Information security at Swiss Post
Our pledge: digital postal secrecy

Rich Content Section

The same principle that has long since applied to physical postal items also plays a key role in digital data processing at Swiss Post, namely ensuring the highest possible level of security and discretion when handling customer data.

Both technological developments and cyber threats are analyzed on an ongoing basis. The detection of vulnerabilities at an early stage allows a response to be made quickly, before a risk to the stored data arises.

Swiss Post operates its own two data centers in Switzerland, which provide a first-class hosting environment for data and which are protected by several layers of security.

The sophisticated IT systems, along with technical, construction and organizational measures and a responsible approach to handling data allow Swiss Post to keep its performance pledge and provide the best possible protection for the data entrusted to it.

Here’s how customers can play their part in security

Contact for reporting incidents and suspected cases

Customer Service

+41 848 888 888

Swiss Post Contact Center
Wankdorfallee 4

3030 Bern

www.melani.admin.ch
www.antiphishing.ch/en/

What Swiss Post contributes to information security

The brochure “Information security at Swiss Post” contains various factsheets about the information security of our main products and services. It is regularly updated and supplemented.

Current phishing wave

Security at PostFinance

Detecting vulnerabilities with Swiss Post’s bug bounty programme

Certifications

ISO 27001

Swiss Post Informatics and certain digital products are certified in accordance with this international standard. It specifies the requirements for establishing, implementing, maintaining and continuously improving an Information Security Management System (ISMS).

ISO 22301

Swiss Post Informatics meets the requirements for creating and operating an effective Business Continuity Management System (BCMS).

TÜV Trusted Site Infrastructure TSI V3.2 Dual Site Level 3

Both of Swiss Post’s data centers are located in Switzerland, in different geographical locations. They provide a first-class hosting environment with several security layers. The certification specifies requirements for the physical infrastructure of a data center (location, building construction, security technology, energy supply and air conditioning technology) and the operator’s organizational processes. It also documents the suitability for secure areas for which a high level of availability is required.

ISAE 3402

PostFinance (as a financial institution) and Swiss Post Solutions Ltd (as a service provider for financial institutions), along with Swiss Post Informatics, are assessed and certified in accordance with the International Standard on Assurance Engagements (ISAE) 3402 for control effectiveness of the internal control system.

PCI DSS

The Payment Card Industry Data Security Standard (PCI DSS) was developed by the PCI Security Standards Council to limit incidents of fraud in relation to credit card payments on the Internet.

Enter game
Explore the topic through a game format and take on the role of an attacker.