Certificates and Processes

Our customers are right to trust that we will protect their digital processes, including personal data and other information conveyed via Myra’s own infrastructure during the course of business. We are committed to maintaining the highest quality standards and earning extensive certifications.

Myra Security fulfills all BSI performance requirements

Myra fulfills all 37 performance requirements of the German Federal Office for Information Security (BSI) for qualified DDoS protection providers.

Download report

ISO 27001 certificate based on IT-Grundschutz

The certificate (no. BSI-IGZ-0479-2021) confirms that the Information Security Management System (ISMS) of Myra Security ensures the confidentiality, availability, and integrity of all information through suitable technical and organizational measures.

The BSI has defined countermeasures for typical threats to corporate IT systems. With our successful certification, we demonstrate that Myra Security has successfully implemented all extensive protective measures.

Learn more


Our C5 attestation serves to prove that the Myra cloud services meet all information security requirements according to the BSI* Cloud Computing Compliance Criteria Catalogue (BSI C5). The BSI C5 requirements are not limited to technical and process-related aspects. Rather, the cloud service provider as a whole is scrutinized in the course of a C5 audit.

Accordingly, in addition to cybersecurity, compliance, and data protection, topics such as personnel requirements, physical security or procurement and development also become important. For this purpose, BSI C5 combines several of the most established standards worldwide to build up a comprehensive catalogue of measures for information security and transparency.

Myra customers can therefore be certain that all processes and systems enjoy state of the art protection to ensure integrity, confidentiality, and availability.

*Federal Office for Information Security

PCI-DSS (Payment Card Industry Data Security Standard)

PCI-DSS refers to the processing of credit card transactions and is therefore intended to make payment transactions more secure. The set of rules includes requirements such as the use of firewalls, regularly updated antivirus software, the encryption of card holder data, and strict access control.

By obtaining this certificate, we confirm that credit card transactions run securely via the complete Myra Security infrastructure.

IDW PS 951

With the successful testified according to IDW PS 951 Type 2 (international: ISAE 3402) we prove the qualitative implementation of an Service Organization Control (SOC) for our customers. Myra therefore fulfills all regulatory requirements associated with the assurance standard. These include the areas of information security, compliance, business continuity, patch management, alarm & monitoring and physical security.

The audit consists of employee interviews, inspection of documentation and reports, and observation of internal processes. As part of the more extensive Type 2 audit, auditors check both the adequacy and implementation as well as the effectiveness of the Myra SOC over a period of nine months. This provides our clients with the opportunity to also use the IDW PS 951/ISAE 3402 report as part of their annual audit.


The Trusted Cloud

Myra’s DDoS protection service has received a listing in the Trusted Cloud. The government-initiated platform only awards its seal of approval to certified providers and services that provide convincing evidence of their transparency, care, and quality.

The Trusted Cloud label is awarded by Trusted Cloud e. V., which emerged in mid-2015 from the technology program of the same name of the Federal Ministry for Economic Affairs and Energy (BMWi). The association’s platform is intended to provide German companies with practical and user-oriented information. It functions as a decision-making tool that lists trustworthy and tested providers and services.

Myra fully satisfies the requirements for transparency, IT security, data protection, and legal security associated with the Trusted Cloud label. These requirements also sometimes overlap with the provisions of the EU General Data Protection Regulation (GDPR), which provides a strict framework for the secure processing of sensitive data.


We are climate neutral

Myra is committed to preserving our climate in collaboration with ClimatePartner. Our climate protection strategy is based on the greenhouse gas balance: For this purpose, the CO2 drivers within a company are identified, and reduction potentials are subsequently derived. We offset unavoidable emissions by supporting recognized climate protection projects, such as the local commitment of Bergwaldprojekt e.V. Together with the association, we have planted 400 native trees. The objective is to establish a near-natural mixed mountain forest in the Bavarian Alps at an altitude of over 1,000 meters.

We also promote the achievement of the global Sustainable Development Goals (SDGs), such as combating poverty or improving living conditions in emerging and developing countries.

For this commitment, Myra has been recognized as a climate-neutral company by ClimatePartner. Detailed information on ClimatePartner and the projects Myra supports can be found on the organization’s homepage.

A selection

Our Standards

  • EU GDPR and BSI IT Security Act

  • 4.4 out of 5 stars for employee satisfaction at Kununu

  • Security test for all employees

  • Net Promoter Score (NPS) of 95

Protect your company now with Myra Security!

The German technology manufacturer Myra offers a secure, certified Security-as-a-Service platform for protecting digital business processes.

Start now!