MarketplaceCommunityDEENDEENProductsCore ServicesRoadmapRelease NotesService descriptionCertifications and attestationsPrivate CloudManaged ServicesBenefitsSecurity/DSGVOSustainabilityOpenStackMarket leaderPricesPricing modelsComputing & ContainersStorageNetworkDatabase & AnalysisSecurityManagement & ApplicationsPrice calculatorSolutionsIndustriesHealthcarePublic SectorScience and researchAutomotiveMedia and broadcastingRetailUse CasesArtificial intelligenceHigh Performance ComputingBig data and analyticsInternet of ThingsDisaster RecoveryData StorageTurnkey solutionsTelekom cloud solutionsPartner cloud solutionsSwiss Open Telekom CloudReferencesPartnerCIRCLE PartnerTECH PartnerBecome a partnerAcademyTraining & certificationsEssentials trainingFundamentals training coursePractitioner online self-trainingArchitect training courseCertificationsCommunityCommunity blogsCommunity eventsLibraryStudies and whitepaperWebinarsBusiness NavigatorMarketplaceSupportSupport from expertsAI chatbotShared ResponsibilityGuidelines for Security Testing (Penetration Tests)Mobile AppHelp toolsFirst stepsTutorialStatus DashboardFAQTechnical documentationNewsBlogFairs & eventsTrade pressPress inquiriesMarketplaceCommunity

0800 3304477 24 hours a day, seven days a week

Write an E-mail 

Book now and claim starting credit of EUR 250
ProductsCore ServicesPrivate CloudManaged ServicesBenefitsPricesPricing modelsPrice calculatorSolutionsIndustriesUse CasesTurnkey solutionsSwiss Open Telekom CloudReferencesPartnerCIRCLE PartnerTECH PartnerBecome a partnerAcademyTraining & certificationsCommunityLibraryBusiness NavigatorMarketplaceSupportSupport from expertsHelp toolsTechnical documentationNewsBlogFairs & eventsTrade pressPress inquiries
  • 0800 330447724 hours a day, seven days a week
  • Write an E-mail 
Book now and claim starting credit of EUR 250

Gold standard in the cloud industry: Open Telekom Cloud certified according to BSI C5:2020, and SOC 1, SOC 2, SOC 3

by Editorial team
Hände eines Mannes auf einer Laptop Tastatur, im Vordergrund des Bildes ein digitales Schloss in einer Cloud
Putting it through its paces: Auditors examine the technology and management of the cloud platform over a period of weeks

In this article you will read, 

  • what the BSI C5:2020 from the German Federal Office for Information Security (BSI) certifies,
  • why it is considered the gold standard in the cloud industry
  • and what requirements the US test protocols SOC 1, SOC 2 and SOC 3 presuppose.

It is the most important certification in the area of public cloud computing: The C5:2020 catalogue of requirements from the Federal Office for Information Security (BSI) certifies that cloud providers offer the maximum level of security. The Open Telekom Cloud fulfills all the requirements of this catalogue since 2018 with the BSI C5 Type 2 certificate.

BSI C5 certifies security, transparency and data protection

The requirements of BSI C5:2020 include the so-called environmental parameters: "They provide information on the data location, provision of services, place of jurisdiction, certifications and duties of investigation and disclosure towards government agencies and contain a system description," the BSI writes on its website. "The resulting transparency makes it possible for potential cloud customers to decide whether legal regulations (such as data protection), the customers’ own guidelines or also the threat scenario regarding industrial espionage make the use of the respective cloud service appear appropriate.”

BSI C5:2020 is considered the gold standard in the cloud industry. Many companies that want to use public cloud offerings require C5 certification (actually the C5 test certificate) as a condition when choosing their provider. To obtain the certificate, the Open Telekom Cloud had to provide evidence in 17 thematic areas ranging from the organization of information security to physical security.

While the BSI C5 Type 1 certificate is quite easy to obtain with self-declarations from the cloud provider, the BSI C5 Type 2 audit involves an external auditor spending weeks examining the technology and management of the cloud platform. The type 2 certificate is therefore of a much higher quality than type 1.  

Open Telekom Cloud fulfills SOC 1, SOC 2 and SOC 3 requirements 
catalog according to Type II

In addition, with the certificate for BSI C5:2020, the Open Telekom Cloud has also fulfilled the requirements of the US test protocol SOC 2. SOC stands for Service Organization Control. The certificate complies with the requirements of the American Institute of Certified Public Accountants (AICPA). It assesses service providers with regard to security, availability, processes, integrity, confidentiality and data protection.

The Open Telekom Cloud currently meets the SOC 1, SOC 2 and SOC 3 requirements catalog according to Type II. The auditors have thus checked the platform's design using guidelines and process descriptions. 

Proof of certification must be provided every 12 months

"Cloud providers that have been tested accordingly cannot rest on their laurels: Providers are only considered compliant with both the BSI C5:2020 requirements catalogue and SOC 2 if they renew the corresponding proof at least every 12 months," says Daniel Fussy, IT security & privacy consultant at T-Systems. "We are proud to have successfully passed these audits time and time again since 2018."

The Open Telekom Cloud is comprehensively certified beyond BSI C5:2020 and the SOC family, for example with a wide range of ISO certificates. An overview of the certificates can be found here. 


This content might also interest you
 

Various trophies stand in front of a wooden wall

Our certifications

To meet the very latest security and data protection requirements, all of our services are subject to strict rules and are regularly checked by independent specialists.

 
Man despairs of certificates and test reports

Certificates and test reports – which certificate states what? (Video)

What do the individual certificates and test reports mean (video)?

 
Server in a data center

DSGVO-konforme Cloud

Maximum safety for carefree working: The Open Telekom Cloud fully meets the stringent requirements of GDPR.

The Open Telekom Cloud Community

This is where users, developers and product owners meet to help each other, share knowledge and discuss.

Discover now

Free expert hotline

Our certified cloud experts provide you with personal service free of charge.

 0800 3304477 (from Germany)

 +800 33044770 (from abroad)

 24 hours a day, seven days a week

Write an E-Mail

Our customer service is available free of charge via E-Mail

Write an E-Mail

AIssistant Cloudia

Our AI-powered search helps with your cloud needs.