Compliance for sovereign cloud services – SysEleven and secunet now with IT-Grundschutz, ISO 27001, and C5
- German Federal Office for Information Security (BSI) issues certification of IT baseline protection for cloud platform
- Only the second sovereign German provider with ISO 27001 certification, IT baseline protection, and C5 testing
- The most comprehensive certification for infrastructure and platform to date
Berlin, 6 March 2025 – The Berlin-based cloud and managed Kubernetes specialist SysEleven, a subsidiary of cybersecurity market leader secunet Security Networks AG, has been certified under ISO 27001 based on IT baseline protection from the German Federal Office for Information Security (BSI). This makes SysEleven one of only two sovereign cloud providers in Germany that offer the complete triad of IT baseline protection, C5 testing, and ISO 27001 certifications.
“In view of new legal requirements and real-world attacks, companies and public authorities are investing in their digital infrastructure’s resilience and security. With our comprehensive certifications, we support critical infrastructures (KRITIS) in Germany and Europe as a trustworthy partner,” says Andreas Hermann, Managing Director and COO of SysEleven. “As a central part of our customers’ infrastructure, we also stand for transparency, security, and innovation capability thanks to open source technologies, as expected for example in industry, health care, and public administration.”
SysEleven and secunet are continuously expanding their range of secure and sovereign cloud solutions. Their common goal is to offer a cloud platform for particularly sensitive data and applications with a custom-made compliance profile. They focus strongly on public authorities and administrations that need to move classified information to the cloud in compliance with the law, as well as on KRITIS companies that require particularly robust digital infrastructures.
Customers are on the safe side
“As an innovative company in the Web3 sector, ETOSPHERES places the highest value on certified and secure infrastructures. Our EU-compliant data centers and GDPR processes guarantee that we process customer data within the strictest regulatory requirements,” says Holger Köther, VP Web3 Services & Strategy at ETOSPHERES. “We develop modular services for crypto wallet and payment solutions, fiat on/off-ramp, and an event-focused community engagement platform. These enable companies to seamlessly integrate Web3 technologies, build up customer loyalty, and open up new monetization channels – all of which are developed under the highest security standards.”
ETOSPHERES is part of the ETO GRUPPE (Stockach, Baden-Württemberg), which develops and produces actuators, sensors, software, and electronics for worldwide use in various branches of industry.
Keeping an eye on the complete system
“We are aware of our special responsibility for our customers’ data and ensure the highest level of security in our infrastructure,” adds Andreas Hermann. “Unlike other providers, we have therefore not only had the Infrastructure as a Service (IaaS) part certified, but we have also defined a highly comprehensive information network. Other services such as the storage connection or Database as a Service (DBaaS) have become part of the certification. As part of the certification process, we have also optimized our processes and implemented them in a more robust way. That way, we can seamlessly integrate future innovations such as GPU as a Service (GaaS).”
Why do public authorities and KRITIS need IT baseline protection?
The BSI’s IT baseline protection is a proven, standardized security concept for protecting IT systems. It offers a practical methodology to systematically establish information security and meet regulatory requirements. For public authorities and KRITIS companies in particular, IT-Grundschutz is the de facto standard for protecting sensitive data and safeguarding against cyber threats.
SysEleven’s certifications and test certificates at a glance
This is how SysEleven ensures its customers’ compliance:
- C5 – The C5 certificate applies to all SysEleven’s cloud and Kubernetes products, including services such as storage or DBaaS.
- IT-Grundschutz – In close cooperation with secunet, SysEleven has created an efficient management system for information security (ISMS) that precisely meets the requirements of the public sector and KRITIS companies.
- ISO certificates – SysEleven is certified under the international standards ISO 27001, ISO 27017, and ISO 27018.
About SysEleven
SysEleven GmbH serves over 500 customers in the DACH market and employs over 170 people. As a cloud and Kubernetes managed service provider, SysEleven specializes in the operation of distributed and business-critical systems and in the rapid scaling of workloads.
A wholly owned subsidiary of Germany’s leading cybersecurity company secunet Security Networks AG, SysEleven supports organizations that want to complete their transformation to cloud native and value speed, flexibility, and autonomy. SysEleven’s range of services includes: cloud services such as an OpenStack public and private cloud, and (fully) managed Kubernetes such as 24/7 operation of cloud and Kubernetes workloads.
SysEleven places great importance on data protection, compliance, and consistent safeguarding of digital sovereignty. All SysEleven’s solutions consist of open source components and are hosted in sustainable, modern German data centers. Founded in 2007 and certified according to ISO 27001, IT-Grundschutz, and C5, SysEleven’s customers include the Bundesdruckerei, DFS Aviation Services, FTAPI, smartsteuer, VHV Versicherungen, FarmFacts, medgate, and Golem.de. Find out more at www.syseleven.de.
secunet – Protection for digital infrastructure
secunet is Germany’s leading cybersecurity company. In an increasingly networked world, secunet ensures robust digital infrastructures and the highest possible protection for data, applications, and digital identities. secunet does this with a combination of products and consulting, specializing in areas where there are special security requirements – such as cloud, IIoT, eGovernment, and eHealth. With secunet’s security solutions, companies can comply with the highest security standards in digitalization projects and thus press on with their digital transformation.
secunet has over 1,000 experts who strengthen the digital sovereignty of governments, companies, and society as a whole. Its clients include German federal ministries, more than 20 DAX-listed companies, and other national and international organizations. The company was founded in 1997. It is listed on the Frankfurt Stock Exchange and generated sales of around €407 million in 2024 (preliminary results as of January 27, 2025). secunet is an IT security partner of the Federal Republic of Germany and a partner of the Alliance for Cyber Security. Find out more at www.secunet.com.
