The German IT Baseline Protection (IT- Grundschutz) standard was established by the German Federal Office for Information Security (BSI) as a sound and sustainable information security management system (ISMS). IT-Grundschutz covers technical, organizational, infrastructural, and personnel aspects in equal measure. With its broad foundation, IT-Grundschutz offers a systematic approach to information security that is compatible with ISO/IEC 27001. Along with the BSI Standards, IT- Grundschutz provides essential publications to all kinds of institutions that want to set up an ISMS.
To make the successful implementation of IT-Grundschutz transparent to the outside world, companies or public authorities can be certified according to ISO 27001 based on IT-Grundschutz. This certificate confirms that the IT security concept meets the requirements of ISO 27001.
This is a consumer-protection regulation that provides recommendations on methods, processes, procedures, approaches, and measures relating to information security. BSI addresses issues fundamental to information security in public authorities and companies for which appropriate, practical, national, or international approaches have been established.
While BSI is a German federal standard, it is likely to apply to any organization with a client base within Germany (regardless of where they are themselves based), especially those in the public and legal sectors.
Runecast Analyzer automates the process of checking VMware vSphere BSI IT-Grundschutz – in total, 76 checks. Each finding is mapped to the relevant BSI Building Block, including the exact text from the standard (in the German language), as well as a technical description in the English language. As with all of the checks in Runecast Analyzer, these are also mapped to show you all impacted objects.
With Runecast Analyzer, you get year-round, 24/7 visibility into your audit compliance posture. It allows you to get immediate visibility into risks and non-compliances inherent in your environment, allowing you to identify gaps between where you are and a fully compliant state, and also show as soon as any objects move out of compliance.
The solution runs entirely on-premises, with no data leaving your control. All analysis takes place on the Runecast Analyzer appliance. Move to a more proactive way of handling your compliance requirements!