Security and data protection

As a global software-as-a-service provider, information security, data protection and governance are top priorities for CELUM. CELUM’s highly scalable cloud-based Content Supply Chain Management platform ensures the comprehensive security of your digital assets.

How does CELUM protect your data?

The protection of your data is of the utmost priority for CELUM.

Icon_safety

Security

With the ever increasing amount of content and diverse content types, the challenge of securely creating, releasing and managing it is also growing. With CELUM, however, these challenges can be met effectively.

Icon_GDPRGDPR

Data protection

The internal and external user base of CELUM customers is constantly growing. We therefore support our customers with more access control functions, seamless integration with familiar tools, simplified collaboration and a more effective search function.

Icon_licence

Certifications

As a leading global software-as-a-service provider in the field of content supply chain management platforms, being ISO/IEC 27001:2013 certified is very important to CELUM.

Security at CELUM

CELUM takes all necessary technical and organisational measures to ensure the security of the CELUM platform and your data, especially with regard to availability, data integrity, protection against threats and confidentiality.

Secure and reliable hosting

CELUM uses Microsoft Azure hosting services. The hosting services are provided in a member state of the European Union (EU West / Amsterdam by default) and are therefore subject to the European level of data protection. Other cloud locations – for example Switzerland – can be requested and will be evaluated individually.

The cloud service partner is certified according to ISO 20000-1:2011, ISO 22301, ISO 27001, ISO 27017, ISO 27018, ISO 9001, among others.
(Details regarding Microsoft Azure compliance: https://azure.microsoft.com/en-us/explore/trusted-cloud/compliance/)

Secure access

All data traffic to and from CELUM is transferred via a secure HTTPS connection.

The system supports role-based authentication and authorisation using SAML (Security Assertion Markup Language), MFA (Multi-Factor Authentication) and OAuth (Open Authorisation).

The platform enables secure collaboration and data exchange with internal and external stakeholders thanks to granular user roles and portals.

System security

The following security standards are applied, among others:

  • Network monitoring and network protection (e.g. using state-of-the-art firewalls)
  • Application monitoring and application protection using Microsoft Defender Security Platform with threat intelligence
  • Transmission encryption (TLS 1.2, TLS 1.3)
  • Encrypted storage with 256-bit AES encryption
  • Daily backup for data recovery

Testing & security awareness

  • Regular external penetration tests
  • Continuous security and threat analyses
  • Ongoing security training and security awareness training for CELUM staff

Data backup and disaster recovery

Your assets are securely available to you at all times.

CELUM uses a system for data backup and for maintaining the operation of the CELUM platform. This ensures that the processed information is backed up in such a way that the service and data can be restored at any time in accordance with the service levels. CELUM guarantees the integrity of your saved data and regularly performs the necessary backup and recovery tests.

CELUM’s disaster recovery backup includes preparation for and elimination of interruptions or disruptions in the event of a disaster.

GDPR-compliant file sharing

Prevent unauthorized access and replace risky email attachments with CELUM’s secure, compliant and easy-to-use content sharing capabilities – both internally as well as externally. Invite users to dedicated workrooms or create access portals in which files can be exchanged safely.

Data protection at CELUM

Central data governance

Define how long users should be able to access your data. If the validity period for a specific file or folder expires, access is automatically blocked. You decide what happens once employees or external partners leave the organization or the project.

 

Certifications

TÜV Austria ISO/IEC 27001:2013 certified

The certification according to the internationally recognised ISO/IEC 27001:2013 standard confirms CELUM’s first-class performance in the area of data and IT security. This gives our customers the certainty that business processes and information security fulfil the high international standards.

ISO 27001 is the most relevant and leading global standard in the field of information security. Certification confirms that the certified company’s security measures and ISMS fully fulfil the high requirements of the ISO standard.

Why ISO 27001?

This certificate covers the areas of development, operation, support, maintenance and customising of software products, including provision as a cloud solution (SaaS). We naturally want to maintain this high standard in the future.

“The ISO 27001 certification emphasises our commitment to high-quality services and strict measures to ensure the confidentiality, integrity and availability of customer data.”

Michael Wirth, Chief Financial Officer, CELUM