MTF close to you
MTF Solutions +


When moving to the cloud, there are sensitive workloads to protect while complying with complex regulatory requirements, frameworks and policies. MTF helps you meet mandated or desired compliance through industry-leading security, third-party audits and certifications, and comprehensive documentation and legal obligations.

Your advantages 

  • Private cloud ecosystem with high compliance
  • Finma and Bafin compliant cloud data centers
  • Transparency through independent testing and evaluation
  • Compliance with EU-GDPR and Swiss data protection law
  • Numerous certifications guarantee our standards
  • All data completely encrypted according to FIPS 140-2 standard

Regular independent controls 

Our products regularly undergo independent reviews by external experts, with regard to security, data protection and compliance guidelines, and have the corresponding certifications, certificates of conformity or confirmations of compliance with global standards.

 ISO 9001 

ISO 9001:2015 "Quality Management Systems" is the central standard of the ISO 9000 ff. series of standards and contains standards for the quality management system towards our customers.

 ISO 27001 

The ISO/IEC 27000 series of standards helps organizations protect information assets. ISO/IEC 27001 sets out the requirements for an information security management system (ISMS). In addition, this standard provides a set of best practices as well as details on security controls for managing information risks.

 ISO 27017 

ISO/IEC 27017:2015 (International Electrotechnical Commission, IEC) provides guidelines for information security controls that apply to the provision and use of cloud services.

 ISO 27018 

ISO/IEC 27017:2015 (International Electrotechnical Commission, IEC) provides guidelines for information security controls that apply to the provision and use of cloud services.


Compliance with the GDPR is a top priority for MTF and our customers. The aim of the GDPR is to strengthen the protection of personal data in Europe. For all of us, this affects the way we do business. MTF takes a strictly customer-centric approach to protection, control and compliance. We want to help you implement the GDPR in the best possible way.


The U.S. Health Insurance Portability and Accountability Act (HIPAA) of 1996 establishes privacy and security requirements for organizations responsible for maintaining the confidentiality of individuals' protected health information (PHI). These organizations meet the definition of "covered entities" or "business associates" under HIPAA.


The Payment Card Industry Security Standards Committee (PCI Security Standards Council) is a global forum dedicated to the continuous development, improvement, storage, dissemination and implementation of security standards for the protection of account data.


The National Institute of Standards and Technology (NIST) has developed Federal Information Processing Standard (FIPS) Publication 140-2 as a security standard. This lists requirements for encryption modules, including hardware, software and firmware, for U.S. federal agencies. FIPS 140-2 certification was established to protect digitally stored, unclassified, but still confidential information.

 Swiss data protection law 

The Swiss Federal Law on Data Protection: SR 235.1 regulates the protection of the privacy of individuals and companies. MTF is a Swiss company which is fully subject to Swiss data protection law. We are already working on a template for the upcoming new DSGVO affiliated data protection of Switzerland.

Do you have Questions ?

Beat Ammann
Managing Director Region Schaffhausen