Customer: MYS, an Italian Software House that for over 20 years has been digitising business processes and creating software applications that best describe the identity and needs of businesses. A leading company specialising in digital transformation. The company has obtained the prestigious CSA STAR Level 2 certification. Obtaining this certification was particularly important for MYS as the company also processes healthcare data classified as “critical”(QC2) by the Italian Cloud Strategy on behalf of its customers.
MYS, an Italian software company that supports businesses in the digital transition, has been supported by Gruppo SCAI to obtain the CSA STAR Level 2 certification in cloud security. This goal was achieved thanks to a structured and comprehensive path led by a team of SCAI Partners. The ACN (Italy’s National Cybersecurity Agency) has included CSA STAR certification among the security requirements for cloud services for the Italian public administration.
The Cloud Security Alliance (CSA), a global benchmark in cybersecurity, promotes best practices to ensure secure cloud environments, and the CSA STAR programme, based on the Cloud Controls Matrix (CCM) and integrated with the ISO/IEC 27001 standard, sets the benchmark for information security in the cloud. MYS has achieved CSA STAR Level 2 and ISO 27001 certification, demonstrating a solid commitment to data confidentiality, integrity and availability.
The journey towards CSA STAR Level 2 certification consisted of two main stages:
- In-depth assessment: SCAI Partners consultants conducted detailed interviews with MYS stakeholders, analysing IT security, network and cloud services procedures. Based on the information gathered, the CAIQ questionnaire, a tool to assess compliance with CSA STAR standards, was completed.
- Independent audit: After completing the self-assessment and implementing the action plan to address any gaps, MYS underwent an audit conducted by an Accredia-accredited Certification Body.
This certification has increased customer confidence in MYS, enhanced the company’s reputation and opened up new business opportunities, responding to the growing demand for certified security measures. It also enabled MYS to publish its software on the ACN portal, further consolidating its position in information security and data management.
2023, Gruppo SCAI was recognised as a Trusted Cloud Consultant by the Cloud Security Alliance, which was also confirmed for the current year. Trusted Cloud Consultants are experts authorised in assessing and improving cloud security, offering support to organisations wishing to enhance their cybersecurity infrastructure in the cloud.
expertise
Cybersecurity
