DIN SPEC 27099: Maximum security for your sensitive company data
In times of increasing digitalization, companies and institutions are required more than ever to reliably protect their sensitive data. Loss or theft of information can not only cause economic damage, but can also permanently shake customer confidence. DIN SPEC 27099 now provides a standardized procedure that guarantees maximum data security.
What is DIN SPEC 27099?
DIN SPEC 27099 defines a standardized security procedure for the highly secure storage of sensitive data. Sensitive information such as passwords, keys, source codes or digital documents are protected against unauthorized access and hacker attacks using a special three-tier network architecture.
Until now, there was no standardized procedure that companies could rely on for highly secure data storage. With DIN SPEC 27099, there is now a globally recognized standard that combines security, efficiency and traceability.
The three-tier network architecture
The core idea of DIN SPEC 27099 is the physical separation of server systems:
| Server | Function | Special feature |
|---|---|---|
| A - Access system | Accepts data requests | Directly connected to other networks |
| B - Verification system | Reviews and approves requests from A | Different platform/operating system and possibly hardware than A and C; mediates between A and C |
| C - Data storage system | Stores highly sensitive data | No direct access from A; storage server or server cluster possible |
Functionality in brief:
Access request is made via server A.
Request is verified and approved by server B.
Only after approval is server C contacted to provide the data.
Server B cuts the connection to C after the data transfer and transmits the data to A.
This means that there is no direct contact between the access system and data storage at any time, which guarantees maximum security.
Practical example: From customer project to standard
Die Idee zur DIN SPEC 27099 entstand während einer Kundeninstallation zur Absicherung gegen Industriespionage. Geschäftsführer Jan Ziebarth berichtet:
„Während der Rückfahrt vom Kunden kam uns die Idee, dieses Verfahren zu standardisieren.“
The standard was developed by Dawico Deutschland GmbH, Andersen Marketing KG and other partners and adopted after just five months in February 2016. The rapid implementation created an effective, practical solution that can be used by companies of all sizes.
Advantages of DIN SPEC 27099
Maximum security: protection of sensitive data against theft and manipulation.
Standardized processes: Companies do not have to develop their own complex security architecture.
Cost-efficient: low hardware costs, easily scalable architecture.
International standard: Globally recognized status quo for data security.
Strengthening the corporate image: demonstrates innovative strength and reliability to customers.
Professional advice and implementation
As a pioneer in the field of modern data security, Graef Consulting played a key role in the development of DIN SPEC 27099. We support you with:
Analysis of your data protection requirements
Planning and implementation of the highly secure network architecture
Certification according to DIN SPEC 27099
Training for your team and continuous safety advice
Rely on the new standard of data security and protect your sensitive company data effectively.
Request a consultation now and secure your data in accordance with DIN SPEC 27099.
