Hilden, [29.04.2026] - Midoco GmbH, the leading provider of mid- and back-office software solutions for the travel industry, has successfully obtained ISO/IEC 27001 certification. With this step, the company underlines its consistent focus on information security and the protection of sensitive customer data.
The ISO/IEC 27001 certification confirms that Midoco operates a systematic information security management system (ISMS). This ensures that risks are identified in a structured manner, evaluated and reduced through suitable technical and organizational measures. The implementation and effectiveness of the measures are regularly reviewed by independent auditors.
"Information security is a central component of our platform and our daily work. With ISO 27001 certification, we are creating additional transparency and giving our customers the assurance that their data is protected to the highest standards," says Steffen Faradi, CEO of the Midoco Group.
At the same time, Midoco has a long-standing and consistent PCI/DSS (Payment Card Industry Data Security Standard) certification. The company has met the requirements of this international security standard for the processing of credit card data for nine years and regularly undergoes independent audits. As a PCI/DSS Level 1 certified company, Midoco guarantees the highest possible level of protection for the storage, processing and transmission of payment data
Among other things, network security, access controls, monitoring, regular vulnerability analyses and penetration tests are checked as part of the PCI/DSS certification. In addition, annual on-site audits and quarterly security scans are carried out to ensure a consistently high level of security.
The combination of ISO 27001 certification and many years of PCI/DSS compliance enables Midoco to cover both comprehensive information security processes and specific requirements in the payment environment. Customers benefit from clearly defined security processes, automated and controlled workflows and end-to-end protected processing of sensitive data.
Midoco's solutions support travel companies worldwide in the automation of processes and the integration of various systems. Large volumes of sensitive data are processed in the process - the requirements for security, data protection and compliance are correspondingly high. The current certifications underline the company's commitment to meeting these requirements in the long term.