![security](https://www.cidaas.com/wp-content/uploads/2021/06/security.jpg)
A unique approach for security at cidaas
Security and data protection are the keys
IT security and data protection are becoming essential criteria for modern digital services. Cyber threats and attacks are increasingly becoming a threat to the stable and secure operation of digital applications. Identity & Access Management plays a central role here, as it provides authentication and authorisation for users and is responsible for the administration of user data. It is not only the prevention of attacks on the Identity & Access Management service itself, as well as attempted attacks on the users, such as identity theft, but in particular also the functions provided by modern Identity & Access Management that ensure higher security. With cidaas, we offer comprehensive ways to integrate security into your digital applications, from multi-factor authentication to fraud and bot detection (more information in our feature set). Find out more on this page how we have integrated security into cidaas.
![Security and Privacy of Information & Conformity](https://www.cidaas.com/wp-content/uploads/2021/06/Security-and-Privacy-Information-1024x498.png)
What we do for the security of our customers
Listed below are some of the most important measures that we have implanted in our DNA at cidaas:
![Infrastructure Security](https://www.cidaas.com/wp-content/uploads/2021/06/Infrastructure-Security.png)
The mindset at cidaas
While we considered a provider for infrastructure, all of our Security starts with the mindset. We know that security is important for our customers and users. Therefore, we at cidaas have established a unique mindset and awareness for the topic of safety. From the idea to development and operation, we live and breathe IT security.
![check mark](https://www.cidaas.com/wp-content/uploads/2021/05/check.png)
We promote security awareness through targeted IT security awareness training.
![check mark](https://www.cidaas.com/wp-content/uploads/2021/05/check.png)
We also integrate our partners into our measures and thus create a consistent understanding and awareness of IT security from product to integration.
![check mark](https://www.cidaas.com/wp-content/uploads/2021/05/check.png)
Regular internal hackathons not only enable targeted penetration tests by cidaas, but also show colleagues what they work every day.
![check mark](https://www.cidaas.com/wp-content/uploads/2021/05/check.png)
ISO9001 and ISO27001 certification at cidaas and the infrastructure partners.
![check mark](https://www.cidaas.com/wp-content/uploads/2021/05/check.png)
We limit access to productive systems. All software and infrastructure updates are automated. And every access is monitored and logged.
![check mark](https://www.cidaas.com/wp-content/uploads/2021/05/check.png)
The latest security measures in the infrastructure from firewalls to security information management.
![Secured Support](https://www.cidaas.com/wp-content/uploads/2021/06/Secured-Support.png)
Secure infrastructure
Security at cidaas starts at the very bottom level, the infrastructure. We select the right infrastructure partners with great care. We at cidaas as well as our infrastructure partners are ISO9001 and ISO27001 certified and meet the cidaas security and compliance guidelines.
![secure development](https://www.cidaas.com/wp-content/uploads/2021/06/secure-development.png)
Secure development with the cidaas Secure Development Lifecycle
At every stage of our development cycle, including design, coding, testing, and release, we place great emphasis on IT security. This way, we integrate security natively into the product instead of adding it afterwards. Our internal security team is directly involved in the development process.
![check mark](https://www.cidaas.com/wp-content/uploads/2021/05/check.png)
We continuously train our architects, developers and testers in IT security, secure programming, and code reviews.
![check mark](https://www.cidaas.com/wp-content/uploads/2021/05/check.png)
We have a software development process that follows a multi-level security and quality concept.
![check mark](https://www.cidaas.com/wp-content/uploads/2021/05/check.png)
Software quality and vulnerability and IT security scans are directly integrated into our CI/CD pipelines.
![check mark](https://www.cidaas.com/wp-content/uploads/2021/05/check.png)
Regular vulnerability scans analyse our code repositories.
![check mark](https://www.cidaas.com/wp-content/uploads/2021/05/check.png)
Regular internal and external penetration tests and security audits.
![check mark](https://www.cidaas.com/wp-content/uploads/2021/05/check.png)
Joint penetration tests with customers to validate integration in various applications.
![check mark](https://www.cidaas.com/wp-content/uploads/2021/05/check.png)
Partnerships with research institutions and partners such as Fraunhofer for the development of IT security and penetration concepts.
![secure data](https://www.cidaas.com/wp-content/uploads/2021/06/secure-data.png)
Penetration and IT security testing
In addition to automated IT security tests and vulnerability scans, we rely on a combination of internal and external penetration tests. With our external partners and our customers, we manage to test cidaas including the integration into the applications. Each of our customers has the right to carry out penetration tests on their test environment.
Compliance
![GDPR](https://www.cidaas.com/wp-content/uploads/2021/06/gdpr.png)
cidaas and the GDPR
The General Data Protection Regulation (GDPR) is one of the most important regulatory bases in Europe. As European Cloud Identity & Access Management, we live and breathe the GDPR, and we also work with partners on research projects relating to privacy-friendly platforms and business models:
![check mark](https://www.cidaas.com/wp-content/uploads/2021/05/check.png)
We rely on European data centres and infrastructure partners – “Software Hosted in Europe”.
![check mark](https://www.cidaas.com/wp-content/uploads/2021/05/check.png)
With commissioned data processing, you own the data, and we deliver the best service.
![check mark](https://www.cidaas.com/wp-content/uploads/2021/05/check.png)
With the GDPR-compliant consent management from cidaas, you not only implement regulatory requirements, but also create transparency and strengthen the trust of your users.
![check mark](https://www.cidaas.com/wp-content/uploads/2021/05/check.png)
With various certifications, we confirm our commitment and the compliance of cidaas.
![cidaas itZert 27001-2013](https://www.cidaas.com/wp-content/uploads/2020/02/itZert_27001-2013.png)
![cidaas itZert 9001-2015](https://www.cidaas.com/wp-content/uploads/2020/02/itZert_9001-2015.png)
![cidaas openid certified](https://www.cidaas.com/wp-content/uploads/2018/04/openid.png)
![OAuth2 certified](https://www.cidaas.com/wp-content/uploads/2020/06/Oauth_logo.png)
![cidaas - Software hosted in Germany](https://www.cidaas.com/wp-content/uploads/2018/04/hosted-in-1.png)
![Allianz fuer Cyber Sicherheit Partner](https://www.cidaas.com/wp-content/uploads/2020/08/Allianz_fuer_Cyber-Sicherheit_Partner.png)