Within the context of advancing digitalization, many companies are increasingly relying on cloud computing. When selecting a cloud provider, users often have to rely on cloud providers’ statements about functionality and non-functional service components such as the level of security. But not at Brainloop! Since its audit in the summer of 2022, Brainloop is proud to announce that we have achieved compliance with the Criteria Catalogue C5. This allows Brainloop to meet additional stringent cloud computing security conditions and ensure transparency in its relationships with customers and partners.
What is C5 Criteria?
The C5 criteria-catalogue is considered a framework for IT service providers. It was first published by the German Federal Office for Information Security (BSI) in 2016 and re-released in 2020. C5:2020 defines important requirements for secure cloud computing and contains not only requirements for the general security of the product but moreover for all company processes that are involved in the provision of cloud services. Independent auditing firms can ultimately confirm compliance with these criteria.
For whom is the Catalogue C5 important?
Thanks to the comprehensive mapping of conventional certificates, the C5 criteria-catalogue combines a host of minimum requirements for secure cloud computing in one comprehensive catalogue. Its target audience is comprised of professional cloud providers, their auditors and customers. For the various requirement ranges such as compliance and data protection, concrete targets are formulated and basic requirements are specified in order to implement the objectives.
“Since our founding in 2000, the security of confidential information has driven Brainloop’s business. In concluding the implementation of the BSI C5 requirements at the end of July 2022, Brainloop has successfully completed an important prerequisite for further growth.”
– Ralf Mutzke, Corporate Security Officer at Brainloop
What is new in the current version C5:2020?
The existing security criteria from the 2016 catalog were fundamentally revised in parts to raise its standard even higher whilst taking current technological developments into consideration. BSI provides the topic of DevOps as an example. Additionally, the criteria-catalogue specifies requirements and recommendations to C5 certification auditors.
To learn more about Criteria Catalogue C5, notable protection objectives and our leading security architecture, download the free white paper “Securing the Digital Transformation”.