Double recognition: Austrian Cloud & ISAE 3402 Type II

For the EDI provider EDITEL, data security and smooth processes are key priorities. The company recently qualified for the “Austrian Cloud” seal of approval and also successfully passed the “ISAE 3402 Type II” audit.

Data handling is increasingly becoming a matter of security and trust. To give their clients peace of mind regarding responsible data handling, EDITEL relies on renowned seals of approval and objective audits. Since it is widely known that everything revolves around data at the EDI service provider EDITEL, “security and trust are a top priority for us,” explains Gerd Marlovits, EDITEL’s CEO. “After all, every year we process approximately 400 million transactions from more than 20,000 companies via the EDI network eXite, and all of them need to be protected.” EDITEL guarantees a fail-safe infrastructure as well as security features and control mechanisms that are updated and improved on an ongoing basis to meet state-of-the-art technology standards. Following the “Trust is good, control is better” mindset, EDITEL periodically undergoes external audits to prove data security. For Gerd Marlovits, this is an important step to “show that we are fully transparent, which increases our clients’ trust in our services.”

 “Austrian Cloud” – a seal of approval for Austrian data

Just recently, EDITEL qualified for the “Austrian Cloud” seal of approval. Launched by the Austrian Federal Chamber of Commerce and EuroCloudAustria in 2018, this initiative recognizes providers of Austrian cloud solutions who store their data exclusively in Austria. This initiative has been designed to make it easier for users to find companies that choose to store their data locally. Cybersecurity experts agree that the location where the cloud infrastructure is located is decisive for questions of legal certainty, data security, possible public intervention and liability towards corporate cloud clients. To obtain the seal of approval, EDITEL had to reach a total of 90 points for pre-determined parameters including data protection, security aspects, legal compliance, and technical infrastructure, “which allows us to provide a 100% guarantee to our clients that their data are stored in Austria,” Gerd Marlovits explained.

“ISAE 3402 Type II” – an audit for the internal control system

As in previous years, EDITEL once again underwent the “ISAE 3402 Type II” audit and successfully passed it. This audit was performed by EY, an independent auditing and consulting firm, and gives assurance to a company’s clients that it has flawless internal processes. The audit included a review of the adequacy of quality assurance activities for all services provided to clients: security and application operations, software development quality (change management), international support services and, for the first time this year, the implementation of GDPR requirements. In the final report, EY confirms that EDITEL has fully met all audit specifications. The “ISAE 3402 Type II” audit revolves around periodic reviews, which makes it a sustainable tool for certifying high-level security and performance during daily operations. According to Gerd Marlovits, it is “highly relevant for EDITEL to review and optimize these processes on an ongoing basis. Our successful “ISAE 3402 Type II” audit report underscores our efforts of setting the bar very high when it comes to our security environment,” he said.

The press release „Double recognition for EDI provider EDITEL“ is also available as a download.