A unique approach for security at cidaas
Security and data protection are the keys
IT security and data protection are becoming essential criteria for modern digital services. Cyber threats and attacks are increasingly becoming a threat to the stable and secure operation of digital applications. Identity & Access Management plays a central role here, as it provides authentication and authorisation for users and is responsible for the administration of user data. It is not only the prevention of attacks on the Identity & Access Management service itself, as well as attempted attacks on the users, such as identity theft, but in particular also the functions provided by modern Identity & Access Management that ensure higher security. With cidaas, we offer comprehensive ways to integrate security into your digital applications, from multi-factor authentication to fraud and bot detection (more information in our feature set). Find out more on this page how we have integrated security into cidaas.
What we do for the security of our customers
Listed below are some of the most important measures that we have implanted in our DNA at cidaas:
Secure development with the cidaas Secure Development Lifecycle
At every stage of our development cycle, including design, coding, testing, and release, we place great emphasis on IT security. This way, we integrate security natively into the product instead of adding it afterwards. Our internal security team is directly involved in the development process.
We continuously train our architects, developers and testers in IT security, secure programming, and code reviews.
We have a software development process that follows a multi-level security and quality concept.
Software quality and vulnerability and IT security scans are directly integrated into our CI/CD pipelines.
Regular vulnerability scans analyse our code repositories.
Regular internal and external penetration tests and security audits.
Joint penetration tests with customers to validate integration in various applications.
Partnerships with research institutions and partners such as Fraunhofer for the development of IT security and penetration concepts.
Penetration and IT security testing
In addition to automated IT security tests and vulnerability scans, we rely on a combination of internal and external penetration tests. With our external partners and our customers, we manage to test cidaas including the integration into the applications. Each of our customers has the right to carry out penetration tests on their test environment.
cidaas and the GDPR
The General Data Protection Regulation (GDPR) is one of the most important regulatory bases in Europe. As European Cloud Identity & Access Management, we live and breathe the GDPR, and we also work with partners on research projects relating to privacy-friendly platforms and business models:
We rely on European data centres and infrastructure partners – “Software Hosted in Europe”.
With commissioned data processing, you own the data, and we deliver the best service.
With the GDPR-compliant consent management from cidaas, you not only implement regulatory requirements, but also create transparency and strengthen the trust of your users.
With various certifications, we confirm our commitment and the compliance of cidaas.