Aruba Group Certifications

We offer certified services in terms of quality, energy, security and product. See also our accreditations

ISO 9001:2015 Certification

Design, management, developing and provisioning of:

  • Data Center services (Dedicated Servers, Virtual Servers, Colocation, Hosting)
  • Cloud oriented solutions in IaaS, SaaS and PaaS mode
  • Certified (PEC) and conventional electronic mail
  • Digital signature and qualified signature, graphometric signature and other technological solutions of advanced electronic signature, remote signature, Certification Authority services
  • Public Key (PKI) or information security related infrastructure
  • Document Dematerialization
  • Backup and Disaster Recovery
  • ICT consultancy services
and related specialist assistance event through call center.
 

Product and customization of Smart Cards. Information security hardware and software sales, installation and assistance.
Identity Provider for issuing and managing of digital identity and related authentication credential to access the "SPID" services.

ISO 27001:2013 Certification

Design, management, developing and provisioning of:

  • Data Center services (Dedicated Servers, Virtual Servers, Colocation, Hosting)
  • Cloud oriented solutions in IaaS, SaaS and PaaS mode
  • Certified (PEC) and conventional electronic mail
  • Digital signature and qualified signature, graphometric signature and other technological solutions of advanced electronic signature, remote signature, Certification Authority services and linked services of smart card customization
  • Document Dematerialization "Conservazione Digitale Sostitutiva"
  • Backup and Disaster Recovery
and relevant technical support. Server management and maintenance of workstations, computer networks and relevant logical security systems and devices.

Identity Provider for issuing and managing of digital identity and related authentication credential to access the "SPID" services.

ISO 14001:2015 Certification

Design, management, developing and provisioning of:

  • Data Center services (Dedicated Servers, Virtual Servers, Colocation, Hosting)
  • Cloud oriented solutions in IaaS, SaaS and PaaS mode
  • Certified (PEC) and conventional electronic mail
  • Digital signature and qualified signature, graphometric signature and other technological solutions of advanced electronic signature, remote signature, Certification Authority services and linked services of smart card customization
  • Document Dematerialization "Conservazione Digitale Sostitutiva"
  • Backup and Disaster Recovery
and relevant technical support. Server management and maintenance of workstations, computer networks and relevant logical security systems and devices.

Identity Provider for issuing and managing of digital identity and related authentication credential to access the "SPID" services.

With reference to ISO 9001:2015, ISO 14001:2015, ISO 27001:2013 and ISO 50001:2011*

Extract from the Quality, Environment, Energy and Information Security Policy

Continuing to assess risks and opportunities thoroughly is a key part of Aruba's corporate culture. Every day, we take on responsibility for protecting and making the most of all our resources:

  • our customers and the trust that they place in us;
  • our information assets, with data centers certified at the highest levels;
  • our professionals, who boast technical and cross-disciplinary knowledge;
  • our environmental and energy resources, assets that belong to all the countries in which we work.

We are committed to developing an Information Security culture as one of our shared values to inspire our day-to-day activities. We do this in accordance with measures designed to guarantee the confidentiality, integrity and availability of the information we store and transmit, depending on how critical and sensitive they are, and on their value.

This means that day after day, we can increase the trust of customers, suppliers and the community in general, along with our ability to manage processes in a controlled way.

We are dedicated to fulfilling our obligations in terms of compliance, by optimizing and mitigating the use of non-renewable environmental resources, and by favouring renewable energy sources and solutions that are more energy efficient.

The purposes of this document are:

  • to make sure that the Management System always complies with international standards in relation to the objectives the company has set for itself;
  • to guarantee the consistency, precision and timeliness of the service offered;
  • to put together external information on a regular basis, in order to make sure the service provided can always be improved;
  • to improve the efficiency, repeatability over time and reliability of the performance of all processes, in particular by using written, therefore certain, procedures;
  • whenever practically possible, to choose the best technological solutions in terms of their energy and environmental impact;
  • to secure and maintain a competitive advantage over competitors in terms of the saleability of the service and market penetration - thanks among other things to excellent value for money - with the resulting increase in corporate profitability;
  • to prevent and correct instances of non-compliance efficiently;
  • to make sure at all times that the client's/market's demands and expectations are met; these must be identified as clearly and quickly as possible, whether in writing, verbally or implicitly;
  • to strive to improve by offering services that meet demand in terms of suitability for use, performance, security, reliability and maintainability;
  • to fulfil the obligations stipulated by the Authorities and/or Government Agencies as well as by the client;
  • to organize the appropriate records, statistics and reports and appropriate analysis methods to assess the efficiency of its own corporate processes in terms of predefined objectives;
  • to promote and share the principle of continuous improvement of services in terms of Quality, the Environment, Energy and Information Security;
  • to involve all staff in the sharing of the company's objectives and values;
  • to measure the success and efficiency of the Management System for Quality, the Environment, Energy and Information Security by carrying out periodic reviews;
  • to guarantee the availability of information and services, which includes having specific business continuity plans;
  • to ensure the confidentiality of information when restricted access is required;
  • to prevent changes to and the loss of information assets;
  • to raise awareness among, and educate, staff, partners and third parties about the company's environment policy, the need for security and data and information protection, as well as about everyone's roles and responsibilities;
  • to establish incident identification and management procedures (incident handling, data breaches) to respond to emergencies or incidents that might arise during activities quickly, efficiently and meticulously;
  • to provide the customer and/or any other person concerned with the information needed to exercise their rights relating to personal data as stipulated by the regulation in force;
  • to implement appropriate technical and organizational measures to make sure that, by default, only personal data needed for each individual purpose for processing is actually processed;
  • to secure a profit for the Aruba Group.
*Certification process underway
ISAE 3402

ISAE 3402:2011 Certification Type II Report

The ISAE 3402 certification is the evaluation of the internal control system of organizations which provide services and is issued through a report made by independent Auditors.

ANSI/TIA 942

ANSI/TIA 942-A-2014 Certification

The ANSI/TIA 942-A-2014 regulation assesses the resilience of a data center, or rather its ability to  guarantee the continuity of the provided services.
The Aruba IT1 and IT3 data centers have been certified to the maximum level (TIER 4*/RATING 4) available according to the regulation. This result, which indicates the ability to avoid service interruptions even in the event of severe failures (fault-tolerance), has been achieved thanks to a series of design and construction features which have affected all the aspects of the data center: choice of site, architectural aspects, physical security, fire extinguishing system, electrical system, mechanical system and data networks.
 

* The term ‘Tier’ was used in the ANSI/TIA-942 Standard until the ANSI/TIA-942:March-2014 edition. In the March 2014 edition the term ‘Tier’ has been replaced by either ‘Rated’ or ‘Rating’.

Guaranteed Renewable Energy Source

Aruba S.p.A. and Duferco Energia S.p.A. have developed a partnership with the aim of looking for energy-saving solutions based on all possible ways of optimizing consumption. Thanks to the Guarantees of Origin (GO), Duferco Energia certifies that all the energy supplied is exclusively produced from Renewable Sources.

Choosing 100% Green Energy demonstrates a concrete commitment to reducing our impact on the environment and contributing to the protection of our planet.

CISPE Service Declared - Services that comply with the CISPE data protection Code of Conduct

Aruba's cloud services, including Private Cloud, Public Cloud, Cloud Backup and Cloud Object Storage, guarantee certified transparency and security for its users. These services comply with the CISPE Code of Conduct – Cloud Infrastructure Services Provider Europe – and can be recognized by a hallmark that offers customers and citizens the freedom to archive and control their information within the European Economic Area. This same hallmark guarantees that the Cloud service provider does not access or use customer data for its own purposes, such as data mining, data profiling or direct marketing.

The cloud services that comply with this Code are listed in the CISPE Public Register