In cybersecurity, we often say that trust is built on evidence, not promises. As those responsible for protecting our organizations’ infrastructure, we know that the most critical link is often at the points of interaction: the devices.
Today, I want to share a major milestone: Applivery has obtained the National Security Framework (ENS) certification in its High Category. This is not just another bureaucratic step. For us, reaching this level — the most stringent under Royal Decree 311/2022 — confirms that our UEM platform is ready for Spain’s most sensitive and regulated environments. Furthermore, the ENS is considered one of the most demanding certifications in both the European and international landscape.
What is ENS High Category and why does it matter?
The National Security Framework (ENS) is the regulatory scheme that ensures information systems in Spain handle data securely. The High Category is exclusively reserved for critical infrastructure or systems managing highly sensitive data (biometric, judicial, or health records).
Being among the few companies with this level of certification confirms that Applivery offers total guarantees of confidentiality, integrity, and availability.
The challenge: how to comply with ENS without blocking IT operations?
If you manage compliance or security for a public sector entity, or in sectors like healthcare and finance, you know the problem well. The ENS is often seen as a bureaucratic wall and a heavy workload, typically requiring 6 to 9 months for the rollout and implementation of security measures—a process that slows down technology deployment. Frequently, you are forced to choose between agile tools that don’t meet security standards, or heavy legacy solutions that comply but are an operational nightmare for IT teams.
My goal in leading this process hasn’t just been “getting the seal,” but proving that high-level security in endpoint management can be much more agile if you choose the right solution: Applivery.
A record-breaking audit: efficiency and technical Maturity
There is a detail from the audit that I believe perfectly defines who we are: we completed the process in just 3 months.
This isn’t just an anecdote. In the auditor’s words, our ENS posture was above 90% of the candidacies typically presented. This is achieved not only by selecting the right tools but also through extensive work in documentation, maturity, implementation, and development by the entire team.
Part of this security was already there, integrated into our cloud design and our development workflows. For you, this translates into a mature, predictable, and robust platform from day one.
Direct benefits for the CISO and IT Team
For a security lead, having a UEM provider with ENS High Category translates into tangible advantages:
Data sovereignty and local residency: we operate on Google Cloud in the Madrid region. As a Spanish company, we eliminate legal doubts regarding international data transfers. Your assets are managed under European and Spanish regulations. Period.
ENS policy templates (Security “Out of the Box”): we know that interpreting ENS controls to configure a device fleet is a dense task. That’s why we wanted to share the exact template that allowed us to achieve this certification; it is now available to everyone. You can automatically apply the technical requirements of ENS High Category with a couple of clicks, saving weeks of manual configuration.
True auditability: if you have to undergo an internal inspection or audit tomorrow, Applivery makes the job easier. Logs are immutable, and the traceability of every command sent to a device is total. You have the evidence ready without the need for manual collection.
A Step Forward in Autonomous Endpoint Management (AEM) and the CPSTIC Catalog
This certification is a cornerstone of our vision for autonomous device management. We want IT and Security teams to stop putting out operational fires and focus on strategy, with the peace of mind that their technological foundation meets the highest standards in the country.
Our technical maturity is no longer just a claim by us or our customers; it is a certified reality. The next step? Becoming the first AEM to enter the CPSTIC catalog (Target of Evaluation). You won’t want to miss it.
If your organization needs to align with the ENS or you are looking to elevate the protection of your devices, we are at your disposal. Book a personalized session with our team of experts.
