Clear

Products

Experience Platform Sitecore XC Content Hub

Articles

What is a CMS (Content Management System)? (3 min read) Der Unterschied zwischen CMS und DXP (7 Min. Lesedauer) 10 Personalisierungstaktiken für schnelle Erfolge (Lesedauer: 7 Min.)

Die von Ihnen angeforderte Seite ist in Ihrer Sprache nicht verfügbar.

Schließen x

site-logo
site-logo
  • Home
    • Produkte
      • Experience Platform
      • Sitecore XC
      • Content Hub
      • Sitecore XM
      • Expanding Sitecore
      • Produktpakete
    • Lösungen
    • Kundenberichte
      • Experience Awards
    • Knowledge Center
      • Ressourcen für digitales Marketing
      • Einstieg in Sitecore
      • Vernetzen mit einem Partner
      • Insights
    • Unternehmen
      • Die Geschichte von Sitecore
      • Unsere Werte
      • Aktuelles und Events
      • Leadership
      • Karriere
      • Contact us
  • Für Kunden
  • Für Partner
Deutsch (Deutschland)
English Dansk Deutsch (Deutschland) Français (France) 日本語 (日本) 中文(中国)

sitecoresite_dictionary_personalization

Deutsch (Deutschland)
English Dansk Deutsch (Deutschland) Français (France) 日本語 (日本) 中文(中国)
  • Home
  • Für Kunden
  • Für Partner
  • Personalisierungsansicht

site-logo
  • Produkte
    • Experience Platform
    • Sitecore XC
    • Content Hub
    • Sitecore XM
    • Expanding Sitecore
    • Produktpakete
  • Lösungen
  • Kundenberichte
    • Experience Awards
  • Knowledge Center
    • Ressourcen für digitales Marketing
    • Einstieg in Sitecore
    • Vernetzen mit einem Partner
    • Insights
  • Unternehmen
    • Die Geschichte von Sitecore
    • Unsere Werte
    • Aktuelles und Events
    • Leadership
    • Karriere
    • Contact us

SITECORE TRUST CENTER

Security programs at Sitecore

We incorporate security into our products and best practices into everything we do

Some of the steps we have taken to ensure your data’s protection include:

  • Security Governance - Sitecore has implemented a three-line defense model for security operations, governance, and assurance. This is supported by strong management and Board oversight.

  • Security Operations – Sitecore has made significant investments to implement a security operations center in order to maintain state of the art technical controls and a comprehensive and robust approach across platform, processes, and people. This includes 24x7 security monitoring, vulnerability management, and external penetration testing. This allows us to adjust our security posture and protect customer data across our services.

  • Secure Development – Sitecore has implemented a secure software development program, which aligns with Microsoft’s Security Development Lifecycle Framework, and includes developer training, secure design, threat modeling, secure coding, static analysis, dynamic analysis, and penetration testing.

  • Responsible Disclosure - Sitecore is committed to working with security researchers who are responsibly reporting vulnerabilities in its software products.

  • Security Compliance Programs - Sitecore has implemented robust information security practices to comply with industry-leading standards.


Compliance programs and certifications

To demonstrate our commitment to protecting customer data, Sitecore maintains a number of compliance programs and certifications in accordance with strict regulatory and industry standards

Compliance with these standards, confirmed by an accredited auditor, demonstrates Sitecore’s continued adoption of these internationally recognized standards, workflows and best practices in Sitecore’s people, processes, and technologies that are used to provide cloud-based services to its customers.

Please refer to the current list of compliance programs for more information on the certifications that Sitecore maintains.

For further detail on the scope of each compliance program, please refer to the appropriate certificate in the table below.

 

  ISO 27001: 2013 is a security standard that governs an organization’s Information Security Management System (ISMS) and mandates specific requirements in the implementation, monitoring, maintenance and continuous improvement of the ISMS. This includes implementing steps to identify and maintain the assets, technologies, and processes needed to protect customer information and to help ensure the confidentiality, integrity, and availability of customer data and supporting services.
   ISO 27017: 2015 is a security standard that provides guidance on the information security aspects of cloud computing.

Sitecore uses this standard to supplement the ISO 27001:2013 standard with cloud-specific controls that are applied to its public cloud environment.
   ISO 27018: 2014 is a code of practice that focuses on protection of personally identifiable information (PII) in the public cloud.

By providing cloud services, Sitecore acts as a data processor to its customers. Sitecore uses ISO/IEC 27018:2014 standard in order to protect the PII that it processes for its customers.
  The CSA STAR Certification is a technology-neutral independent certification that leverages the requirements of ISO 27001: 2013 management standard together with CSA Cloud Controls Matrix (CCM) to ensure compliance with issues critical to cloud security in the CCM. 
Sitecore uses CSA STAR standard to continually measure the maturity of its control practices against the CCM and applicable sections of ISO 27001:2013.
  SOC 2 reports contain an independent attestation of control environment relevant to system security, confidentiality and availability. SOC 2 audits are conducted against SSAE 18 attestation standards.

Sitecore uses the SOC 2 reports to demonstrate the operating effectiveness of its controls used to ensure security, confidentiality, and availability of its public cloud environment.
  Sitecore has completed a PCI Data Security Standard (DSS) assessment of its commerce software and associated cloud offering, and has issued a Product Applicability Guide.
  Sitecore complies with the E.U.-U.S. Privacy Shield and Swiss–U.S. Privacy Shield Frameworks (together referred to as “Privacy Shield”) as set forth by the U.S. Department of Commerce and the European Commission regarding the collection, use, and retention of personal information from data subjects who reside in the EU and Switzerland, respectively. For more information on this certification, please see here.

Events in Ihrer Nähe

Meinen aktuellen Standort verwenden

Meinen Standort ändern

sitecoresite_dictionary_apply

Produkte

  • Sitecore Experience Platform
  • Sitecore Experience Commerce
  • Sitecore Content Hub
  • Sitecore Experience Manager
  • Personalisierung
  • Marketing-Automatisierung
  • Sitecore Omni
  • Sitecore Cortex
  • Integration

Knowledge Center

  • Schulungen und Support
  • Was ist ein CMS?
  • Personalisierung: Wo sollen wir anfangen?
  • Marktübersicht zu E-Commerce-Plattformen
  • Was ist ein Headless-CMS?
  • Sitecore 101
  • Insights-Blog

Unternehmen

  • News und Events
  • Karriere
  • Die Geschichte von Sitecore
  • Kontakt
  • Trust Center

© Copyright 2019, Sitecore. Alle Rechte vorbehalten Rechtliche Hinweise Datenschutz webmaster@sitecore.net +1-855-Sitecore