The Spanish National Security Framework (ENS) certifies public and private entities that comply with a series of recommendations and minimum requirements to protect and guarantee data security through electronic means.
AURA, as a technology company committed to cybersecurity and data protection for all its customers, has achieved the ENS certification. A guarantee that certifies compliance with all the requirements and obligations necessary to guarantee high protection of customer information.
This regulatory framework has been developed in collaboration with the Ministry of Finance and Public Administrations and is complemented by the knowledge and experience of the National Intelligence Center. The Spanish official intelligence agency provides the necessary information to prevent and avoid threats and vulnerabilities in terms of emerging risks, and organizes various activities related to ICT security, headed by the National Cryptologic Center (CCN).
The different security measures required by the ENS amount to a total of 75 actions divided into three main areas: organizational framework, operational framework and protection measures.
- Organizational framework: an area that encompasses measures related to the overall organization of security.
- Operational framework: measures that aim to protect system operability.
- Protection measures: These protection measures focus on specific assets.
Any entity striving to achieve the ENS certification must fulfill all these measures and objectives.
In addition, this certification ensures that AURA strictly adheres to all the requirements included in the National Security Framework, such as:
· Preparation and approval of the security policy.
· Categorization of the systems based on the assessment of the information handled and the services offered.
· Completion of risk analysis.
· Preparation and approval of the Statement of Applicability.
· Preparation of an action plan to improve safety based on any highlighted shortcomings.
· Implementation and monitoring of security measures.
· Security audits to verify the level of compliance with the requirements established by the ENS.
· Achievement and publication of compliance with the ENS framework.
· Security status information.
Thus, we reiterate our commitment to safety by obtaining the ENS certificate. This achievement certifies our commitment to the implementation of procedural and technical measures, that allow us to create a fully reliable and secure environment for all our customers to enjoy.