You Can Trust Us to Protect Your Sensitive Data – We Are ISO 27001-Accredited!
We are thrilled to announce that we successfully achieved the ISO 27001 Certification – read all about what it is, why we chose to do it, what we learnt, and how it, unexpectedly, prepared us for the Covid-19 pandemic.
Providing our customers with the peace of mind that their information and data is being processed and stored securely is one of our top priorities at cloudDNA. With GDPR regulations and data protection being rather recent hot topics, we know that all businesses place significant importance on their information security – as do we.
That is why we are so pleased to announce that we have just successfully achieved the ISO 27001 standard, so our customers can be assured that we have the correct processes and procedures in place to take care of their information and data, no matter what the circumstances. ISO 27001 is the international standard that describes the best practice for an information security management system (ISMS). Accredited certification to ISO 27001 demonstrates that an organisation is following international information security best practices to assess and prevent information security risks.
Why did we choose to do it?
We undertook the 9001:2015 standard first in 2016, which established that we had the necessary processes in place to provide quality, consistent customer engagement at all times. ISO 27001 became the natural next step for us to ensure that we are operating to the very highest standards. We work with customers across many different verticals – government, healthcare, finance, manufacturing, insurance – which are typically seen as high-risk organisations, where data loss could have significant financial implications, as well as notable danger if valuable intellectual property or information was lost or stolen not to mention the impact on reputation. We wanted to be sure that clients from these, and all industries, could be confident in our cyber security and data protection measures.
What did we learn?
We found the experience extremely enlightening. The many areas covered in the audit enabled us to ensure that we are operating to a fantastically high level of cyber security, across all aspects of our business. It is great that we are able to offer our customers peace of mind that we have the appropriate measures and procedures in place to keep their data safe.
How it prepared us for the Covid-19 pandemic…
One particularly interesting and prevalent part of the audit was risk assessment. A virus or pandemic was one potential event we had to create contingency plans for, which we did without knowing it would soon become so prevalent. The necessity for home working wasn’t a threat to us, as we work on mobiles and laptops across secure internet circuits, and all our information and data is stored securely, so our office is really a nicety rather than a necessity. The ISO 27001 process did make us thoroughly review our business continuity and business-as-usual mechanisms, which allowed us to be in a great position when the Covid-19 pandemic began. Our team could work remotely immediately, with zero impact on the delivery of our services to customers.
If you are a key worker organisation and have found yourself struggling with extra demand or other issues as a result of the pandemic, cloudDNA would like to extend the offer of help – read more here.
Speaking of their motivation for completing the accreditation, co-founder Jo Wright remarked,
“We did this to benefit our customers. Having been through the accreditation and implemented changes in our own environment, we now have a higher understanding of cyber and data security threats and correct processes, both in our work and in that of our clients. This not only allows us to ensure the safety of the information we work with, but provides us with the capability to advise customers more proficiently in their own data security challenges. All businesses can now be fully assured that when they work with us, we will give their data the same level of importance that we do our own, using our accredited processes and procedures. We are thrilled to be able to give companies the confidence that they can trust us to keep their information secure.”