DOCSLIB.ORG

Information Security White Paper Commercetools Platform This White Paper Applies to the Commercetools Platform Running in Europe, the US and APAC

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Information Security White Paper Commercetools Platform This White Paper Applies to the Commercetools Platform Running in Europe, the US and APAC Information Security White Paper commercetools platform This white paper applies to the commercetools platform running in Europe, the US and APAC www.commercetools.com Table of Contents Introduction 3 What is commercetools? 4 Security Culture 4 Information Security Management Information Security Controls Human Resource Security Physical Security 5 Data Center Offices commercetools Platform 6 System Overview API Security Payment API Product Security Data in Transit Data at Rest Data Access Restrictions Separation of Production and Non-Production Environments Operational Security 8 Network Security Vulnerability Management Patch Management Malware Prevention Monitoring Incident Management Security in Development Process 10 Performance Management 10 Data Backup and Business Continuity Management 10 Supplier Relationships 11 Compliance 11 Data Processing Agreements International Data Transfer Data Protection Officer Information Security Certifications Conclusion 12 About commercetools commercetools is the world’s leading platform for next-generation B2C and B2B commerce. To break the market out of being restrained by legacy suites, commercetools invented a headless, API-first, multi-tenant SaaS commerce platform that is cloud-native and uses flexible microservices. Using modern development building blocks in a true cloud platform provided by commercetools, customers can deliver the best commerce experiences across every touchpoint on a large scale. commercetools has offices across the US, Europe, and Asia Pacific, with headquarters in Germany. Since its founding in 2006, commercetools software has been implemented by Fortune 500 companies across industries, from retail to manufacturing and from telecommunications to fashion. www.commercetools.com Munich - Berlin - Jena - Amsterdam - London - Durham NC - Singapore - Melbourne Information Security White Paper commercetools platform 13.
Load more

Recommended publications
  • Commercetools Platform This White Paper Applies to the Commercetools Platform Running in Europe, the US and APAC
    Information Security White Paper commercetools platform This white paper applies to the commercetools platform running in Europe, the US and APAC www.commercetools.com Table of Contents Introduction 3 What is commercetools? 4 Security Culture 4 Information Security Management Information Security Controls Human Resource Security Physical Security 5 Data Center Offices commercetools Platform 6 System Overview API Security Payment API Product Security Data in Transit Data at Rest Data Access Restrictions Separation of Production and Non-Production Environments Operational Security 8 Network Security Vulnerability Management Patch Management Malware Prevention Monitoring Incident Management Security in Development Process 10 Performance Management 10 Data Backup and Business Continuity Management 10 Supplier Relationships 11 Compliance 11 Data Processing Agreements International Data Transfer Data Protection Officer Information Security Certifications Conclusion 12 Introduction From the world’s largest public companies to early-stage startups, people rely on the commercetools ecommerce platform to run their business. Using the platform, companies can provide customers with detailed product data and create and update carts. Order data and customer data are then managed together in the platform. Thus, it’s mission critical for all our merchants that the commercetools platform - especially its API - is running nonstop. But, providing a reliable solution is only the first step. commercetools must also follow the latest information security best practices and comply with privacy regulations. This allows all companies to securely run their business on commercetools. We believe that transparency in security processes and controls is indispensable. For our customers it is important to know who can access their data when, and what measures are taken to prevent unauthorized access.
    [Show full text]
  • The Rise of Late-Stage Funding for European Technology Scale-Ups
    Blooming Late: The rise of late-stage funding for European technology scale-ups NOVEMBER 2019 Introduction Europe’s technology industry continues to grow up. Across the EU, Israel, Russia and Turkey, startup ecosystems are flourishing, expanding and - in a few places - maturing into veritable world-class hotbeds for innovation. Evidently, challenges remain and Europe will have to overcome many of them to even have a chance of staying competitive in an ever-evolving world - and with haste to boot. To continue scaling up and accelerate the maturation process of its key tech hubs, Europe has to play to its strengths and eliminate some of its inherent weaknesses to mitigate the risk of getting left behind. Two of these weaknesses have historically been the lack of major exits and late-stage financing rounds (€100 million and more) for Europe’s fastest-growing tech businesses as catalysts for growth. As we’ve detailed in previous reports on the influx of capital for Europe’s finest tech startups, there has been a tremendous increase in investment volume for early-stage and growth-stage companies in recent years, with no signs of a slowdown so far. Numbers only tell part of a story, but the rise in seed and growth capital (Series A-B-C) flowing to European tech businesses across the region paints a picture of a healthy collection of ecosystems with potential for further growth. But when it comes to really big rounds of financing, Europe hasn’t really seen many of those to date, certainly not in comparison to the US and, increasingly, China.
    [Show full text]
  • Salling Group
    Case Study Salling Group The company With more than 1,600 shops, Salling Group is the biggest retailer in Denmark. They’re stores include household Salling Group chain brands such as fotex, Bilka, Netto, Salling and Wupti, as well as Starbucks and Carl’s Jr. franchises in Denmark, and more than 1,400 stores and web shops in Founded: 1906 Poland and Germany. Headquarters: Brabrand, Denmark The challenge Salling Group began to realize they needed to Industry: Retail strengthen their omnichannel experience, which Revenue: 9 billon USD required technology that would serve their customers across all digital channels. Furthermore, it was clear that Employees: 50,000 their existing SAP Hybris setup was not scalable in terms of cost efficiency and recruiting talent. Partner: In-house The solution Salling Group implemented a new tech stack with commercetools’ headless commerce architecture at its core, and based on modern UX designs with a mobile- first mindset. Headless CMS (Magnolia), microservices, APIs and Jamstack to replace the monolithic platform. The result The solution brought time-to-market for their new web shops down to a two-month lead time and lowered eCommerce costs by 75%. It also enabled each brand to customize their online shop and content, while still working under the same technology. Additionally, release cycles increased from once every other week to multiple times per day. Salling Group refreshes its eCommerce Breaking free from the monolith In 2013, when Salling Group made the decision to re-platform their digital stores, they went with the obvious choice at the time: SAP Hybris. But seven years is a long time in an industry that seemingly has daily breakthroughs, and what appears shiny and new at the beginning can become cumbersome and outdated in no time at all.
    [Show full text]
  • How Digital Transformation Is Reshaping the Global Fashion Industry
    Trending this season: How Digital Transformation Is Reshaping the Global Fashion Industry www.commercetools.com Executive Summary When it comes to online revenue share, the global fashion business takes the pole position. The growth of mobile commerce, as well as social media, translate both into new revenue streams but also into challenges which have to be met. This white paper talks about how well-known brands and retailers tackle things like brand experience, assortment, and scalability and how they leverage cloud infrastructure and in-house technical know-how to adapt to these changing conditions. Introduction According to McKinsey’s 2018 State of Fashion report1, “The total sales of the traditional fashion sector have grown by more than 20 percent over the last three years”. Every year, the fashion industry, ranging from retailers to luxury brands, drives a significant profit to the global economy. It is one of the biggest, yet most challenging industries impacted by hundreds of factors, including economic uncertainties as well as digital transformation. Digital transformation in the fashion industry brings a lot to the table, but if ignored, it can unravel everything else. In response to this digital wave, many fashion brands are now under pressure to innovate while at the same time being cost-conscious. Brands have started to improve their speed to market and to innovate and automate their core product design, manufacturing, and overall supply chain process. The need to embrace digital transformation is a need of time for them. Why? Because consumers’ expectations are now at the highest level. They are no longer content with the simple purchase transaction; they want to have an experience attached to it, and the credit goes to digital technologies they are exposed to.
    [Show full text]
  • Connected Cars: Disruption in Mobility
    Connected Cars: Disruption in Mobility commercetools.com The eCommerce Solution for Innovators and Visionaries commercetools is a next-generation software technology company providing the building blocks for the new digital commerce age. The cloud-native platform enables brands and retailers to build innovative shopping experiences across all touchpoints like web, mobile, voice, and in-car. www.commercetools.com Introduction When the automobile was invented at the end of the 19th century, it was basically meant to serve as a substitute for horses and carriages. With the help of a combustion engine, an array of knobs, switches, and a steering wheel, drivers could drive their vehicle around, carrying other passengers and goods. Now, imagine if a time machine could bring Karl Benz, Gottlieb Daimler, and Henry Ford to our time, what would they see? Electric cars are becoming more popular, instead of complex combustion engines, those cars only need simple electric motors. Cars are connected to the internet, which allows them to get automated updates and have drivers and passengers enjoy all The eCommerce kinds of entertainment. Oh, and no more knobs needed: people just use their voice to play a new song, look for the next service station, pre-order a cup of cofee or make dinner reservations. And in a not-so-soon future, Solution for vehicles drive autonomously, so no human drivers are needed. For sure, things have changed a lot. These days, the web is ubiquitous, connecting people and things with each other. Why should cars be an exception? Electronic mobility and autonomous driving are changing the way Innovators and in which car manufacturers deliver value to their customers.
    [Show full text]
  • Unternehmenssteckbrief
    Unternehmenssteckbrief Firmierung commercetools GmbH Branche E-Commerce, Onlinehandel,​ ​Plattform-Betreiber, Cloud-Anbieter Gegründet 2006 Geschäftsführung Dirk Hoerig, CEO und Mitgründer Denis Werner, Mitgründer und Geschäftsführer Arthur Lawida, President, commercetools Inc. Kelly Goetsch, Chief Product Officer Hajo Eichler, Chief Technology Officer Mitarbeiter > 200 weltweit Standorte Europa München (Headquarter), Berlin, Jena (Deutschland) Amsterdam (Niederlande), London (Vereinigtes Königreich) USA Durham (North Carolina) Asien-Pazifik-Raum Singapur Australien Melbourne Tätigkeit commercetools ist ein weltweit führendes Software-Unternehmen und steht für die gleichnamige Plattform für den B2C- und B2B-Handel der nächsten Generation. Die cloudbasierte headless E-Commerce-Software stützt sich auf einen API-First-Ansatz und flexible Microservices. commercetools bietet seinen Kunden flexible Entwicklungs- bausteine und eine echte Cloud-Plattform. Damit können Unternehmen innovative Geschäftsmodelle realisieren und ihren Kunden über alle Touchpoints hinweg umfassende und inspirierende Einkaufserlebnisse bieten. Internationale Marken und Fortune-500-Unternehmen aus den verschiedensten Branchen – von Automotive über Telekommunikation und Retail bis hin zu Fashion – nutzen die Multi-Tenant-SaaS-Lösung der commercetools GmbH. Lösung commercetools hat einen reinen headless, cloud-native Ansatz für den digitalen Handel entwickelt, bei dem die Backend-Funktionalität von dem Frontend, der Schnittstelle zum Konsumenten, getrennt ist. Darüber
    [Show full text]
  • Magic Quadrant for Digital Commerce
    16/09/2019 Gartner Reprint Licensed for Distribution Magic Quadrant for Digital Commerce Published 22 August 2019 - ID G00398174 - 50 min read By Analysts Penny Gillespie, Christina Klock, Mike Lowndes, Sandy Shen, Jason Daigler, Yanna Dharmasthira Digital commerce platform complexity continues to increase due to constant changes in product offerings and functionality, technology delivery, and pricing models. We evaluate the viability of 13 vendors to assist application leaders supporting digital commerce in making an objective evaluation. Strategic Planning Assumptions By 2023, 15% of medium- to high-GMV digital commerce organizations will have deployed their own marketplaces, thereby creating a digital ecosystem on their path to digital business. By 2023, 5% of digital consumer purchases will initiate from a voice-enabled commerce interface, including voice activation devices (e.g., Amazon Alexa, OK Google), and half of those will be authenticated entirely with biometrics. By 2023, 80% of organizations using AI for digital commerce will achieve at least 25% improvement in customer satisfaction, revenue or cost reduction. By 2023, three vendors will dominate digital commerce by filling a market gap with aPaaS innovations, an extensive ecosystem and rapid feature releases. By 2023, 75% of organizations selling direct to consumers will offer subscription services, but only 20% will succeed in increasing customer retention. Market Definition/Description Gartner’s view of the digital commerce market is focused on transformational technologies and approaches delivering on the future needs of sellers and their customers. Gartner defines a digital commerce platform as the core technology enabling customers to purchase goods and services through an interactive and self-service experience.
    [Show full text]
  • Andreas Gutheil Is a Senior Solution Architect with Foryouandyourcustomers Who Conceives and Develops Leading E-Commerce Systems and Solutions
    Andreas Gutheil is a Senior Solution Architect with foryouandyourcustomers who conceives and develops leading e-commerce systems and solutions. What Andreas Gutheil can provide Andreas Gutheil´s work is based on 20 years of expertise in architecture and development of e-commerce technology. Thus, he provides far-sighted e-commerce solutions covering all processes of frontends, integrated web shop technology and ‘On-demand and problem- cloud services finely shaped according to business requirements. solving Cloud-Services are success factors for prosper- Andreas will lead the teams creating these solutions and build co-working teams at ous e-commerce.’ his customers` organisations. He is convinced of Scrum and agile project Andreas Gutheil methodology for all work of development, architecture and system integration: His teams and his customers benefit from this expertise to constantly re-think and put in place new e-commerce technology. More about Andreas Gutheil (agu) at http://agu.foryouandyourcustomers.com Where his expertise comes from The graduate computer scientist took in knowledge from projects and organizations covering different business areas such as finance, life sciences, automotive, robotics, optical industry and retail. To join technology and organizations has always been his mission. Andreas Gutheil has monitored the overall success of his projects right from the start: He is ‘To launch e-commerce tec- responsible for conceiving project work for developer teams, to establish guidelines chnology successfully is for architecture and development and to launch them successfully. mostly depending on the His technical focus are e-commerce platforms SAP Hybris and Commercetools teams at work: Quality is re- quired with the consulting employing Java, Spring and AWS.
    [Show full text]
  • Modern Commerce Playbook for Business the Business Leader‘S Guide to a Headless Commerce Strategy
    Modern Commerce Playbook for Business The business leader‘s guide to a headless commerce strategy www.commercetools.com Table of Contents Modern Commerce Playbook for Business 3 Five Business Benefits of Headless Commerce 4 Headless Front-ends 6 How to Choose and What to Look For Digital Experience Platform Front-End as a Service (FaaS) Custom Front-End The Commerce Functionality 9 Say No to Replatforming 10 Migrating to a Modern Commerce Architecture Five Steps to Migrate to a Headless Commerce Platform Day-to-Day Impact for Commerce System Stakeholders Implementation Considerations 12 Conclusion 13 Modern Commerce Playbook for Business | 2 Modern Commerce Playbook for Business Traditional ecommerce software platforms (think Oracle, Adobe Magento, IBM WebSphere and Demandware/ Salesforce) were built in the 1990s as an all-in-one solution for buyers and sellers using desktop computers for eCommerce. They were appropriate for their time and were designed as a single, integrated application, often referred to as a monolith. These monolithic commerce platforms are inherently rigid and were created with a fixed set of rules, from user experience to supported channels. Fast forward to today with mobile devices, internet-based devices, industrial machinery, and even automobiles being viewed as revenue streams and it’s clear that the rules have This approach, first developed by changed dramatically. Rigid platforms commercetools, has been embraced by negatively impact responsiveness to major global enterprises and growing market shifts and consumer buying digital-native brands alike. No matter needs. By contrast, a Modern Commerce what you are selling, having the ability Architecture™ is a more flexible to control and quickly change the buyer approach.
    [Show full text]
  • Best of Commercetools 2018
    Best of 2018 commercetools Welcome Dear commercetoolers, partners, customers, and friends, 2018 is almost over, the holidays and the new year are already within reach. As is every year at a young (yes, I count 12 years still as the early days of a business), growing company in a fast moving market, this one was full of highlights, great achievements, changes and also learnings, throwbacks, and adjustments. Overall it was a very successful year: Our product revenue growth rate was quite high and we signed major customer deals in Europe, the US and Latin America. Our cloud- native platform is still one-of-a-kind compared to our competition and we grew and improved our product teams to enable us to continue to lead the market and 2 prepare us for whatever comes next. We trained more partners and their developers than ever before, providing onboarding of our technologies and tools almost every week of the year. The industry analyst frms took notice too, with commercetools being positioned well in evaluations conducted by the “big 3” – Forrester, Gartner and IDC. To our partners, customers and commercetoolers – thank you for being a major part of our growth and success. We look forward to a long and fruitful relationship. Now please enjoy this recap of the year. And I can promise that 2019 will be just as exciting and challenging as we continue to deliver “Commerce at the Speed of Wow”. Sincerely Yours, Dirk Hoerig 3 2018 Walk-Through Milestones January March June September Adobe Benelux Expansion A Visionary! Contender! We are one of the frst to Amsterdam ofce added Gartner Magic Quadrant for Forrester Wave B2C integrate our microservices Digital Commerce Commerce with Adobe Experience Cloud.
    [Show full text]
  • Visionary Inno Vatio N PG. 6PG
    Retailers: Freedom to In times of disruption, experiment depends on new innovation is a life or PG. 6 approaches to technology PG. 48 death choice for retailers valtech.com Innovation Visionary Articles PG. 06–13 In times of disruption, innovation is a life or death choice for retailers PG. 40–43 PG. 14–19 The role of APIs in the Delivering on the Digital Promise Why companies must experiment with post-web era new digital touchpoints PG. 44–47 PG. 20–21 Interview: commercetools founder Voice commerce - Many devices, Dirk Hörig many experiments on new customer approaches using social media, apps, chatbots and their peers PG. 22–23 Shopping in the car: Soon no longer PG. 48–51 a pipe dream Everywhere commerce: What we can expect beyond the webshop PG. 24–25 The in-store technical revolution PG. 26–29 The Digital Opportunity: New Channels Customers to 03 Win your consumers’ attention with 01micro-moment marketing PG. 30–33 The who, how and why of VR for retail PG. 34–39 Case study: Eurail Case Study 02 CONTENT LETTER FROM THE EDITOR It’s change that is constant The ability to buy goods online – first introduced over twenty years ago – has fundamentally changed how we shop, how we interact with brands and how we make decisions about what we buy. But don’t get too used to how things are today. As you’ll see in were focused on building a better shopping cart. the pages of this edition of the Valtech Mag_, things Indeed, the best e-commerce platforms provide are really getting interesting.
    [Show full text]
  • Management Report / Financial Statements Complete
    REWE-ZENTRALFINANZ EG, COLOGNE, AND REWE - ZENTRAL-AKTIENGESELLSCHAFT, COLOGNE COMBINED MANAGEMENT REPORT FOR THE 2018 FINANCIAL YEAR CONTENTS GROUP STRUCTURE 3 ECONOMIC ENVIRONMENT 6 1. Macroeconomic Development 6 2. Development by Sector 8 PERFORMANCE 11 1. Comparison of the forecast reported in the previous year with actual business development 11 2. Results of Operations 12 3. Financial Position and Net Assets 15 4. Performance Indicators 19 RISK AND OPPORTUNITIES REPORT 25 REPORT ON EXPECTED DEVELOPMENTS 35 1. Future Macro-Economic Development 35 2. Expected Revenue and EBITA Development 36 Group Structure The REWE Group is an international retail and tourism group. It consists of two independent corporate groups with the parents, REWE-ZENTRALFINANZ eG, Cologne (RZF), and REWE - Zentral- Aktiengesellschaft, Cologne (RZAG). The combined financial statements of these two corporate groups as at 31 December 2018 have been combined on a voluntary basis into a single set of financial statements ("Combined Financial Statements"). The information provided below refers to these Combined Financial Statements. The accounting policies used are explained in the notes to the Combined Financial Statements. As at 31 December 2018, the Combined Financial Statements included the parent companies as well as a total of 412 subsidiaries (previous year: 396). The Management Boards of RZAG and RZF held meetings on 25 February 2019. At its meeting, the Management Board of RZAG resolved to transfer all shares with restricted transferability held by the shareholders of RZAG, with the exception of RZF's shareholders and the "KAM" shareholders, on the basis of contribution agreements or share purchase and transfer agreements, and proposed to the Annual General Meeting that it also consent to this.
    [Show full text]