Bechtle receives BSI C5 attestation

• Bechtle strengthens cloud security strategy for managed services
• Compliance with the leading standard for secure cloud computing

Neckarsulm, 10 July 2025 - Bechtle has successfully achieved C5:2020 attestation in accordance with the criteria stipulated by Germany's Federal Office for Information Security (BSI). The independent audit confirms that Bechtle fulfils the strict requirements of the C5 Cloud Computing Compliance Criteria Catalogue and, therefore, meets the highest information security standards for operating cloud services. This includes robust measures to defend against cyberattacks and safeguard data integrity. The attestation helps organisations achieve compliance with legal and regulatory requirements and implement effective risk management frameworks. For public-sector clients and security-focused businesses, this certification is a critical factor when selecting a cloud service provider. With the C5:2020 attestation, Bechtle takes another step in strengthening the security and sovereignty of digital infrastructure. The certification must be renewed annually through an independent external audit.

"The C5 attestation reflects our commitment to transparency, security and trust in the cloud. It confirms that our managed cloud services meet the highest standards, which is key in positioning Bechtle as a future-oriented and responsible cloud service provider," says Dirk Müller-Niessner, CTO, Bechtle AG.

Established standard for cloud security
The C5 Catalogue defines comprehensive security requirements for cloud services and is intended for cloud providers, auditors and customers alike. With its standardised audit and reporting procedures, it provides clear visibility into the security measures behind cloud services.

Broad audit scope
Overall, Bechtle fulfils a total of 127 criteria across 17 categories. The BSI's aim is to establish a consistent and transparent security framework for cloud services, giving businesses a solid basis when selecting cloud service providers-particularly when security, reliability and digital sovereignty are critical concerns.

Attestation also covers data centres
The audit also examines the infrastructure and processes at Bechtle's data centres in Frankfurt and Rüsselsheim, where a dual-site strategy ensures maximum security, scalability, and availability. The Rhine-Main region is a major location for data centres in Europe, not least because it is home to the world's largest internet exchange point, DE-CIX. Bechtle continuously invests in the technical capabilities of its data centres to offer comprehensive hosting for customer systems and a wide-ranging cloud service portfolio. In recent years, Bechtle has developed a host of standardised managed cloud services in its Service Factory that include automated and scalable offerings from all major national and international cloud providers.

About Bechtle Managed Services:
With more than 2,000 service experts across the group, Bechtle already manages operations for over 500,000 workplaces, 25,000 virtual servers, 20,000 switches and 60,000 security endpoints-handling more than 1.6 million assets in total. On average, some 5,000 tickets are processed and 500 deployments carried out every day. The C5 attestation complements existing certifications including ISO 27001 and ISAE 3402 Type 2.