[Essen, Nuremberg, 11 October 2017] The authentication service for authega e-government applications has received ISO 27001 certification, based on the IT Grundschutz Catalogues (baseline IT security catalogues) published by the German Federal Office for Information Security (BSI). The certificate was awarded during the official reception for it-sa 2017, held in the Bavarian Heimatministerium, Nuremberg.
authega is made available and operated in RZ Nord (north computing centre) on behalf of the Bayerisches Staatsministerium der Finanzen, für Landesentwicklung und Heimat (Bavarian State Ministry for Finances, Land Development and Homeland), a department of the Bayerisches Landesamt für Steuern (Bavarian State Office for Taxes (BayLfSt)). The service was developed as part of a joint project between two companies: mgm technology partners GmbH and secunet Security Networks AG. Based on technology arising from ELSTER, Germany’s largest e-government project, authega is used in a wide range of specialist procedures operated by the Free State of Bavaria and other federal states, such as for employee and other portals.
authega provides its services using its own IT infrastructure. secunet was commissioned by BayLfSt to design this infrastructure in a way that would enable ISO 27001 certification. To this end, Information Security Management (authegaISM) was created and put into operation. In addition, secunet was also responsible for creating all references and secondary documentation required for the certification and operation of authegaISM.
The entire certification process was completed in under eleven months from the first workshop on September 20, 2016, to the completion of auditing on August 14, 2017. ISO 27001 certification documents that the IT Grundschutz has been fully implemented, and that engaging with topics relating to IT security is an essential component of the BayLfSt’s official philosophy.