Cyber Security and GDPR for Edelweiss Air AG

Edelweiss is a leading Swiss holiday airline servicing more than 72 destinations in 32 countries.


«Together with AdNovum we have analyzed our data landscape.»

Stefan Graf, Head of IT, Edelweiss Air AG

edelweiss_gdpr_graphic_highres_en
Zoom

The project

Edelweiss Air AG planned to implement an information security management system (ISMS): a set of procedures and rules that serves to permanently define, regulate, control, maintain and continuously improve information security. AdNovum planned and supported the implementation of an ISMS in accordance with ISO / IEC 27002: 2013 and assumed the role of «Security Officer as a Service» (SOaaS).

 

In addition, Edelweiss Air AG planned to implement technical and organizational measures to meet the new legal requirements (GDPR) to which the airline is subject due to its international activities. AdNovum assumed the role of «Privacy Officer as a Service» (POaaS).

 

The goal: To introduce an ISMS in order to improve information security and to comply with the requirements of the Lufthansa Group, as well as to implement the new legal requirements (GDPR).

 

The process: AdNovum Security Consulting supported and advised Edelweiss Air AG on the introduction of an ISMS in accordance with ISO / IEC 27002. In addition, it provided support with technical and organizational measures to meet the GDPR requirements.

 

The result: Information security and compliance as specified by the Lufthansa Group are constantly being improved, the GDPR requirements are met.

The benefits

Benefits for Edelweiss Air AG:

  • An ISMS allows to improve both information security and the protection of any type of information (electronic or paper-based).
  • An ISMS raises awareness throughout the company about the dangers and, consequently, the handling of information security.
  • Alignment with the information security standards of the Lufthansa Group
  • The implementation of GDPR requirements makes sure that personal data of customers and employees are adequately protected.
  • Continuous improvement via «Security Officer as a Service» (SOaaS) and «Privacy Officer as a Service» (POaaS)

icon_check_advantages
‹‹Based on the analysis conducted together with AdNovum, we have taken targeted measures to meet the requirements of the GDPR.››
Stefan Graf, Head of IT, Edelweiss Air AG

The customer

Edelweiss is the leading Swiss holiday airline based at Zurich Airport. As a sister company of Swiss International Air Lines and a member of the Lufthansa Group, it operates flights to 72 dream destinations in 32 countries worldwide. Edelweiss invests in innovative solutions that make flying more attractive for its guests and make it easier for its employees to work.

logo edelweiss

Links

  • www.flyedelweiss.com

    • Learn more

  • Privacy & Data Protection

    • Contact us – we are pleased to help!

    Should you have questions or wish to talk to an experienced advisor, contact us – we will be pleased to help.

    Tim Beutler Principal IAM Engineer