SlideShare a Scribd company logo

德國TSI公司簡報-2

俠客科技
俠客科技

德國TSI公司委託設計

1 of 20
Trusted site infrastructure Sources, TSI criteria are derived from TSI criteria catalogue
Trusted site infrastructure Reaction Detection Precaution ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Trust Site
Trusted site infrastructure Comprehensive security for all physical aspects of data centers
Trusted site infrastructure Document review Implementation Test Criteria Catalogue Security concept and plans Plans infrastructures Documents Test certificates
Trusted site infrastructure 16 20 0 2 12 Report & Confir-mation Implem-entation test Document review With feedback Work Shop Normally 2-3 experts on site On-site orientation Viewing of documents Feasibility About 5-10 days possibility with project meeting Possibly 2 days follow-up audit Estimated work in project days Trusted site project
Trusted site infrastructure Evaluation results Level 1 medium protection requirements (according to the BSI infrastructure requirements of the baseline protection manual) Level 2 extended protection requirements (extended requirements to all above mentioned aspects) Level 3 high protection requirements (complete redundancy of essential components, no single point of failures, climate limits according to EN 1047-2) Level 4 very high protection requirements (advanced access control, no adjacent hazard potentials, with minimal intervention time)
Creating Trust TÜVit Our Principles Basel ll Market positioning Conditions Persuasion Liability questions Suppliers Insurance Customers and markets Bank Board Courts of law Processing industry IT-operator
Trusted site infrastructure Assurance phases 0 Self Made 1 Professional planner 2 Security concept 3 Third party inspection Increase in trust
TÜVit Our Principles Certification ... is a measure implemented by a neutral third party indicating that reasonable trust exists that a properly marked product / organization / site .... complies with a certain standard or another type of normative document.
Trusted site infrastructure Publication of the certificate Zoom out
 
Conclusion Practical approach for specific areas Big necessity to protect the critical infrastructure BUT No national or international criteria No national or international scheme No common framework Over 10 years experience within TÜViT Certification list at http://www.tuvit.de/english/46254.asp
TÜVit Our Background TUViT combines a nearly 20 years’ experience in IT and Telecommunication with technology and process-specific skills. TUViT provides a full range of services accompanying all project phases - from planning and design to specification and implementation and final operation.
TÜVit Our Background Permanent quality control and external audits assure the high quality and reliability of our services. TUViT is accredited and recognised by relevant national and international organisations and authorities in the field of quality and security.
National Accreditations Federal Office for Information Security Federal Network Agency German Accreditation Body Technology Central Credit Board of the German Banks Independent Centre for Privacy Protection Schleswig-Holstein
International Accreditations National Institute of Standards and Technology, USA Information-technology Promotion Agency (IPA), Japan National Institute of Technology and Evaluation (NITE), Japan Europay, MasterCard and Visa International (EMVCo)
TÜViT Our Experience (Special Branches) Certification Services (CA, RA, PKI) Semiconductors IT Security (Developer, Manufacturer) Health Care Energy and Multi Utilities TSI for RWE data centre Government and Public Administration German Parliament Development of IT security concept Banking and Insurance TSI for data centre of German bank (design and installed by IBM) Telecommunication
● improving your quality and security ● increasing your efficiency ● lowering your risks and cost ● adding a significant value to your assets TÜViT Yo ur Benefits
TÜV Informationstechnik GmbH Member of TÜV NORD Group Tiger TENG Business development director Asia Pacific area Langemarckstr. 20 45141 Essen, Germany Mobile: +886-9188-15408 (Taiwan) +86-15821934086 (China) Phone: +49 201 8999 – 403 Fax: +49 201 8999 – 888 E-Mail: [email_address] URL: www.tuvit.net
Thank you for your attention! Question?

Recommended

How sophisticated penetration testers get through the defenses
How sophisticated penetration testers get through the defensesHow sophisticated penetration testers get through the defenses
How sophisticated penetration testers get through the defensesPhilippe A. R. Schaeffer
 
What is NOC?
What is NOC?What is NOC?
What is NOC?VaradMangalvedhekar
 
Mohammad Tahir_CV
Mohammad Tahir_CVMohammad Tahir_CV
Mohammad Tahir_CVMohammad Tahir Shaikh
 
Computer Forensics – What You Don’t Know Can Cost You
Computer Forensics – What You Don’t Know Can Cost YouComputer Forensics – What You Don’t Know Can Cost You
Computer Forensics – What You Don’t Know Can Cost YouCentriqMarketing
 
MRHCV-short.DOC
MRHCV-short.DOCMRHCV-short.DOC
MRHCV-short.DOCMark Hobday
 
Police force
Police forcePolice force
Police forceStuart Thompson Viseum Group Owner & President
 
Specialist Security Engineer
Specialist Security EngineerSpecialist Security Engineer
Specialist Security EngineerMark Long
 
Specialist security enigneer
Specialist security enigneerSpecialist security enigneer
Specialist security enigneerMark Long
 

Recommended

How sophisticated penetration testers get through the defenses
How sophisticated penetration testers get through the defensesHow sophisticated penetration testers get through the defenses
How sophisticated penetration testers get through the defensesPhilippe A. R. Schaeffer
 
What is NOC?
What is NOC?What is NOC?
What is NOC?VaradMangalvedhekar
 
Mohammad Tahir_CV
Mohammad Tahir_CVMohammad Tahir_CV
Mohammad Tahir_CVMohammad Tahir Shaikh
 
Computer Forensics – What You Don’t Know Can Cost You
Computer Forensics – What You Don’t Know Can Cost YouComputer Forensics – What You Don’t Know Can Cost You
Computer Forensics – What You Don’t Know Can Cost YouCentriqMarketing
 
MRHCV-short.DOC
MRHCV-short.DOCMRHCV-short.DOC
MRHCV-short.DOCMark Hobday
 
Police force
Police forcePolice force
Police forceStuart Thompson Viseum Group Owner & President
 
Specialist Security Engineer
Specialist Security EngineerSpecialist Security Engineer
Specialist Security EngineerMark Long
 
Specialist security enigneer
Specialist security enigneerSpecialist security enigneer
Specialist security enigneerMark Long
 
Tatanet Corporate Presentation
Tatanet Corporate PresentationTatanet Corporate Presentation
Tatanet Corporate PresentationRohit Kumar
 
Network operations center (noc)
Network operations center (noc)Network operations center (noc)
Network operations center (noc)Elena Benson
 
anil's_resume_2_4
anil's_resume_2_4anil's_resume_2_4
anil's_resume_2_4Anil Rauniyar
 
Strategy Basecamp - Cybersecurity Introduction
Strategy Basecamp - Cybersecurity IntroductionStrategy Basecamp - Cybersecurity Introduction
Strategy Basecamp - Cybersecurity IntroductionPaul Osterberg
 
IDC Security 2014, Endpoint Security in Depth
IDC Security 2014, Endpoint Security in DepthIDC Security 2014, Endpoint Security in Depth
IDC Security 2014, Endpoint Security in DepthKen Tulegenov
 
PCI DSS ASV Scanning from Nettitude
PCI DSS ASV Scanning from NettitudePCI DSS ASV Scanning from Nettitude
PCI DSS ASV Scanning from Nettitudespillans
 
Maturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key ConsiderationsMaturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key ConsiderationsSirius
 
CIS Security Benchmark
CIS Security BenchmarkCIS Security Benchmark
CIS Security BenchmarkRahul Khengare
 
Effective security monitoring mp 2014
Effective security monitoring mp 2014Effective security monitoring mp 2014
Effective security monitoring mp 2014Ricardo Resnik
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber EssentialsJisc
 
Infinit security card-mark capwell
Infinit security card-mark capwellInfinit security card-mark capwell
Infinit security card-mark capwellMark Capwell
 
The Future of ICS Security Products
The Future of ICS Security ProductsThe Future of ICS Security Products
The Future of ICS Security ProductsDigital Bond
 
Additional Skills
Additional SkillsAdditional Skills
Additional SkillsRavi Bandekar
 
Neil Bailey Resume 2016 (1)
Neil Bailey Resume 2016 (1)Neil Bailey Resume 2016 (1)
Neil Bailey Resume 2016 (1)Neil K. Bailey
 
Algo sec suite overview 2013 05
Algo sec suite overview 2013 05Algo sec suite overview 2013 05
Algo sec suite overview 2013 05hoanv
 
What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?Priyanka Aash
 
Msp saner 2.0
Msp saner 2.0Msp saner 2.0
Msp saner 2.0SecPod Technologies
 
Managing risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextManaging risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextAlgoSec
 
Safend Solution Set
Safend Solution SetSafend Solution Set
Safend Solution SetRandy Neish
 
CIP-014-1: Next Steps from an Auditor’s Perspective
CIP-014-1: Next Steps from an Auditor’s PerspectiveCIP-014-1: Next Steps from an Auditor’s Perspective
CIP-014-1: Next Steps from an Auditor’s PerspectiveEnergySec
 
Huwei Cyber Security Presentation
Huwei Cyber Security PresentationHuwei Cyber Security Presentation
Huwei Cyber Security PresentationPeter921148
 
Common Criteria service overview for Developers - jtsec a CC consultancy company
Common Criteria service overview for Developers - jtsec a CC consultancy companyCommon Criteria service overview for Developers - jtsec a CC consultancy company
Common Criteria service overview for Developers - jtsec a CC consultancy companyJavier Tallón
 

More Related Content

What's hot

Tatanet Corporate Presentation
Tatanet Corporate PresentationTatanet Corporate Presentation
Tatanet Corporate PresentationRohit Kumar
 
Network operations center (noc)
Network operations center (noc)Network operations center (noc)
Network operations center (noc)Elena Benson
 
Strategy Basecamp - Cybersecurity Introduction
Strategy Basecamp - Cybersecurity IntroductionStrategy Basecamp - Cybersecurity Introduction
Strategy Basecamp - Cybersecurity IntroductionPaul Osterberg
 
IDC Security 2014, Endpoint Security in Depth
IDC Security 2014, Endpoint Security in DepthIDC Security 2014, Endpoint Security in Depth
IDC Security 2014, Endpoint Security in DepthKen Tulegenov
 
PCI DSS ASV Scanning from Nettitude
PCI DSS ASV Scanning from NettitudePCI DSS ASV Scanning from Nettitude
PCI DSS ASV Scanning from Nettitudespillans
 
Maturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key ConsiderationsMaturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key ConsiderationsSirius
 
CIS Security Benchmark
CIS Security BenchmarkCIS Security Benchmark
CIS Security BenchmarkRahul Khengare
 
Effective security monitoring mp 2014
Effective security monitoring mp 2014Effective security monitoring mp 2014
Effective security monitoring mp 2014Ricardo Resnik
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber EssentialsJisc
 
Infinit security card-mark capwell
Infinit security card-mark capwellInfinit security card-mark capwell
Infinit security card-mark capwellMark Capwell
 
The Future of ICS Security Products
The Future of ICS Security ProductsThe Future of ICS Security Products
The Future of ICS Security ProductsDigital Bond
 
Neil Bailey Resume 2016 (1)
Neil Bailey Resume 2016 (1)Neil Bailey Resume 2016 (1)
Neil Bailey Resume 2016 (1)Neil K. Bailey
 
Algo sec suite overview 2013 05
Algo sec suite overview 2013 05Algo sec suite overview 2013 05
Algo sec suite overview 2013 05hoanv
 
What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?Priyanka Aash
 
Managing risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextManaging risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextAlgoSec
 
Safend Solution Set
Safend Solution SetSafend Solution Set
Safend Solution SetRandy Neish
 
CIP-014-1: Next Steps from an Auditor’s Perspective
CIP-014-1: Next Steps from an Auditor’s PerspectiveCIP-014-1: Next Steps from an Auditor’s Perspective
CIP-014-1: Next Steps from an Auditor’s PerspectiveEnergySec
 

What's hot (20)

Tatanet Corporate Presentation
Tatanet Corporate PresentationTatanet Corporate Presentation
Tatanet Corporate Presentation
 
Network operations center (noc)
Network operations center (noc)Network operations center (noc)
Network operations center (noc)
 
anil's_resume_2_4
anil's_resume_2_4anil's_resume_2_4
anil's_resume_2_4
 
Strategy Basecamp - Cybersecurity Introduction
Strategy Basecamp - Cybersecurity IntroductionStrategy Basecamp - Cybersecurity Introduction
Strategy Basecamp - Cybersecurity Introduction
 
IDC Security 2014, Endpoint Security in Depth
IDC Security 2014, Endpoint Security in DepthIDC Security 2014, Endpoint Security in Depth
IDC Security 2014, Endpoint Security in Depth
 
PCI DSS ASV Scanning from Nettitude
PCI DSS ASV Scanning from NettitudePCI DSS ASV Scanning from Nettitude
PCI DSS ASV Scanning from Nettitude
 
Maturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key ConsiderationsMaturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key Considerations
 
CIS Security Benchmark
CIS Security BenchmarkCIS Security Benchmark
CIS Security Benchmark
 
Effective security monitoring mp 2014
Effective security monitoring mp 2014Effective security monitoring mp 2014
Effective security monitoring mp 2014
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber Essentials
 
Infinit security card-mark capwell
Infinit security card-mark capwellInfinit security card-mark capwell
Infinit security card-mark capwell
 
The Future of ICS Security Products
The Future of ICS Security ProductsThe Future of ICS Security Products
The Future of ICS Security Products
 
Additional Skills
Additional SkillsAdditional Skills
Additional Skills
 
Neil Bailey Resume 2016 (1)
Neil Bailey Resume 2016 (1)Neil Bailey Resume 2016 (1)
Neil Bailey Resume 2016 (1)
 
Algo sec suite overview 2013 05
Algo sec suite overview 2013 05Algo sec suite overview 2013 05
Algo sec suite overview 2013 05
 
What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?
 
Msp saner 2.0
Msp saner 2.0Msp saner 2.0
Msp saner 2.0
 
Managing risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextManaging risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business context
 
Safend Solution Set
Safend Solution SetSafend Solution Set
Safend Solution Set
 
CIP-014-1: Next Steps from an Auditor’s Perspective
CIP-014-1: Next Steps from an Auditor’s PerspectiveCIP-014-1: Next Steps from an Auditor’s Perspective
CIP-014-1: Next Steps from an Auditor’s Perspective
 

Similar to 德國TSI公司簡報-2

Huwei Cyber Security Presentation
Huwei Cyber Security PresentationHuwei Cyber Security Presentation
Huwei Cyber Security PresentationPeter921148
 
Common Criteria service overview for Developers - jtsec a CC consultancy company
Common Criteria service overview for Developers - jtsec a CC consultancy companyCommon Criteria service overview for Developers - jtsec a CC consultancy company
Common Criteria service overview for Developers - jtsec a CC consultancy companyJavier Tallón
 
德國TSI公司簡報-1
德國TSI公司簡報-1德國TSI公司簡報-1
德國TSI公司簡報-1俠客科技
 
TAICS - Cybersecurity Certification for European Market.pptx
TAICS - Cybersecurity Certification for European Market.pptxTAICS - Cybersecurity Certification for European Market.pptx
TAICS - Cybersecurity Certification for European Market.pptxJavier Tallón
 
Eurosmart etsi-e-io t-scs-presentation
Eurosmart etsi-e-io t-scs-presentationEurosmart etsi-e-io t-scs-presentation
Eurosmart etsi-e-io t-scs-presentationStefane Mouille
 
Towards a certification scheme for IoT security evaluation
Towards a certification scheme for IoT security evaluationTowards a certification scheme for IoT security evaluation
Towards a certification scheme for IoT security evaluationAxel Rennoch
 
MongoDB IoT City Tour EINDHOVEN: IoT in Healthcare: by, Microsoft & Barco
MongoDB IoT City Tour EINDHOVEN: IoT in Healthcare: by, Microsoft & BarcoMongoDB IoT City Tour EINDHOVEN: IoT in Healthcare: by, Microsoft & Barco
MongoDB IoT City Tour EINDHOVEN: IoT in Healthcare: by, Microsoft & BarcoMongoDB
 
Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013Turvallisuus2013
 
第7回VEC制御システムサイバーセキュリティカンファレンス
第7回VEC制御システムサイバーセキュリティカンファレンス第7回VEC制御システムサイバーセキュリティカンファレンス
第7回VEC制御システムサイバーセキュリティカンファレンスchomchana trevai
 
Introduction to Functional Safety and SIL Certification
Introduction to Functional Safety and SIL CertificationIntroduction to Functional Safety and SIL Certification
Introduction to Functional Safety and SIL CertificationISA Boston Section
 
EuroPriSe and ISDP10003 2015 -
EuroPriSe and ISDP10003 2015 - EuroPriSe and ISDP10003 2015 -
EuroPriSe and ISDP10003 2015 - Marco Moreschini
 
EuroPriSe and ISDP 10003 2015
EuroPriSe and ISDP 10003 2015EuroPriSe and ISDP 10003 2015
EuroPriSe and ISDP 10003 2015Marco Moreschini
 
I N F O R M A T I O N & C Y B E R S E C U R I T Y A U D I T S
I N F O R M A T I O N & C Y B E R S E C U R I T Y A U D I T S I N F O R M A T I O N & C Y B E R S E C U R I T Y A U D I T S
I N F O R M A T I O N & C Y B E R S E C U R I T Y A U D I T S proaxissolutions
 
CE Presentation
CE Presentation CE Presentation
CE Presentation Intertek CE
 
Experiences evaluating cloud services and products
Experiences evaluating cloud services and productsExperiences evaluating cloud services and products
Experiences evaluating cloud services and productsJavier Tallón
 
Security operations services
Security operations servicesSecurity operations services
Security operations servicesS&T GROUP
 
Spanish catalogue of qualified products - a new way of using CC for procurement
Spanish catalogue of qualified products - a new way of using CC for procurementSpanish catalogue of qualified products - a new way of using CC for procurement
Spanish catalogue of qualified products - a new way of using CC for procurementJavier Tallón
 

Similar to 德國TSI公司簡報-2 (20)

Huwei Cyber Security Presentation
Huwei Cyber Security PresentationHuwei Cyber Security Presentation
Huwei Cyber Security Presentation
 
Common Criteria service overview for Developers - jtsec a CC consultancy company
Common Criteria service overview for Developers - jtsec a CC consultancy companyCommon Criteria service overview for Developers - jtsec a CC consultancy company
Common Criteria service overview for Developers - jtsec a CC consultancy company
 
德國TSI公司簡報-1
德國TSI公司簡報-1德國TSI公司簡報-1
德國TSI公司簡報-1
 
TAICS - Cybersecurity Certification for European Market.pptx
TAICS - Cybersecurity Certification for European Market.pptxTAICS - Cybersecurity Certification for European Market.pptx
TAICS - Cybersecurity Certification for European Market.pptx
 
Eurosmart etsi-e-io t-scs-presentation
Eurosmart etsi-e-io t-scs-presentationEurosmart etsi-e-io t-scs-presentation
Eurosmart etsi-e-io t-scs-presentation
 
Towards a certification scheme for IoT security evaluation
Towards a certification scheme for IoT security evaluationTowards a certification scheme for IoT security evaluation
Towards a certification scheme for IoT security evaluation
 
MongoDB IoT City Tour EINDHOVEN: IoT in Healthcare: by, Microsoft & Barco
MongoDB IoT City Tour EINDHOVEN: IoT in Healthcare: by, Microsoft & BarcoMongoDB IoT City Tour EINDHOVEN: IoT in Healthcare: by, Microsoft & Barco
MongoDB IoT City Tour EINDHOVEN: IoT in Healthcare: by, Microsoft & Barco
 
Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013Cyber Tekes Safety and Security programme 2013
Cyber Tekes Safety and Security programme 2013
 
第7回VEC制御システムサイバーセキュリティカンファレンス
第7回VEC制御システムサイバーセキュリティカンファレンス第7回VEC制御システムサイバーセキュリティカンファレンス
第7回VEC制御システムサイバーセキュリティカンファレンス
 
Introduction to Functional Safety and SIL Certification
Introduction to Functional Safety and SIL CertificationIntroduction to Functional Safety and SIL Certification
Introduction to Functional Safety and SIL Certification
 
EuroPriSe and ISDP10003 2015 -
EuroPriSe and ISDP10003 2015 - EuroPriSe and ISDP10003 2015 -
EuroPriSe and ISDP10003 2015 -
 
EuroPriSe and ISDP 10003 2015
EuroPriSe and ISDP 10003 2015EuroPriSe and ISDP 10003 2015
EuroPriSe and ISDP 10003 2015
 
I N F O R M A T I O N & C Y B E R S E C U R I T Y A U D I T S
I N F O R M A T I O N & C Y B E R S E C U R I T Y A U D I T S I N F O R M A T I O N & C Y B E R S E C U R I T Y A U D I T S
I N F O R M A T I O N & C Y B E R S E C U R I T Y A U D I T S
 
Compliance Awareness
Compliance AwarenessCompliance Awareness
Compliance Awareness
 
CE Presentation
CE Presentation CE Presentation
CE Presentation
 
CERT Certification
CERT CertificationCERT Certification
CERT Certification
 
Experiences evaluating cloud services and products
Experiences evaluating cloud services and productsExperiences evaluating cloud services and products
Experiences evaluating cloud services and products
 
ESS Software and Firmware
ESS Software and FirmwareESS Software and Firmware
ESS Software and Firmware
 
Security operations services
Security operations servicesSecurity operations services
Security operations services
 
Spanish catalogue of qualified products - a new way of using CC for procurement
Spanish catalogue of qualified products - a new way of using CC for procurementSpanish catalogue of qualified products - a new way of using CC for procurement
Spanish catalogue of qualified products - a new way of using CC for procurement
 

More from 俠客科技

愛酌客事業iDrink
愛酌客事業iDrink愛酌客事業iDrink
愛酌客事業iDrink俠客科技
 
Swipy 處處收款
Swipy 處處收款Swipy 處處收款
Swipy 處處收款俠客科技
 
資策會華文電子商務
資策會華文電子商務資策會華文電子商務
資策會華文電子商務俠客科技
 
宏鑫生技簡報
宏鑫生技簡報宏鑫生技簡報
宏鑫生技簡報俠客科技
 

More from 俠客科技 (17)

合作廠商
合作廠商合作廠商
合作廠商
 
愛酌客事業iDrink
愛酌客事業iDrink愛酌客事業iDrink
愛酌客事業iDrink
 
Swipy 處處收款
Swipy 處處收款Swipy 處處收款
Swipy 處處收款
 
資策會華文電子商務
資策會華文電子商務資策會華文電子商務
資策會華文電子商務
 
宏鑫生技簡報
宏鑫生技簡報宏鑫生技簡報
宏鑫生技簡報
 
About Suntech
About SuntechAbout Suntech
About Suntech
 
Kado
KadoKado
Kado
 
Format 1
Format 1Format 1
Format 1
 
Ppt Product
Ppt ProductPpt Product
Ppt Product
 
Ppt Institute
Ppt InstitutePpt Institute
Ppt Institute
 
Apl Paint2
Apl Paint2Apl Paint2
Apl Paint2
 
Stonehawkshaw
StonehawkshawStonehawkshaw
Stonehawkshaw
 
Sleepless
SleeplessSleepless
Sleepless
 
Apl Paint
Apl PaintApl Paint
Apl Paint
 
Tl Dog
Tl DogTl Dog
Tl Dog
 
Pdf Goalq
Pdf GoalqPdf Goalq
Pdf Goalq
 
Present
PresentPresent
Present
 

德國TSI公司簡報-2

  • 1. Trusted site infrastructure Sources, TSI criteria are derived from TSI criteria catalogue
  • 2.
  • 3. Trusted site infrastructure Comprehensive security for all physical aspects of data centers
  • 4. Trusted site infrastructure Document review Implementation Test Criteria Catalogue Security concept and plans Plans infrastructures Documents Test certificates
  • 5. Trusted site infrastructure 16 20 0 2 12 Report & Confir-mation Implem-entation test Document review With feedback Work Shop Normally 2-3 experts on site On-site orientation Viewing of documents Feasibility About 5-10 days possibility with project meeting Possibly 2 days follow-up audit Estimated work in project days Trusted site project
  • 6. Trusted site infrastructure Evaluation results Level 1 medium protection requirements (according to the BSI infrastructure requirements of the baseline protection manual) Level 2 extended protection requirements (extended requirements to all above mentioned aspects) Level 3 high protection requirements (complete redundancy of essential components, no single point of failures, climate limits according to EN 1047-2) Level 4 very high protection requirements (advanced access control, no adjacent hazard potentials, with minimal intervention time)
  • 7. Creating Trust TÜVit Our Principles Basel ll Market positioning Conditions Persuasion Liability questions Suppliers Insurance Customers and markets Bank Board Courts of law Processing industry IT-operator
  • 8. Trusted site infrastructure Assurance phases 0 Self Made 1 Professional planner 2 Security concept 3 Third party inspection Increase in trust
  • 9. TÜVit Our Principles Certification ... is a measure implemented by a neutral third party indicating that reasonable trust exists that a properly marked product / organization / site .... complies with a certain standard or another type of normative document.
  • 10. Trusted site infrastructure Publication of the certificate Zoom out
  • 11.  
  • 12. Conclusion Practical approach for specific areas Big necessity to protect the critical infrastructure BUT No national or international criteria No national or international scheme No common framework Over 10 years experience within TÜViT Certification list at http://www.tuvit.de/english/46254.asp
  • 13. TÜVit Our Background TUViT combines a nearly 20 years’ experience in IT and Telecommunication with technology and process-specific skills. TUViT provides a full range of services accompanying all project phases - from planning and design to specification and implementation and final operation.
  • 14. TÜVit Our Background Permanent quality control and external audits assure the high quality and reliability of our services. TUViT is accredited and recognised by relevant national and international organisations and authorities in the field of quality and security.
  • 15. National Accreditations Federal Office for Information Security Federal Network Agency German Accreditation Body Technology Central Credit Board of the German Banks Independent Centre for Privacy Protection Schleswig-Holstein
  • 16. International Accreditations National Institute of Standards and Technology, USA Information-technology Promotion Agency (IPA), Japan National Institute of Technology and Evaluation (NITE), Japan Europay, MasterCard and Visa International (EMVCo)
  • 17. TÜViT Our Experience (Special Branches) Certification Services (CA, RA, PKI) Semiconductors IT Security (Developer, Manufacturer) Health Care Energy and Multi Utilities TSI for RWE data centre Government and Public Administration German Parliament Development of IT security concept Banking and Insurance TSI for data centre of German bank (design and installed by IBM) Telecommunication
  • 18. ● improving your quality and security ● increasing your efficiency ● lowering your risks and cost ● adding a significant value to your assets TÜViT Yo ur Benefits
  • 19. TÜV Informationstechnik GmbH Member of TÜV NORD Group Tiger TENG Business development director Asia Pacific area Langemarckstr. 20 45141 Essen, Germany Mobile: +886-9188-15408 (Taiwan) +86-15821934086 (China) Phone: +49 201 8999 – 403 Fax: +49 201 8999 – 888 E-Mail: [email_address] URL: www.tuvit.net
  • 20. Thank you for your attention! Question?