Comply

COMPLY

‘We live in a digital world. To counteract the real threats that this presents, stricter regulations and legal requirements are being established across all sectors

to ensure the highest possible levels of cyber and information security. We comply with and implement all of these regulations and requirements.’

René Beiler

Chief Information Security Officer

Get in touch

PCI DSS

Security in internet transactions is a cornerstone of successful online trading. The data security standard PCI-DSS (Payment Card Industry Data Security Standard) was introduced by the world’s leading credit card providers, and is designed to reduce fraud and identity theft incidents involving companies that accept online card payments. The standard is an important step toward building customer trust in online payment transactions. It also enables companies to demonstrate that they comply with all of the applicable legislation and that payment information is handled securely. However, achieving and maintaining PCI-DSS conformity is a long and cost-intensive process.

We are a Level 1-compatible PCI-DSS service provider: *um customers benefit from our specialist knowledge and our tailor-made concepts for PCI-DSS-compliant environments. Our complete solution – which covers everything from network services through to application management – guarantees the highest levels of security, enabling you to reduce the costs and resource usage associated with implementing and maintaining your security landscape, as well as for the mandatory PCI-DSS audits and 24-hour operation.

What PCI-DSS as a Service offers:

A fully redundant and highly scalable platform compliant with PCI-DSS Level 1
Very short time to market for your PCI-DSS-compliant services
Continuous improvement of PCI-DSS processes and products
Close collaboration with your IT department to simplify and streamline compliance
Guaranteed integrity and security in payment processes boost customer trust
Benefit from our PCI-DSS expertise and our success in countless complex PCI-DSS projects

VDA ISA

For a number of years, the German Association of the Automotive Industry (VDA) has had its own information security working group. This group developed a questionnaire known as the information security assessment (ISA). As manufacturers work closely with their suppliers during product development and at other stages of the production process, a high level of security is essential at this interface. “It’s very important that the data we share or exchange with suppliers is protected. When we are discussing prototypes, in particular, it is essential to ensure that all of the parties involved in the supply chain have a comparable level of IT security,” says Dr. Joachim Damasky,

Director of Technology and Environment at the VDA. With this in mind, the VDA developed the Trusted Information Security Assessment eXchange, a verification and exchange model for standardized information security throughout the value creation and apply chain. The Trusted Information Security Assessment eXchange is based on the VDA ISA and ensures that service providers and suppliers do not need to undergo audits repeatedly in short periods of time. By complying with this standard, we are guaranteeing the high industry standards of information security that apply for us as a provider and, above all, for our customers from the automotive sector.

ISO/ IEC 27001

ISO/IEC 27001 is an international information security standard for private, public, and charitable organizations. It contains requirements relating to the establishment, design, implementation, and continuous optimization of documented information security management systems (ISMS). ISO/IEC 27001 also covers the analysis and handling of risks in information security.

By achieving ISO certification, *um is demonstrating that it has implemented and complies with the requirements of this information security standard. For us and for our customers, it is imperative that the value in our supply chains is protected with appropriate security mechanisms.

This post is also available in: German

Cookie and Privacy Settings

How we use cookies

We may request cookies to be set on your device. We use cookies to let us know when you visit our websites, how you interact with us, to enrich your user experience, and to customize your relationship with our website.

Click on the different category headings to find out more. You can also change some of your preferences. Note that blocking some types of cookies may impact your experience on our websites and the services we are able to offer.

Essential Website Cookies

Google Analytics Cookies

These cookies collect information that is used either in aggregate form to help us understand how our website is being used or how effective our marketing campaigns are, or to help us customize our website and application for you in order to enhance your experience.

If you do not want that we track your visist to our site you can disable tracking in your browser here:

Other external services

We also use different external services like Google Webfonts, Google Maps and external Video providers. Since these providers may collect personal data like your IP address we allow you to block them here. Please be aware that this might heavily reduce the functionality and appearance of our site. Changes will take effect once you reload the page.

Google Webfont Settings:

Google Map Settings:

Vimeo and Youtube video embeds:

René Beiler

PCI DSS

What PCI-DSS as a Service offers:

VDA ISA

ISO/ IEC 27001

Futurologist Joachim Graf: Companies still make too little of their data

Unbelievable Machine goes all out for cyber security in Germany

How to use Data Science workshops to get to a specific project

Let’s talk about your data!

Social Media

Jobs:

Search

Address

Blog