Security Practices

SuDo IT-Solutions
Fürther Straße 38, 90429 Nürnberg, Deutschland
E-Mail: contact@sudo-solutions.eu

This page outlines the technical and organisational security measures implemented by SuDo IT-Solutions. It provides transparency and guidance for customers evaluating our services – including hosting, support, automation and consulting.

1. Security Philosophy

Security is a core pillar of our operations. We follow industry best practices and recognised frameworks, including ISO 27001 and national baseline standards, without claiming formal certification.

2. Technical Security Controls

• Hosting in EU data centres with strong security and compliance standards.
• Firewall, network and access controls.
• Encryption in transit and at rest (TLS/HTTPS).
• Regular system and software updates.
• Monitoring and essential logging.

3. Organisational Measures

• Role & permission management based on the principle of least privilege.
• Documented procedures and structured workflows.
• Secure handling of confidential information.
• Change and update management.

4. Data Protection & GDPR

We process personal data in accordance with the GDPR and only with customer approval. A Data Processing Agreement (DPA) is available when we act as a data processor.

5. Automation, Scripting & Development Security

• Version control and secure storage.
• Scripts only executed with customer approval.
• Security-oriented implementation.

6. Incident Response & Emergency Support

Security incidents are handled using a structured and prioritised approach (P1–P3). Guaranteed response times apply only when covered by a retainer or SLA.

7. Physical Security

The data centres used include multi-level access control, CCTV, fire separation and redundancy measures. The infrastructure is designed for high availability.

8. Shared Responsibility Model

• We manage operations, baseline security and maintenance of booked services.
• Customers remain responsible for content, passwords, credentials and their own systems.

9. Reporting Security Concerns

Security-related reports may be submitted confidentially to:
contact@sudo-solutions.eu