Liferay, a company specializing in digital experience platforms aimed at providing high levels of flexibility, has strengthened its commitment to digital sovereignty by renewing its certification under the National Security Scheme (ENS) at the High category for its cloud solutions. This accreditation reaffirms the company’s dedication to information protection and assures public and private entities that their sensitive data is managed under rigorous security, privacy, and governance criteria within the European framework.
The certification, which undergoes review and renewal every two years, confirms that Liferay complies with the most demanding security requirements for handling information and critical operations in Spain. A notable update in this renewal is that ENS has expanded its recognition to include the Cloud Native deployment mode, which is incorporated into the already certified managed cloud solutions, Liferay PaaS and Liferay SaaS.
Thanks to this expansion, organizations that opt to deploy the platform natively on their own cloud infrastructure, as well as those using Liferay’s managed services, will have the assurance of operating under the high standards of security and compliance established by the National Security Scheme.
Regulatory assurance to accelerate modernization
Obtaining this certification enables public administrations and regulated sector companies to address their greatest modernization challenges. The fear of regulatory non-compliance and potential financial penalties often acts as an invisible barrier, slowing the adoption of innovative technologies. With a platform that already has ENS at the High level, this bureaucratic friction is eliminated, allowing organizations to advance their digitization efforts with the legal certainty of regulatory compliance from day one.
Furthermore, by certifying the Cloud Native deployment mode, Liferay ensures that entities can choose the cloud environment that best suits their needs without sacrificing the highest security standards or having to develop complex compliance projects from scratch.
“Many organizations find their innovation efforts stalled by concerns over security or regulatory compliance. With this renewal, Liferay enables continued digital service modernization with the confidence of operating on an audited platform prepared for various deployment models,” says Rafael Lluis, Global Director of Sales Engineering at Liferay.
A constant commitment to the highest standards
The renewal of ENS at the High level is not an isolated achievement but part of Liferay’s broader compliance and specialization strategy. The company has dedicated teams and professionals specialized in four critical areas: information security, data privacy, project management, and responsible AI.
In fact, this certification complements a compliance framework that includes ISO 27001, 27017, and 27018 (security and privacy in the cloud), ISO 42001 (responsible AI use), and more recently ISO 9001, which audits quality management systems in project execution.
Additionally, the ENS Level High audit requires demonstrating the use of advanced technologies to protect systems. In this regard, Liferay leverages Artificial Intelligence capabilities for continuous monitoring, attack pattern detection, and rapid incident response.
The value of open source
Liferay’s open source nature plays a key role in achieving these standards. By enabling transparent source code audits and facilitating vulnerability searches, the open model simplifies the secure and auditable deployment of new software versions.
