TÜV TRUST IT GmbH, part of the TÜV AUSTRIA Group, confirms compliance with data protection and data security criteria.
Through the customer portal of AWISTA Gesellschaft für Abfallwirtschaft und Stadtreinigung mbH for waste disposal in Düsseldorf, property managers have access to a wide range of self-services that can be used via PCs or mobile devices. To ensure customers can rely on a high level of data protection, AWISTA commissioned TÜV TRUST IT to certify the portal’s security and quality.
With the customer portal of the waste management company AWISTA Gesellschaft für Abfallwirtschaft und Stadtreinigung mbH, part of the Stadtwerke Düsseldorf AG group, property owners, business operators, and property managers can view, print, and archive their fee notices or invoices online. They can also make changes to container configurations and banking details, and submit complaints through the portal. All actions are clearly archived in a customer contact history. Thanks to its modern responsive design, the portal can be accessed via all mobile devices. Customers benefit from 24/7 availability and faster processing compared to traditional mail. Another positive aspect is the environmentally friendly nature of paperless communication.
The portal was developed with high standards for simple and intuitive usability, while placing great emphasis on data security. For this reason, AWISTA commissioned TÜV TRUST IT to conduct an evaluation and certification based on the “Trusted Application” requirements catalog. This includes assessments of information security, data protection, secure software development, and technical security. The evaluation procedures are based on standards and regulations (including ISO 27001, BDSG, ISO 18028, ISO 15504) as well as specific criteria developed by TÜV TRUST IT.
The project was carried out in several phases. In addition to a technical review of the infrastructure, relevant organizational processes for administering the applications and infrastructure were also examined. The technical analyses were conducted through penetration tests of the application and its associated infrastructure. Furthermore, technical risks that could compromise the security of the application and data were identified, and the established countermeasures were evaluated. The organizational analyses were conducted through document reviews and supplementary interviews. The data protection check verified the compliant handling of customer data.
“The security-conscious selection of the architecture and the technologies used in the application is particularly noteworthy,” explains Adil Bouti, Security Analyst at TÜV TRUST IT.
Marcus Wilhelm, project manager at AWISTA, welcomed the results from TÜV TRUST IT: “With our new customer portal, it was important to us that it meets the high security requirements that customers in Düsseldorf rightly expect from us. We see every day just how important secure and well-organized data management really is.”