x

How SSI Schaefer protects software and data

Date: 19.12.2024Source: SSI Schäfer

 

 

How can software development remain secure in an increasingly digitalized world? At SSI Schaefer, a comprehensive security concept ensures that information security is consistently implemented in all areas of the company. The Information Security Management System (ISMS) is at the heart of this. It not only includes all technical measures at all levels and in all areas, but is also used as an organizational lead structure with appropriately developed security objectives and strategies. This system is based on sound risk management and is regularly optimized through ongoing evaluation of the activities and continuous development of the security measures.

An important focus is on software development for the intralogistics solutions of SSI Schaefer. In addition to the integration of security measures into the software development process, it is important to always maintain control over security during the implementation and maintenance of customer systems and the corresponding data exchange.

Focus on protection targets

SSI Schaefer attaches great importance to close coordination with customers in order to maintain the protection targets of availability, confidentiality, integrity and authenticity in the area of information security. These protection targets are also key requirements of the NIS2 Directive, which aims at enhancing cybersecurity standards across Europe. Implementing these standards protects against cyber threats and strengthens the resilience of IT systems. In concrete terms, this means:

·         Availability: Information and systems are available at all times.

·         Confidentiality: Data is treated confidentially and protected against unauthorized access.

·         Integrity: Changes to data are traceable and tamper-proof.

·         Authenticity: Data clearly originates from the specified source.

It is therefore essential that information and data are available correctly at all times, that they are treated confidentially, that each action can be attributed to an entity, that changes are traceable and that it is ensured that the data or information comes from the specified source. The implementation of these standards is for protection against cyber threats and strengthens the resilience of IT systems.

Shared awareness is essential

Targeted training ensures that employees recognize threats and apply the existing protective measures and processes safely in their day-to-day work. There are general training courses for all employees, covering topics such as the secure handling of passwords, identifying and reporting malware and similar basic information.

In the field of software development, on the other hand, special knowledge such as secure coding is also provided to prevent security vulnerabilities during programming. This is supplemented by a comprehensive list of measures at component, data, system and process levels. Special attention is paid to the technical systems on which information is stored, processed or transmitted. They must work smoothly and be effectively protected against the wide range of threats.

 

Roland Sossna / IDM

Print article (with images) Print article (without images)

Newsletter

Always stay up to date and sign up for our newsletter service: