Skip to main content

​
πŸ”’ Security, Compliance & Certifications

At EDIS Global, security, compliance, and reliability come first. Our VPS infrastructure is built on world-class Equinix and Interxion/Digital Realty facilities certified against ISO 27001, PCI DSS, and SOC 2, and aligned with frameworks like NIST CSF and CIS Controls. Combined with our experienced security team and transparent incident reporting, this ensures a secure, standards-aligned, and trusted platform for businesses worldwide.

​
πŸ›‘οΈ Compliance Standards

  • PCI DSS – We process payment card data securely and in compliance with PCI DSS requirements.
  • GDPR – We strictly follow the General Data Protection Regulation to protect the personal data of individuals in the European Union.

​
🌐 Alignment with Additional Standards & Frameworks

By applying security best practices across our operations, EDIS Global aligns its processes with the control objectives of several international standards and frameworks. While we are not formally certified against these frameworks, our practices ensure a strong baseline of compliance and security:
  • ISO/IEC 27002 – Code of practice for information security controls.
  • ISO/IEC 27018 – Protection of personal data in cloud environments.
  • NIST Cybersecurity Framework (CSF) – Identify, Protect, Detect, Respond, Recover.
  • CIS Critical Security Controls – Prioritized best practices for cyber defense.
  • OWASP Top 10 – Guidance for secure web application development.
  • Cloud Security Alliance (CSA) Cloud Controls Matrix – Cloud industry controls, mapped to multiple standards.
  • ENISA Guidelines (EU) – Recommendations for information and network security.

​
πŸ›  Security Practices

  • Regular security audits & vulnerability assessments – Ensuring weaknesses are identified and resolved quickly.
  • Intrusion Detection Systems (IDS) – Monitoring our infrastructure for signs of malicious activity.
  • Patch Management – EDIS Global applies regular security updates for operating systems and applications to mitigate vulnerabilities.
  • Advanced monitoring & 24/7 support – Continuous monitoring for security events and a responsive support team for security-related issues.

​
πŸ‘©β€πŸ’» Organizational Measures

  1. Employee Training – Staff are regularly trained on data security best practices, such as identifying phishing attempts, using strong passwords, and handling sensitive data properly.
  2. Access Management – We apply the principle of least privilege, granting employees only the access they need to perform their roles.
  3. Incident Response Plan – Our incident response plan is tested regularly to ensure rapid, effective handling of potential security breaches.
  4. Third-Party Risk Management – We evaluate the compliance and security practices of any third-party vendors or partners with access to sensitive data.
  5. Regular Audits – Both internal and external audits are conducted to identify and address potential compliance gaps or vulnerabilities.

​
πŸ”Ž Transparency & Verification

  • Network Authority: EDIS Global operates under AS57169 and maintains its own IP allocations with RIPE NCC and ARIN.
  • Incident Transparency: Service status and past incidents are published at status.edis.global.
  • Abuse & Security Contact: Please report any abuse or security concerns to abuse@edisglobal.com.
  • Audit Timeline: This page and its contents are reviewed every 6 months; Last update: September 21, 2025

​
🏒 Certified Data Centers

EDIS Global VPS infrastructure runs in Tier III+ certified data centers such as Equinix and Interxion (Digital Realty). We publish names and addresses of the data centers we host with on every location page of our website (see the Looking Glass section, e.g. Frankfurt VPS Hosting). Customers may verify certification details directly on the websites of the respective data center providers. Example: Equinix FR5 (Frankfurt, Germany) Address: Kleyerstraße 90, 60326 Frankfurt am Main, Germany Certifications:
  • Climate Neutral Data Centre Pact
  • Cyber Essentials
  • EU Code of Conduct
  • ISO 14001
  • ISO 22301
  • ISO 27001
  • ISO 45001
  • ISO 50001
  • ISO 9001
  • PCI DSS
  • SOC 1 Type II
  • SOC 2 Type II
πŸ”— Equinix Certifications πŸ”— Interxion/Digital Realty Certifications

​
πŸ“‘ Questionnaires & ISO 27001

Instead of filling out external questionnaires, we maintain this public compliance page to ensure clients always have the latest verified information.

​
🌍 Code of Ethics & Conduct

  1. Sustainable Practices – Commitment to responsible, green, and sustainable digital infrastructure.
  2. Compliance – Adherence to GDPR, IT security, and corporate governance requirements.
  3. Conflict of Interest – Always acting in the best interest of our customers.
  4. Human Rights & Fair Labor – Respect for international human rights and fair working conditions.
  5. Environmental Protection – Use of energy-efficient server technologies and eco-friendly hosting.
  6. Health & Safety – Safe work environments and regular security awareness training.
  7. Supply Chain Responsibility – Working only with transparent and responsible partners.
  8. Data Protection – GDPR-compliant processing and advanced encryption.
  9. Technical Compliance – Conformance with product and IT security standards.
  10. Business Continuity – Comprehensive risk management and tested contingency plans.
  11. Code Enforcement – Mandatory adherence for all staff and partners.
  12. Reporting Mechanisms – Secure channels for reporting and investigating violations.
⌘I