Technical and organizational measures (TOMs)
Of the organization: Nine Internet Solutions AG
Release: 10. August 2023
Organizations that collect, process or use personal data themselves or on behalf of others must take the technical and organizational measures necessary to ensure that the provisions of the data protection laws are implemented. Measures are only required if the effort required to implement them is proportionate to the intended protection purpose.
The above organization meets this requirement through the following measures:
1. Confidentiality
1.1 Physical access control
Measures that are suitable for preventing unauthorized persons from accessing data processing systems with which personal data is processed or saved.
Nine Internet Solutions AG operates its systems in two independent data centers in Zurich (Switzerland):
- NTS: NTS Colocation AG
- NTT: NTT Global Data Centers Switzerland AG
Technical Measures | NTS | NTT |
---|---|---|
Personnel and goods lock with biometric access control | ✔️ | |
Locking system with keys and code lock in our storeroom | ✔️ | |
Bell system with camera | ✔️ | |
Badge system with prior identity verification by security guards | ✔️ | |
Alarm system and secured building shafts | ✔️ | ✔️ |
Video surveillance of the entrances | ✔️ | ✔️ |
Locking system for rack access with our own cylinders and keys | ✔️ | ✔️ |
Organizational Measures | NTS | NTT |
---|---|---|
Log of all entries on the personnel and goods lock | ✔️ | |
Security operations center with security guards | ✔️ | |
Careful selection of security guards | ✔️ | |
Log of all entries after identity verification at the security operations center | ✔️ | |
Key regulation / list of keys | ✔️ | ✔️ |
Employee and guest badges | ✔️ | ✔️ |
Guests without permanent access only when accompanied by authorized persons | ✔️ | ✔️ |
Careful selection of cleaning service employees | ✔️ | ✔️ |
1.2 Logical access control
Measures that are suitable to prohibit virtual access to data processing systems by unauthorized persons.
Technical Measures | Organizational Measures |
---|---|
✔️ Login with biometric authentication ✔️ Login with SSH keys ✔️ Login with username and password ✔️ Anti-Virus-Software clients ✔️ Firewall ✔️ Intrusion Detection System (IDS) |