since we’re using the performant MS Azure and Cloudflare CDN infrastructure.

We offer integrations to various AI services such as Microsoft AI, DeepL or Imagga. Since Data privacy and security are a high standard for us, it is in customers responsibility to license these services on their own.

See CELUM in Action

Learn more what CELUM can do for you. Take a deeper dive into the features and get answers to all your questions. 

Book a Demo