ISO/IEC 27001 is an international standard for information security management. It describes the requirements for establishing, implementing, maintaining and continuously improving an information security management system (ISMS) – with the aim of helping organizations to make the information assets in their possession more secure. This primarily involves the systematic investigation and treatment of information security risks, taking into account threats, vulnerabilities and impacts, as well as the establishment of numerous
Information security controls. An overarching management process also ensures that we meet stakeholders’ information security requirements. In this way, we increase the security of the Swiss Business Cloud.
ISO/IEC 27017 is a security standard designed for cloud service providers and users to create a secure cloud-based environment and reduce the risk of security issues. This standard was built from ISO/IEC 27002 and proposes additional security controls for the cloud that were not fully defined in ISO/IEC 27002. The main focus here is also to integrate and automate the proposed controls directly into the cloud services. For us, the focus here is on the Swiss Business Cloud as a plattfrom and desktop as a service.
ISO/IEC 27018 is a security standard that is part of the ISO/IEC 27000 family of standards. It was the first international standard on data protection in cloud computing services to be promoted by industry. It was created in 2014 as an addendum to ISO/IEC 27001, the first international code of practice on data protection in the cloud. It helps cloud service providers that process personally identifiable information (PII) to assess risk and implement controls to protect PII. We place particular emphasis on handling PII in accordance with GDPR, and this standard supports us and provides our customers with additional assurance that we are handling their PII in accordance with legal requirements.
The ISO 9000 family of quality management systems (QMS) is a set of standards that help organizations ensure that they meet the needs of customers and other stakeholders in the context of legal and regulatory requirements related to a product or service. ISO 9001 sets out the requirements for organizations wishing to implement and operate an ISO 9001 quality management system. The standard is based on the well-known PDCA cycle (Plan, Do, Check, Act) and supplements this primarily with the influences of external stakeholders on planning (Plan) and focuses on products and services during implementation (Do). In our QMS, we pay particular attention to responding quickly to quality deficiencies or suggestions for improvement, which enables us to adapt our processes, products and services promptly and on an ongoing basis.
“swiss hosting” was developed by the label swiss made software and has been offered exclusively to its members since 2020. The conditions for being allowed to carry the “swiss hosting” label are clearly regulated:
Open Circle operates its services in its own data centers in Switzerland or with Swiss partners who fulfill the conditions of the label, i.e. whose data location is also Switzerland.
ITIL (Information Technology Infrastructure Library), is a best practice framework consisting of a set of processes designed to enable effective IT service management in an organization.
The latest version, ITIL 4, includes 34 management practices designed to achieve specific goals or perform specific tasks.
In order to apply ITIL effectively, employees from various departments hold ITIL certification.